Microsoft Office 365 Security Updates from Ignite 2017

As Microsoft is continually working to build out their Office 365 security practice, we wanted to share with you some announcements from Ignite that are quite pertinent.  Also, EMS licenses in CSP now include a Windows Server CAL, Advanced Threat Analytics (ATA) and SCCM client management. For more information on Microsoft Office 365 security from MessageOps please visit https://www.messageops.com/office-365-security-by-messageops/

sizedssecurity-300x170.png

Announcing new and more fully integrated Microsoft Office 365 Security and Compliance Capabilities

Protect against advanced threats
Feature updates to Microsoft Office 365 threat protection services address the evolution and advances in the threat landscape.

Updates to Office 365 Advanced Threat Protection (ATP)
Enhanced anti-phishing capabilities. Machine learning-based phishing technology better protects against phishing attacks.

Expanded ATP to Office 365 workloads. SharePoint Online, OneDrive for Business, and Microsoft Teams are now protected by ATP.

Safe Links. URL wrapping has been removed. Users can now see the original URL when they hover over a link. Available later this year for Office clients on iOS and Android platforms.

Safe Attachments. Enables users to preview and edit the content of an attachment—as it’s being scanned.

New in Microsoft Office 365 Threat Intelligence
Attack Simulator. Administrators can simulate different threat scenarios to help them understand how users might behave in a real attack, and evaluate configuration security.

Threat Tracker. Provides a trend summary of different categories of threat campaigns, along with a detailed view of evolving and trending threats.

Threat Explorer. New reports document risky content and user activities.

Enhanced remediation capabilities. Administrators can now remediate content malware and delete malicious emails.

Accelerate compliance and prepare for the GDPR
Several updates have been added to the Advanced Compliance SKU to help customers throughout their compliance journeys.

Introducing Compliance Manager for Microsoft Office 365 Security
Compliance Manager* helps organizations conduct real-time risk assessment, and use built-in control management and audit-ready reporting tools to monitor and improve compliance. Available in November as part of Microsoft 365 Enterprise plans, and with Microsoft Dynamics.

*Compliance Manager preview is a dashboard that provides a summary of an organization’s data protection and compliance stature and recommendations to improve data protection and compliance. Recommendations from Compliance Manager preview should not be interpreted as a guarantee of compliance. It is the organization’s responsibility to evaluate the effectiveness of Compliance Manager in its regulatory environment prior to implementation.

Advanced eDiscovery enhancements
Many organizations still have data in legacy file shares, archives, and other cloud services. Analysis of non-Office 365 data enables customers to import case-specific copy of this data into a specifically assigned Azure container and analyze it using Microsoft Office 365 Advanced eDiscovery.

Note: This feature is currently in preview and requires an Advanced eDiscovery license for each user whose data is being analyzed.

New in Advanced Data Governance
• Event-based retention. Create events that trigger the retention period of data in Office 365 to consistently comply with industry regulations or internal business requirements.

Disposition review. Trigger a disposition review at the end of a data retention period, and decide whether the data can be safely deleted. Now available for data in both SharePoint Online and OneDrive for Business; available soon in preview for Exchange Online.

Customer Key now generally available
With Customer Key, organizations can provide and control their own encryption keys to encrypt mailboxes and files in Office 365. Customer Key can also help organizations meet compliance obligations that specify key management arrangements with their cloud service providers.

Protect sensitive information throughout the data lifecycle
New enhancements can help organizations identify, classify, protect, and monitor critical data.

Enhanced integration across Microsoft information protection solutions
New investments across Microsoft information protection solutions provide more comprehensive protection across the data lifecycle. What is the result? A more consistent and integrated classification, labeling, and protection approach that enables more persistent protection of customer data. The Azure Information Protection blog contains public preview details.

New in Microsoft Office 365 Message Encryption
• Easily share encrypted emails with people inside and outside organizations.

• Apply rights-management templates to emails sent outside an organization, enabling more secure collaboration in B2B and B2C scenarios.

• Provide customer-managed keys, which encrypt email messages while in transit.

• Support for Exchange hybrid customers.

Increase visibility and control with intelligent security management
Advanced Security Management will be renamed Office 365 Cloud App Security. Beginning in this month, Microsoft is beginning to host Office 365 Cloud App Security in its EU datacenter region to help EU customers meet compliance obligations, Partners and customers will have more visibility into the service through added support for activity alerts from Office 365 Threat Intelligence and Yammer (in preview)