Ask the Expert: Ask anything about Microsoft Compliance: information protection & | ATE-DB163-R1
All right wonderful, welcome, to this ask the expert session, at ignite. This is ask, us anything, about microsoft, compliance, we're looking at, uh information, protection, and governance. Insider, risk compliance. Management. All of the products, are, available to you a few quick housekeeping. Items, as we get started, first. To engage with the experts that we have from across the microsoft, compliance, team. Use the chat. That's available, as part of this event. Uh to to be able to ask your question. Uh most of the questions, will try and respond, via text. A handful of the questions, just depending on time we'll be able to put to the panel, and you'll get to to get a more expanded, version of that answer live. Uh upvote, your questions, using the like button. Uh let us know that this is a question that you might have too, um, so so we can make sure that we're focusing, on the things that are the most important, to you. From an etiquette perspective. Just realize, the session may be recorded, with the recording, published, later. Please, help our moderators. By, abiding, to the code of conduct, not spamming, things like that, and, like all the sessions, at ignite this is covered by the microsoft. Code of conduct. So with that. Why don't we meet the experts, i am wayne anderson, i'm your moderator, today the security, and compliance, architect, from the microsoft, 365. Center of excellence. Let's start with joseph davis. Hi i'm joseph davis i'm the executive, security advisor, for the americas, in healthcare. Formerly, a cso. And. Here to advise our healthcare. Customers. Uh you're on mute. Hey folks it's iria madras, i'm a pm. On the compliance, team specifically, focus on the products and the discover and respond, pillars so these are things like. Quarry discovery, advancey, discovery, and audit. Glad to be here. Ryan. Uh on mute. Ah let's try that again hi everyone i'm ryan thompson, product marketing manager on the compliance, team. Great near. Hey, hi my name is nick handler and i'm a senior program manager, in the microsoft. Information, protection, and compliance, customer, experience, team. And sanjay. Hey everyone. Um, sanjay kadambi. I work in the product marketing, team uh in compliance, with a focus on microsoft, information, protection. Wonderful. And uh roberto. Hey everyone i'm roberto iglesias. I'm a product manager, with the information, governance, and records management, team. Fantastic. So. With that let's just jump right into it already have, a handful, of questions coming in. And roberto. Why don't we start with you, there's a. A lot of information, that's going out there around information, governance. We've seen discussion, of records, management, already here at this ignite. What's new in information. And records management, that's, going live this week. Yeah awesome, thank you for uh, for asking wayne, uh we announced a lot of things, uh, and we, we will post, the link on, on the chat so that you can access, the link to the blog of everything that we announced with information, governance, and and records, management. Uh there's a lot of new things that we, that we announced. First of all first most, we announce retention, policy, support, for yammer, messages. And so you, will be able to target those retention, policies, just like you do with teams, now, uh either, to the, user messages, or the community messages. We also announced, the retention, support, for teams meeting recordings. If you missed there was a blog post today announcing, our new vision for microsoft, stream. And as part of that, in the next few months. The recordings, that you make on teams will start moving, towards. Sharepoint, and onedrive. To be stored, there, and so as they do you can use all the great features we already have there, for. Applying retention, but we're also targeting. New ways to auto label them. We also announced, the new, regulatory, record, label, for those of you using records, management. The regulatory, record label. Will be an evolution, of what the record label, is a different type of label that allows. A advanced, immutability. Scenarios. So for those like financial, customers. Or government, customers, that need to ensure that, no metadata, is changed. That that, one's applied, nobody can undeclare. That record, all of that will be part of what you can do with it, additionally, we announced. Integration, with, sharepoint, syntax, which is the new. First product that comes out of what we had called project, cortex.
