Two security-enhancing products for Office 365 environments, Threat Intelligence and Advanced Data Governance, are generally available Microsoft announced on April 4. The
Data security in general is a natural priority for enterprises. But considering the wealth of sensitive and potentially valuable information contained in Word documents, Excel spreadsheets and Access databases, Microsoft decided to focus some of its cyber-security efforts on customers that rely on its Office 365 software and services ecosystem to get work done.
Office 365 is a tempting target for cyber-attackers, since there’s no shortage of businesses, large and small, that use the productivity suite to conduct business. Last summer, cloud security company Avanan warned of zero-day ransomware named Cerbus that targeted Office 365 users and infected their systems with malware that encrypted data files.
“Once encrypted, Cerber demanded a ransom be paid in order to regain access to the user’s documents, photos and files,” warned Avanan in an advisory. Adding insult to injury, the “virus actually played an audio file, informing the user that the computer’s files have been encrypted while a warning message was displayed on screen,” Microsoft reported.
The company’s security researchers estimated that during the Cerber campaign, more than half (57 percent) of Office 365 corporate customers had at least one copy of malware in their inboxes.
To help its customers combat ransomware and other malware threats, Microsoft officially launched Office 365 Threat Intelligence this week. The product uses security data culled from Microsoft’s own cloud data centers, millions of Windows systems, Office clients and other sources to notify administrators of new threats and their severity.
Real-time alerting capabilities help ensure that organizations aren’t caught off-guard when emerging threats start making the rounds. It also integrates with security information and event management (SIEM), allowing organizations to fold the Office 365 Threat Intelligence into their existing security monitoring environments.
As part of the Office 365 Threat Intelligence launch, Microsoft has revamped the product’s reporting interface. Now administrators can request custom reports, schedule the delivery of reports to their email accounts and use Office 365 Security & Compliance Center dashboards to manage reports generated by the solution.
Also marking its official release this week is Office 365 Advanced Data Governance, Microsoft’s compliance offering. Using the company’s machine learning technologies, Advanced Data Governance helps organization find important data they need to retain and identify data they can safely eliminate. It automatically classifies data and generates recommendations that help organizations decide whether to delete or retain data at every step of its lifecycle.
Using Advanced Data Governance, companies can remove personal information regarding former employees among several other types of obsolete data that can land businesses in hot water if it is ever exposed in a breach, according to Microsoft.
Using the system’s default or custom alerts, it can notify administrators when users take actions that may run afoul of their data management and compliance policies, like deleting files in large quantities or downloading large volumes of files that don’t normally access as part of their work responsibilities.