Microsoft Releases Office 365 Threat Intelligence and Data Governance Services -- Redmondmag.com

Microsoft Releases Office 365 Threat Intelligence and Data Governance Services

By Kurt Mackie
04/04/2017

Two Microsoft Office 365 security products were commercially released today, including the Threat Intelligence service and the Advanced Data Governance solution.

Both products were at the preview stage in February. Now they've hit the "general availability" (GA) milestone, meaning that they're deemed ready by Microsoft for deployment in production environments. Microsoft is selling each product as part of either its Office 365 Enterprise E5 plan or its Secure Productive Enterprise E5 licensing.

The Advanced Data Governance solution is also sold as part of an "Office 365 Advanced Compliance plan," according to Microsoft's announcement. This plan is described as also including the "Office 365 Advanced eDiscovery and Customer Lockbox" services.

Threat Intelligence GA
The Office 365 Threat Intelligence service, now available, provides information on security threats using data from various sources. The data are harvested via underlying Microsoft Intelligent Security Graph technology. The information provided by the service is based on "billions of data points from Microsoft global data centers, Office clients, email, user authentications, signals from our Windows and Azure ecosystems and other incidents that impact the Office 365 ecosystem," Microsoft's announcement explained.

IT pros get tools to analyze threats "in near real-time" with the Office 365 Threat Intelligence service. They can set up custom alerts, too. Microsoft provides "remediation capabilities" for untrusted content. There's also a management API that Microsoft promises can work with various security information and event management (SIEM) tools to surface the threat information.

The Office 365 Threat Intelligence service integrates with Exchange Online Protection, Microsoft's anti-spam service. It also integrates with the Office 365 Advanced Threat Protection (ATP) service, an Exchange Online e-mail security solution that adds attachment and URL protections, as well as tracing capabilities, on top of the Exchange Online Protection service.

Advanced Threat Protection Additions
Microsoft also announced today that the Office 365 ATP service has an updated reporting interface showing details on "malware and spam sent or received in your organization," as well as what was blocked. It's possible to schedule the delivery of these reports to e-mail, or they can be downloaded to the Office 365 Security and Compliance Center dashboard.

The Office 365 ATP service also will be getting a new capability "later this month" that will enable it to protect Office 365 ProPlus desktop clients against malicious links, Microsoft's announcement indicated. The "Office 365 ProPlus" product is Microsoft's name for the suite of Office applications it sells under its various Office 365 subscription plans. The new capability, called "Safe Links," is built into Outlook e-mail clients and will add protection against potentially malicious links in Office documents, such as Excel, Word and PowerPoint files, Microsoft promised.

Advanced Data Governance GA
The newly released Advanced Data Governance solution is designed to help organizations carry out data retention and deletion policies. It provides policy recommendations, and can classify data based on its type, age and user interaction. The service will automatically alert organizations about general "data governance risks." Custom alerts also can be created.

Microsoft plans to add other features to Advanced Data Governance "in the coming months." Those features will be "event-based retention, manual disposition and supervision," the announcement explained.

Security and Compliance Center Policy
Microsoft also added a new Policy page in its Office 365 Security and Compliance Center portal. The Policy page shows the policies that were set up with Microsoft's data loss prevention service, which is designed to protect against data-leakage scenarios associated with e-mails and stored documents. For instance, the data loss prevention service will check to see if users are trying to send documents that include credit card information.

With the addition of the new Policy page to the Office 365 Security and Compliance Center, it's now possible for organizations to create "detailed audit reports," Microsoft claimed.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.