SharePoint Stuff

Microsoft Purview

Updates listed under this heading combines the following products: Azure Information Protection, Microsoft compliance center, Information Protection, Microsoft Defender, Microsoft Intune, Security & Compliance center and Cloud App Security:

• Launched (3)
• Rolling out (4)
• In development (37)

🍾 LAUNCHED

• Microsoft Defender for Office 365: DMARC aggregate reports for enterprise – As part of the DMARC standard the owner of the domain can request reports about how receivers viewed their traffic which will help the domain owners adjust their sender authentication configurations so they can get to an actionable DMARC policy.  This feature will be available for all EOP customers Roadmap ID:109535
• Microsoft Purview | Information Protection: Exact Data Match to support up to 500 EDM evaluations – Organizations will be able to configure policies for solutions where EDM is supported, such as Data Loss Prevention, with Min and Max unique instance counts up to 500, aligning instance count supported with other Sensitive Information Types, such as U.S. Social Security Number (SSN). Note that there is no change for the support of the value Any, which remains an option for Max instance count. Roadmap ID:100712
• Microsoft Defender for Office 365: Evaluations in audit mode – We are adding several new capabilities to our audit mode, which is used to evaluate Defender for Office 365 through a trial or a subscription that includes Defender for Office 365 Plan 2. 1) Security Administrators can now turn on/off specific evaluation policies. 2) You can now evaluate domain and user impersonation protection in audit mode where no action on messages will be taken. 3) If your organization’s MX is pointed to a 3rd party email filtering provider and you want to evaluate spoof filtering in Defender for Office 365, you will be able to do so in audit mode where no action, such as send to junk/quarantine, on messages will be taken. Roadmap ID:103636

🚂 ROLLING OUT

• Microsoft Defender for Office 365: Upcoming Changes to Intra-Org Messages – This change will modify logging and handling of intra-org messages. Roadmap ID:117487
• Microsoft Graph: Microsoft Purview | Data Lifecycle Management – Microsoft Graph APIs to manage retention labels and event-based retention – The first release of Graph APIs for Microsoft Purview Data Lifecycle Management will enable organizations to create and manage retention labels, events, and event types for event-based retention. Roadmap ID:88276
• Microsoft Purview compliance portal: Data Lifecycle Management – Disposition review: Export of items pending review using a cmdlet – This change will enable admins to export the list of items pending disposition review or disposed items for a label using a PowerShell cmdlet without the 50,000-item limitation that applies to exporting via the UX. Roadmap ID:106102
• Microsoft Defender for Office 365: Introducing the new post-delivery activities report – The post-delivery activities report will display all the ZAP activities that occurred in your tenant. Roadmap ID:117516

⌛ IN DEVELOPMENT

Rollout starts – April 2023

• 🆕 Microsoft Purview compliance portal: Endpoint Data Loss Prevention – Detect sensitive files that are encrypted, or password protected – With this capability, your DLP policies will be able to detect the presence of, and prevent password protected Microsoft Office, PDF, and archive files on Windows endpoint devices from unauthorized use. Roadmap ID:124790
• Microsoft Purview compliance portal: Records Management advanced deployment guide – Expanding and distinguishing the tasks within the Data Lifecycle and Records Management advanced deployment guide based on licensing requirements. Roadmap ID:117373
• Microsoft Purview compliance portal: eDiscovery – Certificate based authentication support for eDiscovery PowerShell cmdlets – Official support for eDiscovery PowerShell cmdlet with certificate-based authentication (CBA).Roadmap ID:106112
• Microsoft Purview compliance portal: eDiscovery (Premium) – Collections options settings enhancements (U.S. Government clouds) – Now eDiscovery admins can define default collection settings, enable eDiscovery managers to customize those defaults for each case and collection, and for each collection the eDiscovery manager can choose from a range of options to ensure the right content is collected per the requirements of the case. These options will include collection of cloud attachments, Teams as conversations, partially indexed items, and more. Roadmap ID:109543
• Microsoft Purview | eDiscovery (Premium) Collections enhancement – Collect to Export – Now admins will be able to directly export a report or results of a Collection without adding to review set first. This will streamline processes for organizations who require ability to conduct analysis on item reports of relevant content and those who need to quickly get data from Microsoft 365 into the hands of audit or regulators. Roadmap ID:100055
• Microsoft Purview compliance portal:  eDiscovery Premium – Collections progress, statistics, and workflow enhancements (DoD) – Now eDiscovery admins can understand the progress of Collections, statistics on what content contributed to changes between estimated items with hits and actual collected items, as well as commit the collection directly from the estimate without navigating through the entire collection wizard. Roadmap ID:93382

