Today’s post is from Alym Rayani, director, Office 365 security & compliance team
We’re excited to share several Office 365 security and compliance announcements and updates – as part of the news announced at the Microsoft Ignite conference. These new capabilities and enhancements provide a more complete and integrated set of solutions – enabling customers to better protect, detect and respond to threats. I’ll cover the highlights across each of the areas here, with deeper dives to follow during the course of this week at Ignite.
There are several feature updates to Office 365 threat protection services that address the evolution and advances in the threat landscape.
Updates to Office 365 Advanced Threat Protection (ATP):
Later this year, we’ll be adding new intelligence to enhance our protection against domain spoofing. We’ll also deliver improved impersonation detection to help prevent business email compromise and sophisticated spear phishing attacks. We’ll provide users safety tips when emails that impersonate a known contact land in a user’s inbox.
Learn more about these updates in the Advanced Threat Protection blog.
New in Office 365 Threat Intelligence:
Begin your Threat Intelligence trial today!
Achieving organizational compliance can be very challenging. We’re introducing several updates that will help you stay up-to-date with all the regulations that matter to your organization and to define and implement the right controls.
Introducing Compliance Manager
Today we’re introducing Compliance Manager, a new compliance solution that helps you manage your compliance posture. Compliance Manager enables you to conduct real-time risk assessment, providing one intelligent score that reflects your compliance performance against data protection regulatory requirements when using Microsoft cloud services. You will also be able to use the built-in control management and audit-ready reporting tools to improve and monitor your compliance posture. Read our blog to learn more about Compliance Manager, and sign up for the preview program, which will be available starting in November.*
Updates to Advanced eDiscovery:
This feature is currently in preview and requires an Advanced eDiscovery license for each user whose data is being analyzed. Later this year, in addition to Advanced eDiscovery licenses, this feature will require the purchase of the eDiscovery Storage plan for all non-Office 365 data imported into the specifically assigned Azure container for analysis by Advanced eDiscovery. The eDiscovery Storage plan comes in increments of 500GB of storage and is priced at $100 per month.
New in Advanced Data Governance:
Announcing general availability of Customer Key
Customers have been asking for the option to use customer-managed encryption keys in Office 365 to meet their compliance needs. Today, we are introducing Customer Key, which enables organizations to provide and control their own encryption keys used to encrypt mailboxes and files in Office 365. Customer Key can help organizations meet compliance obligations that specify key management arrangements with their cloud service providers.
Due to the risk of data deletion, Customer Key also offers increased protection from lost or destroyed keys and provides added data integrity and availability. Customers can verify activity related to Customer Key within their tenant, and the feature will be included in an upcoming SOC audit.
Preparing for the GDPR
Our announcements at Ignite add to the extensive built-in Office 365 security and compliance capabilities that are helping organizations prepare for the GDPR. Customers are choosing to simplify their compliance journey by using these integrated management tools that provide a single place for data governance and auditing. These intelligent tools offer better ways to manage and protect your data across the apps, services and devices that people use every day. For more details on these and other capabilities, read the new whitepaper "Accelerate your GDPR compliance journey with Microsoft 365 GDPR".
We have a number of updates that help you identify, classify, protect, and monitor your critical data.
Enhancing integration across our information protection solutions
Microsoft’s Information Protection solutions help you identify, classify, protect and monitor your sensitive data – as it is created, stored or shared. We’re making several investments across our information protection solutions – helping provide more comprehensive protection across the data lifecycle. A key part of this vision is to provide a more consistent and integrated classification, labeling and protection approach across our core information protection technologies – enabling more persistent protection of your data.
New in Office 365 Message Encryption:
Making it easier for end user to send encrypted emails – As part of our integrated information protection investments, we are introducing rich new email encryption and rights protection capabilities in Office 365 Message Encryption that's built on top of Azure Information Protection. The new Office 365 Message Encryption capabilities make it easier to share protected emails with anybody – inside or outside your organization. For example, can now apply encryption to emails using Do Not Forward or other custom templates.
Secure collaboration outside the organization – Users can also apply rights management templates to emails sent outside the organization, enabling secure collaboration for B2B and B2C scenarios. We've improved the recipient experience and removed most hurdles required to read a protected message. Office 365 users can now read and reply to encrypted messages natively within their Outlook clients (desktop, Mac, web, iOS or Android mobile). Additionally, non-Office 365 users can authenticate and read protected messages using their Google or Yahoo identities, in addition to other options that's been previously available – a One-Time Passcode or a Microsoft Account.
Additional encryption key options – Lastly, for customers who need to provide their own encryption keys, Office 365 Message Encryption also provides the option for customer-managed keys which encrypts your email while in-transit. This is complementary to Customer Key which uses customer-managed keys for Office 365 data-at rest.
Setting up Office 365 Message Encryption is now even easier, and we can also support Exchange hybrid customers. If you have Office 365 E3 or E5 you can learn how to quickly get started here.
To learn more about the Office 365 Message Encryption updates, read the announcement blog.
Office 365 security management updates – We are making a few updates to Advanced Security Management to give you even better visibility and control over Office 365. To help organizations in the EU meet their compliance obligations, starting in October we will begin hosting Advanced Security Management in our EU datacenter region. We are also giving you additional visibility into the service by adding support for activities from Office 365 Threat Intelligence and Yammer (in preview). The signals from these services will be used to generate activity alerts and be factored into anomaly detection alerts. Lastly, to better align our Microsoft 365 investments, we are renaming Advanced Security Management to Office 365 Cloud App Security.
Make sure to visit the Security, Privacy and Compliance Tech Community throughout this week – we’ll be providing additional details on many of our announcements. If you haven’t already, join the community now to further evolve your organization’s security and compliance with these services and learn and contribute to security, privacy, and compliance best practices. The Tech Community is a great resource to communicate and learn from your peers—as well as offer your insights on the growing importance of security, privacy and compliance.
“Compliance Manager preview is a dashboard that provides a summary of your data protection and compliance stature and recommendations to improve data protection and compliance. This is a recommendation, it is up to you to evaluate its effectiveness in your regulatory environment prior to implementation. Recommendations from Compliance Manager preview should not be interpreted as a guarantee of compliance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.