New Office 365 Security and Compliance Features Announced

Microsoft has just announced new security and compliance features in Office 365. 

Mobile Device Management for Office 365

Microsoft is making a big play at the moment for comprehensive enterprise class mobile device management.  Office 365 will include its own set of MDM features rolled out in the first quarter of 2015 including:

  • Apply security policies to only allow for synchronization of Office 365 documents on corporate devices
  • Block Office 365 access if a device is stolen or jailbreaked
  • Perform a selective wipe of just your Office 365 data

 

Expanding Data Loss Prevention (DLP) Beyond Email and SharePoint

As reported earlier, Data Loss Prevention is a method in Office 365 to look for documents with sensitive information such as credit card numbers, SIN numbers, etc. and to flag them in an e-discovery type interface.  Originally built for Exchange Online, DLP has been expanded into SharePoint and OneDrive for Business.

Microsoft is now promising to integrate DLP into native Office applications such as Excel, PowerPoint or Word so that if your users put a list of credit card numbers for example in Excel it would warn them at the point of document creation.

Advanced Encryption with Per File Keys

Microsoft is also rolling out more advanced encryption of files at rest that includes per file encryption.  Each file get its own unique encryption key and every update refreshes the key.  This significantly increases the difficulty in decrypting your files because each file essentially has to be hacked to find its key and gaining access to one file doesn’t mean access to any other file because each one has its own key.