Microsoft is working on a couple of updates for its productivity (opens in new tab) suite that will help businesses keep closer tabs on the ways their employees are using the web.
As per a new entry (opens in new tab) in the company’s product roadmap, the Microsoft 365 (opens in new tab) compliance center (a service for IT administrators) will soon provide “increased visibility of risky activity using browsers (opens in new tab) and associated insider risk policy templates”.
A second entry (opens in new tab), meanwhile, suggests Microsoft will deploy new machine learning (ML) techniques to more accurately detect potential threats and “uncover hidden insider risks”.
- We've built a list of the best malware removal (opens in new tab) software around
- Check out our list of the best antivirus (opens in new tab) services on the market
- Here's our choice of the best ransomware protection (opens in new tab) services out there
In a break from the norm, Microsoft has simply marked these roadmap items as “in development”, without providing more specific timelines.
Microsoft 365 tackles insider threat
Although businesses face a wide range of threats from external actors, the security risk created by employees (either intentionally or otherwise) is also significant. According to projections from security firm Mandiant, for example, insider threat will account for a third of all incidents this year.
To help businesses combat this challenge, Microsoft 365 compliance center has long provided administrators with ways to configure alerts that trigger when employees perform certain actions online.
“Web browsers are often used to access both sensitive and non-sensitive files within an organization. Insider risk management allows your organization to detect and act on browser exfiltration signals for all non-executable files viewed in Microsoft Edge (opens in new tab) and Google Chrome (opens in new tab),” a Microsoft guide (opens in new tab) explains.
Under this system, administrators can choose to be alerted when a member of staff copies files to personal cloud storage (opens in new tab) or a USB flash drive (opens in new tab), for example, or when files are transferred to an insecure network share.
Although the new roadmap entries are rather vague, the suggestion is that the upgrades will provide admins with an increased level of visibility over employee behavior online (perhaps at an interface level), as well improving the likelihood that these kinds of risky activities are detected.
- Here's our list of the best VPN (opens in new tab) services around