Rollout starts – May 2023

• 🆕 Microsoft Defender for Office 365: End user can report from shared/delegate mailbox – End users can report messages from online shared/delegate mailbox using in-built report buttons in Outlook on the Web. Roadmap ID:115507
• 🆕 Outlook: Outlook on the web – Phishing/Junk Reporting popups integrated with Microsoft Defender for Office 365 – The popup content displayed while reporting using phishing/junk actions in Outlook on the web can be controlled by admins using User Reported Settings in security.microsoft.com. Admins will be able to customize text and other aspects of phishing/junk pre and post reporting popups. Roadmap ID:115508
• 🆕 Microsoft Purview compliance portal: eDiscovery (Premium) – Enhancements for eDiscovery support of Loop content – Now eDiscovery admins can review Loop components created in Outlook or Teams within eDiscovery (Premium) as rendered HTML files to help understand the content that has been created within the Loop component. Once the component has been reviewed, it can then be exported as an HTML file to meet the requirements of the case. Roadmap ID:122287
• Microsoft Purview compliance portal: Insider Risk Management – Policy wizard enhancements – The Insider Risk Management policy wizard will be revised to help simplify configuration of indicators, sequence detection, cumulative exfiltration detection, and risk score boosters.   Roadmap ID:122283
• Microsoft Purview compliance portal : Insider Risk Management – Quick Policies enhancements – Enhancements to Insider Risk Management quick policies onboarding experience will enable administrators to create a policy with a new one-step process.    Roadmap ID:122284
• Microsoft Purview compliance portal : Insider Risk Management – Recommended actions enhancements – Recommended actions enhancements will include the ability to turn on weekly or daily email notifications for key events such as high severity alerts and all warnings summary along with additional suggestions to help optimize policy configurations.  Roadmap ID:122285
• Microsoft Purview compliance portal: Communication Compliance – New built-in trainable and global classifiers (U.S. Government clouds) – This update includes new classifiers for use in Communication Compliance policies, including Corporate sabotage, Gifts & entertainment, Money laundering, Regulatory collusion, Stock manipulation, and Unauthorized disclosure. ring of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy. Roadmap ID:109531
• Microsoft Purview | eDiscovery (Premium): Jobs report – eDiscovery administrators can access an aggregate report for all eDiscovery jobs across the tenant. This provides additional detail on the total number of jobs to ensure limits are not exceeded. Roadmap ID:101518
• Microsoft Purview | Communication Compliance Corporate sabotage classifier – Detects messages that may mention acts to damage or destroy corporate assets or property. This classifier can help customers manage regulatory compliance obligations such as NERC Critical Infrastructure Protection standards or state by state regulations like Chapter 9.05 RCW in Washington state. Roadmap ID:93253
• Microsoft Purview | Communication Compliance Gifts and entertainment classifier – Detects messages that may suggest exchanging gifts or entertainment in return for service, which violates regulations related to bribery.This classifier can help customers manage regulatory compliance obligations such as Foreign Corrupt Practices Act (FCPA), UK Bribery Act, and FINRA Rule 2320. Roadmap ID:93254
• Microsoft Purview | Communication Compliance Money laundering classifier – Detects signs that may suggest money laundering or engagement in acts to conceal or disguise the origin or destination of proceeds. This classifier can help customers manage regulatory compliance obligations such as the Bank Secrecy Act, the USA Patriot Act, FINRA Rule 3310 and Anti-Money Laundering Act of 2020. Roadmap ID:93255
• Microsoft Purview | Communication Compliance Stock manipulation classifier – Detects signs of possible stock manipulation, such as recommendations to buy, sell, or hold stocks that may suggest an attempt to manipulate the stock price. This classifier can help customers manage regulatory compliance obligations such as the Securities Exchange Act of 1934, FINRA Rule 2372, and FINRA Rule 5270. Roadmap ID:93256
• Microsoft Purview | Communication Compliance Unauthorized disclosure classifier – Detects sharing of information containing content that is explicitly designated as confidential or internal to unauthorized individuals. This classifier can help customers manage regulatory compliance obligations such as FINRA Rule 2010 and SEC Rule 10b-5. Roadmap ID:93257
• Microsoft Purview | Communication Compliance Regulatory collusion classifier – Detects messages that may violate regulatory anti-collusion requirements such as an attempted concealment of sensitive information. This classifier can help customers manage regulatory compliance obligations such as the Sherman Antitrust Act, Securities Exchange Act 1933, Securities Exchange Act of 1934, Investment Advisers Act of 1940, Federal Commission Act, and Robinson-Patman Act. Roadmap ID:93258

