SharePoint Stuff

Microsoft Information Protection

Updates listed under this heading combines the following products: Azure Information Protection, Microsoft compliance center, Information Protection, Microsoft Defender, Microsoft Intune, Security & Compliance center and Cloud App Security:

• Launched (4)
• Rolling out (5)
• In development (13)

🍾 LAUNCHED

• Microsoft 365 compliance center: Microsoft Purview | Data loss prevention – Customizable DLP policy violation justification (U.S. Government clouds) – You can customize and replace the out-of-the-box justifications with your organization’s own text to better define the type and scope override. Roadmap ID:93376
• Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management – Enhancement to Insider risk audit logs – Additional audit of events included in the Insider risk audit logs including activities within Content Explorer, Activity Explorer, and User Timeline. Roadmap ID:88901
• Microsoft Defender for Office 365: Support DKIM Domain as Sending Infrastructure for Spoof intelligence management – For Microsoft Defender for Office 365 and Exchange Online Protection, we are adding support for providing “DKIM verified domain” as the “Sending Infrastructure” within Tenant allow-block lists-Spoofing, so that Security Administrators can better manage Anti-Spoofing activity and override it based on Spoof Intelligence. Currently, what is supported in this field is either the domain from DNS PTR record or /24 IP Subnet. Additionally, being able to specify a ‘DKIM verified domain’ will help serve scenarios where shared infrastructure provider services are used for sending emails. Since the DKIM domain is unique to each tenant and if it passes verification even when other authentication signals fail, if desired for legitimate business reasons, a spoofed message can still be allowed instead of being blocked.  Roadmap ID:93359
• Microsoft Information Protection: Microsoft Purview | Configure Teams DLP policies to automatically protect files shared in Teams messages (US Government clouds) – New and existing Teams DLP policies can be configured to automatically protect files shared in Teams private chats and channel messages. Roadmap ID:88939

🚂 ROLLING OUT

• Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Support for Graph Connectors content – Microsoft 365 admins can now connect third-party applications into their environments via Graph Connectors. With this update this content will now be available for eDiscovery workflows including collections, review, and export. Roadmap ID:93414
• Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Collections and processing enhancement (US Government clouds) – Enhancements to the eDiscovery (Premium) Collections and Processing experience with three core updates, including updates to embedded items handling, a new collection setting to include partially indexed items, and additional document metadata for SharePoint content. Roadmap ID:88923
• Microsoft Defender for Office 365: Quarantine asynchronous update [stage one] – Microsoft Defender for Office 365 is working to enable additional quarantine enhancements, like partial string search functionality and 1,000 message bulk operation support in quarantine. As a result, we’ll be making adjustments to the release process through an asynchronous approach. the first stage will be the introduction of the asynchronous updates and the second stage will the introduction of enhancement features such as partial string search and 1,000 message bulk support. Roadmap ID:93303
• Microsoft 365 compliance center: Microsoft Purview | Insider Risk Management integration with Power Automate – Insider Risk Management integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Roadmap ID:93307
• Microsoft Defender for Office 365: Security Threat Submission API – The current InformationProtection/Threat Assessment API does not support setting up end user reporting experiences and triaging samples reported by a user.  The new Security Threat Submission API will address these scenarios and further improve existing capabilities. It was created using the Microsoft Graph Platform. The current API will continue to exist for several years to ensure existing processes are not affected, with eventual deprecation. Roadmap ID:93364

⌛ IN DEVELOPMENT

Release – August 2022

• Microsoft Purview | Information protection: Co-authoring on encrypted documents on Mobile – Multiple authors can edit labeled and protected documents in Word, Excel, and PowerPoint simultaneously, frictionless, and with auto-save, as if they were regular documents. Roadmap ID:98089

