Tech giant Microsoft adds a range of new security management and reporting features to its Office 365 and Azure cloud services as part of the company’s holistic approach to enterprise security which was announced last year.
Coming April, the company will release a new product called Microsoft Cloud App Security that will allow customers to gain better visibility, control and security for data hosted in cloud apps like Office 365, Box, SalesForce, ServiceNow and Ariba. The new product is based on technology from Adallom, a cloud access security broker Microsoft acquired in September.
Office 365 will also get some new security management capabilities that will be integrated with Microsoft Cloud App Security. These include security alerts that notify administrators of suspicious activity in the service; cloud app discovery that lets IT departments know the cloud services Office 365 users are connecting to; and app permissions, allowing administrators to revoke or approve third-party services that users can connect to Office 365.
Early in the second quarter, Microsoft plans to roll out Customer Lockbox for SharePoint Online and OneDrive, which will improve the customer approval process and will provide more transparency in situations when Microsoft engineers need to access Office 365 accounts and data to troubleshoot problems. Customer Lockbox is already available for Exchange Online.
Microsoft has also added a new Power BI Dashboard to allow customers to better visualize, analyze and filter security alerts from any of their systems and devices in order to discover possible attack patterns and trends.
Azure Active Directory Identity Protection is a new feature that will enter public preview soon. It will be able to detect suspicious end user activities by using Microsoft’s data on brute force attacks, leaked credentials, authentications from unfamiliar locations and known infected devices.Bottom of Form
The Azure Security Center can now collect crash events from Azure-hosted virtual machines, analyze them, and alert customers of potential compromises. Crashes often result from malware or failed exploitation attempts.
Microsoft also built its threat intelligence into its Operations Management Suite, where it can detect when systems are communicating with known malicious IP addresses by analyzing firewall logs, wire data or IIS logs.
Bret Arsenault,Chief Information Security Officer at Microsoft, in a blog post said “”As attackers get more sophisticated, we need to evolve our ability to get real-time insights and predictive intelligence across our network so we can stay a step ahead of the threats. We must be able to correlate our security data with our threat intelligence data to know good from bad.”