Office 365 is getting more secure. Launched earlier this month, Microsoft has released features that make customers stay ahead of the curve–and our guess is that this is just the beginning.
The first major release is Threat Intelligence, which keeps customers ahead of the evolving tech landscape. Since data breaches are so rampant and expensive, costing an average of $4 billion per breach, according to a study made at the IDC Ponemon Institute (2016), Threat Intelligence has launched to provide:
- Interactive tools to analyze prevalence and severity of threats in close to real time
- Real time customizable threat alert notifications
- Remediation capabilities for content that appears to be suspicious
- Expansion of its Management API to include threat details, enabling integration with SIEM solutions
How does this all get accomplished? With the Microsoft Intelligence Security Graph that is constantly analyzing billions of data points across all Microsoft datacenters, Office clients, emails, user authentications, and signals from the Windows and Azure ecosystems among other things.
To get Threat Intelligence, opt in for its standalone product–but lucky you if you have Office 365 Enterprise E5, because you already have it.
Advanced Data Governance
Data is going to grow and grow. We’ll never see less data than you know of right now…oh wait, there are a few more terabytes online now since you first started this sentence (and probably petabytes since I wrote this thing). But with that kind of data at your fingertips, there’s also now unimportant data that comes with it. Do you really need HR records for employees who left your company 10 years ago? Probably not–especially when you can have this information compromised in a breach. As discussed earlier, Office 365 Advanced Data Governance has been on the roadmap for some time, but now is available to the general public.
With Advanced Data Governance, machine learning is used to discover data that’s worth retaining and the other data that’s worth deleting. It provides proactive policy recommendations and automatically classifies data as risky or recommended to keep. It offers system default alerts to to identify data governance risks, such as when it sees a lot of files being deleted all at once (“Unusual volume of file deletion”), and enables IT administrators to create their own custom alerts for other things they may want to look out for. Advanced Data Governance also applies compliance controls to on-premises data by filtering and migrating that data to Office 365.
New Office 365 Advanced Threat Protection (ATP) reporting interface
On top of these two additional features, a new reporting interface is available in the Security and Compliance Center, which provides insight into the health of your organization and the potential of exposed risk.
The new interface allows admins to schedule reports to be sent to their inbox, request custom reports, and download or manage these reports through dashboards in the Security & Compliance Center.
ATP will soon be available for Office 365 ProPlus desktop client, and the addition of the Safe Links feature will help with malware and spam within email. Safe Links is a new feature that will be integrated across the whole suite of Outlook products. When the user clicks the link, the user will be redirected to a warning page if it is suspicious. Eventually, it will expand across all of Office 365.
Data Loss Prevention (DLP) management
Data Loss Prevention, already used by thousands of Microsoft customers, is now being put front and center, giving users quick access to content protection policies, app permissions, and device security policies in one place. This ultimately helps ensure that sensitive information doesn’t get into the wrong hands. With this new DLP feature, a Policy page gives you insight into your current DLP policies at a glance and you can audit them in just one click. Further customization is available in the advanced settings feature.
Looks like Microsoft is taking a big stab at a big risk to businesses — which hopefully will help reduce risk and pay off.
Photo Credit: Shutterstock, Microsoft
2 thoughts on “Office 365 beefs up security with Threat Intelligence and Advanced Data Governance”
Microsoft’s built-in “Unusual volume of file deletion” alert is garbage. It is generating 20 alerts a day in our Office 365 tenant, all of which, when investigated, turn out to be normal user actions of cleaning out old data and or moving data from their OneDrive for Business storage to SharePoint. Microsoft seriously needs to fix it.
MS has provided this facility for security alert , it is your duty to verify same is false or true positive.
Any data movement is a risk , unless verified.
Best it could be you may suppress or ignore it.
Hope Fine with my reply.