The month of April has seen its fair share of Microsoft announcements. Between Lync Online's transition into Skype for Business and the tech community's first look at Exchange Server 2016, you may have missed or already forgotten about the key product enhancements coming to an Office 365 near you. MSPs can rejoice in the new data security measures the cloud service email provider has on their road map for the remainder of the year.

Because Microsoft understands the need for privacy in a public cloud infrastructure, especially among IT service providers who are held to strict compliance standards, Office 365 will soon be unveiling features geared at increasing administrators' control over their clients' email environments and the safety of their associated data transactions. 


1) New Office 365 Management Activity API

If you've been wanting greater visibility into Office 365 service operations, Microsoft's product team may have just granted your wish. As part of their ongoing commitment to giving customers better transparency, they've announced a new Office 365 Management Activity API. 

As MSPs, you want to know who has access to your clients' data and whether security and compliance safeguards are in effect. Does the idea of sensitive business interactions being hosted in a public cloud make you nervous? With the new RESTful API, you will be better able to understand what happens to your clients' sensitive corporate data within the context of cloud computing and which policy related, admin actions occur across Exchange Online and Sharepoint Online in Office 365.

Related: The 3 Choices All MSPs Must Face with the Rise of the Cloud

Microsoft is promising over 150 data transaction types and consistent schema across all activity logs with the upcoming release. Such a security enhancement is an exciting advancement in data monitoring, analysis and visualization. Expect these tighter admin controls to hit this summer!

2) Customer Lockbox

When trusting a platform like Office 365, are you ever concerned that your content isn't private? How much access to your emails do Microsoft employees have, and is it worth worrying about? The Office 365 product team sure thinks so. With its new Customer Lockbox feature, Office 365 reaffirms its dedication to business-grade data security.

Currently powered by automated operations, Microsoft engineers rarely touch customer content, but tighter security controls will soon go into effect. Customer Lockbox will be enabled by the end of the year, offering "unprecedented customer control over content residing in Office 365, so customers can be assured that their content will not be accessed by Microsoft employees without their explicit approval." 

If you're offering Office 365 to clients and therefore, have access to their environments, you can decide who is authorized to approve access requests. You'll also receive notifications when a Microsoft engineer attempts to gain entry to your clients' Office 365 instances to resolve an issue. When you consider the rise of attackers claiming to be Microsoft support staff, account access settings are a vital response.

Related: Microsoft Support Scam Recording Exposes Larger Trend of Social Engineering

For more FAQs regarding this addition, check out the official Office 365 blog post about Customer Lockbox!

3) Enhanced Email Encryption 

As part of the latest string of Microsoft product promises, in the coming months, Office 365 will be introducing a new layer of content level encryption, using "keys that are protected using hardware security modules certified to FIPS 140-2 Level 2."

As MSPs subject to HIPAA regulations, for instance, you can't afford to store and share client data that is weakly encrypted. Office 365's encryption reinforcement should help ease any worries you may have about account credentials or personally identifiable information (PII) such as social security numbers and home addresses, being intercepted and compromised. 

Related: Do Your Tools and Services Help You Comply with HIPAA / HITECH Act Registrations?

4) Exchange Online Advanced Threat Protection (ATP)

Available at the end of the summer, ATP email filtering will offer protection against unknown malware and viruses, real-time protection against malicious URLs and advanced reporting and URL tracking functionality. According to the Microsoft masterminds, any email message or attachment that doesn't have a known virus/malware signature will be "routed to a special hypervisor environment, where a behavior analysis [will be] performed using a variety of machine learning and analysis techniques to detect malicious intent."

In a previous blog post, The Threat the FBI’s Internet Crime Complaint Center (IC3) Wants You to Know About, we wrote about the frightening trend of business email compromises that have contributed to $180 million total dollar loss in America, alone. As hackers become more sophisticated, technology needs to become more robust. Now, Office 365 is addressing those attackers who've found a way to infiltrate undected. If you're worried about clients receiving emails with seemingly safe links that actually redirect to black hat websites, ATP's Safe Links feature has you covered, protecting clients if they do happen to click the link.

It is important to note that while this added security measure is certainly beneficial, MSPs should be educating clients on safe email practices. They should be aware of what to look for in phishing scams, for example, and should always know which links they're clicking on and where those links lead.

Related: Phishing Scams: What You Need to Know to Avoid Them

Within your client's organization, who persistently gets hit with these schemes? Are there any patterns in the attacks? ATP's slick reporting and email tracing allows you to dig deeper to find out!


Why not offload those Office 365 migrations to free up tech time? 

New Call-to-action