SharePoint Stuff

Microsoft Purview

Updates listed under this heading combines the following products: Azure Information Protection, Microsoft compliance center, Information Protection, Microsoft Defender, Microsoft Intune, Security & Compliance center and Cloud App Security:

• Launched (17)
• Rolling out (1)
• In development (25)

🍾 LAUNCHED

•  Microsoft Purview compliance portal: Insider Risk Management – Alert triage improvements – user context during alert review – While reviewing an alert, analysts and investigators can quickly reference more user context details, such as the detected event and the activities that generated the alert. These additional details can provide context that may be relevant to determining if an alert should be escalated for further investigation. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=117602
• Microsoft Purview compliance portal: Insider Risk Management – Enhanced alert experience – This update introduces enhancements to the alert overview page to provide explanation of why an alert was generated and to improve the ability to review the riskiest user activities in an alert. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=117605
• Microsoft Purview compliance portal: Insider Risk Management – Policy customization from alert review experience – This feature allows admins to customize an Insider Risk Management policy and adjust policy thresholds from within the alert review experience instead of going through the policy configuration wizard, so customization decisions can be made in the context of alert review activities. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=117608
• Microsoft Purview | Communication Compliance Corporate sabotage classifier – Detects messages that may mention acts to damage or destroy corporate assets or property. This classifier can help customers manage regulatory compliance obligations such as NERC Critical Infrastructure Protection standards or state by state regulations like Chapter 9.05 RCW in Washington state. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93253
• Microsoft Purview | Communication Compliance Gifts and entertainment classifier – Detects messages that may suggest exchanging gifts or entertainment in return for service, which violates regulations related to bribery. This classifier can help customers manage regulatory compliance obligations such as Foreign Corrupt Practices Act (FCPA), UK Bribery Act, and FINRA Rule 2320. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93254
• Microsoft Purview | Communication Compliance Money laundering classifier – Detects signs that may suggest money laundering or engagement in acts to conceal or disguise the origin or destination of proceeds. This classifier can help customers manage regulatory compliance obligations such as the Bank Secrecy Act, the USA Patriot Act, FINRA Rule 3310 and Anti-Money Laundering Act of 2020. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93255
• Microsoft Purview | Communication Compliance Stock manipulation classifier – Detects signs of possible stock manipulation, such as recommendations to buy, sell, or hold stocks that may suggest an attempt to manipulate the stock price.This classifier can help customers manage regulatory compliance obligations such as the Securities Exchange Act of 1934, FINRA Rule 2372, and FINRA Rule 5270. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93256
• Microsoft Purview | Communication Compliance Unauthorized disclosure classifier – Detects sharing of information containing content that is explicitly designated as confidential or internal to unauthorized individuals.This classifier can help customers manage regulatory compliance obligations such as FINRA Rule 2010 and SEC Rule 10b-5. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93257
• Microsoft Purview | Communication Compliance Regulatory collusion classifier – Detects messages that may violate regulatory anti-collusion requirements such as an attempted concealment of sensitive information.This classifier can help customers manage regulatory compliance obligations such as the Sherman Antitrust Act, Securities Exchange Act 1933, Securities Exchange Act of 1934, Investment Advisers Act of 1940, Federal Commission Act, and Robinson-Patman Act. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93258
• Microsoft Purview compliance portal: Communication Compliance – New built-in trainable and global classifiers (U.S. Government clouds) – This update includes new classifiers for use in Communication Compliance policies, including Corporate sabotage, Gifts & entertainment, Money laundering, Regulatory collusion, Stock manipulation, and Unauthorized disclosure. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=109531
• Microsoft Purview compliance portal: eDiscovery (Premium) – Review set grouping usability enhancements – This feature aims to improve the user experience for reviewing and grouping related items in the eDiscovery (Premium) review sets. It includes a new interface for grouping family items for emails, documents, conversations, and attachments. It also includes a new interface for reviewing duplicates and related items together on a single page. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115470
• Microsoft Defender for Office 365: End user can report from shared/delegate mailbox – End users can report messages from online shared/delegate mailbox using in-built report buttons in Outlook on the Web. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115507
• Microsoft Purview compliance portal : Insider Risk Management : Policy management experience updates (U.S. Government clouds) – Policy management experience will include a new policy health warning that prioritizes urgent actions to improve policy health. This update also includes a new entry point to quickly launch the policy wizard. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=122282
• Microsoft Purview compliance portal: Insider Risk Management – User management Start/Stop scoring users (U.S. Government clouds) – The “Start scoring activity for users” feature will move from the Users page to the Policies page. Admins can use “Start scoring activity for users” on the Policies tab to manually add a user (or users) to one or more insider risk policies for a specific amount of time, to start assigning risk scores to their activity without a detected indicator. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124778
• Microsoft Defender for Office 365: Auto allow of third-party phish simulation URLs in email message body – We’re enabling automatic allow of URLs present in the email message body for third-party phishing simulation campaigns. With this update, security admins no longer need to configure simulation URLs to allow in the advanced delivery policy as previously required in order to ensure URLs are not blocked/detonated at time of click. These URLs will now be automatically allowed as part of the advanced delivery email message allow. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124820
• Microsoft Purview compliance portal:  Data Lifecycle Management – Auto-labeling of cloud attachments – This update enables organizations to automatically apply retention labels to the version of files shared as cloud attachments, which are live links of SharePoint or OneDrive content that can be shared via emails or Teams messages. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=70580
• Microsoft Purview compliance portal:  eDiscovery (Premium) – Discover only the document version that has been shared – Many customers often consider shared documents or cloud attachments as a form of communication, and therefore are required to preserve and make that content discoverable. While end users benefit from quickly sharing files for visibility and collaboration, this practice has been challenging for eDiscovery and legal professionals. To help customers efficiently meet their regulatory obligations for discovery, eDiscovery (Premium) plans to support the ability to discover the version of the document at the time that it was shared. This helps ensure that the correct document information is available to eDiscovery processes. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=70718

