Blog Post

Security, Compliance, and Identity Blog
4 MIN READ

Enabling Multi-Cloud Compliance

HammadRajjoub's avatar
HammadRajjoub
Icon for Microsoft rankMicrosoft
May 25, 2021

We know that the vast majority of enterprise customers have multi-cloud strategies. Our customers want and need to integrate Microsoft compliance solutions - including Information Protection and Governance, Insider Risk Management, eDiscovery as well as Compliance Management - with their other existing security, compliance, and identity-related investments. That is why we are building our Compliance platform to be extensible and address our customers’ multi-cloud reality. To that end, we see extensibility as a horizontal capability and developers as a key enabler of this across all compliance solutions.

 

Multi-cloud data access

To enable our customers to apply Microsoft Compliance value to their entire data landscape including Microsoft and non-Microsoft systems we have an extensible data connector platform. To learn more about how a global bank leveraged our data connectors to modernize communication and collaboration without compromising on security and compliance needs read this success story. We are constantly adding new data sources, you can learn more about available data connectors here.

For in-place compliance value spanning structured and unstructured data, we have Azure Purview that covers cloud data repositories such as AWS S3 buckets. To learn more about available non-Microsoft data sources and the latest innovations in Azure Purview view our latest blog here.

 

APIs for integration

To enable system-level integrations and enabling compliance in the flow of work - we are doubling down on our APIs investments. We have announced multiple Microsoft Graph APIs that developers can use to enable Compliance-related scenarios including Advance eDiscovery (AeD), Data Loss Prevention (DLP) and Teams Export, etc. The Microsoft Information Protection SDK also enables discovery, classification, protection, and monitoring of sensitive data across various SaaS/LOB apps. To learn more about the latest on MIP SDK read this blog post.

Today, we are excited to announce that we are enabling compliance for enterprise app data ingested through Microsoft Graph Connectors as well as several enhancements to our existing Microsoft Graph API for AeD.

 

Built-in Compliance for Microsoft 365-connected apps

With Microsoft Graph connectors, organizations can index third-party data so it appears in Microsoft Search results. This feature expands the types of content sources that are searchable in your Microsoft 365 productivity apps and the broader Microsoft ecosystem. The third-party data can be hosted on-premises or in the public or private clouds. We are excited to announce the developer preview of built-in compliance value – starting with Advanced eDiscovery - of Microsoft 365 connected apps. Our aim is to enable compliance for apps integrating into the Microsoft 365 ecosystem to empower our users with seamless compliance experiences.

While many apps seek enterprise adoption, companies often require compliance for enterprise data, creating some hurdles to adoption. Furthermore, our app partners seek to increase their app usage by making their products widely available across the Microsoft 365 ecosystem. This new integration of built-in Compliance for Microsoft Graph Connectors will empower our app developers and partners to enable Advanced eDiscovery on their app content and enable Microsoft 365 users to more broadly adopt compliant app solutions within the Microsoft 365 ecosystem.

Utilizing graph connectors is a powerful solution to surface 3P app data across the Microsoft 365 ecosystem. Ingesting via Microsoft Graph enables participation in compliance, enterprise search, and intelligent discovery experiences across Office, Teams, and more. These are not multiple integrations, but one to power multiple experiences. One of the great benefits of ingesting your content into graph connectors is easily lighting up Microsoft compliance to manage and take control of 3P app data.

 

Enabling Microsoft 365 connected apps as a non-custodial data location.

 

Advanced eDiscovery is a powerful solution allowing you to take control of your data in the case of any legal investigation. By ingesting your app data into the Graph, you can also light up the Advanced eDiscovery experience. Advanced e-Discovery ensures you can collect and review your data when needed, and apps can preemptively take control of their data through a single ingestion into Microsoft Graph.

 

Review set in AeD showing content from Microsoft 365 connected app

 

To learn more about how to build Microsoft 365 connected apps and how to enable them for AeD scenarios watch the Compliance ecosystem break-out session at Build conference.

 

Enhancements in Microsoft Graph APIs for Advanced eDiscovery

With AeD, organizations can respond to investigations or litigation with efficient access to collect and discover communications and collaboration content from the source; quickly assess and get estimates for the size and scope of your investigation, narrow and target to get to just the right, most relevant content to help your investigation, and find out who knew what when. With the Microsoft Graph APIs for AeD developers can establish automated, repeatable processes and integration to existing or home-grown systems.

Last year we announced the availability of Microsoft Graph API for AeD. These APIs, currently in public preview - already enable Case, Review Set/Query, Custodians, Holds, Collections/Search, and Export related scenarios. Today we are excited to share the addition of Review set tags, Non-Custodial Data Sources, and Case Settings as well. With this addition, we have completed the full end-to-end workflow for AeD automation.

 

To learn more about Microsoft Graph APIs for AeD visit aka.ms/ediscoGraph.  

 

These new capabilities enable a multitude of possibilities for developers, customers, and partners. Additionally, as recently announced, Microsoft Compliance has joined the Microsoft Intelligent Security Association (MISA) program. There are already 60+ offerings including product integrations and managed services offerings. We are very excited to see what you will build next!

 

 

Thank you,

Rudra Mitra,
CVP, Program Management, Microsoft 365 Security and Compliance Engineering
Hammad Rajjoub
Director, Product Marketing, Microsoft 365 Compliance Marketing

Updated Jul 31, 2023
Version 3.0