As more and more enterprise organizations take a cloud-first approach, migrating to Microsoft’s Office 365 has become a priority because of its seamless integration and its use as an immersive tool for collaboration.

As an enterprise-class solution, Office 365 has emerged as the #1 cloud service provider across all of Skyhigh’s customer base; and in the past six months, has beat out Salesforce, Box and Google in terms of corporate users.



Office 365 is now the world’ s most used cloud service in the enterprise

As such, it is no wonder that Cargill, a 150-year-old American company operating across multiple industries in food, agriculture, financial and industrial products with over 143,000 employees, has begun its migration to cloud-based Office 365.

As Cargill started its migration from on-premises Exchange to cloud-based Office 365, Matt Brunsvold, IT Security Architecture & Engineering Advisor at Cargill, wanted something that would address the security, compliance, and governance challenges that face Office 365 customers including visibility into usage and sensitive content, threat protection, regulatory compliance and data security.


Common security, compliance, and governance challenges for Office 365 customers

Cargill’s 4-Step Approach to Office 365 Migration

With a cloud services project two years in the making, Brunsvold initiated a 4-step approach to their Office 365 migration.

Step 1: Start with a Healthy Dose of Research
Brunsvold and his team did a complete evaluation of the cloud players in the market and found that there was not one cloud service provider who could meet all the standards Cargill needed, let alone meet all of their growing security, compliance and regulatory concerns.

Step 2: Determine Which Tools and Partners You Need
After their evaluation, what Brunsvold and the team at Cargill realized is that they to supplement the native controls of Office 365 with a third party security product, but that this product also needed to be able to leverage their vast, existing investments in data loss prevention (DLP) and seamlessly integrate into their existing ecosystem. What they found is that a Cloud Access Security Broker, or CASB, could fill the gaps in Cargill’s native security capabilities across all their cloud services; Cargill chose Skyhigh as their CASB vendor.

“We chose Skyhigh because of their capabilities to provide us with the granular visibility, DLP and contextual access controls we need to protect our data,” says Brunsvold.

Step 3: Identify and Consolidate Redundant Services and Enforce Existing Policies
With Skyhigh providing the additional visibility the team at Cargill needed, they were able to identify and consolidate the over 50 file sharing and collaboration solutions in use, and set a baseline on user behavior. In leveraging Skyhigh’s machine learning, Cargill was also able to detect anomalous behavior, block high-risk services and identify compromised credentials; as well as enforce both the existing broad and specific data loss policies across the organization.

Screen Shot 2015-11-12 at 10.34.34 AM

Skyhigh provides Cargill with real-time DLP for Office 365 using a closed-loop remediation workflow

Step 4: Integrate with Microsoft RSM
The final step in Cargill’s migration blueprint was to consolidate all data loss policies scattered throughout the organization’s different business units and deploy proper DLP policies to protect the most sensitive data, including personally identifiable and sensitive information like social security and credit card numbers.

This included integrating Cargill’s existing DLP with Microsoft’s Rights Management Services (RMS). “We don’t want to be stuck with multiple, on-premises DLP engines and are looking to Skyhigh to help us with this consolidation so can really protect our sensitive content in one manageable place,” says Brunsvold.

Security Intelligence and Additional Use Cases for Office 365

One of the highlights for Cargill is Skyhigh’s ability to scale and the addition of Security Intelligence into the platform, which promptly addresses Office 365’s additional use cases of threat protection (behavioral analytics, privileged user monitoring, geo-location analytics), compliance (secure internal and external collaboration across business units and with third party partners) and data security.

“As a global organization, having access to a tool like Skyhigh’s Threat Protection module is extremely valuable,” says Brunsvold. “To be able to leverage geo-location services and have full visibility into the collaboration happening across our full tenant is going to help us identify compromised credentials and consolidate duplicative accounts. These are the types of metrics our executive team and board want to see.”

Office 365 Compliance and Data Protection: Cargill’s Blueprint for Success

Watch the webinar to learn how Cargill tackled Office 365 security and achieved comprehensive data protection by leveraging a Cloud Access Security Broker.

Watch Now