Microsoft introduced Office 365 ATP last year, and the announcement covered new intelligence sharing [with Windows Defender], analytics reports, URL detonation, border protection, and data governance to make Office 365 the safest content creation suite.
It also announced a range of new features for Office 365 although some are for Enterprise users only.
Following is an overview of the announcements.
Improvements to Office 365 Advanced Threat Protection
- New reports – Get better insights to malware activity. Security admins will have a new reporting dashboard to see details of malware that Office 365 Advanced Threat Protection is analysing. The new reports will be in preview later this year.
- Dynamic delivery – Better performance and lower latency for emails with attachments. Users will see a placeholder while attachments are scanned in a sandbox environment. If deemed safe, attachments are re-inserted into the email. Dynamic Delivery is starting to roll out to customers now.
- URL detonation – Deeper protection against malicious URLs. Not only do we check a list of malicious URLs when a user clicks on a link, but Office 365 will also perform real-time behavioural malware analysis in a sandbox environment to identify malicious links. URL reputation checks are part of Advanced Threat Protection today; URL detonation will be in preview later this year.
- Intelligence sharing with Windows Defender Advanced Threat Protection—Security admins will be able to see malware activity and relationships across Windows 10 and Office 365. Integration with Windows will be in preview in early 2017.
- Broader Protection – Advanced Threat Protection will extend to include protection for SharePoint Online, Word, Excel, PowerPoint and OneDrive for Business. These extended capabilities will be in preview in early 2017.
Threat Intelligence helps proactively uncover and protect against advanced threats by analysing billions of data signals across Office consumer and commercial services. It also provides deep insights from cyber threat hunters to create a comprehensive view of malware trends around the world. Security admins will see a dashboard with rich insights to do a deep investigation of malware and will be able to integrate data with existing security management tools.
Advanced Data Governance will include the following capabilities:
- Import – Intelligently import only the data you need from on-premises and third-party archives using classifications such as age, data type, user or groups, sensitivity or importance.
- Policies – Policy recommendations are provided, based on machine-assisted insights of your data, classifications, tenant, organization, industry, geography and more. Recommendations may include delete, move, encrypt or share.
- Retention – Intelligently preserve what’s important to you by using classifications such as keywords, age, data type, user or group, sensitivity, importance. Integration with line-of-business systems allows you to trigger retention based upon events, such as the creation of a human resources record.
- Help organisations apply the right actions to preserve high-value data and purge redundant or obsolete data.
Productivity App Discovery will help IT pros and security operations teams understand their organisation’s usage of Office 365 and other productivity cloud services. This will help them to determine better the extent to which shadow IT is occurring in their organization.