Microsoft's new security features address common pain points
FYI, this story is more than a year old
Microsoft Inspire has kicked off with a number of major announcements across Microsoft’s Azure, Microsoft 365, business applications, security, enablement, and sustainability initiatives.
In this story we focus on the company’s security and compliance announcements.
Microsoft Azure Sentinel
Microsoft Azure Sentinel enables users to collect and analyse data from different sources, including networks, firewalls, endpoint, and vulnerability management to provide security insights.
Connectors now include Alcide kAudit (Kubernetes logs), Vectra AI, Perimeter 81 (Activity logs), Symantec Proxy SG, Symantec VIP, Pulse Connect Secure, Infoblox NIOS, Proofpoint TAP, Qualys VM, VMWare Carbon Black, Okta SSO, RiskIQ (Azure Logic Apps custom connector).
Communication Compliance in Microsoft 365
Microsoft 365 features new Communication Compliance capabilities that take into account remote working environments.
Microsoft is expanding visibility across communication sources with the introduction of image detection and across third-party solutions such as Instant Bloomberg with Slack and Zoom functionality coming soon.
Additionally, Teams integration will also feature improved remediation, including the ability to remove messages from the Teams channel.
Endpoint Data Loss Prevention
Microsoft Endpoint Data Loss Prevention (DLP), now available in public preview, DLP solutions provide content visibility into data at rest, in use and in motion on-premises and in the cloud.
Microsoft Endpoint DLP enables customers to manage DLP policies across workloads such as Teams, SharePoint, Exchange, OneDrive, and Microsoft 365, from a single console: the Microsoft 365 compliance centre.
Microsoft 365 Insider Risk Management
This includes new features to identify insider risk and take action within integrated collaboration workflows.
Insider Risk Management now includes better algorithms and signal quality to flag what could be risky behaviour. New advanced signals will now be captured from Windows 10 endpoints, Microsoft Defender Advanced Threat Protection, Microsoft 365 and our native Human Resources connector.
Insider Risk Management will also include new policy templates and workflows to push alerts to other systems such as ServiceNow and Microsoft Azure Sentinel.
Double Key Encryption for Microsoft 365
Microsoft’s Double Key Encryption for Microsoft 365 now enables users to protect confidential data and control their encryption key. Double Key Encryption for Microsoft 365 protects data by encrypting it with two keys, one key in the organisation’s control and the second key stored securely in Microsoft Azure.
To view the data, one must have access to both keys. Since Microsoft can access only the key in Azure (with all BYOK assurances), data is unavailable to Microsoft, ensuring enhanced data privacy and security.
Double Key Encryption for Microsoft 365 is available in public preview.