Skip to main content
Skip to main content
Security

Securing and governing data in a new hybrid work reality

  • Alym Rayani General Manager, Compliance Marketing

The past year has led to an evolution in not only how we think about work, but more importantly, where work gets done. Arguably, gone are the days that your organization’s data is limited to the protected confines of your corporate network as your people continue to work remotely, return in some capacity to the office, or even adopt some hybrid of the two. With your people working across networks, devices, clouds, and apps, how do you ensure your data remains not only secure but compliant?

A culture of security starts by securing data where people get work done. We have been investing in innovation to make this easier, and I’m sharing with you some additional capabilities that enable you to extend data protection and governance across apps, clouds, endpoints, and on-premises file repositories that keep your people collaborative and productive while ensuring your most valuable asset—your data—remains secure and compliant wherever it lives.

Co-authoring of Microsoft Information Protection-protected documents now available in preview

With the shift to remote work, people are creating, storing, and sharing data in new ways. Collaboration and productivity are critical to getting work done, but you still need to ensure that the data remains safe wherever it is. Data classification in Microsoft Information Protection protects your business-critical data so your people can collaborate securely without having to sacrifice productivity.

Today we are announcing the ability for multiple users to simultaneously edit a Microsoft Office document that has been encrypted using Microsoft Information Protection, now in preview. In the past, you had to choose between encrypting sensitive content and collaborating on it. If you encrypted the content, only one person could edit at a time. Everyone else would be locked out, and AutoSave would be disabled to preserve the encryption. With this new unique capability, multiple people can now be co-authors on a Word, Excel, or PowerPoint document simultaneously, frictionlessly, with auto-save, while maintaining the sensitivity labeling and document protections.

Learn more on Microsoft docs and Tech Community.

Microsoft 365 data loss prevention now available in preview for Chrome and on-premises

Enabling a comprehensive and flexible approach to data loss prevention solutions is one of the most important ways to protect your data.  We have been investing heavily in this area, and our unified Data Loss Prevention (DLP) solution—a key part of Microsoft Information Protection—understands and classifies your data, keeps it protected, and prevents data loss across Microsoft 365 Apps (including Word, PowerPoint, Excel, and Outlook), services (including Microsoft Teams, SharePoint, and Exchange), third-party software as a service (SaaS) applications, and more—on-premises or in the cloud. Microsoft’s unified data loss prevention approach provides simplicity, enabling you to set a data loss prevention (DLP) policy once and have it enforced across services, endpoints, and first-and third-party apps.

A few months ago, we announced Endpoint DLP, which provides built-in data loss prevention into Windows 10 and Microsoft Edge. Today we’re announcing that we are extending Microsoft’s unified DLP capabilities natively to Chrome browsers and on-premises file shares and SharePoint Server.

You can learn more about this preview on Tech Community.

Microsoft Azure Purview provides new multi-cloud support

In December 2020, we announced Azure Purview, a unified data governance service that facilitates the mapping and control of organizational data no matter where it resides. Azure Purview is integrated with Microsoft Information Protection, which means you can apply the same sensitivity labels defined in Microsoft 365 Compliance Center to your data in Azure.

Today we’re sharing that we are extending Azure Purview’s ability to automatically scan and classify data to other platforms, such as AWS Simple Storage Services (S3), SAP ECC, SAP S4/HANA, and Oracle Database. Available now in preview, you can now automatically scan and classify data residing within various on-premises data stores using the Azure Purview Data Map.

We are also expanding the insight available within Azure Purview. Available now in preview, Azure Purview can now scan Azure Synapse Analytics workspaces, which enables you to discover and govern data across your serverless and dedicated SQL pools. This expands on Azure Purview’s existing tools enabling customers to scan data across various sources via out-of-the-box connectors in the Data Map.

You can learn more in the Azure Purview blog.

Microsoft 365 Insider Risk Management Analytics available in preview

Another important component of securing your data as people work in new and different ways is effectively managing insider risk. Balancing the ability to quickly identify and manage insider risks while maintaining a dynamic culture of trust and collaboration is a priority for security leaders.

With privacy built-in, pseudonymization on by default, and strong role-based access controls, Insider Risk Management in Microsoft 365 is used by businesses worldwide to quickly get started using machine learning to identify insider risks and take action with integrated collaboration workflows.

Today we’re announcing Microsoft 365 Insider Risk Management Analytics, which can identify potential insider risk activity within an organization and help inform policy configurations. With one click, customers can have the system run a daily scan of their tenant audit logs, including historical activity, and leverage Microsoft 365’s Insider Risk Management Machine Learning engine to identify potential risky activity with privacy built-in by design. Insider Risk Management Analytics will start rolling out to tenants in public preview in mid-March 2021.

For more information, check out the Tech Community blog.

Continued investments to help you address compliance and risk

We’ve been hard at work across our entire portfolio to ensure you have the capabilities you need to protect and govern your data while addressing regulatory compliance and eDiscovery. Here are a few more announcements we’re making today:

  • Additional assessment templates and enhanced capabilities in Compliance Manager to increase regulation visibility, further enrich the user experience, and save you valuable time.
  • Further guidance to get started with Advanced Audit to support your forensic investigations when you suspect a data breach.

In addition, our partner ecosystem plays a critical role in helping you to address your compliance and risk management needs. I’m announcing today that we are expanding the Microsoft Intelligent Security Association (MISA) to include risk management and compliance partners to enable greater scale and customization.

We will continue to innovate and work closely alongside you, our partners, and the industry to improve compliance and security for everyone. We’re on this journey together.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.