SharePoint Stuff

Microsoft Purview

Updates listed under this heading combines the following products: Azure Information Protection, Microsoft compliance center, Information Protection, Microsoft Defender, Microsoft Intune, Security & Compliance center and Cloud App Security:

• Launched (4)
• Rolling out (2)
• In development (35)

🍾 LAUNCHED

• Microsoft Purview compliance portal: Data Lifecycle Management – Retention policy support for legacy Teams CDR messages – Retention policies for Microsoft Teams are being extended to include CDR messages (system-generated messages from Teams meetings). Up until now, only messages generated after October 2022 were supported for retention. This update extends coverage to messages created before October 2022, so that old and new are now supported in the same manner. Roadmap ID:106103
• Microsoft Purview compliance portal: Records Management advanced deployment guide – Expanding and distinguishing the tasks within the Data Lifecycle and Records Management advanced deployment guide based on licensing requirements. Roadmap ID:117373
• Microsoft Purview compliance portal: eDiscovery (Premium) – Review set: List page usability enhancements – Get a detailed view of all the jobs, collections and exports associated with a review set. Group and filter by columns such as date range to quickly take action on the review set of your interest. Roadmap ID:106104
• Microsoft Defender for Office 365: Alert for junk and not junk user report – With this change, Microsoft will start generating alerts when end user report an email message as junk or not junk. Roadmap ID:115510

🚂 ROLLING OUT

• Microsoft Purview compliance portal: eDiscovery (Premium) – Collections options settings enhancements (U.S. Government clouds) – Now eDiscovery admins can define default collection settings, enable eDiscovery managers to customize those defaults for each case and collection, and for each collection the eDiscovery manager can choose from a range of options to ensure the right content is collected per the requirements of the case. These options will include collection of cloud attachments, Teams as conversations, partially indexed items, and more. Roadmap ID:109543
• Microsoft Purview compliance portal: Data loss prevention – | Configure Power BI DLP policies to automatically detect upload of sensitive data to Power BI premium workspaces – DLP policies can be configured to automatically detect upload of sensitive data to Power BI premium workspaces and trigger custom policy tip for data owner and/or alert to security admin. Roadmap ID:115474

⌛ IN DEVELOPMENT

Rollout starts – May 2023

• 🆕 Microsoft Purview compliance portal: eDiscovery (Premium) – Enhanced support for Teams video clips – Now eDiscovery admins collecting Teams video clips will see the teams video clip as a separate video recording file attached to the Teams conversation where it was shared. This will enable review and export as mp4 files to help admins better understand the content and context of the video clips. Roadmap ID:124848
• 🆕 Microsoft defender for Office 365: Priority Account User tags filtering in the URL protection report – We are adding a new filter to the URL protection report that will allow security admins to easily filter for Users who are in the Priority Account tag of their organization. This capability will be extremely valuable in helping security teams prioritize focus on critical individuals within the organization while reviewing the URL threat details in the report. Roadmap ID:124852
• 🆕 Microsoft Purview compliance portal: Information Protection – Service side auto-labeling shows file labeling progress for turned on policies in SharePoint and OneDrive (U.S. Government clouds) – Service side auto-labeling will show files to be labeled, files labeled (past 7 days), and files labeled (total) for turned on policies in SharePoint and OneDrive. Clicking on the auto-labeling policy will show files to be labeled and files labeled (total) broken down by the different sites. If a policy includes Exchange as a location, the number of emails that were labeled won’t be displayed because labels are automatically applied as messages are sent. Roadmap ID:124850
• Microsoft Purview | Compliance Manager: Microsoft Defender for Cloud (MDC) integration – Compliance Manager now integrates with Microsoft Defender for Cloud, allowing customers to assess their compliance posture across Microsoft 365, Azure, Google Cloud Platform, and Amazon Web Services with resource-level testing and cloud-specific guidance. Roadmap ID:102404
• Microsoft Purview compliance portal: Insider Risk Management – User management Start/Stop scoring users (U.S. Government clouds) – The “Start scoring activity for users” feature will move from the Users page to the Policies page. Admins can use “Start scoring activity for users” on the Policies tab to manually add a user (or users) to one or more insider risk policies for a specific amount of time, to start assigning risk scores to their activity without a detected indicator. Roadmap ID:124778
• Microsoft Defender for Office 365: 100 Admin Submission at once – With this change, Admins can submit up to 100 emails from quarantine, Threat explorer and user report to Microsoft for analysis. Roadmap ID:115509
• Microsoft Purview compliance portal: eDiscovery (Premium) – Review set grouping usability enhancements – This feature aims to improve the user experience for reviewing and grouping related items in the eDiscovery (Premium) review sets. It includes a new interface for grouping family items for emails, documents, conversations, and attachments. It also includes a new interface for reviewing duplicates and related items together on a single page. Roadmap ID:115470
• Microsoft Purview compliance portal: eDiscovery (Standard) to eDiscovery (Premium) case upgrade tool  – This feature release enables users to move their existing eDiscovery (Standard) cases to the eDiscovery (Premium) new case format. Existing search and hold inside the case will be maintained. After upgrade, user has the ability to continue their work in the upgraded case following the eDiscovery (Premium) workflow pipeline.  Roadmap ID:106106
• Microsoft Purview compliance portal: eDiscovery (Premium) – Collections: Query builder enhancements – Updates to eDiscovery (Premium) query builder experience to add functionality and grouping for collection query building experiences. This enhancement will help build complex queries from scratch, validate them, and help to ensure correct content is being returned with the query inputs. Roadmap ID:100057
• Microsoft Purview | Data Lifecycle Management: Simulation mode for automatically applied retention labels – Records Management admins will be able to simulate the results of an auto-apply retention label policy. This feature allows admins to test the policy before deploying it in production. It will work with the Sensitive Information Type (SIT) and KQL properties policy types. Roadmap ID:98146
• Microsoft Purview compliance portal: Information Protection – Optical character recognition (OCR) in Exchange Online and Teams DLP – Optical character recognition (OCR) support extracts text from images and will help discover and protect sensitive data in images being shared in Exchange Online (EXO), and Teams Data Loss Prevention (DLP) policies. Roadmap ID:88860