And Their document, understanding, models. Which are the way that you can create machine, teaching, models. To be able to. Categorize, your content and extract metadata, out of that content and so you will also be able to apply a retention, label. We also. Announced the feedback, loop, for our own microsoft. 365, compliance, trainable, classifiers. Uh that we had announced that last ignite. Uh and some of the feedback we got from customers, is once you publish that classifier, you wanted to be able to fine tune it so now we have the trainable, classifiers. With being able to provide the feedback, loop starting with exchange. And then finally. One of our most exciting announcements. Is that as part of our new, integrations. For ecosystem. Overall. In microsoft, 365. Compliance. We've significantly. Increased the number, of data connectors, that allow you to, establish, a connector, and constantly, being, bring data, in, to microsoft, 365. To be able to leverage all of the compliance, solutions, so we announced that we will get, up to 25. Pre-built, data connectors, today. In the compliance, center, including, some from our partners, from globalnet, and telemessage. And you'll be able to, access all of those right now in your compliance center. Fantastic. So, uh, aaron. There's a great question that's come in kind of in a couple of flavors, from several different people right now. And you know last year microsoft, went to ignite, 2019. Um, and it was a whole new model across a variety. Of compliance, products. Um, more integration. More visibility, across the products more visibility, across unstructured, data, and e-discovery. Was one of the places, that we really talked about. Shifting our approach, and. You know really enhancing, our features. Some of the things that we've talked about in teams, we've delivered, some of those things, remain roadmap. Um, you know, can you help us understand, what have we delivered, and where are we still working. Yeah great question, teams, by far is getting, probably the most significant, increase in use. And, it's probably from a lot of the folks, our customers, kind of working from home so. The, signal, is loud and clear that customers, are looking for more, discoverability. Of that content. And so some of the things that we talked about last year, and just recently, are going to be things like being able to, identify. Which teams, a user is a member of, right let's say that you're. Doing an investigation. And you have a person of interest and you'd like to know, where the sources. Are that contained content for this person. This was a feature that we released, uh just, just because it's around like night last year. Um some of the new things that we're talking about for teams which are really interesting, specifically. Is, modern attachments. And at least this is what we've. Known to love them by internally, at microsoft. Linked content, is another way people refer them but generally it's, when you send any sort of file, in a team's message. You'll notice that, it's not like it used to be with legacy, email attachments, where the file was actually embedded, as part of the message. The link is what's actually sent right so the live document is still sitting on the network. But there's a link that's attached to that message. And so what customers have said is whenever you do an investigation. And you're trying to gather all this information, including, linked content. That could be pretty painful, so we announced that ignite this year the ability to collect. That content, as part of the e-discovery. Process so in advance e-discovery, now, when you say hey i want to go collect, wayne's, content. Um. You can press a box and it'll make sure that it'll include anything that's linked. By wayne as well so it'll go out and harvest, all of the live content documents, that were attached, in a, team's messages. Really excited about that, we extended, the coverage to go into review, as well so if you collect that content. Put it into a case we'll show you. All of the linked, documents.
Right Next to the messages so that you can keep track of things. And then let's say that you want to go, use, another, partner of ours downstream, after, e-discovery. The export will preserve those groups as well so the load file will keep track of which linked content belongs to each message. That's exciting. Fantastic. Great things to come, plenty to watch for. Uh you know nier. We've got a great question around gdpr, and i'm going to rephrase, it just a little bit. You know, security. Privacy. Costs, these are all considerations. That an enterprise has to look at, and it's it's a constant balancing, act right there's, administration. Costs and then there's, cost of doing things like data retention. And. Looking at the way that different settings, impact. Productivity. Can you share with us some of the lessons, that we've learned especially around gdpr, that's been in the market for a little while. On how to use. Microsoft, information, protection, and really get the most out of it for the. Organization. Microsoft, information protection. Uh, today. Um. Works. Maybe, let's call it it's an evolution, of the what was known as azure information, protection. First it's focused all about gdpr. We would like to allow customers, to understand. The data classification. To identify. Sensitive, information, where it's. Uh whether it's located, if it's in in the cloud, or outside the cloud it's not something that is bundled specific. To, the data that need to be stored, in. Office 365. If it's. In sharepoint or onedrive. In, file shares. If. It's in, non-microsoft. Cloud applications. And we give the. The customers, and the. Compliance that means the ability to discover, sensitive, information. That specifically, might impact them from a gdpr, perspective, and protect. This type of information. If it's with restricting, access if it's with, labeling, it and ensuring, that this data will not. Leak outside, and this is more about, the, product aspect of this and how the product is designed. In addition. Uh. From. From the product and to ensure that. It doesn't. That it can address any gdpr. Uh compliance, regulations. So. The product doesn't collect any. Privacy, information, about the data that is being classified, or auto labeling. And the audit logs are it doesn't include any. Any privacy, information. All the users that, are, using and applying the labels. The data is being audited. Into. Aap, analytics, and activity, explorer. And, with that, it being stored. Without. Any specific, information. That. Can violate, gdpr. From, whatever the customer, is holding, and, in terms of the documents, that are being, tracked, and the documents, that are being, classified, as contain sensitive information. Fantastic. Uh you know so. Joseph davis, uh, one of the things that our customers, have really asked, about today in some of our other sessions. Um, is around, data loss protection. Right, implementing, dlp, and. Healthcare, financial, services, these are areas where, data loss prevention. And and uh you know protecting, the information that the enterprise have. Are critical. Uh in healthcare, specifically, we see a lot of customers, deploying. Policies. And they're recognizing, information, we see increasing, maturity. Does a healthcare, organization, really have to have dlp, or. You know can can they just deploy, policies, in the cloud. Oh i think dlp. Is uh, required, everywhere, in a hybrid approach, right because, data's going to sneak out as long as you have email.
