Security operation selection using machine-learned model in document management system

What is claimed is: 1. A method comprising: presenting, to a user of an online document system, a plurality of sets of security operations within a security policy customization interface, each set of the plurality of sets of security operations associated with a measure of security and comprising one or more security operations that, when performed, improve security within a document creation or execution process; receiving, from the user, a selection of sets of security operations; computing, by the online document system, an aggregate measure of security based on the measures of security associated with the selected sets of security operations; in response to the aggregate measure of security being less than a threshold measure of security, applying a machine-learned model to characteristics of the user to identify additional sets of security operations to recommend, the additional sets of security operations, when combined with the selected sets of security operations, resulting in an updated aggregate measure of security that exceeds the threshold measure of security; and modifying, by the online document system, the security policy customization interface to include a recommendation for the additional sets of security operations. 2. The method of claim 1 , further comprising: receiving, from the user, a selection of a security standard, the security standard associated with a minimum measure of security; and updating the threshold measure of security based on the minimum measure of security. 3. The method of claim 1 , wherein computing the aggregate measure of security further comprises: responsive to determining whether two or more sets of security operations include overlapping security operations, reducing the aggregate measure of security. 4. The method of claim 3 , further comprising: responsive to determining that two or more sets of security operations include overlapping security operations, modifying the security policy customization interface to include a recommendation to remove a set from the two or more sets of security operations. 5. The method of claim 1 , wherein the machine-learned model is trained using a training data set including features of historical users and sets of historical security operations selected by the historical users. 6. The method of claim 5 , wherein the training data set further includes features of a document created or executed by a historical user. 7. The method of claim 1 , wherein the machine-learned model is configured to minimize a number of sets in the recommended additional sets of security operations. 8. A non-transitory computer-readable storage media containing computer program code that, when executed by one or more processors, causes the one or more processors to perform steps comprising: presenting, to a user of an online document system, a plurality of sets of security operations within a security policy customization interface, each set of the plurality of sets of security operations associated with a measure of security and comprising one or more security operations that, when performed, improve security within a document creation or execution process; receiving, from the user, a selection of sets of security operations; computing an aggregate measure of security based on the measures of security associated with the selected sets of security operations; in response to the aggregate measure of security being less than a threshold measure of security, applying a machine-learned model to characteristics of the user to identify additional sets of security operations to recommend, the additional sets of security operations, when combined with the selected sets of security operations, resulting in an updated aggregate measure of security that exceeds the threshold measure of security; and modifying the security policy customization interface to include a recommendation for the additional sets of security operations. 9. The non-transitory computer-readable storage media of claim 8 , further containing computer program code that, when executed by the one or more processors, causes the one or more processors to perform steps comprising: receiving, from the user, a selection of a security standard, the security standard associated with a minimum measure of security; and updating the threshold measure of security based on the minimum measure of security. 10. The non-transitory computer-readable storage media of claim 8 , wherein computing the aggregate measure of security further comprises: responsive to determining whether two or more sets of security operations include overlapping security operations, reducing the aggregate measure of security. 11. The non-transitory computer-readable storage media of claim 10 , further containing computer program code that, when executed by the one or more processors, causes the one or more processors to perform steps comprising: responsive to determining that two or more sets of security operations include overlapping security operations, modifying the security policy customization interface to include a recommendation to remove a set from the two or more sets of security operations. 12. The non-transitory computer-readable storage media of claim 8 , wherein the machine-learned model is trained using training data set including features of historical users and sets of historical security operations selected by the historical users. 13. The non-transitory computer-readable storage media of claim 12 , wherein the training data set further includes features of a document created or executed by a historical user. 14. The non-transitory computer-readable storage media of claim 8 , wherein the machine-learned model is configured to minimize a number of sets in the recommended additional sets of security operations. 15. A system comprising: one or more processors; and a non-transitory computer-readable storage media containing computer program code that, when executed by the one or more processors, causes the one or more processors to perform steps comprising: presenting, to a user of an online document system, a plurality of sets of security operations within a security policy customization interface, each set of the plurality of sets of security operations associated with a measure of security and comprising one or more security operations that, when performed, improve security within a document creation or execution process; receiving, from the user, a selection of sets of security operations; computing an aggregate measure of security based on the measures of security associated with the selected sets of security operations; in response to the aggregate measure of security being less than a threshold measure of security, applying a machine-learned model to characteristics of the user to identify additional sets of security operations to recommend, the additional sets of security operations, when combined with the selected sets of security operations, resulting in an updated aggregate measure of security that exceeds the threshold measure of security; and modifying the security policy customization interface to include a recommendation for the additional sets of security operations. 16. The system of claim 15 , further containing computer program code that, when executed by the one or more processors, causes the one or more processors to perform steps comprising: receiving, from the user, a selection of a security standard, the security standard associated with a minimum measure of security; and updating the threshold measure of security based on the minimum measure of security.