Release – September 2022

• 🆕 Microsoft Purview | Information Protection: Exact Data Match to support 10 primary (searchable or indexed) fields – Organizations will be able to configure Exact Data Match (EDM) Sensitive Information Types (SITs) to include up to 10 primary fields (current limit is 5), providing customers more flexibility in configuring EDM. Roadmap ID:98094
• 🆕 Microsoft Defender for Office 365: Enforce authentication to pass on AntiSpam allowed domains & senders for Spoof protection – Currently, EOP and MDO tenant administrators can specify domains and senders to be allowed using Anti-Spam policy. However, these domains and senders can be easily spoofed by attackers. We are making changes to improve the security of sender and domain allows defined in the Antispam policy and within user allow lists so that they require the domain or sender to pass authentication in order for the allow to be honored. The change only impacts messages that are considered to be internal, that is, the sender or domain is defined as an accepted domain in your organization. All other messages are handled as they are today. Roadmap ID:93436
• Microsoft Defender for Office 365: Alert policies in government clouds – We are enhancing the existing Microsoft Defender for Office 365 alert policy (A potentially malicious URL click was detected). Roadmap ID:93432
• Microsoft Defender for Office 365: Anti-malware policy notifications in government clouds – The anti-malware policy can be configured with recipient and sender notifications when a message is quarantined. We are redesigning this notifications option and delivery. Roadmap ID:93433
• Microsoft Defender for Office 365: Updates to the common attachment filter in the anti-malware policy in government clouds – We are enhancing the common attachments filter (Anti-malware policy) to expand list of available file types and also manage custom file types in the portal.  Roadmap ID:93431

Release – October 2022

• Microsoft 365 compliance center: Microsoft Purview | eDiscovery Premium – Collections progress, statistics, and workflow enhancements – Now eDiscovery admins can understand the progress of Collections, statistics on what content contributed to changes between estimated items with hits and actual collected items, as well as commit the collection directly from the estimate without navigating through the entire collection wizard. Roadmap ID:93380
• Microsoft Information Protection: Microsoft Purview | Named entities sensitive information types (SITs) and policy authoring templates – Named entities are sensitive information types (SITs) that can’t easily be identified by a regular expression or a function; these include person names, physical addresses, and medical terms & conditions. This update adds 52 new SITs representing named entities and 10 enhanced policy templates that can be used in solutions such as Data Loss Prevention (DLP) and auto-labeling, and cover important regulations, such as US Health Insurance Portability and Accountability Act (HIPAA) and European Union (EU) General Data Protection Regulation (GDPR). Roadmap ID:82116

Release – November 2022

• Microsoft Information Protection: Microsoft Purview | Auto labeling (for files at rest in SharePoint Online) can now label PDF files – This feature enables you to label PDF files at rest via the auto-labeling engine as you would Word, Excel, or PowerPoint files. Roadmap ID:85618

Release – January 2023

• 🆕 Microsoft Information Protection: Microsoft Purview | Information Protection – New Credentials SITs (U.S. Government clouds) – The addition of new Credentials Sensitive Information Types (SITs) will allow your company to detect individual credential patterns (access keys, tokens, general passwords, etc.). Additionally, we will be offering a SIT which bundles all individual credential types for more holistic detection. Roadmap ID:93265
• Microsoft 365 compliance center: Microsoft Purview | eDiscovery (Premium) – Discover only the document version that has been shared – Many customers often consider shared documents or cloud attachments as a form of communication, and therefore are required to preserve and make that content discoverable. While end users benefit from quickly sharing files for visibility and collaboration, this practice has been challenging for eDiscovery and legal professionals. To help customers efficiently meet their regulatory obligations for discovery, eDiscovery (Premium) plans to support the ability to discover the version of the document at the time that it was shared. This helps ensure that the correct document information is available to eDiscovery processes. Roadmap ID:70718
• Microsoft 365 compliance center: Microsoft Purview | Data Lifecycle Management – Auto-labeling of cloud attachments – This update enables organizations to automatically apply retention labels to the version of files shared as cloud attachments, which are live links of SharePoint or OneDrive content that can be shared via emails or Teams messages. Roadmap ID:70580

Release – March 2023

• 🆕 Microsoft Purview | eDiscovery (Premium): eDiscovery guest reviewer – This feature enables secure and convenient external guest reviewer access to eDiscovery (Premium) review sets within a case. This feature empowers eDiscovery (Premium) admins and managers to follow more traditional collaboration practices that will boost confidence and workflow defensibility by allowing outside counsel to cooperate more directly without increasing cost or risk. Roadmap ID:98093

---