General Availability: Purview Customer Key Using Managed HSM
We are excited to announce the general availability of Purview Customer Key using Managed HSM. This new feature enhances your data security by allowing you to manage and control your own encryption keys using Azure Managed HSM. This release is the result of the efforts Microsoft 365 Data-At-Rest Encryption Engineering team. With Customer Key using Managed HSM, you can: Achieve higher security: Managed HSM provides dedicated, FIPS 140-2 Level 3 validated hardware for key protection, offering enhanced security over standard Azure Key Vaults. Ensure compliance: Meet stringent regulatory and compliance requirements with the advanced security features of Managed HSM. Maintain control: Enjoy full control over your encryption keys, including key lifecycle management, within a highly secure, tamper-resistant environment. Enhance performance: Benefit from the high availability and scalability of Managed HSM for critical workloads. Purview Customer Key now supports three different options for key storage including Standard Azure Key Vault, Premium Azure Key Vault and Managed HSM. For more details about the differences between these options, see How to choose the right key management solution. Start leveraging the enhanced security and compliance benefits of Customer Key using Managed HSM today. For more information, visit Set Up Customer Key or learn more about Azure Key Vault and Managed HSM. With Gratitude, M365 Data-at-Rest Encryption
Meaning of 365 Mail Security's "SFS" Header Field
I've seen quite a few threads in various forums with this question. I'm trying to troubleshoot a message that was quarantined. The provided information doesn't contain any justification for the spam verdict. There is one field that might have an answer, however I can't find any official documentation on it. That's the SFS field. This page: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/message-headers-eop-mdo?view=o365-worldwide contains definitions for all of the header fields *except* the SFS field. The SFS field contains nothing but a long list of numerical codes. I'm inclined to think that these codes represent the reasons a message was marked spam. I saw a request for a list of definitions for the SFS codes in GitHub that was marked "resolved," "merged," and then deleted. That's concerning because the ticket it was merged into had a link to the document, but did not contain the requested information after all. I'm going to just assume it was an oversight on the part of tech working on the documentation: https://webcache.googleusercontent.com/search?q=cache:bMqVZtmJ-eUJ:https://github.com/MicrosoftDocs/microsoft-365-docs/issues/740&hl=en&gl=us Any chance we can get some information on the SFS field in order to properly troubleshoot quarantined messages? It seems pretty important, and really strange that the info is so hard to find.
