<i>Legal Tech</i><br> What Microsoft's Recent Office 365 and Security Updates Mean for Legal

Microsoft Office 365 has always had reporting abilities to help corporations understand which users are accessing certain applications, and by extension which users are storing specific types of data. But for the most part, these reports have been limited to static Excel files that need to be downloaded onto one's local drive.

Now, Microsoft has expanded its Office365 usage analytics functionality with the addition of the Web-based interactive business intelligence tool PowerBI.

Reggie Pool, director of information governance at HBR Consulting, notes that the new tool provides a faster and easier way for corporations and legal teams to see “how content is being managed within Office365, who has access to the content, who is sharing the content, and who owns the content.”

In addition to PowerBI, Microsoft has added usage and adoption analytics for its recently released Teams application, and it plans to release similar analytics for Yammer Groups and Office 365 Groups applications in early 2018.

Pool said that such analytics can be pivotal for legal teams in e-discovery and information governance efforts, noting that it allows you to identify potential custodians “by understanding where data resides.” But he cautions that such analytics should not be exclusively relied on in information governance efforts.

“While the reporting is great, and it's great to have these analytics and understand adoption, from a corporate perspective, you are only measuring those things that are in Office 365. You're only getting a piece of the view of total organization activities,” he says.

2. Data Classification

Information governance within Office 365 also got another boost with the release of an updated data classification capability across Office 365 applications.

“Office365 really moved away from the compartmentalized way of managing content — one drive within SharePoint, one drive within Exchange,” Pool explains. “They are bringing it all together through the use of labels, so now you're allowed to use labels platform-wide.”

With the cross-application labeling, he adds, “you are applying one policy set” to all the data hosted within Office365. Such tagging, however, is still only restricted solely to content within the platform and does not address wider data classification needs corporations may have.

3. Safe Links

Building out Office 365's security features, Microsoft announced the addition of the Advanced Threat Protection safe links feature, which acts to block malicious links from being clicked within the Office365 environment.

Dana Simberkoff, chief compliance and risk officer at AvePoint, explains that with the new feature, companies can “set policies and boundaries around what kind of links are okay and not okay to click in emails and Office documents.”

She added that the safe links were designed “to help further protect companies from those kind of malicious or inadvertent mistakes employees make from clicking on a link from somebody they don't know,” or being goaded into clicking links from fraudulent email addresses or documents.

Tricking users into clicking malicious links, a practice known as phishing, is an ongoing threat for the legal industry.

4. Azure Threat Protection

Beyond safe links, Microsoft sought to broaden its cybersecurity offerings with the launch of Azure Advanced Threat Protection.

Simberkoff explains that the cloud service is akin to a “security incident event management system” that analyzes user behavior over a network to highlight and alert companies about anomalous actions, such as placing large volumes of data onto a flash drive.

Using machine learning, the cloud service aggregates and analyzes data such as network traffic, event logs, and VPN logins to create a user behavior profile, and it tracks changes in that behavior over a set time to establish what is normal and abnormal activity.

Unlike other Microsoft updates, Azure Advance Threat Protection applies to a company's entire network system, not just the activity that happens within Office365. But Simberkoff notes that such a service should not be a company's only line of cybersecurity defense.

“I think it's important to have a layered approach to security, so I don't think the Microsoft technology solution is something you would purchase instead of something else, but in addition to something else,” Simberkoff explains.

*****
Rhys Dipshan writes for our ALM sibling, Lawtechnology News, in which this article also appeared. He can be reached at [email protected], and on Twitter @R_Dipshan.