News

Office 365 Advanced Security Management Starts To Roll Out

• By Kurt Mackie
• June 02, 2016

Microsoft's new Advanced Security Management service began to roll out to Office 365 E5 subscribers on Tuesday.

The service is designed to detect Office 365 user activity that may indicate potential security problems. It has a threat detection feature that flags "high-risk and abnormal usage," as well as "security incidents." It also tracks "suspicious administrator activity." The solution comes with templates so IT pros can set up policies to track various Office 365 activities, if wanted.

Potential security risks get assigned risk scores, which are based on "more than 70 different risk factors," according to this Microsoft video. Alerts are rated as "high, medium or low" based on this system. IT pros access the solution using the Security Compliance Center within the Office 365 management portal.

This service is based on the Microsoft Cloud App Security service, which went live earlier this year. The Cloud App Security service, based on technology that Microsoft acquired when it bought Adallom last year, tracks activity associated with the use of Software as a Service (SaaS) applications. It's more of an all-purpose solution for Azure services, whereas the Advanced Security Management service is designed specifically for Office 365 apps.

"Advanced Security Management enables IT professionals to securely manage Office 365 environment, whereas Cloud App Security enables IT professionals to securely manage cloud solutions across Azure," a Microsoft spokesperson clarified via e-mail.

Current and Future Capabilities
Microsoft is gradually rolling out the capabilities of its Advanced Security Management solution. The capabilities that are arriving earliest include threat detection and a policy creation capability. Other features will be arriving later this year, per Microsoft's announcement:

The threat detection and activity policy creation features are rolling out to Office 365 E5 customers worldwide starting today. The ability to view an application's permissions into Office 365 and the application discovery dashboard will be available by the end of the third quarter of 2016.

The coming "app discovery dashboard" will show how Office 365 is used across an organization. It also will show activity from "other productivity cloud services." The dashboard can "discover about 1,000 applications," including collaboration, Webmail and cloud storage apps, among others. It will show how much user data gets housed by storage service providers, for instance.

This dashboard won't require the installation of an agent to collect the data.

"To load the data into the dashboard, all you have to do is take the logs from your network devices and upload them via an easy-to-use interface," Microsoft's announcement promised.

The coming app permissions capability will show which Office 365 data can be accessed by "third-party applications." It also will identify permissions set by users. For instance, Microsoft's announcement suggested it can show when a user permits a third-party application to access to his or her Office 365 calendar data. IT pros can then "revoke that application's permissions with one click if they deem it a security risk," the announcement explained.

Availability
Microsoft includes the Advanced Security Management service as part of its Office 365 E5 subscription plan. That's Microsoft's high-end plan costing $35 per user per month or $420 per year, although there's a free trial to try it out. This plan is notable for delivering Office applications, plus some premium Skype for Business capabilities such as PSTN conferencing (access via a local phone numbers) and a "cloud PBX" service, among other features.

It's also possible to get the Advanced Security Management service as an add-on service to Office 365 enterprise plans. It's priced at $3 per user per month as an add-on plan.