The cloud offers many security benefits to organizations, but also raises new security considerations. It can also add to existing ones such as shadow IT, the use of software that is not formally sanctioned by the organization.
So, it is increasingly critical to have better understanding of what’s being done in your Office 365 environment, in order to help protect your users and data.
Advanced Security Management in Office 365 gives you insights into suspicious activity in Office 365 so you can investigate situations that are potentially problematic and, if needed, take action to address security issues.
Advanced Security Management includes:
- Threat detection—Helps you identify high-risk and abnormal usage, and security incidents.
- Enhanced control—Shapes your Office 365 environment leveraging granular controls and security policies.
- Discovery and insights—Get enhanced visibility into your Office 365 usage and shadow IT without installing an end point agent.
You can set up policies to alert you about abnormal and suspicious activity. There are two types of alert policies: Anomaly detection policies, which are based on automatic algorithms that detect suspicious activity, and activity policies, which you create for different activities that might be atypical for your organization. For example, you can create a policy enabling the system to alert you when a user takes an administrative action, like creating a new user, from a non-administrative location.