Microsoft introduced ‘Advanced Threat Protection’ last year to Office 365, since then it has been adopted by various enterprise customers.
At the Ignite event today, Microsoft has announced a bunch of new security features for a variety of their enterprise software products, including Office 365.
New Advanced Threat Protection features
Before we get to the new Threat Intelligence feature, let’s look at the improvements coming to Advanced Threat Protection for Office 365 Enterprise. Some of these features – not all – are rolling out as you read this.
Definition sharing with Defender Advanced Threat Protection – The ATP was announced today for Windows 10 and Edge enterprise – but that’s not the only place it’s going to work. It will allow network and system administrators to look at malware activity across the whole enterprise Windows 10 and Office 365.
As with the Edge integration, this feature will be available sometime in the early 2017 – probably bundled with the Redstone 2 update for Windows 10.
Dynamic Attachments – Attachments for emails in Outlook across Office 365 enterprise will now be able to be dynamically presented after scanning them for malicious content. The users will see a placeholder for each attachment until it is scanned by the system and is made available to them – if deemed safe.
This feature is rolling out right at this moment to customers all around the globe.
URL checks and deeper integration – All links from within Office 365 enterprise applications would now go through a ‘filter’; all links will get checked for malicious content. Office 365 will also perform a ‘real-time behavioural malware analysis’ within a sandbox to analyse each link before opening it for users.
This feature along with other Advanced Threat Protection features will be available in more apps as well: Word, SharePoint Online, Excel, PowerPoint, and OneDrive for Business.
The integration with more of the Office suite applications will be released sometime in 2017, while the URL check & malware analysis will be available later this year.
More control for administrators – Network and system administrators will get access to a brand new dashboard to keep an eye on malware activity that Office 365 Advanced Threat Protection is analysing in real-time.
The new dashboard will also be available for a preview later this year.
The new Threat Intelligence will track and identify advanced threats by analysing data across Windows, Office, and Azure. With this analysis, Microsoft will be able to provide an in-depth and comprehensive view of malware threats and attacks around the world.
A new dashboard built for security administrators will provide them with tools to integrate all of this data with their existing security management tools. The dashboard will also alert security administrators of imminent threats and 0-day attacks.
Essentially it is a hub for security administrators – all of the data is analysed by Microsoft, and administrators are alerted of trends and attacks as soon as the system detects them.
There are a ton of new security features for administrators in charge of Office 365 at their organizations.
There is a new Productivity App Discovery tool for the Advanced Security Management dashboard where the IT team can look at trends within their organization and see what products of Office 365 are being used the most by the users.
Microsoft is also releasing a new feature called ‘App Permissions’ this October which will allow administrators to monitor the applications users are connecting to their Office 365.
These new advanced intelligence & security features are probably going to help a lot of enterprise customers secure their IT systems in a much better way.