Microsoft has released in preview a new type of security policy advisor for business customers using Office 365 ProPlus.
Unlike past tools, this new cloud offering promises to be more tailored to individual businesses. It will continually monitor Office software use, making changes in security settings as appropriate.
The Security Policy Advisor tracks how staff use Office within an organization. The info shows how many staff will be affected by a change in security policy. For example, if macros are disabled in Excel, how many or how often will staff even notice that change?
In this Microsoft-supplied example, the recommended Word macro policy setting is ‘disable without notification’. Individual users can’t override that. Admins see how many users were targeted by a file with a malicious macro (5 out of 24 users) and which users were targeted. Also, that just one staff member tried to open a macro-enabled document.
This isn’t a one-off selection. SPA continues to monitor employees use of Office over time, offering changed security recommendations as necessary.