New security management and transparency capabilities coming to Office 365

Today, Bret Arsenault, chief information security officer for Microsoft, announced Microsoft Cloud App Security, a comprehensive cloud access security broker (CASB) solution, based on Microsoft’s acquisition of cloud security innovator Adallom. It will also power new advanced security management capabilities for Office 365 that will improve IT visibility and control.

Let’s take a closer look at the new security management capabilities coming to Office 365.

New security management and transparency capabilities 1bOffice 365 advanced security alerts alert you to anomalous and suspicious activity so that you can take action. The system notifies you of unusual behavior, such as if a user takes an administrative action (like creating a new user) from a location they have never logged onto before.

Office 365 cloud app discovery gives you the ability to understand which other cloud services your users are connecting to. From the Office 365 admin portal, you can view a dashboard on network activity. For example, you can see where users are storing and collaborating on documents and how much data is being uploaded to apps or services outside of Office 365.

Office 365 app permissions gives you the ability to approve or revoke permissions for applications accessing Office 365. For example, you may have users who have approved their CRM application to access Office 365 contact data. If that CRM application is a non-sanctioned app that doesn’t comply with your business policy, you may want to revoke access.

These new capabilities will begin to roll out in the third quarter of this year and will be offered as part of the Office 365 E5 plan.

Extending Customer Lockbox to SharePoint Online and OneDrive for Business

In the very rare instances when a Microsoft engineer must request access to the Office 365 service, such as when troubleshooting a customer issue with a mailbox or document contents, they need to go through multiple levels of approval within Microsoft. In December, we announced general availability of Customer Lockbox for Exchange Online, which integrates the customer into the approval process. Today, we’re pleased to announce that Customer Lockbox will begin rolling out for SharePoint Online and OneDrive for Business in the second quarter of this year.

We are committed to continually delivering the highest level of transparency and data security capabilities, while ensuring people can be productive and collaborate with each other across their devices from any location. You shouldn’t have to choose between top-notch security and great productivity experiences.

For more information about Office 365 and how we manage security, privacy and compliance, please visit trust.office365.com.

—Rudra Mitra, partner director of program management for Office 365 Information Protection