Bekker's Blog

Blog archive

Attack Your Users, and Other Security Enhancements Coming to Office 365

Office 365 administrators who enjoy torturing their own users will have a new toy to play with this quarter. The Attack Simulator for Office 365 Threat Intelligence is expected to enter a public preview any day now, according to a recent update of Microsoft's Office 365 Roadmap.

The simulator is one of a handful of key, near-term security enhancements in the Office 365 roadmap.

The attack simulator has the potential to be a very useful proactive defense tool for IT administrators. Unveiled at Microsoft Ignite in September and set for an imminent public preview, the simulator is a new feature of Office 365 Threat Intelligence.

That Threat Intelligence service, launched last April, provides real-time security insights on global attack trends culled from what Microsoft describes as billions of data points from its global datacenters, Office clients and other sources.

According to the roadmap, the attack simulator "enables admins to send simulated attacks (10-15 different attack categories including phish, brute force password cracking, etc.) to their end users to determine how they respond to attacks and determine if the right policies are in place to help mitigate real attacks."

[Click on image for larger view.] The Attack Simulator for Office 365 Threat Intelligence will allow administrators to test users' password strength and phishing attack readiness, among other things. (Source: Microsoft)

Also close are some additional features for the Office 365 Secure Score, which was originally came out a year ago to allow organizations to get a base security score from Microsoft based on dozens of factors in Office 365 covering user behaviors and security settings. It's like a credit score for an organization's cloud collaboration security posture.

Now Microsoft is adding an "Industry Average Score," displaying average scores that a company can compare to their own score. Microsoft is also testing an "Active Seat Average Score and Reporting Updates" feature for the Office 365 Secure Score. That will allow customers to compare their score against the average score for organizations with a similar number of Office 365 active seats. The update will also help organizations compare their own score between two different dates and offer the option to search a list of actions.

[Click on image for larger view.] Microsoft's original Office 365 Secure Score (pictured) became available a year ago. Microsoft is adding the ability for customers to compare their scores to like-size companies. (Source: Microsoft)

Microsoft is also fine-tuning the Office 365 Message Encryption capabilities it released in September. The feature was designed to make sharing of encrypted and rights-protected messages more seamless. However, the original release applied additional message restrictions, such as Do Not Forward. With the new version, administrators in the Admin Portal, or users in their Outlook client, can choose "encrypt only," without any other message restrictions.

In another change set to arrive shortly, Microsoft will add malicious link protection for end users sending e-mails within the same organization. Office 365 Advanced Threat Protection Safe Links for internal e-mails will include time-of-click protection and other functionality of Safe Links, Microsoft said. Slightly later in the quarter, Microsoft plans to introduce Office 365 Cloud App Security -- App Permission Alerts. The feature will allow administrators to create policies to be alerted when a user grants permission to an application to access Office 365 information.

All of the security features are currently in the "in development" section of Microsoft's Office 365 Roadmap page. Although many are supposed to be released very soon, the rollout for the Office 365 user base is staged and can take weeks or months.

Posted by Scott Bekker on 02/01/2018 at 7:47 AM


Featured

comments powered by Disqus

Subscribe on YouTube