Rollout starts – June 2023

• Microsoft Purview compliance portal: Insider Risk Management – Physical access indicators and connectors – This feature allows admins to define priority physical assets. With priority physical assets enabled and the physical badging data connector configured, Insider Risk Management can correlate signals from an organization’s physical control and access systems with other user activities to help make more informed response decisions for alerts. Roadmap ID:117607
• Microsoft Purview compliance portal: Data Lifecycle Management: New retention actions in Power Automate integration – We will release additional retention actions as part of the Power Automate integration with Microsoft Purview Records Management. You can now relabel a file or an email at the end of its retention period or apply a retention label to a file in SharePoint. You can also delete items in SharePoint, OneDrive, or Exchange with all executed retention actions recorded in the Microsoft Purview Audit log. Roadmap ID:117424
• Microsoft Purview compliance portal: Information Protection – New contextual predicates in service-side auto-labeling – This feature will support adding the following new contextual based predicates to auto-labeling: Document property is; File extension is; Document size equals or is greater than; Document created by (only available in advanced rules in OneDrive and SharePoint locations); Document name contains words or phrases. Roadmap ID:117536
• Microsoft Purview compliance portal: eDiscovery (Premium) – Export API – The Export function plays an integral role in eDiscovery. After a review set is added, with use of this Export API, organizations can create export jobs and get the download URL to successfully download the export created in a programmatic manner. This API will enable external applications and partners to successfully integrate the eDiscovery export function through scripting. Roadmap ID:117508
• Microsoft Purview compliance portal: Insider Risk Management – File type exclusion in email attachments – Admins can configure file type exclusions from Insider Risk Management policies, though by default these exclusions do not apply to email attachments. With this update, the file type exclusion will extend to email attachments to help reduce noisy signals. age security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID:115494
• Microsoft Purview compliance portal: eDiscovery (Premium) – Enhancements for Teams meeting recordings & videos stored in OneDrive & SharePoint – Enhancements to Teams meeting recording & video files in OneDrive & SharePoint to improve management within eDiscovery workflows. Including collection and review of metadata associated to Teams meeting recordings and video files in OneDrive and SharePoint including transcripts/captions, chapters, and custom thumbnails. Roadmap ID:106101
• Microsoft Purview | eDiscovery (Premium): Jobs report (U.S. government clouds) – eDiscovery administrators can access an aggregate report for all eDiscovery jobs across the tenant. This provides additional detail on the total number of jobs to ensure limits are not exceeded. Roadmap ID:101525
• Microsoft Purview | eDiscovery (Premium) Collections enhancement – Collect to Export (U.S. Government clouds) – Now admins will be able to directly export a report or results of a Collection without adding to review set first. This will streamline processes for organizations who require ability to conduct analysis on item reports of relevant content and those who need to quickly get data from Microsoft 365 into the hands of audit or regulators. Roadmap ID:100056
• Microsoft Purview compliance portal:  eDiscovery (Premium) – Support for Graph Connectors content – Microsoft 365 admins can now connect third-party applications into their environments via Graph Connectors. With this update this content will now be available for eDiscovery workflows including collections, review, and export. Roadmap ID:93414
• Microsoft Purview compliance portal:  eDiscovery (Premium) – Identify Teams as data sources – Simplified picking of relevant Teams and channels (standard, private, and shared) to intelligently identify associated custodian mailboxes, group mailboxes, OneDrive for Business accounts, and SharePoint sites that may contain Teams data that’s relevant to your case.  Roadmap ID:88815
• Microsoft Purview compliance portal: Information Protection – | Named entities sensitive information types (SITs) and policy authoring templates – Named entities are sensitive information types (SITs) that can’t easily be identified by a regular expression or a function; these include person names, physical addresses, and medical terms & conditions. This update adds 52 new SITs representing named entities and 10 enhanced policy templates that can be used in solutions such as Data Loss Prevention (DLP) and auto-labeling, and cover important regulations, such as US Health Insurance Portability and Accountability Act (HIPAA) and European Union (EU) General Data Protection Regulation (GDPR). Roadmap ID:82116
• Microsoft Purview compliance portal:  Insider Risk Management – Increased set of first-party indicators – Insider Risk Management will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Defender for Cloud Apps. Roadmap ID:83966