Rollout starts – June 2023

• 🆕 Microsoft Purview compliance portal: Information Protection – Label footers enhancement for emails – When labels are configured to add footers, currently the footers accumulate at the very bottom of long email chains. This enhancement now adds footers at the bottom of the most recent reply instead of at the bottom of the whole email thread. Note that this feature supports emails formatted as HTML or PlainText. Support for Rich Text email formats is legacy and will not be improved in Outlook. For emails formatted as Rich Text, label footers will continue to accumulate at the bottom of email threads as before. Roadmap ID:124816
• 🆕 Microsoft Purview compliance portal: eDiscovery (Premium) – Enhanced support for Teams video clips (U.S. Government clouds) – Now eDiscovery admins collecting Teams video clips will see the teams video clip as a separate video recording file attached to the Teams conversation where it was shared. This will enable review and export as mp4 files to help admins better understand the content and context of the video clips. Roadmap ID:124849
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Bulk import and export of domains – This feature will allow admins to upload or download a CSV file of unallowed, allowed, and third-party domains defined by admins with the right permissions in insider risk settings to fine-tune the detection of activities involving certain domains. age security and compliance. Roadmap ID:124857
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Sensitivity label downgrade activities – Insider Risk Management can detect users downgrading sensitivity labels on files or SharePoint sites. age security and compliance. Roadmap ID:124860
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Site URL and keyword exclusions – Enable admins to reduce signal noise by configuring SharePoint site URLs and keywords exclusions, so activities involving these sites, or file names and email subject lines containing certain keywords won’t generate alerts. age security and compliance. Roadmap ID:124861
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Sensitive information type exclusion – Enable admins to reduce signal noise by defining sensitive information type exclusions, so files that contain certain sensitive information types won’t generate alerts. age security and compliance. Roadmap ID:124862
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – File path exclusions – Enable admins to reduce signal noise by configuring file path exclusions, so activities around files with specific file paths won’t generate alerts. age security and compliance. Roadmap ID:124863
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Peer group anomaly detection – With this update, Insider Risk Management can detect exfiltration anomalies when compared with users in similar groups or roles. Roadmap ID:124864
• Microsoft Purview compliance portal: Insider Risk Management – Enhanced alert experience – This update introduces enhancements to the alert overview page to provide explanation of why an alert was generated and to improve the ability to review the riskiest user activities in an alert. age security and compliance. Roadmap ID:117605
• Microsoft Purview compliance portal: Information Protection – Optical character recognition (OCR) support for SharePoint Online and OneDrive for Business  – With this update, you will be able to detect and protect sensitive content in images in SharePoint Online and OneDrive and subsequently apply DLP policies to prevent exfiltration of that sensitive data. This release supports key file types like JPG, JPEG, PNG, TIFF, and BMP. Roadmap ID:93233
• Microsoft Defender for Office 365: DMARC policy handling – We are working on improvements to the way that DMARC policy (reject/quarantine) handling is implemented within both consumer and enterprise services. Roadmap ID:117533
• Microsoft Purview compliance portal: Insider Risk Management – Deduplication of signals – A single user activity could generate duplicate signals used to identify insider risks, creating noisy alerts. With this update, signals will be de-duplicated, reducing noise in alerts without losing risk context. age security and compliance. Roadmap ID:115492
• Microsoft Purview | eDiscovery (Premium): Jobs report – eDiscovery administrators can access an aggregate report for all eDiscovery jobs across the tenant. This provides additional detail on the total number of jobs to ensure limits are not exceeded. Roadmap ID:101518
• Microsoft Purview | eDiscovery (Premium) Collections enhancement – Collect to Export – Now admins will be able to directly export a report or results of a Collection without adding to review set first. This will streamline processes for organizations who require ability to conduct analysis on item reports of relevant content and those who need to quickly get data from Microsoft 365 into the hands of audit or regulators. Roadmap ID:100055
• Microsoft Defender for Office 365: Tenant Allow/Block List Limit per SKU – Today, customers can only create 500 block and 500 allow entries in sender, URL and file category in Tenant allow/block list. Going ahead, customers with MDO P2 or E5 security can create 5000 allows and 10000 blocks in Tenant allow/block list for sender, URL and file category. Spoof in Tenant allow/block list will remain unaffected by this change and all SKUs will have 1024 entries for both allows and blocks. Roadmap ID:98185