🚂 ROLLING OUT

• Microsoft Purview compliance portal: Data Lifecycle Management – Disposition review auto-approval – Admins can enable automatic approval of items pending disposition if the reviewer doesn’t act within a specified number of days. Items will advance to the next stage of approval or auto-approved for deletion if in the final stage. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124798

⌛ IN DEVELOPMENT

Rollout starts – June 2023

• 🆕 Microsoft Purview Information Protection: Sensitivity label required to restrict permissions for labeling-enabled users – Users with sensitivity labels available will no longer be able to restrict permissions without a label in most cases. Entry points to the legacy Set Permissions dialog will redirect to a sensitivity labeling dialog, where users can select an appropriate label to restrict permissions. UX allowing users to remove encryption or permission information without changing the sensitivity label will also be removed. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=109532
• 🆕 Microsoft Purview compliance portal: eDiscovery (Premium) – Tag templates and review set tagging usability enhancements – Streamline your review process with our refined tagging experience, designed to simplify your workflow. Leverage the tenant level tagging templates to easily manage your organization’s tagging needs. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124962
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Sequence and anomaly detection in insider risk analytics – With this update, insider risk analytics now includes sequence and anomaly detection indicators, providing more comprehensive and effective insights. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124967
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Recommended thresholds by insider risk analytics – With this update, admins can receive recommended thresholds for insider risk policies, including potential data leak and data theft by departing employee policies, by leveraging the insights from insider risk analytics. By using these recommended thresholds, admins can improve the effectiveness of policies and generate an optimal number of alerts. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124968
• 🆕 Microsoft Purview compliance portal: Insider Risk Management – Analytics email digest – With this update, admins with appropriate permissions will receive a monthly email summarizing the latest insider risk analytics insights scanned from the environment. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124969
• Microsoft Purview compliance portal: eDiscovery (Premium) – Enhanced support for Teams video clips – Now eDiscovery admins collecting Teams video clips will see the teams video clip as a separate video recording file attached to the Teams conversation where it was shared. This will enable review and export as mp4 files to help admins better understand the content and context of the video clips. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124848
• Microsoft Purview compliance portal: eDiscovery (Premium) – Enhanced support for Teams video clips (U.S. Government clouds) – Now eDiscovery admins collecting Teams video clips will see the teams video clip as a separate video recording file attached to the Teams conversation where it was shared. This will enable review and export as mp4 files to help admins better understand the content and context of the video clips. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124849
• Microsoft Defender for Office 365: Enabling malware filter bypass for SecOps Mailboxes – We are adding the ability for security admins and security operations (SecOps) teams to triage messages with malware verdicts for their own review and analysis. This update enables malware filter bypass on messages delivered to configured SecOps mailboxes in the advanced delivery policy. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124818
• Microsoft Purview compliance portal: Data Loss Prevention – Visibility into configuration and policy sync status of devices – Provide visibility to admins about configuration status and solution health in addition to providing policy update sync status. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=109584
• Microsoft Purview compliance portal : Insider Risk Management – New alerts report (U.S. Government clouds) – The new alerts report summarizes alert status to help you readily identify the number of alerts with “Needs Review” status that still require action. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=122281
• Microsoft Purview | Information Protection: Configure policy tips as popups for labeled emails and attachments – Configure DLP rules that display warnings in a popup dialog before sending emails. With this capability, admins can set up rules to provide warnings, require business justifications, or request explicit acknowledgements before sending emails. Furthermore, admins can customize a Compliance URL within a DLP rule, ensuring that end users receive valuable guidance through the popup.  Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=100157
• Microsoft Purview | Endpoint DLP – Advanced classification scanning and protection (U.S. Government clouds) – Advanced classification scanning and protection allows the Microsoft 365 cloud-based data classification service to scan items, classify them, and return the results to the endpoint device. This enables admins to include more advanced classification techniques, such as exact data match, into data loss prevention policies. Admins will also have the flexibility to set a per-device bandwidth limit for a 24-hour period to regulate bandwidth usage.  Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93275
• Microsoft Purview | Endpoint DLP – Restrict copying sensitive files to Bluetooth on endpoints (U.S. Government clouds) – Microsoft Endpoint DLP provides customers the ability to create and enforce DLP policies that regulate sensitive data to Bluetooth devices using the same DLP policy creation and management solution they currently use to support DLP across Microsoft’s fully unified DLP offering with the experience their users are already familiar with. Apologies for the delay.  Now rolling out this month. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=93377

