Blog Post

Security, Compliance, and Identity Blog
5 MIN READ

Foster a culture of inclusion and safety with Microsoft Teams and Communication Compliance

cfiessinger's avatar
cfiessinger
Icon for Microsoft rankMicrosoft
Jul 21, 2020
Update September 22nd, 2020: Please see these recent updates Manage a broad range of communication risks efficiently

The way we work has changed drastically over the past few months. Employees are now working remotely; new collaboration platforms such as Microsoft Teams are being adopted, and economic uncertainty and job security stresses touch all of our day-to-day lives. Additionally, diversity, equity, and inclusion are center stage. These new scenarios not only heighten an organization’s risk exposure from insiders but also highlight the need to support employees in these challenging times.

 

The coronavirus pandemic forced the rapid transformation to a remote work environment practically overnight. With more than 75 million daily active users of Microsoft Teams, the number of messages sent over communication platforms is fast growing. The explosive use of online communication paired with fewer compliance officers to review policy violations means organizations face a heightened risk from insider risks, such as insider trading or workplace harassment. Organizations could certainly benefit from an intelligent and automated solution.

 

Back in February, we announced the general availability of Communication Compliance with the ability to intelligently detect regulatory compliance and code of conduct violations within an organization’s communications and to help organizations remediate policy violations.

 

We are now excited to announce the public preview of enhanced insights and improved actions that have been built into the solution, rolling out in the coming weeks.

 

Improved remediation actions through Teams integration

 

As a result of the coronavirus pandemic, organizations are forced to communicate electronically, which has profound implications for regulatory and code of conduct compliance. And as Microsoft Teams continues to evolve as the center for collaboration and teamwork, we want to ensure that organizations can swiftly and effectively respond to communication risks. In this release, we are introducing significant enhancements to our native Microsoft Teams integration.

 

Ability to remove Teams message - in addition to detecting and remediating code of conduct violations, protecting employees or students who receive non-compliant messages is critical. In cases of harassment, threat or sending of adult content, the messages can be very upsetting or offensive to recipients. Communication Compliance can now remove a message from the Teams chat or channel, so that the recipients do not have to see the message. Instead, the message will be replaced with a policy tip explaining that it was removed due to sensitive content.

 

[Above: During the remediation process, the reviewer can select multiple messages to remove from Teams channels or groups. The message will be replaced with a policy tip.]

 

Teams chat support for on-premises mailboxes - We also understand that not all organizations have fully migrated to Exchange Online but still have the need to start using Microsoft Teams. To align with this customer need, we now support Teams chat insights for Exchange hybrid deployment where the user's primary mailbox is located on-premises.

 

Automatically add all of user’s Teams memberships - Due to the rapid increase in Microsoft Teams adoption, individuals are part of multiple Teams channels and groups. Manually adding each Team during the policy setup process becomes a challenge. Communication Compliance can now determine which Teams an individual is a member of and can automatically add them, reducing the burden on the IT team to update policies.

 

Expanded visibility across communication sources and third-party solutions

 

While having the ability to detect non-compliant communications through text is an important feature of our solution, communications extend beyond text and across various platforms. In this release, we broadened detection capabilities to images and to new third-party connectors.

 

Ability to detect adult content - A form of communication that is becoming ever more popular is conversing through images, which puts organizations at risk of employees sharing illicit images over communication platforms. To help address this risk, we worked with Azure Computer Vision to identify adult, racy, and gory content in communications through image detection. These new patterns will allow organizations to take action on individuals who share adult content in the workplace or virtual classrooms.

 

Additional third-party connectors - We have also invested in enabling a rich ecosystem of third-party solutions, proving a more complete end-to-end solution for our customers. In addition to scoping policies to Microsoft 365 locations, such as Exchange, Teams, Skype, and Yammer, the solution also supports third-party native sources, including Bloomberg Message data, ICE Chat data and more to come.