Rollout starts – July 2023

• Microsoft Purview compliance portal: eDiscovery (Standard) to eDiscovery (Premium) case migration tool (U.S. Government clouds) – This feature release enables user to move their existing eDiscovery Standard case to eDiscovery Premium’s new case format. Existing search and hold inside the case will be maintained. After migration, user has the ability to continue their work in the migrated case following eDiscovery Premium’s workflow pipeline. Roadmap ID:109542

Rollout starts – August 2023

• Microsoft Purview compliance portal:  eDiscovery (Premium) – Expanded support to search and export items in SharePoint and OneDrive for Business Recycle Bin – Traditionally, when a site is on hold, the files in the Recycle Bin would be stored in the Preservation Hold library. In cases when a site is not on hold, there is no way to search or export items in the Recycle Bin. The eDiscovery and SharePoint Online teams are making architectural changes that will make the Recycle Bin (both first stage and second stage Recycle Bins) in SharePoint Online and OneDrive for Business searchable and exportable by eDiscovery Managers. That means organizations can search and export items in the Recycle Bin regardless of whether a site is on hold or not. Roadmap ID:67092

Rollout starts – September 2023

• Microsoft Purview compliance portal: eDiscovery (Premium) – Export API (U.S. Government clouds) – The Export function plays an integral role in eDiscovery. After a review set is added, with use of this Export API, organizations can create export jobs and get the download URL to successfully download the export created in a programmatic manner. This API will enable external applications and partners to successfully integrate the eDiscovery export function through scripting. Roadmap ID:117509

Rollout starts – October 2023

• Microsoft Purview compliance portal:  eDiscovery (Premium) – Expanded support to search and export items in SharePoint and OneDrive for Business Recycle Bin (US Government clouds) – Traditionally, when a site is on hold, the files in the Recycle Bin would be stored in the Preservation Hold library. In cases when a site is not on hold, there is no way to search or export items in the Recycle Bin. The eDiscovery and SharePoint Online teams are making architectural changes that will make the Recycle Bin (both first stage and second stage Recycle Bins) in SharePoint Online and OneDrive for Business searchable and exportable by eDiscovery Managers. That means organizations can search and export items in the Recycle Bin regardless of whether a site is on hold or not.  Roadmap ID:93188

Rollout starts – February 2024

• Microsoft Purview compliance portal : Insider Risk Management – Real-time policy tuning analysis – Policy tuning analysis provides admins with a real-time prediction based on the number of users that could match a given set of policy conditions. It helps organizations efficiently adjust the selection of indicators and thresholds of activity occurrence, so they don’t have too few or too many alerts from a policy. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Roadmap ID:122280

---