Today we are pleased to announce the preview of Security Policy Advisor, a new service that can help enterprises improve the security of Office 365 ProPlus clients in their organization.
Office provides a rich set of security policies that allow administrators to customize the security of their Office applications to help meet their enterprise’s security needs. Administrators have traditionally relied on published guidance like security baselines or their own analysis to come up with a set of security policies they need to enforce. In such instances, the burden falls to the administrator to determine if a security policy is right for their enterprise and will not adversely affect user productivity.
Security Policy Advisor enables IT admins who have deployed Office 365 ProPlus, to manage the security of their Office applications with confidence by providing the following capabilities:
This service is now available as a preview in English (en-us) and will be available in additional locales in the coming weeks. If you are an administrator of an organization that has deployed Office 365 ProPlus, you can start using this service by signing into the Office client management portal, turning on Security Policy Advisor and creating Office cloud policy configurations. For each policy configuration you create and assign to a group of users, Security Policy Advisor will generate recommendations with supporting data that you can review and deploy to users as a policy. Once you have applied a policy, you can continue to monitor its ongoing impact on users through the management portal.
For additional documentation on how to use this new policy service and its capabilities please refer to this document: Overview of the Security Policy Advisor (Preview) for Office 365 ProPlus.
As you evaluate this preview, please provide feedback using the feedback button (in the upper right corner) to help us improve Security Policy Advisor. We look forward to hearing from you!
Note: Please refer to our documentation for the most up to date information.
What are the pre-requisites to start using Security Policy Advisor?
To start using Security Policy Advisor, your enterprise must have the following pre-requisites
Note: If you are creating a brand new enterprise subscription in Office 365, please wait atleast 24 hours for the service to detect your subscription before trying to use Security Policy Advisor.
How does this relate to a security baseline?
Security baselines are a great starting point for enterprises to configure their applications for security. Office has a published baseline for Office 2016 and Office 365 ProPlus applications.
A security baseline is generic best practice guidance that ultimately needs to be consumed and customized for your enterprise to balance your security and productivity goals. You can use Office cloud policy service to apply the user level policies recommended in the Office security baseline. Security Policy Advisor complements a security baseline by providing custom recommendations for specific policies that are tailored to your enterprise, helping you to choose the most secure policy that has the least impact on productivity for your organization.
How are the recommendations, productivity and security impact insights generated?
Security Policy Advisor uses the following data to generate recommendations and associated data insights on productivity and security impact:
For more details, please refer to our documentation.
What happens when I turn off Security Policy Advisor?
When you turn off Security Policy Advisor, usage and threat data from your organization are no longer analyzed and no recommendations or insights will be generated.
Admins can control the data collected from their clients using the new privacy controls supported by Office apps. More details are available here: Overview of privacy controls for Office 365 ProPlus.
What happens if I do not have Office 365 Threat Investigation and Response (via ATP Plan 2)?
If your organization has Office Threat Investigation and Response (via ATP Plan 2), Security Policy Advisor can use data from this service to provide you with information on threats detected and stopped by ATP that the recommended policy can help protect against. This can be great to quantify the actual risk to your organization when you consider applying a recommendation.
If your organization does not have ATP Plan 2, no problem, Security Policy Advisor will still show you information on the productivity impact that is helpful in assessing and monitoring impact to end users when applying recommendations.
Which admin roles are allowed to view recommendations and configure policies?
Only the Global Admin, Security Admin or Desktop Analytics Admin (private preview) roles are allowed access to create or view policy configurations.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.