 

More granular rules-based access controls – We are introducing new Communication Compliance roles to help customers better manage roles and responsibilities across the different solution stakeholders (e.g. IT, legal, compliance, etc.). Roles have been separated into four categories: administrator, investigator, analyst and viewer with more granular permissions. We have also added pseudonymization of the data to prevent biases in the review process.

 

Enhanced insights to make the review process simpler and less time-consuming

 

The increase in communication volume makes it difficult for compliance managers to review an organization’s communications and to focus on the violations that are most pressing. Additionally, it highlights the need to provide rich reporting insights to better understand behavioral trends within the organization. In this release, we have invested further in our machine learning and analytic capabilities.

 

Detect repeated behavior over time - We have enhanced the solution through intelligent pattern detection, with the ability to detect repeat policy offenders. Surfacing repeated policy violations over time not only helps flag bullying patterns but also allows the reviewer to prioritize remediation actions. In addition to the current ability to detect near duplicates, pattern detection provides context to an investigator about an employee’s behavior over time.

 

[Above: A message has been flagged for repeated offense over the past 30 days, indicating a bullying pattern.]

 

Machine learning feedback loop - We have also made significant investments into our intelligence capabilities, with enhanced machine learning and artificial intelligence-based detection. By integrating with the machine learning feedback loop, we are introducing the ability to our tenants to retrain the model, effectively improving the detection algorithm. Over time, this feedback loop will allow customers to help make the model more accurate, reduce false positives and re-grade the data within their customer tenant.

 

[Above: A message was flagged for threat and profanity sentiments. The customer can provide detailed feedback on whether each classification is valid or suggest other trainable classifiers.]

 

Policy match reports - We enhanced the solution’s reporting capabilities with the introduction of the following policy match reports:

  • Policy settings and status: provides a detailed look at policy configuration and settings, as well as general status for each of the policy (hits and actions on messages)
  • Review queue status: provides the list of messages matched and reviewed by investigators and analysts for each policy
  • Review queue status by location: provides the list of messages matched and reviewed by investigators and analysts for a specific policy by supervised channel such as email, Teams, Instant Bloomberg, etc.

Get Started

 

The new features in Communication Compliance will start rolling out to customer’s tenants in the coming weeks. Communication Compliance is part of a broader set of Insider Risk Management solutions that help organizations mitigate insider risks and policy violations in Microsoft 365 E5, including Insider Risk Management, Information Barriers and Privileged Access Management. Together, these solutions are a powerful tool allowing organizations to identify and act on critical insider threats.

 

You can sign up for a trial of Microsoft 365 E5 or navigate to the Microsoft 365 Compliance Center to get started today.

 

Learn more about what’s new with Communication Compliance and how to get started and configure policies in your tenant in this supporting documentation. We look forward to hearing your feedback.

 

Thank you,

cfiessinger , Principal Program Manager, Microsoft 365 Security and Compliance Engineering

Updated May 11, 2021
Version 13.0
  • cfiessinger thank you for your valuable information.

    One important challenge is when someone is using methods to bypass detection like instead of saying hate will say H A T E or H@te , we may use regular expression in addition to keyword filtering to detect and block them but the algorithm itself to detect such pattern is challenging. 

    I need to share feedback here that having abuse button would be nice, so there should be interface like report abuse like what we have in Skype and other platform and when abuse is being reported, it should be rotated to responsible person in organization, it could be IT team or new rule like Abuse Moderator and they could see manual report.

    There is need to be policy to disable this interface and some other options. 

  • cfiessinger , this is long story we have been facing in emails and cybercriminals trying their best to bypass anti-spam and we need to fight them back and this is ongoing agenda.

    The feature you mentioned would be very helpful. AI might do something but there are still false-positive and false-negative and there is need for local moderation too (in case companies want such feature).

  • Reza_Ameri-Archived you are correct that by nature language evolves and keyword or regular expressions can only go so far, hence the use of machine learning to detect behaviors. 

    I like your feedback and happy to share that we are working on such feature: empower end users to report non appropriate content, stay tune for more information.