Keeping users safe and productive with Microsoft 365 Apps for enterprise


Keeping users safe and productive with Microsoft 365 Apps for enterprise

This article was originally published by Oracle NetSuite. To read the original posting of this article, click here.


Months into COVID-19, businesses are beginning to realize that there can’t be a trade-off between productivity and security. Productivity is a part of the security story, and security is central to productivity. Building on secure productivity, the latest innovations for Microsoft 365 Apps, such as Safe Documents* and Application Guard,** help organizations protect information and identities, detect threats earlier, and better adhere to compliance standards, enabling IT to focus on strategic initiatives rather than daily administration. Read on about these latest capabilities and join us at Microsoft Ignite 2020 to learn more.


Keeping users secure by default


We’re excited about the upcoming release of Antimalware Scan Interface (AMSI) integration for Excel 4.0 (XLM) macros. AMSI is an open interface available on Windows 10 for applications to request, at runtime, a synchronous scan of a memory buffer by an installed antivirus or security solution. Microsoft Defender for Endpoint leverages AMSI and machine learning to combat script-based and file-less threats. Now, Office and AMSI integration help protect against script-based malware. The new Excel integration with AMSI is made up of three parts: (1) logging macro behavior, (2) triggering a scan on suspicious behavior, and (3) stopping a malicious macro upon detection. When malicious activity is detected, the user is notified by Excel, and the application session is shut down to avoid any further damage. This can stop an attack in its tracks, protecting both the device and user.


Securing applications without affecting productivity


With remote work driving the disappearance of the enterprise perimeter, IT needs a way to secure applications without affecting user productivity. Security Policy Advisor analyzes how individuals use Microsoft 365 Apps for enterprise and then recommends specific policies to boost an organization’s security profile. These recommendations are based on Microsoft’s best practices and information about an organization’s existing environment. Using Security Policy Advisor, IT admins can:


  • View intelligent security policy recommendations based on Office app feature usage and understand before the policy is changed how groups and specific users will be impacted, giving them greater confidence in choosing policies that are right for their environment.
  • Monitor policy health to evaluate the impact on user productivity, highlighting areas worth attention and changes that may be needed.


Enabling protected access to untrusted files


Although Protected View helps secure documents originating outside an organization, users often dismiss Protected View without considering if a document is safe, leaving them vulnerable to malware. Similarly, users may choose to remove Application Guard protection without properly considering if a document is safe. Safe Documents is a feature in Microsoft 365 E5 or Microsoft 365 E5 Security that uses Microsoft’s deep knowledge of threats and brings it to the desktop. When an IT admin enables Safe Documents for their tenant, untrusted files that open in Protected View or Application Guard go through an additional flow where the document is uploaded and scanned by Microsoft Defender for Endpoint.



Safe Documents detected that a user had opened a malicious file and prevents them from exiting the Protected View container


Safe Documents takes away the guesswork by automatically verifying those documents against the latest known risks and threat profiles before allowing users to leave a protected environment like the Protected View or Application Guard. Learn more about Application Guard for Office and Safe Documents.



Microsoft 365 Apps will let you know when an untrusted file is being opened with Application Guard.



Microsoft 365 Apps indicates the file is from an untrusted source, then you can edit the file in the secure container that’s isolated from the rest of your data through hardware-based virtualization.


We’re excited to share the security capabilities we’ve been working on for Microsoft 365 Apps at this year’s Microsoft Ignite, watch the on-demand session to learn more. We look forward to hearing your feedback so we can make improvements that continue to keep users secure no matter where they are. Join our experts for the Ask Microsoft Anything session on October 14, 2020, at 9 am PT for any questions you have about security improvements, servicing, and deployment of Microsoft 365 Apps.


Safe Documents and Application Guard are available to participating organizations that have Microsoft 365 E5 or Microsoft 365 E5 Mobility + Security licenses.


*Safe Documents is generally available today.


**Application Guard is currently in Public Preview.

No Comments

Post a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Steve’s been with SMB Suite since 1998 and has been involved with nearly every aspects of the Company’s business as a strategist, professional services executive, cloud solutions architect, and senior consultant. In his current role, Steve is responsible for SMB Suite’s revenue and oversees the execution of ERP, CRM and BI projects for customers across a broad range of industries. Steve combines his expertise in MS Dynamics GP, CRM and other Microsoft products with a strong foundation in accounting and business to identify gaps and streamline customers’ processes. Prior to co-founding SMB Suite, Steve was previously Corporate Controller for MEHLE Behr and, prior to that, Audit Senior for Ernst & Young. Steve holds a Bachelor of Business Administration degree from the University of Texas at Arlington.

Jeremy is responsible for SMB Suite’s technology vision, strategy and implementation and is the architect of the Company’s Dynamics Cloud Platform. Highly adept in every facet of managed services, ERP systems and e-commerce platforms, Jeremy’s expertise spans the implementation and support of business and financial software solutions, as well as the customization and integration of SMB Suite’s cloud ERP technology stack. He holds numerous Microsoft and industry-related certifications, and was primarily responsible for designing the Company’s progressive business services platform in the early days of the Cloud. Prior to SMB Suite, Jeremy served as the financial analyst, systems administrator, and information systems liaison for a $2 billion financial services corporation.

Monty is responsible for SMB Suite’s day-to-day operation and, most importantly, its customers. As a leader, motivator and mentor, Monty creates loyal high performance teams willing to “walk through walls” to accomplish their goals. Prior to SMB Suite, Monty served as President of The Bradshaw Group (TBG), a global distributor, manufacturer, and repair facility for digital printers. In this role, he was the Company’s ambassador to its most important domestic, European and Latin American customers and TBG achieved a best-in-class Net Promoter Score of 74 for its superb customer satisfaction. Prior to TBG, Monty served as the General Manager of Sam’s Clubs three highest grossing U.S. stores and was named Regional Operator of the Year in 1999. Monty holds a BBA in Marketing from Texas Tech University and is an active member of Business Navigators. He has been active in Vistage International, Executives in Action, the Dallas/Fort Worth Retail Executives Association, as well as, A.P.I.C.S., the leading professional association for supply chain and operations management. Monty also volunteers with Hunger Busters and ManeGait, a therapeutic horsemanship organization.

David is a proven financial and information technology professional with expertise in providing business accounting software and computing solutions. He began his career by starting and managing a successful independent consulting practice for several years. He then launched the local systems consulting unit of Ernst & Young’s Entrepreneurial Services Group, leading the office into the hi-tech consulting arena. After successfully developing the unit for Ernst & Young, David founded NextCorp (which became SMB Suite in 2013) to serve the business software needs of clients throughout the US. David has made SMB Suite one of the best cloud ERP providers in the industry. In addition to being a successful entrepreneur and leader, he is a software and technology specialist, holding certifications in various Microsoft and other technologies.