Microsoft has introduced a new set of tools that can identify and eliminate potential security threats in Office 365.

Office 365 Advanced Security Management is based on the capabilities of Microsoft’s Cloud App Security offering, which provides insights into whether or not unsanctioned cloud services – sometimes called “shadow IT” – are being used by company employees.

The most powerful new weapon for administrators will be the new threat detection capability, a solution that enables admins to set up anomaly detection policies, which can be used to alert them to any potential network breaches. The anomaly detection feature works by scanning user activities and evaluating their risk against 70 different indicators, including failed sign-ins, inactive accounts and user’s behavior and activity levels, Microsoft said in a blog post.

The service can be set up to automatically alert administrator to any suspicious behavior, Microsoft said. For example, if the system detects that a user’s Office 365 account was used in the U.S. to check on some emails, then used to access SharePoint from another country just a few minutes later, an alert will be triggered.

Besides using indicators, Advanced Security Management also relies on behavioral analytics to try and spot unusual behavior on networks. It also draws on insights gleaned by Microsoft’s efforts to guard its own global networks, further bolstering user’s defenses.

Using a feature called ‘activity filters’, administrators can also zero in on certain kinds of risky behavior they spot. Admins can also set up configurable templates to notify themselves by text or email if there are any unexpected changes to a user’s IP address, location, or device type. It can also warn admins if a user has been granted new admin privileges.

Administrators can also configure activity policies so that user accounts are automatically suspended should specified ‘red lines’ be crossed. Additionally, the new tools allow admins to control which third-party apps can access data held in Office 365. So, should a user decide to link an unauthorized helper app to their Office 365 calendar, for example, it will immediately alert administrators and lock that user’s account, or else revoke the offending application’s permissions immediately. The service can detect thousands of apps across various categories, such as collaboration, cloud storage, web mail and others, Microsoft said.

The new capabilities are now available for all Office 365 Enterprise customers, included for free in the Office 365 E5 plan, and available for the price of $3 per user, per month, in all other Office 365 Enterprise plans.

Image credit: WerbeFabrik via pixabay.com