Blog Post

Security, Compliance, and Identity Blog
4 MIN READ

What’s New and What’s Coming in Information Protection?

Arvind_Chandaka's avatar
Oct 19, 2020

Throughout the last several months there have been many new features, updates, and happenings in the world of Information Protection at Microsoft. As we continue to build out more of this story, we wanted to use this opportunity to connect with customers, partners, and more on some of these updates to keep you informed and provide a single pane of glass on everything we have been working on for the last several months. In addition, we hope to give you some insight into the next big things being built within MIP overall. In the future, we hope to release this blog quarterly, providing you the most important and relevant updates to look for in this area and  continuing to drive great customer experiences.

 

Microsoft Information Protection:

 

SharePoint Online (SPO) support for Sensitivity Labels, Co-authoring + Web-apps

  • Enables SPO to process/store/index/search labeled/protected Office files
  • Office web-apps support labeled/protected files and enable co-authoring

 

General Availability: Microsoft Information Protection sensitivity labels in Teams/SharePoint sites/O365 Groups

  • You can now associate a sensitivity label with policies related to privacy, external user membership, and unmanaged device access.

 

 

Unified Labeling Scanner Network Discovery Feature

  • New network discovery component that is now available in public preview enables you to map your file shares by scanning IP ranges and reporting on found shares and their exposure level.
  • Exposure level can be used to prioritize the onboarding of this newly discovered shares to content scan job for deeper file inspections in these shares.

 

 

General availability of automatic classification with sensitivity labels in Microsoft 365 services

  • You can create an auto-labeling policy with rules tailored for your organization’s sensitive data, targeting specific locations in your enterprise. A policy can either be in simulation or active mode. You can run the policy first in simulation mode and if the results satisfy your organization’s needs then you can proceed and publish the policy.

 

Announcing General Availability of Unified Labeling in GCC and GCC-H Environments

  • GCC and GCC-H customers are now able to migrate sensitivity labels and label policies in the Azure Information Protection blade to the new label management portal, Microsoft 365 Compliance Center.

Announcing general availability of Microsoft Information Protection in Power BI

  • The same sensitivity labels you use to classify and label data in Microsoft365 apps (e.g. Excel) can now be used to classify and label sensitive data in the Power BI service too.
  • ***What’s Coming*** - MIP sensitivity labels in Power BI desktop (preview in December) enable creators to apply sensitivity labels and protection on PBIX files while author dataset and reports in Power BI desktop in addition to mandatory label policies in Power BI.

 

Announcing public preview of Microsoft Endpoint Data Loss Prevention

  • Endpoint DLP is native to Windows 10 and the new Microsoft Edge browser. There is no need to install or manage additional DLP software on Windows 10 machines (Version 1809+) anymore. Endpoint DLP is managed via the cloud and the Microsoft 365 compliance center, eliminating the need to deploy and operate additional consoles, event management systems, databases, and hardware on premises.

 

 

Announcing General Availability of Double Key Encryption for Microsoft 365

 

 

 

Announcing GA: Mark new files as "sensitive by default" in OneDrive & SharePoint

  • When new files are added to SharePoint or OneDrive in Microsoft 365, it takes additional time for the Office Data Loss Prevention (DLP) policy to scan the content and apply rules to help protect sensitive content. If external sharing is turned on, sensitive content could be shared and accessed by guests before the Office DLP rule finishes processing.

 

PREVIEW – Labels as DLP condition in SPO/OD/EXO/PC

  • Allows use of a label as a condition to trigger a DLP Rule
  • If DLP Policy covers SPO/OD, then Teams attachments are covered

 

***What’s Coming*** - Unifying logging

  • Work is being done to bring it all to the M365 Audit log, and to consume these logs from the Data classification Content and Activity explorers for unified Logging and reporting.

 

2020 Ignite Information Protection Related Sessions:

 

For more information, take a look at some of our most recent Ignite Sessions on Information Protection:

 

 

Additional Information:

 

Updated Sep 21, 2021
Version 6.0