New Microsoft 365 tools for security, risk management and compliance
At this week’s Inspire 2020 partner conference, Microsoft introduced new Microsoft 365 tools for security, risk management, and compliance for remote working. The company announced its Endpoint Data Loss Prevention solution and Double Key Encryption in public preview. Other security announcements include new insider risk management and communication compliance features in public preview.
These additions are intended to help companies better protect their data, especially given the shift to remote working in recent months. Microsoft argues that organizations need to re-evaluate their security and risk management practices as employees gain access to business data on home computers and collaborate in new ways.
“The shift to remote working has reinforced two key priorities for our customers: preventing data breaches and mitigating risks within the organization,” Alym Rayani, senior director of compliance marketing at Microsoft, said in a press conference. “Now many customers tell us that identifying, protecting, and managing their data status is a challenge. More than half of security compliance decision makers now tell us that data breaches are their biggest challenge. Moreover, most organizations feel vulnerable to risks from within, whether unintentional or malicious. Increasing remote working makes customers feel more vulnerable than ever to risks that come with their organization. We’ve listened and accelerated technical timelines to help our customers meet these needs now. “
Endpoint Data Loss Prevention
Microsoft 365 already includes built-in capabilities to prevent data loss in Microsoft Teams, SharePoint, Exchange, and OneDrive. Microsoft is now expanding data loss prevention to the end point with the Endpoint Data Loss Prevention (DLP) public preview. The new preview will help organizations “better protect and manage data on the device itself,” according to Rayani.
Endpoint DLP is built into Windows 10, Microsoft Edge, and the Office apps. It provides data-based protection for sensitive information to prevent risky or inappropriate sharing, transmission, or use of sensitive data in accordance with an organization’s policies. As Endpoint DLP builds on existing DLP capabilities in Microsoft 365, you’ll see when sensitive data is accessed directly in the Microsoft 365 Compliance Center (pictured above).
Dual key encryption
The Double Key Encryption public preview is intended to meet specific data privacy and rule compliance requirements. For example, some organizations in highly regulated industries need to have full control over the encryption key.
With double key encryption’s public preview, you can protect your most confidential data by providing two keys: the first is in your management and the second is in Microsoft Azure. Viewing the data requires access to both keys. Since Microsoft only has access to the key in Azure, the company claims it doesn’t have access to your data.
Insider Risk Management
In February, Microsoft announced the general availability of Insider Risk Management. The service uses AI and machine learning to identify anomalies in user behavior and flag risky activities. In particular, ML algorithms take into account variables such as file activity, communication sentiment, and abnormal user behavior. Microsoft promises that the tool identifies patterns and risks in a privacy-containing manner (names are anonymized).
Today’s public preview increases the quality of signals insider risk management uses to intelligently highlight potentially risky behavior. New categories include extended Windows 10 signals (e.g. Files copied to a USB or transferred to a network share), integration with Microsoft Defender ATP for endpoint security signals, more native signals from across Microsoft 365 (including Teams, SharePoint, and Exchange), and improvements to the native HR connector.
Microsoft argues that these updates are especially important now, as remote working increases the number of distractions and stressors we face. Shared home workstations, remote learning for children, and possible job loss or safety issues all increase the likelihood of accidental or malicious leaks.
Communication Compliance in Microsoft 365, which was also released in February, intelligently helps organizations detect regulatory compliance and code of conduct violations, including threats and harassment in the workplace. The feature can now be particularly useful, given the increased number of messages sent through collaboration platforms and the heightened awareness around diversity, equality and inclusion.
Communication Compliance gets image detection and enhanced review capabilities in public preview. That includes intelligent pattern detection to prioritize repeat offender alerts, a global feedback loop to improve detection algorithms, and comprehensive reporting capabilities. Additional third-party connectors to expand capabilities to sources such as Bloomberg Message data and ICE Chat data are now also available. And if you use Microsoft Teams, you’ll get enhanced recovery actions, such as the ability to delete messages from the Teams channel. Most importantly, Microsoft promises that there will soon be support for Slack and Zoom.