Microsoft 365 + Qostodian: Last mile security for Microsoft users

Table of Contents

In this 6 minute read, you’ll gain an understanding of the core Qostodian value proposition – and what it means to Microsoft customers.

Prefer to listen instead of read? At the bottom of the page, you’ll find a video of Qohash’s lead product manager summarizing the value of the integration for Microsoft users.

About Qostodian

I get approached by 100s of vendors. My tech stack is massive. Sum up for me why I should consider Qostodian.

Qostodian is a SaaS data security platform designed to deliver in-the-moment insights that drive proactive risk management

The majority of solutions on the market, including DLP, employ a “reactive” approach to managing risk–meaning they detect and respond to problems after they occur. 

Using DLP alone, data security teams are stuck in incident response mode, limited in their ability to take preventative action.

The Qostodian platform becomes the layer BEFORE your DLP. It’s the intelligence layer on top of your DLP that makes it more effective.

Also, Qostodian double encrypts data. The platform never makes a copy of customer data in order to scan it. Complete security is maintained. 

Getting proactive

Qostodian leverages patent-pending “data element tracking” technology to deliver the powerful risk indicators that shift security teams into proactive threat-response mode. 

At a high level, here’s how it works:  

  1. First, it looks INTO files, to gain a comprehensive picture of organizational risk.
There’s a significant amount of risk hiding in plain sight with technology that only scans at the file level.
  1. It then takes data found in files and classifies and inventories every discrete data element, both on-premises and now, in the cloud.
  2. Next, Qostodian monitors employee interactions with each sensitive data element and flags risky behavior in real-time.

By cross-referencing two fundamental elements of organizational risk – employees + interactions with sensitive data elements – Qostodian delivers insight to drive intervention.

Granular insights

Desjardins, the 37th largest bank in the U.S., with more than $86B in global asset management, leverages the Qostodian Prime tier of the platform to monitor 55,000 endpoints. Armed with powerful risk indicators, they intervene in real-time with alerts the instant risky behavior by negligent or malicious insiders occurs.

Here are the main points of enhancement that we offer:

1. Workstation coverage

  • Full inventories at endpoints and the ability to integrate to Microsoft DLP. While Microsoft offers DLP at endpoints, the extent of their offering is to provide blocking on sensitive data. No visibility is offered to what’s sitting on the endpoint until a very specific is taken. Qostodian integrates with DLP to provide full visibility. 

2. Early warning risk indicators

  • Ability to view risk levels for individual employees, and each department.
  • If an employee appears risky, drill down into their “risk profile,” benchmark between employees, and add specific employees to a “watch list.”
  • View a monthly organizational risk evolution report to see changes over time.
  • Real-time alerts are generated to SOC teams based on policy violations and risky employee behavior such as data accumulation, exfiltration and deletion.

3. Faster incident response with indexed search

When an incident occurs, every second counts. Qostodian saves teams valuable time when it counts the most.

  • Operating at a deep, granular level means that if our customers want to search for a specific piece of potentially leaked data, they can drop in that credit card and find every location it exists–in milliseconds.
  • They can also see a full visualization of how that piece of data propagated across employees and locations over time.

4. Coming soon

  • User defined sensitive information (UDSI) searches
  • Automated remediation actions based on specific policy violations conditions 
  • An integration with Microsoft Purview file labeling to enhance DLP effectiveness and add labeling on workstations

The integration

Jean Le Bouthillier, Qohash’s CEO, said it best in our recent press release.

We revolutionized workstation monitoring with our highly sophisticated sensors, providing 24/7 visibility in even the most complex environments. Our success in deploying this technology at scale with Microsoft customers set the foundation for the logical next step: adding coverage for Microsoft 365. By covering the hardest part, workstations, M365 coverage becomes an easy and valuable addition. We’re committed to increasing coverage to provide our customers with one simple data security platform that covers all of their blindspots.” 

-Jean Le Bouthillier


Now available in the Azure Marketplace, Qostodian for M365 includes immediate coverage for OneDrive, with Outlook, Sharepoint, and Teams forthcoming. 

In addition to shifting into a proactive security posture, Qostodian enhances Purview coverage in three key ways:  

  1. Enhanced security coverage with the ability to find and scan files of all sizes at endpoints and other on-premises locations. 
  2. Zero limitations on scanning of file types (over 135 extensions) 
  3. Retain complete control of your data. Qostodian connects through Microsoft’s API, so it does not break the security chain by making a copy of customer data to scan. 

Ready to learn more?

A propos de l'auteur

A propos de l'auteur

Recommended for you

Data Sheet
Qostodian Prime allows organizations to monitor, in real-time, the presence of sensitive information on endpoints and cloud services. ...
Data Sheet
See how you can filter your sensitive information results, down to specific regulations and industry guidelines with Qostodian Recon. ...
Data Sheet
Get a step-by-step guide on how to install Qostodian Recon. In 7 minutes get the complete list of details and information needed to s...
Live-01 (4)
Learn how to leverage granular data element technology to stay ahead of risk, speed investigations and simplify compliance reporting. ...
Sans titre (9)
In this 6 minute read, you’ll gain an understanding of the core Qostodian value proposition – and what it means to Microsoft customers. ...
Live-01 (1)
A step-by-step guide to navigating from risk assessment to breach identification This year alone, VA, CO, PA, CT, and UT have new ...
By initiative
Regulatory compliance:
Find, classify and inventory all sensitive data, across every data source
Data breach prevention:
Monitor sensitive data 24/7, track data lineage, and enforce policies at endpoints
Microsoft 365
One easy-to-use platform to secure sensitive data on Windows workstations and M365
By regulation
Law 25
Why Qohash
Defy legacy limitations
What our customers say about us

Contact us​