New in Office 365 s

Recent updates for security and compliance include enhancements to Advanced Threat Protection, eDiscovery, Advanced Data Governance, Advanced Security Management and expanded support for Windows Information Protection. Read on to learn more about these updates.

Enhancements to threat protection visibility and controls

Office 365 Exchange Online Protection (EOP) and Advanced Threat Protection (ATP) were designed to keep your organization protected against cyber-attacks while supporting end-user productivity. The Office 365 team continues to enhance both EOP and ATP by offering deeper insights and more flexible controls. This month, we are introducing the following new capabilities:

Threat Protection status report—New reporting for ATP and EOP that adds visibility into malicious emails detected and blocked for your organization. This supplements the recently introduced reports in the Security & Compliance Center for ATP Safe Attachments.

The Projection status report is displayed in the Security & Compliance Center and is showing information associated with ATP safe attachments, Anti-malware engine, ATP safe links and ZAP.

Threat Protection status report.

Enhanced quarantine capabilities—Now all emails classified as malware from both EOP and ATP are quarantined. This builds upon the existing quarantine experience by allowing administrators to review and delete emails from quarantine.

New ATP Safe Links Policy features—Four new features build upon the Safe Link policies.

  • Per-tenant block list—Provides the administrator the ability to block specific URLs.
  • Email wildcarding for domains and handles—Enables you to save time by writing partial domain/handle names.
  • Split Safe Links policies—Allows Safe Links policies to be customized for specific user lists in the organization, including groups, individuals and divisions.
  • Expanded character limit for URLs—Enables blocking/allowing URLs with longer character lengths.

Window displaying how to enter a URL so that it is blocked across Office 365.

Safe Links Block URL list.

Additional details on these new features can be found in the Microsoft Tech Community, as well as on the EOP and ATP product pages. EOP is offered across our enterprise E1, E3 and E5 suites. ATP is offered as both a standalone SKU or as part of E5.

New features streamline your compliance process using Office 365

Businesses around the world must be able to keep and protect important information and quickly find what’s relevant to continue to meet legal, business and regulatory compliance requirements. At Microsoft, we know how demanding and complex compliance can be and have recently released several new eDiscovery and Data Governance features in Office 365 to support your compliance needs. These features include:

Optical character recognition in Advanced eDiscovery—Extracts text from image files or objects within the files, significantly reducing the amount of manual remediation work required to analyze image files.

Rights management (RMS) decryption in Office 365 eDiscovery—Automatically decrypts RMS-encrypted email messages at export time when you choose the MSG Export option.

Unified case management—Provides a consistent user interface spanning the eDiscovery capabilities in Office 365, from core to advanced, which helps to reduce potential human errors by streamlining eDiscovery case definition and eliminating several steps in the process.

Image that displays two windows illustrating how the unified case management works in Advanced eDiscovery.

Unified case management in Advanced eDiscovery.

Visit the Microsoft Tech Community for more details about the new eDiscovery features. Unified case management and RMS decryption are included with Office 365 E3. Optical character recognition is included with Advanced eDiscovery in E5.

Announcing general availability of Supervision capabilities in Office 365 Advanced Data Governance

Many organizations have the need to perform supervision of employee communications. This need stems from internal security and compliance guidelines, or from regulatory bodies such as the Financial Industry Regulatory Authority (FINRA). In both cases, failure to have a demonstrable supervision process in place could potentially expose organizations to liability or severe penalties.

To address this need, we’ve released the new Supervision feature in Office 365 Advanced Data Governance. Supervision covers not only email communications, but also third-party communications streams, such as Facebook, Twitter, Bloomberg and many more. Visit the Microsoft Tech Community for more details about the general availability of Supervision.

Image shows the Security and Compliance window, with Identify the content to be reviewed feature selected with the conditions to review added.

Supervision policies in Office 365 Advanced Data Governance.

Supervision is part of Office 365 Advanced Data Governance, which is available as part of Office 365 E5 or the Office 365 Advanced Compliance SKU.

Windows Information Protection now supports Office desktop applications

In August, we announced our support of Windows Information Protection (WIP) for Office mobile apps on Windows tablets and phones, to help prevent accidental business data leaks while letting users maintain control over their personal data by designating content as “work” or “personal.” We’re pleased to announce we have expanded support for WIP to include the Office 365 ProPlus desktop versions of Word, Excel, PowerPoint, Outlook, OneNote and Skype for Business. This will help provide more comprehensive protection of your business data on Windows 10 devices. To read more about WIP, check out our Microsoft Tech Community blog.

SIEM connector—now available for Office 365 Advanced Security Management

A year ago, we announced a way for you to get greater visibility and control over Office 365 with Advanced Security Management (ASM). Since then, we have added new features to help you better determine shadow IT activity. We also enhanced control over third-party apps connected to Office 365. After these updates, we started hearing that some of you were looking for a way to export alerts to other systems that are integrated into your existing workflows. Today, we are releasing a solution that supports centralized monitoring of ASM alerts with your security information and event management (SIEM) software. Integrating with an SIEM allows you to better protect Office 365 while maintaining your organization’s security workflow, automate your security procedures and correlate between your cloud-based and on-premises events.

There is no additional cost for an SIEM connector for ASM; you just need to have Office 365 E5 or the ASM add-on. To learn how to setup the ASM SIEM connector, please read “SIEM integration with Office 365 Advanced Security Management.”

Image displaying the first Configure SIEM agent configuration window with the Alerts enabled.

Configuration screen for ASM SIEM agent.

Join the Security, Privacy and Compliance Tech Community

These new features help broaden and enhance the scope of security and compliance capabilities within Office 365. Join our Security, Privacy and Compliance Tech Community to further evolve your organization’s security and compliance with these services and learn and contribute to security, privacy and compliance best practices. The Tech Community is a great resource to communicate and learn from your peers—as well as offer your insights on the growing importance of security, privacy and compliance.