Rollout starts – July 2023

•  Microsoft Purview compliance portal: Endpoint DLP – Authorized USB devices (U.S. Government clouds) – With this capability, you can create groups of USB devices and designate restrictive actions for each group within your DLP policy in Microsoft Purview Data Loss Prevention. As an example, you will be able to create authorized or unauthorized groups of USB devices based on serial numbers and allow ‘copy’ of documents to certain groups of USB devices and block ‘copy’ for others. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124828
• Microsoft Purview compliance portal: Insider Risk Management – Granular exclusion – Granular exclusion allows admins to adjust and fine tune indicators according to organizational preferences to help tailor the detection of risks that may lead to a potential security incident. For example, admins can configure the indicator “sending email with attachments to recipients outside the organization” to only detect emails sent to personal domains (e.g., outlook.com). In that way, admins can reduce the number of false positives. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124779
• Microsoft Purview compliance portal: Data Loss Prevention – Ability to fetch the original file resulting in policy match as evidence – Admins can access the file that resulted in the DLP restrictions with the DLP alert experience. This level of visibility will help analyze the amount of content that triggered the DLP violation, assess severity, and inform remediation. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=109583
• Microsoft Defender for Office 365: Tenant Allow/Block List domain & addresses block to send inbound emails to admin quarantine – Today, domain & addresses block in Tenant Allow/Block List mark inbound emails from those domains and email addresses with SCL:9 thus not effectively shielding end users from malicious messages. With this change, inbound messages from domain & addresses blocked on Tenant Allow/Block List will land in admin quarantine. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115505
• Microsoft Defender for Office 365: Tenant Allow/Block List Limit per SKU – Today, customers can only create 500 block and 500 allow entries in sender, URL and file category in Tenant allow/block list. Going ahead, customers with MDO P2 or E5 security can create 5000 allows and 10000 blocks in Tenant allow/block list for sender, URL and file category. Spoof in Tenant allow/block list will remain unaffected by this change and all SKUs will have 1024 entries for both allows and blocks. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=98185

Rollout starts – September 2023

•  Microsoft Defender for Office 365: Tenant Allow/Block List – indicating allowed entries which are malicious – With this change, Microsoft will start indicating using Tenant Allow/Block List page on security.microsoft.com and cmdlets if an allow created by the customer is malicious in nature. This will help customer remove allows proactively which might end up harming their tenant. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=115506
• Microsoft Purview compliance portal: Information Protection – | PDF files encrypted with sensitivity label can be searched and eDiscovered – With this update, PDF files with sensitivity label (and encryption) can be reasoned over in SharePoint Online, searched, or eDiscovered. Additionally, labels can be applied to the existing PDF files hosted in SharePoint. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=85617
• Microsoft Purview | Information Protection: Auto labeling (for files at rest in SharePoint Online) can now label PDF files – This feature enables you to label PDF files at rest via the auto-labeling engine as you would Word, Excel, or PowerPoint files. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=85618

Rollout starts – November 2023

• Microsoft Purview compliance portal: Data Loss Prevention – Apply protection at the time of egress on endpoints (U.S. Government clouds) – Extend protection to unclassified files on Windows endpoint by applying restrictions defined in DLP policies at the time of egress. Find out more:  https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=138591
• Microsoft Purview compliance portal: Data Loss Prevention – Restrict egress activities when accessing sensitive websites in Microsoft Edge (U.S. Government clouds) – This capability allows restricting common egress activities as users navigate protected sites or access sensitive content via Microsoft Edge. With this new capability, organizations will be able to designate groups of protected sites and apply different restrictions, and monitor or restrict common egress activities when users visit protected sites with audit, block, and block override controls. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=117574

Rollout starts – January 2024

• 🆕 Microsoft Purview compliance portal: Insider Risk Management | Adaptive Protection – HR resignation date as a condition for risk level – Admins can now select the HR resignation date as a condition to assign a minor, moderate, or elevated risk level. For example, an admin can configure the minor risk level to be assigned when an HR resignation date is sent via the HR connector. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124972
• 🆕Microsoft Purview compliance portal: Insider Risk Management | Adaptive Protection – Multi-policy selection – Admins can now select multip le Insider Risk Management policies in the “Risk levels for Adaptive Protection” settings to assign risk levels in Adaptive Protection. Find out more: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=124973

---

Pages: 1 2 3 4