Slide deck used on our presentation for Modern Workplace Conference,Paris 2021 Virtual event where myself and Vijai Anand did a session on "What's new in Security and Compliance in SharePoint , OneDrive for Business & MS Teams"
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
What's new in Security and Compliance in SharePoint , OneDrive for Business & MS Teams
1. What’s new in Security and Compliance in
SharePoint , OneDrive & Teams
Modern Workplace Conference
Paris 2021
Jan 19, 2021
Vijai Anand Ramalingam
Vignesh Ganesan
3. Suivez-nous tout au long de l’année !
Follow us all year round!
https://aos.community
https://twitter.com/mwcparis
#MWCP21
https://modern-workplace.pro
https://twitter.com/aOSComm
tps://www.linkedin.com/compan
y/ams-community
https://www.linkedin.com/company/
mwcp
https://www.facebook.com/
modernworkplaceconferenceparis
https://www.facebook.com/
aOSCommunity (FR)
https://www.facebook.com/
aosComm (EN)
8. 1. BCG remote work study
2. Gartner CXO survey
40%
CIOs indicate that Information
Security is a primary risk from
COVID-192
300M
Global office workers are
expected to be working
from home1
14. Simplify information protection using Sensitivity Labels
Easily classify, detect, and label your ever-
increasing digital data
Manually/Automatically protect Files &
Emails with policies like Encryption and
Watermarking
Set consistent policies on Teams, Sites, and
Groups like Device, now with external
sharing policies
19. Like device policies at site level, you can now do
MFA (multi-factor-authentication) at site level
Tailor the additional authentication requirements
for business sensitive sites
Interested in previewing? Enroll in this form:
https://aka.ms/ODSPSecurityPreviews
Next up – MFA Policy associated with sensitivity label
20. Data Classification Explorers – Know your data
Data classification shows you full insights
to how many items are labeled and with
what labels across your Microsoft 365
Content explorer shows detailed view of
distribution of sensitive info types and
labelled files
Activity explorer shows detailed view of
activities on labelled files
https://aka.ms/MIPDataClassification
21.
22. Data access governance (DAG) insights
Insights into sensitivity-based top-100 sites sorted by number of sensitive files and
corresponding access & sharing policies
23. Data access governance (DAG) insights
Learn access patterns by reviewing the over exposed sites with company sharable or anonymous links
24. DLP – Block anonymous access/sharing for sensitive files
Sharing is caring – however, oversharing
and overexposure of your business
sensitive files is not
DLP block anonymous access will
protect your sensitive content even if
the files were shared anonymously
before
25. DLP – Block anonymous access/sharing for sensitive files
26. Data loss prevention – Endpoint DLP
Endpoint DLP enables you to protect policies and taking actions in your managed Windows devices
Granular protections across the endpoints and action options like Audit only, Block
27. Unified session sign-out across Microsoft 365
Unified session sign-out allows one to
sign the user out across all the Microsoft
365 clients and apps
Unusual activities like impossible travel or
device state change are triggers for
admins to invoke this session revocation
31. Rich Insights via tailored templates
Machine learning correlates native1 and third-
party signals to identify insider risks
End-to-end investigations
Integrated investigation workflows allow for
collaboration across IT, HR and legal
Privacy built-in
Anonymity controls ensure data about risks is
appropriately managed
Insider Risk Management
Identify and take an action on critical insider threats
1. Teams, SharePoint Online, Exchange Online, OneDrive for Business and Windows 10
36. • Segment the users in your enterprises per
compliance requirement
• Associate teams/sites to specific info
barrier segment, as needed
• Achieve barriers in communication and
collaboration with this advanced
conditional authorization
Information Barriers (IB)
40. Summary
Available Now EOY CY’2020
Sensitivity Labels for Teams/Sites (GA)
M365 Information Barriers (GA)
Endpoint DLP (Public Preview)
Expiring external user permissions (GA)*
MFA Policy at Site Level (Public Preview)
Sensitivity Labels with Protection for Files (GA)
Office Client Co-auth for Protected Files (Limited Preview)
Auto Classification w/ Sensitivity Labels (GA)
https://aka.ms/M365SecurityCorner
DLP Block anonymous access for sensitive files (GA)
Customer key for Teams (Limited preview)*
Continuous access evaluation (Public Preview)
GA – Generally Available
Network connectivity insights (Public Preview)*
Migration Manager (GA)*
Migration Manager with Box migrations (Public Preview)
Data access governance in SharePoint (Limited preview)
Multi-Geo for SharePoint & OneDrive & Exchange (GA)*
Multi-Geo for Teams Chat (Limited Preview)*
M365 Insider risk management (GA)
* Capabilities covered in other videos
SharePoint Admin homepage improvements (Public Preview)*
41. SharePoint and OneDrive - Security & Compliance cook book
Discover the frictionless security and comprehensive compliance controls you can use to secure and govern your
SharePoint and OneDrive content in Microsoft 365
https://aka.ms/sharepointsecuritycookbook
Reference: New Feature: Manage how long guests can access SharePoint Online and OneDrive documents | Global SharePoint Diary (global-sharepoint.com)
Notes: If you are a site administrator, you may need to manage expiring access for the guests that have access to content on your site. If your administrator has set an expiration time for guest access, each guest that you invite to the site or with whom you share individual files and folders will be given access for a certain number of days. If you want them to continue to have access, you must extend their access on a regular basis.
As guests approach their expiration date, a banner on the site will notify you. You will also receive an e-mail notification once per week informing you about all guests that will expire in the next 3 weeks.
Important:
This feature will become available starting in January 2021.
Some functionality is introduced gradually to organizations that have opted in to the Targeted release program. This means that you may not yet see this feature or it may look different than what is described in the help articles.