Microsoft locks down Office 365 with security overhaul

'Protecting our customers' data is paramount,' Microsoft insists

Microsoft has unveiled a string of new security updates to Office 365 as it races to keep up with increasingly sophisticated cybercriminals.

Microsoft Cloud App Security will be available from April and the vendor claims it will bring IT leaders the same level of "visibility and control" to SaaS applications as they have in their on-premise network.

The new offering will see IT managers receive notifications of suspicious user activity, and they will be able to analyse which cloud services users are connecting to through a cloud app discovery tool.

In addition, new app permissions will be put in place which allow IT bosses to approve or revoke privileges to connect third-party services to Office 365.

Microsoft's chief information security officer Bret Arsenault said the new functionality comes after chief executive officer Satya Nadella called for a "new approach" to be taken to security last November.

"We must be able to correlate our security data with our threat intelligence data to know good from bad," Aresenault said.

"As attackers get more sophisticated, we need to evolve our ability to get real-time insights and predictive intelligence across our network so we can stay a step ahead of the threats."

Microsoft is also planning to extend the number of services with which its Customer Lockbox tool integrates. At the moment, when a Microsoft engineer needs to troubleshoot a customer's issue, they must go through "multiple levels" of approval within the vendor. But Customer Lockbox involves customers in the approval process to speed it up. The tool is only available for Exchange Online at the moment, but will be rolled out to SharePoint and OneDrive in "early Q2".

"By extending Customer Lockbox to additional Office 365 services, we are providing customers new approval rights, greater transparency and enhanced control over their data in Office 365," Arsenault said.