This article is contributed. See the original author and article here.
With remote work being the new norm these days, it is critical to safeguard your business data from unauthorized access while at the same time make your employees, partners, and customers more productive. Microsoft runs on trust. We continue to provide you enterprise grade and frictionless security along with comprehensive compliance offerings.
Today at Microsoft Ignite 2020 we are excited to announce the following new security and compliance controls in SharePoint and OneDrive that help you to secure and govern your data holistically in this remote work era. We categorized them under three areas:
- Secure external collaboration in SharePoint and OneDrive
- Preventing data loss through end points and user sessions
- Comprehensive compliance and best performance
Secure external collaboration in SharePoint/OneDrive
Automatic expiration of external access
With external collaboration so paramount for your business growth, equally important is to govern the external users access. We are expanding our external collaboration offering with one more critical control. We are announcing the general availability of automatic expiration of external access, roll out starting today.
You can now simply set an expiration, say 30 days, for external access in your organization. From the day an external guest user got invited to a site or a file, the timer starts and the access is automatically revoked upon expiration. In addition, site admins can get detailed reports of external access and can extend the expiration for specific external users as needed. Learn more here.
External sharing policies with Microsoft Information Protection sensitivity labels
We are continuing to innovate in our Microsoft Information Protection (MIP) journey to help you secure your sensitive content holistically and throughout its lifecycle. This spring we announced MIP sensitivity labels for securing Teams, SharePoint Sites, and Microsoft 365 Groups. We started with associating privacy and device policies with sensitivity labels.
Today we are announcing external sharing policies with Microsoft Information Protection sensitivity labels, coming soon in public preview. You can now associate external sharing policies to the sensitivity labels making it even more powerful to achieve secure external collaboration with frictionless experience to your users.
Administrators can tailor the external sharing settings according to the sensitivity of the data and business needs. For example, for Confidential label you may choose to block external sharing whereas for General label you may allow it. Users have to simply select the appropriate sensitivity label while creating a SharePoint site or Team, the appropriate external sharing policy for SharePoint content is automatically applied.
Access governance insights for files in SharePoint, OneDrive, and Teams
As your workforce expands across the globe and you see exponential growth in digital data, administrators need a way to holistically govern the top sites that matter the most, for example top sites that contain most number of sensitive documents or top sites that are over shared. The access governance insights dashboard in SharePoint admin center aims to solve that need.
You can now see access centric insights for your top sites with most sensitive documents and over shared sites. Insights allow you to validate the access policy settings such as unmanaged device and external sharing are appropriate for your security posture and as needed take actions and tweak them in SharePoint admin center. This feature is coming to private preview soon, if interested you can sign-up here.
Data loss prevention (DLP) policy for blocking anyone links for sensitive content
You want to share sensitive content with external collaborators. However, due to sensitivity of the content, you want to avoid external users accessing it using anyone link and instead require authenticated access.
We are announcing DLP policy rule to block anyone with the link option for sensitive content, generally available now. Administrators can now configure DLP rules with an action to block sharing and access to the sensitive content using anyone with the link. Learn more here.
Preventing data loss through end points and user sessions
Endpoint data loss prevention (DLP)
With remote working and proliferation of devices, end points have exponentially grown, we are helping you to protect and avoid leakage of sensitive content at all end points on Windows devices. Learn more about Endpoint DLP here and it is available in public preview.
Unified session sign-out powered by continuous access evaluation
Not only end points, we are also helping you to prevent data loss in the event of device lost or theft or account compromise. Today we are announcing the public preview of unified session sign-out in Microsoft 365, including SharePoint and OneDrive. With one click in Microsoft 365 admin center, you can now sign out a user instantly from all their sessions on all devices, including both managed & unmanaged devices. Learn more here.
Comprehensive compliance and best performance
We announced multi-geo, records management, and many other compliance controls for SharePoint and OneDrive. Today we are excited to add one more compliance control to that portfolio.
Information barriers for OneDrive and SharePoint
You may have compliance needs to put barriers in collaboration and communication between certain set of users in your organization to avoid conflict of interest. You can now achieve these needs in Microsoft 365, we are announcing general availability of information barriers for SharePoint and OneDrive.
You can create information segments per your compliance needs, for example Investment banking vs Advisory, and then create barriers for communication and collaboration between those segment users. In near future, as a SharePoint administrator or a site owner you can manage the segments association for a site, as illustrated in the pictures below. You can learn more here and here.
Microsoft 365 Network Insights
Network connectivity to Microsoft 365 is critical to offer the best performant experience to your users for accessing the Microsoft 365 content. We are excited to announce Microsoft 365 Network Insights, available in public preview today, that help in designing network perimeters for your office locations across the globe. These insights provide live performance data for common issues for each geographic location where users are accessing your content from. To learn more, check out the article here.
For licensing information for these features, check out the respective product documentations.
In addition to the above features, we have a beautiful security and compliance cook book for SharePoint, OneDrive, and Microsoft 365 administrators. You can download SharePoint and OneDrive Security Cook Book for FREE.
To take advantage of all these capabilities in Microsoft 365, we are also helping you to migrate content to Microsoft 365 from on-premises and other cloud sources. Check out our new migration manager.
To learn more about our SharePoint Administration and Migration improvements, check out SharePoint admin and migration announcements at Ignite 2020. Also, check out the Microsoft Lists announcements at Ignite 2020 and Top OneDrive Moments from Microsoft Ignite 2020.
Getting started
To learn more about the above features in detail, check out the product documentation articles below:
- Automatic expiration of external access in SharePoint and OneDrive
- Data loss prevention (DLP) policy for blocking anyone with link for sensitive files
- Microsoft 365 Endpoint DLP
- Unified session sign-out – Continuous access evaluation
- Use information barriers with SharePoint
- Use information barriers with OneDrive
- Microsoft 365 Network Insights
- Microsoft 365 Migration Manager
- All up Security and Compliance controls in SharePoint and OneDrive
To participate in the private previews, sign up here: https://aka.ms/SPSecurityPreviews
Here are our Ignite 2020 videos related to security and compliance controls in SharePoint & OneDrive & Microsoft 365 (Note that links will become active once Ignite videos are live, check these links out on 9/23/2020):
- Collaboration, Intranet, and Knowledge by Jeff Teper
- Remote working and Microsoft 365 administration by Jeff Teper
- What’s new in Security and Compliance in SharePoint and OneDrive by Sesha Mani
- [Skilling video] Information protection in Teams, SharePoint, and OneDrive by Sesha Mani
- [Skilling video] Information protection in Teams and SharePoint – Deep dive – by Sanjoyan Mustafi
- [Skilling video] External users and access governance – by Jeff McDowell
- Administering Multi-Geo is a snap by Sesha Mani and Adriana Wood
- What’s new in SharePoint Administration by Dave Minasyan
- What’s new to easily migrate content to Microsoft 365 by Yogesh Ratnaparkhi
- Turbocharging Microsoft 365 cloud user experiences by Shyam Narayanan
- Supporting mergers, acquisitions, and divestitures in Microsoft 365 by Sesha Mani and Robert Lowe
Check out many more Ignite sessions in the Ignite website and Microsoft 365 Adoption Center: Virtual Hub.
If you are new to Microsoft 365, learn how to try or buy a Microsoft 365 subscription.
As you navigate this challenging time, we have additional resources to help. For more information about how we are responding together to COVID-19, visit our Remote Work site. We’re here to help in any way we can. Stay safe!
Thank you!
Sesha Mani – Principal Group Product Manager (GPM)
Microsoft 365, SharePoint and OneDrive, Security & Compliance
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments