News

Office 365 Advanced Security Management Starts To Roll Out

Microsoft's new Advanced Security Management service began to roll out to Office 365 E5 subscribers on Tuesday.

The service is designed to detect Office 365 user activity that may indicate potential security problems. It has a threat detection feature that flags "high-risk and abnormal usage," as well as "security incidents." It also tracks "suspicious administrator activity." The solution comes with templates so IT pros can set up policies to track various Office 365 activities, if wanted.

Potential security risks get assigned risk scores, which are based on "more than 70 different risk factors," according to this Microsoft video. Alerts are rated as "high, medium or low" based on this system. IT pros access the solution using the Security Compliance Center within the Office 365 management portal.

This service is based on the Microsoft Cloud App Security service, which went live earlier this year. The Cloud App Security service, based on technology that Microsoft acquired when it bought Adallom last year, tracks activity associated with the use of Software as a Service (SaaS) applications. It's more of an all-purpose solution for Azure services, whereas the Advanced Security Management service is designed specifically for Office 365 apps.

"Advanced Security Management enables IT professionals to securely manage Office 365 environment, whereas Cloud App Security enables IT professionals to securely manage cloud solutions across Azure," a Microsoft spokesperson clarified via e-mail.

Current and Future Capabilities
Microsoft is gradually rolling out the capabilities of its Advanced Security Management solution. The capabilities that are arriving earliest include threat detection and a policy creation capability. Other features will be arriving later this year, per Microsoft's announcement:

The threat detection and activity policy creation features are rolling out to Office 365 E5 customers worldwide starting today. The ability to view an application's permissions into Office 365 and the application discovery dashboard will be available by the end of the third quarter of 2016.

The coming "app discovery dashboard" will show how Office 365 is used across an organization. It also will show activity from "other productivity cloud services." The dashboard can "discover about 1,000 applications," including collaboration, Webmail and cloud storage apps, among others. It will show how much user data gets housed by storage service providers, for instance.

This dashboard won't require the installation of an agent to collect the data.

"To load the data into the dashboard, all you have to do is take the logs from your network devices and upload them via an easy-to-use interface," Microsoft's announcement promised.

The coming app permissions capability will show which Office 365 data can be accessed by "third-party applications." It also will identify permissions set by users. For instance, Microsoft's announcement suggested it can show when a user permits a third-party application to access to his or her Office 365 calendar data. IT pros can then "revoke that application's permissions with one click if they deem it a security risk," the announcement explained.

Availability
Microsoft includes the Advanced Security Management service as part of its Office 365 E5 subscription plan. That's Microsoft's high-end plan costing $35 per user per month or $420 per year, although there's a free trial to try it out. This plan is notable for delivering Office applications, plus some premium Skype for Business capabilities such as PSTN conferencing (access via a local phone numbers) and a "cloud PBX" service, among other features.

It's also possible to get the Advanced Security Management service as an add-on service to Office 365 enterprise plans. It's priced at $3 per user per month as an add-on plan.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • IBM Giving Orgs a Governance Lifeline in Agentic AI Era

    Nearly overnight, organizations are facing brand-new challenges caused by self-directed AI systems (a.k.a. agentic AI). Big Blue is extending them some help.

  • Microsoft Launches Integrated E-mail Security Ecosystem for Defender for Office 365

    Microsoft is expanding its e-mail security capabilities with the launch of a new Integrated Cloud Email Security (ICES) ecosystem for Microsoft Defender for Office 365.

  • Microsoft Joins Workday's AI Agent Partner Network

    Microsoft has become a key partner in Workday's newly launched AI Agent Partner Network, aligning with other industry leaders to integrate AI agents into enterprise workforce systems.

  • LinkedIn CEO Ryan Roslansky To Lead Microsoft's Productivity Initiatives

    In a strategic leadership realignment, Microsoft has appointed LinkedIn CEO Ryan Roslansky to oversee its consumer and small business productivity software division, encompassing Microsoft 365, Teams and AI-driven tools like Copilot.