Slide deck used on our presentation for Modern Workplace Conference,Paris 2021 Virtual event where myself and Vijai Anand did a session on "What's new in Security and Compliance in SharePoint , OneDrive for Business & MS Teams"

1. What’s new in Security and Compliance in
SharePoint , OneDrive & Teams
Modern Workplace Conference
Paris 2021
Jan 19, 2021
Vijai Anand Ramalingam
Vignesh Ganesan

2. Modern Workplace
Conference Paris 2021
online
#MWCP21 18,19,20 Jan 2021
Thanks to
our sponsors !
Merci à nos sponsors

3. Suivez-nous tout au long de l’année !
Follow us all year round!
https://aos.community
https://twitter.com/mwcparis
#MWCP21
https://modern-workplace.pro
https://twitter.com/aOSComm
tps://www.linkedin.com/compan
y/ams-community
https://www.linkedin.com/company/
mwcp
https://www.facebook.com/
modernworkplaceconferenceparis
https://www.facebook.com/
aOSCommunity (FR)
https://www.facebook.com/
aosComm (EN)

4. About Myself

5. My co-speaker today

6. Agenda
Trends in security
landscape
New security
controls to your
unique challenges
New compliance
controls
Summary & Call to
Action

7. Trends in security landscape

8. 1. BCG remote work study
2. Gartner CXO survey
40%
CIOs indicate that Information
Security is a primary risk from
COVID-192
300M
Global office workers are
expected to be working
from home1

9. Zero trust model
Strong user identity
Managed device
Least privileged access

10. New security controls to your
unique challenges

11. Security pillars for digital era
Data
Users Devices
Information
Protection …
Locations

12. Security pillars and available controls
• Internal vs External
(Guests)
• MFA Policy
• Sharing policies
•
•
•
•
•
•
•
•
•
•
https://aka.ms/M365SecurityCorner

13. Microsoft
Information
protection

14. Simplify information protection using Sensitivity Labels
Easily classify, detect, and label your ever-
increasing digital data
Manually/Automatically protect Files &
Emails with policies like Encryption and
Watermarking
Set consistent policies on Teams, Sites, and
Groups like Device, now with external
sharing policies

15. Demo:
Sensitivity labels for Files and
Teams/SharePoint Sites

16. Sensitivity Labels with External Sharing Policies

17. Automatic expiration of external access

18. Automatic expiration of external access

19. Like device policies at site level, you can now do
MFA (multi-factor-authentication) at site level
Tailor the additional authentication requirements
for business sensitive sites
Interested in previewing? Enroll in this form:
https://aka.ms/ODSPSecurityPreviews
Next up – MFA Policy associated with sensitivity label

20. Data Classification Explorers – Know your data
Data classification shows you full insights
to how many items are labeled and with
what labels across your Microsoft 365
Content explorer shows detailed view of
distribution of sensitive info types and
labelled files
Activity explorer shows detailed view of
activities on labelled files
https://aka.ms/MIPDataClassification

22. Data access governance (DAG) insights
Insights into sensitivity-based top-100 sites sorted by number of sensitive files and
corresponding access & sharing policies

23. Data access governance (DAG) insights
Learn access patterns by reviewing the over exposed sites with company sharable or anonymous links

24. DLP – Block anonymous access/sharing for sensitive files
Sharing is caring – however, oversharing
and overexposure of your business
sensitive files is not
DLP block anonymous access will
protect your sensitive content even if
the files were shared anonymously
before

25. DLP – Block anonymous access/sharing for sensitive files

26. Data loss prevention – Endpoint DLP
Endpoint DLP enables you to protect policies and taking actions in your managed Windows devices
Granular protections across the endpoints and action options like Audit only, Block

27. Unified session sign-out across Microsoft 365
Unified session sign-out allows one to
sign the user out across all the Microsoft
365 clients and apps
Unusual activities like impossible travel or
device state change are triggers for
admins to invoke this session revocation

28. Demo:
Unified session sign-out – Continuous access
evaluation

29. Recap – security
controls
1. MIP Sensitivity Labels
• External sharing policies
• MFA policy with labels
• Data classification explorers
2. Data access governance
3. Data loss prevention (DLP)
• Block anonymous access
• Endpoint DLP
4. Sessions - Unified session sign-out

30. New compliance controls

31. Rich Insights via tailored templates
Machine learning correlates native1 and third-
party signals to identify insider risks
End-to-end investigations
Integrated investigation workflows allow for
collaboration across IT, HR and legal
Privacy built-in
Anonymity controls ensure data about risks is
appropriately managed
Insider Risk Management
Identify and take an action on critical insider threats
1. Teams, SharePoint Online, Exchange Online, OneDrive for Business and Windows 10

32. Information Barrier in MS Teams

35. Investment Banking
Information
Advisory
Information
Members only
Conditional Access:
IB Must Match
Members only
Conditional Access:
IB Must Match

36. • Segment the users in your enterprises per
compliance requirement
• Associate teams/sites to specific info
barrier segment, as needed
• Achieve barriers in communication and
collaboration with this advanced
conditional authorization
Information Barriers (IB)

38. Migration Manager

39. Summary

40. Summary
Available Now EOY CY’2020
Sensitivity Labels for Teams/Sites (GA)
M365 Information Barriers (GA)
Endpoint DLP (Public Preview)
Expiring external user permissions (GA)*
MFA Policy at Site Level (Public Preview)
Sensitivity Labels with Protection for Files (GA)
Office Client Co-auth for Protected Files (Limited Preview)
Auto Classification w/ Sensitivity Labels (GA)
https://aka.ms/M365SecurityCorner
DLP Block anonymous access for sensitive files (GA)
Customer key for Teams (Limited preview)*
Continuous access evaluation (Public Preview)
GA – Generally Available
Network connectivity insights (Public Preview)*
Migration Manager (GA)*
Migration Manager with Box migrations (Public Preview)
Data access governance in SharePoint (Limited preview)
Multi-Geo for SharePoint & OneDrive & Exchange (GA)*
Multi-Geo for Teams Chat (Limited Preview)*
M365 Insider risk management (GA)
* Capabilities covered in other videos
SharePoint Admin homepage improvements (Public Preview)*

41. SharePoint and OneDrive - Security & Compliance cook book
Discover the frictionless security and comprehensive compliance controls you can use to secure and govern your
SharePoint and OneDrive content in Microsoft 365
https://aka.ms/sharepointsecuritycookbook

42. Useful links
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/security-and-compliance-controls-in-
sharepoint-onedrive-and/ba-p/1698280
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/what-s-new-in-security-and-compliance-in-
sharepoint-and-onedrive/ba-p/1696705
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/microsoft-ignite-2020-guide-to-sharepoint-
onedrive-planner/ba-p/1662401
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/tls-1-0-and-1-1-deprecation/ba-p/1620264
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/microsoft-365-collaboration-conference-
keynotes-sessions-and/ba-p/1945010
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/3-sharepoint-admin-migration-and-
security-on-demand-session/ba-p/1742730
 https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/sharepoint-roadmap-pitstop-september-
2020/ba-p/1736393
 https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/gdpr-compliancy-with-onedrive-and-
sharepoint/ba-p/191126
 https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/top-5-reasons-organizations-use-onedrive-
for-data-security-while/ba-p/1375574

43. Merci pour votre attention !
Thanks for your attention!

44. Modern Workplace
Conference Paris 2021
Online.
Registration is opened!
SHARE. DISCOVER.
EXPLORE.
PARTAGER. DÉCOUVRIR.
EXPLORER.