Rollout starts – July 2023

• 🆕 Microsoft Purview compliance portal: Information Protection – Exact Data Match to support multi-token corroborative evidence – Exact Data Match (EDM) will support string match detection of multi-token (i.e., fields with multiple words separated by spaces or punctuation) corroborative evidence without requiring mapping Sensitive Information Types (SITs) to multi-token corroborative evidence fields. Roadmap ID:124847
• Microsoft Purview compliance portal: Data Loss Prevention – Optical character recognition (OCR) support for endpoint – With this update, you will be able to detect and protect sensitive content in images and subsequently apply DLP policies to prevent the exfiltration of that sensitive data on your Windows endpoint devices. This release supports key file types like JPG, JPEG, PNG, TIFF, BMP, and PDF (image only). Roadmap ID:106092

Rollout starts – September 2023

• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Activity explorer export limit increase – The activity explorer’s export limit will increase from 10K to 100K records. This update will benefit organizations that prefer exporting user activity insights to a CSV file, as they now can filter, sort, or pivot a bigger data set more conveniently. Roadmap ID:124858
• Microsoft Purview compliance portal: Communication Compliance – Ability to analyze Microsoft Teams meeting transcripts – Microsoft Purview Communication Compliance policies can be configured to analyze Microsoft Teams meeting transcripts for potential policy matches. Teams meeting transcripts are only generated when meeting organizers opt in to meeting recording. Roadmap ID:109534

Rollout starts – October 2023

• Microsoft Purview compliance portal: Data Lifecycle Management: New retention actions in Power Automate integration – We will release additional retention actions as part of the Power Automate integration with Microsoft Purview Records Management. You can now relabel a file or an email at the end of its retention period or apply a retention label to a file in SharePoint. You can also delete items in SharePoint, OneDrive, or Exchange with all executed retention actions recorded in the Microsoft Purview Audit log. Roadmap ID:117424
• Microsoft Purview compliance portal:  Data Lifecycle Management – Power Automate integration – Initiate a Power Automate workflow when the item reaches the end of its retention period. For example, execute a complex disposition approval process or move the file to an archive.  Roadmap ID:88816

Rollout starts – November 2023

• Microsoft Purview compliance portal: Data Lifecycle Management: New retention actions in Power Automate integration (U.S. Government clouds) – We will release additional retention actions as part of the Power Automate integration with Microsoft Purview Records Management. You can now relabel a file or an email at the end of its retention period or apply a retention label to a file in SharePoint. You can also delete items in SharePoint, OneDrive, or Exchange with all executed retention actions recorded in the Microsoft Purview Audit log. Roadmap ID:117425
• Microsoft Purview compliance portal: Data Lifecycle Management – Power Automate integration (U.S. Government clouds) – Initiate a Power Automate workflow when the item reaches the end of its retention period. For example, execute a complex disposition approval process or move the file to an archive. Roadmap ID:117523

Rollout starts – February 2024

• Microsoft Purview compliance portal : Insider Risk Management – Real-time policy tuning analysis – Policy tuning analysis provides admins with a real-time prediction based on the number of users that could match a given set of policy conditions. It helps organizations efficiently adjust the selection of indicators and thresholds of activity occurrence, so they don’t have too few or too many alerts from a policy. Roadmap ID:122280

---