Office Cloud Policy Service and Security Policy Advisor Preview (Video)

Office Cloud Policy Service and Security Policy Advisor were recently released into public preview by Microsoft. Security policies are an incredibly important part of reducing risk, maintaining compliance, and building a robust, secure IT ecosystem. But, setting up security policies can be a headache. That’s probably why only 39% of organizations set up security policies. It’s difficult!

Microsoft — who has been on the forefront of enterprise security with their Office 365 solutions — has recently rolled out two essential services that will help businesses introduce security policies into their Microsoft tenants. Office Cloud Policy service and Security Policy Advisor are both fantastic additions to the already plentiful Microsoft security solutions.

A Quick Overview of Security Policies

Security policies are rules that you define for users within your IT infrastructure. You can set up security policies on almost any device (it can be challenging with some apps) in your environment.

Since 58% of businesses use Microsoft cloud services — and the vast majority of enterprises, many of the security policies that you enact will be directly in Office 365.

Of course, setting up security policies in an environment as complex and far-reaching as Office 365 can be difficult. Policies are continually changing, regulations shift, and compliance gets increasingly sophisticated every year.

To combat this, Microsoft has been ramping up its security policy services over the last few years. These two additions are a reflection of Microsoft’s commitment to improving the implementation of security policies in their environments.

What is Office 365 Cloud Policy Service?

When IT wants to set up security policies for Office 365 ProPlus users, they typically turn to the Office Customization Tool. While the Office Customization Tool does a great job at letting IT define security policies, it doesn’t protect against users overriding those settings. The new Office 365 Cloud Policy portal lets IT leverage ProPlus’s Click-to-Run services to set user policies (currently only accepts user-based policies).

Currently, the Cloud Policy service is only available for those with at least Version 1808 of Office 365 ProPlus. And, it can only impact users that are either created in Azure Active Directory (AAD) or those users that are synchronized to AAD. The great thing about the Cloud Policy service is that it’s built to support “non-domain joined and non-MDM managed scenarios.” So, if you also use Intune, Cloud Policy services security policies will override the Intune policies.

Also, since accounts don’t have to be domain joined or MDM-managed, Cloud Policy service can target both corporate devices and BYOD setups.

Here’s how it works:

  1. IT professionals can sign into the portal and set up user-based policies.
  2. Then, they can target a specific AAD security group and assign policies to users based on their group.
  3. When users log in to any system, they are checked against the policies (every 90 mins) and the security policies are enforced.
  4. The portal will send automatic health checks so IT professionals can see which policies are being enacted on which users.

Overall, this gives IT staff the ability to target non-MDM and non-domain devices with granular security policies that can’t be bypassed by the end-user and take precedent over Intune policies. Note: You can start using this TODAY over at

What is Security Policy Advisor Preview?

Office Cloud Policy Service and Security Policy Advisor

Security Policy Advisor isn’t used to set policies; it exists to help manage them. By leveraging your specific businesses policy workflows, Security Policy Advisor displays critical policy recommendations based on the way that your users are using Office 365 ProPlus. Not only does it use intelligence to analyze threats and display action recommendations, but it actually shows you exactly how specific users will be impacted by any policy changes.

This is huge. The guesswork that goes into the modern security policy ecosystem can introduce risk factors. This tool aims to eliminate most of those risks. Really, it gives you more power over your IT environment.

How it works:

So, let’s say that you have VBA macros enabled on Word. Security Policy Advisor may see that users interactions with this feature is introducing risk into your environment. It will then recommend that you disable VBA macros within Word. And it will show you how this will impact users. To actually make the change, you simply have to click the recommendation and it automatically applies the policies. The same goes with policy rollbacks.

Let’s say that you enacted a policy two months ago that’s not outdated and unnecessary. Maybe you set up other policies that also covered this policy. Or, let’s say that this policy is no longer relevant given your current app environment. Security Policy Advisor will discover this and give you insights into why you should change it. Then, you click the button and POOF; it’s changed.

Note: Currently, Security Policy Advisor is only available for preview in English. Over the coming weeks, Microsoft is rolling out more availability. If you have ProPlus, you can start using this right now. You can set up policies, and it will display relevant data and recommendations. Check it out through the Office client management portal.


Security has become a critical driver of business success. 87% of business execs say that they need to spend at least 50% more on security next year. Breaches can damage business reputation, impact profits, and destroy customers’ trust. Security policies are a great way to minimize internal security risks within the IT ecosystem.

The majority of businesses utilize Office 365 as their core internal app cloud service. Whether that’s for exchange, Word, or any other tools in Microsoft’s suite, businesses rely on Microsoft to drive their core IT ecosystem.

To help with security policy ease-of-use and clarity, Microsoft recently launched two new services — Office Cloud Policy service and Security Policy Advisor preview. Both of these will help companies create better security policies within their specific ecosystems. And they each use intelligence to base policies off of specific business needs with Office 365 ProPlus.

If you are seeking expert security and compliance for your business, REQUEST A QUOTE.

Published on: .

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

How can we help?


Let's start a conversation

location Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

telephone-icon + 1 (619) 292-0800 mail-icon

Don’t want to wait for us to get back to you?