Microsoft 365 + Qostodian: Proactive risk monitoring for workstations now extended into Microsoft cloud apps


Table of Contents

In this 6 minute read, you’ll gain an understanding of the core Qostodian value proposition – and what it means to Microsoft customers.

Prefer to listen instead of read? At the bottom of the page, you’ll find a video of Qohash’s lead product manager summarizing the value of the integration for Microsoft users.

About Qostodian

I get approached by 100s of vendors. My tech stack is massive. Sum up for me why I should consider Qostodian.

Qostodian is a SaaS data security platform designed to deliver in-the-moment insights that drive proactive risk management

The majority of solutions on the market, including DLP, employ a “reactive” approach to managing risk–meaning they detect and respond to problems after they occur. 

Using DLP alone, data security teams are stuck in incident response mode, limited in their ability to take preventative action.

The Qostodian platform becomes the layer BEFORE your DLP. It’s the intelligence layer on top of your DLP that makes it more effective.

Also, Qostodian double encrypts data. The platform never makes a copy of customer data in order to scan it. Complete security is maintained. 

Getting proactive

Qostodian leverages patent-pending “data element tracking” technology to deliver the powerful risk indicators that shift security teams into proactive threat-response mode. 

At a high level, here’s how it works:  

  1. First, it looks INTO files, to gain a comprehensive picture of organizational risk.
There’s a significant amount of risk hiding in plain sight with technology that only scans at the file level.
  1. It then takes data found in files and classifies and inventories every discrete data element, both on-premises and now, in the cloud.
  2. Next, Qostodian monitors employee interactions with each sensitive data element and flags risky behavior in real-time.

By cross-referencing two fundamental elements of organizational risk – employees + interactions with sensitive data elements – Qostodian delivers insight to drive intervention.

Granular insights

Desjardins, the 37th largest bank in the U.S., with more than $86B in global asset management, leverages the Qostodian Prime tier of the platform to monitor 55,000 endpoints. Armed with powerful risk indicators, they intervene in real-time with alerts the instant risky behavior by negligent or malicious insiders occurs.

Here are the main points of enhancement that we offer:

1. Workstation coverage

  • Full inventories at endpoints and the ability to integrate to Microsoft DLP. While Microsoft offers DLP at endpoints, the extent of their offering is to provide blocking on sensitive data. No visibility is offered to what’s sitting on the endpoint until a very specific action is taken.

2. Early warning risk indicators

  • Ability to view risk levels for individual employees, and each department.
  • If an employee appears risky, drill down into their “risk profile,” benchmark between employees, and add specific employees to a “watch list.”
  • View a monthly organizational risk evolution report to see changes over time.
  • Real-time alerts are generated to SOC teams based on policy violations and risky employee behavior such as data accumulation, exfiltration and deletion.

3. Faster incident response with indexed search

When an incident occurs, every second counts. Qostodian saves teams valuable time when it counts the most.

  • Operating at a deep, granular level means that if our customers want to search for a specific piece of potentially leaked data, they can drop in that credit card and find every location it exists–in milliseconds.
  • They can also see a full visualization of how that piece of data propagated across employees and locations over time.

4. Coming soon

  • User defined sensitive information (UDSI) searches
  • Automated remediation actions based on specific policy violations conditions 
  • An integration with Microsoft Purview file labeling to enhance DLP effectiveness and add labeling on workstations

The integration

Jean Le Bouthillier, Qohash’s CEO, said it best in our recent press release.

We revolutionized workstation monitoring with our highly sophisticated sensors, providing 24/7 visibility in even the most complex environments. Our success in deploying this technology at scale with Microsoft customers set the foundation for the logical next step: adding coverage for Microsoft 365. By covering the hardest part, workstations, M365 coverage becomes an easy and valuable addition. We’re committed to increasing coverage to provide our customers with one simple data security platform that covers all of their blindspots.” 

-Jean Le Bouthillier


Now available in the Azure Marketplace, Qostodian for M365 includes immediate coverage for OneDrive, with Outlook, Sharepoint, and Teams forthcoming. 

In addition to shifting into a proactive security posture, Qostodian enhances Purview coverage in three key ways:  

  1. Enhanced security coverage with the ability to find and scan files of all sizes at endpoints and other on-premises locations. 
  2. Zero limitations on scanning of file types (over 135 extensions) 
  3. Retain complete control of your data. Qostodian connects through Microsoft’s API, so it does not break the security chain by making a copy of customer data to scan. 

Ready to learn more?

A propos de l'auteur

A propos de l'auteur

Recommended for you

data loss prevention policy sample
Aside from data loss being a headache, costing money, causing legal trouble and hurting your company’s reputation, data loss can also res...
data visualization best practices (2)
Transforming raw data into visually appealing and easily digestible formats can greatly help organizations empower their stakeholders to ...
Enterprise Data management
Whether you’re looking to enhance your incident detection capabilities, fine-tune your response plan, or improve post-incident analysis, ...
prevent data breaches
A break-in is a break-in, no matter the purpose behind it. Whether it’s purposeful, sophisticated hacking (like a home robbery) or hum...
GenAI Security
Most organizations can agree that AI has the immense power to help streamline and optimize systems. But an important area beyond making c...
how to prevent data loss
The threat of losing data can loom large over businesses of all sizes. From accidental deletion to malicious cyber-attacks, ensuring your...
Logo Qohash
By initiative
Regulatory compliance:
Find, classify and inventory all sensitive data, across every data source
Data breach prevention:
Monitor sensitive data 24/7, track data lineage, and enforce policies at endpoints
Microsoft 365
One easy-to-use platform to secure sensitive data on Windows workstations and M365
By regulation
Law 25
Why Qohash
Defy legacy limitations
What our customers say about us

Contact us​