Office 365

New security management and transparency capabilities coming to Office 365

Share on Facebook Share on Twitter Share on Linkedin Share via OneNote Share via Email Print

Today, Bret Arsenault, chief information security officer for Microsoft, announced Microsoft Cloud App Security, a comprehensive cloud access security broker (CASB) solution, based on Microsoft’s acquisition of cloud security innovator Adallom. It will also power new advanced security management capabilities for Office 365 that will improve IT visibility and control.

Let’s take a closer look at the new security management capabilities coming to Office 365.

New security management and transparency capabilities 1bOffice 365 advanced security alerts alert you to anomalous and suspicious activity so that you can take action. The system notifies you of unusual behavior, such as if a user takes an administrative action (like creating a new user) from a location they have never logged onto before.

Office 365 cloud app discovery gives you the ability to understand which other cloud services your users are connecting to. From the Office 365 admin portal, you can view a dashboard on network activity. For example, you can see where users are storing and collaborating on documents and how much data is being uploaded to apps or services outside of Office 365.

Office 365 app permissions gives you the ability to approve or revoke permissions for applications accessing Office 365. For example, you may have users who have approved their CRM application to access Office 365 contact data. If that CRM application is a non-sanctioned app that doesn’t comply with your business policy, you may want to revoke access.

These new capabilities will begin to roll out in the third quarter of this year and will be offered as part of the Office 365 E5 plan.

Extending Customer Lockbox to SharePoint Online and OneDrive for Business

In the very rare instances when a Microsoft engineer must request access to the Office 365 service, such as when troubleshooting a customer issue with a mailbox or document contents, they need to go through multiple levels of approval within Microsoft. In December, we announced general availability of Customer Lockbox for Exchange Online, which integrates the customer into the approval process. Today, we’re pleased to announce that Customer Lockbox will begin rolling out for SharePoint Online and OneDrive for Business in the second quarter of this year.

We are committed to continually delivering the highest level of transparency and data security capabilities, while ensuring people can be productive and collaborate with each other across their devices from any location. You shouldn’t have to choose between top-notch security and great productivity experiences.

For more information about Office 365 and how we manage security, privacy and compliance, please visit

—Rudra Mitra, partner director of program management for Office 365 Information Protection

  1. Limiting Security functionality to the E5 SKU only seems ill considered. I would have expected all Enterprise plans to be covered. Hope Microsoft considers this ahead of launch.

  2. If MS has detected “anomalous and suspicious activity” in a system that they are providing a customer, it seems to me that they are obligated to notify their customer so that appropriate actions can be taken.

    Providing notifications should not be limited only to customers that have paid the most money.

  3. I’m going to go out on a limb and say (and hope) that similar to Delve Analytics, Microsoft will make this a capability / service that you can add on to your existing plans for an additional fee.

    Like the previous posters mentioned, limiting the awareness of suspicious activity to only users who opt into the most expensive plan doesn’t seem reasonable. There are plenty of organizations completely content on lower-tiered E plans that would pay to have this functionality.

  4. Thanks for the comments. All Office 365 commercial workloads are designed following the Microsoft Security Development Lifecycle (, and include built-in security capabilities such as encryption at-rest and in-transit, along with access to the Office 365 Management Activity API which provides a programmatic way to pull events related to information protection and compliance in Office 365.

    The enterprise plans are intended to meet a range of security and compliance needs. Advanced security capabilities such as Advanced Threat Protection provide an additional level of security and control for those customers who require it, and are available as add-ons to all enterprise plans in addition to being included in the E5 plan. Office 365 Advanced Security Management will be available for customers to purchase as an add-on to all Office 365 enterprise plans.
    It is also important to note that when Microsoft learns about threats from the new advanced security capabilities, those insights are used to improve security for all Office 365 customers.

    • I think the majority of us IT administrators would disapprove these decisions.
      Security features should be standard included in all enterprise SKUs. Microsoft is claiming it will provide transparancy regarding security but at what cost? Building something ourselves with the APIs?

      I can imagine my next budget meeting:
      – me: We need more money for O365 licenses regarding security
      – manager: what is the added value? or why is this required?
      – me: well it would help the support team with visibility and prevent security issues.
      – manager: so not better security? just better visibility?
      – me: euhm well …
      – manager: it’s cheaper to fix these “security issues” ad-hoc instead of upgrading all licenses.
      * DENIED *

Comments are closed.