As As long as, individuals, are using. Technologies, like zoom and teams, and, and other technologies, where, there could be chat there could be web upload, there could be email attachments. I think, data loss prevention. Is, a, great way to help. Users, determine. You know what is it that i'm sending, and, could it be catastrophic. If i sent this, to the wrong recipient. So. What. Especially, endpoint dlp. Gives them the ability to do, whether it's healthcare, any other industry. Is to prompt the user, and say look this looks like sensitive, information. Based on. You know our on the machine learning that the system has done over time, this looks like sensitive, information. And are you sure you want to be sending this to a third party. Now if. The answer is yes, we facilitate. That collaboration. With azure information, protection. So that only the recipient. Is going to be able to. You know, use, that information. And it stops with that recipient. If there's a do not forward on it or if there's a read only on it. Yeah. You know one of the questions that came a moment ago and and uh nier i'd love to get, your perspective, on this as as well as yourself joseph. Um. You know, from a business, perspective. Uh joseph, when when you've got endpoint, dlp. Uh and you've got enterprises. Wanting to look at this kind of bring your own device strategy. What are some of the high points and some of the low points that that you would. Really kind of put in front of a security, leader to really put some thought into. Right so my recommendation, around bringing your own device, is. Make sure you're you're looking. Closely, at, into. Mobile, application, management. Rather than. Allowing, the data, to. Um. You know just, come down natively. On that person's, uh mobile device, or. Basically, a laptop, etc. Unless that. Laptop, or mobile device or surface, pro is, registered. Mobile device management, in intune. And with registering, it there's there's so much more, that you can do in, with mdm. In determining. What, applications. Are on that endpoint. What hardware. Is going on with that endpoint etc, with mobile application, management, you're able to. Have an encrypted, secure, container. Within the application, and apply, organizational. Policies. To the specific. App. Instead, of the entire. Uh. Device. Fantastic. So, you know near that that's that's part of it right, the business strategy, of where to plug in the dlp. But at the same time you've got to have the technology. To tie the pieces together and help the organization. Turn around, and deploy the capability, in the enterprise. You know, how can an organization. Like a healthcare, organization, a financial, services, organization. Deploy, dlp, successfully. In. You know a, bring your own device strategy, or the shift to bring your own device. Uh yeah wayne so so, thank you, uh. For describing, this uh that uh clearly, when we talk about the dlp, and the dlp strategy that we have in microsoft, we have, two sides. Uh for this case specific capability, we have endpoint, side. That was is indeed. Available, is integrated, as part of the operation, system. And is working. Uh seamlessly, to detect sensitive, information. And to. Send audit logs, and. Block, or warn on specific activities. But with that. We know that these type of devices, do, require, to be connected today, to.
Azure Active directory, or to hi to be connected to hybrid the active directory. And to them to a azure active directory. And we know that bring your own devices, are part of the game. As part of what customers, are doing today even more relevant, during discovery. Time. So, our dlp, offering doesn't just include, the endpoint. Capabilities, but also service side capabilities, that doesn't have any. Uh dependency. With if you are coming from a bring your own device or you are using your mobile device, or, whatever, platform that you are using. Once you access the service there is this layer of the data loss prevention, capabilities. That do inspect the activity that you are doing. And based on it will, protect, the data from leaving your organization, and your parameter, although this is the cloud parameter. But for that you don't need to deploy, anything you are using sharepoint, you are using onedrive, the data is stored. In microsoft, services, you are sending mails with exchange online. All this data, is protected without dlp capabilities. Without deploying, anything, besides, policies. As part of the uh. Um. M365. Compliance portal. Now. Taking it back into endpoint, dlp. Um, bring your own device is something that we are looking to expand, in the future, uh, and, to remove, this dependency. With, a specific, organization. Joined, to aad, devices. Fantastic. So, you know uh, it it really kind of brings up. Um, thoughts about kind of the underpinnings. Right, in order to have dlp. You really have to have. A good classification. And, labeling, strategy. To help you figure out what you're going to protect in the first place. Sanjay. Great question that we've got here in the chat. You know, asking about how close, microsoft. Is to accomplishing. That microsoft. Information, protection. Um, vision right we've had several shifts, mi, uh aip, to mip. Now we're expanding, what's in mip. Um, how close are we. Yeah i mean that's a fantastic, question right and it's very foundational. So for us you know let's you know for the benefit of the whole audience, step back a little bit and think about. What is that, mip, vision. That you know bo the questioner, is asking about. I mean essentially, what we're looking to do is. To provide. Our customers. A comprehensive. Um. Built-in. Intelligent. And yet a unified, solution. For. You know information, protection. And when we say that it includes, you know data discovery, classification. Protection, and data loss right, so it's a pretty grand, uh it's a pretty comprehensive, vision we have and we realize that in the market that actually is a really. Strong need for it, because, what we find is that the alternatives. That a lot of our customers, have. Is is a patchwork, of solutions, there are solution providers. Who do either. You know data discovery, alone. But not really into, labeling. And, and protection. Or, they do dlp, alone. Or even if they do a few different things across the stack. They are focused only on a few locations. Data locations, right so. They're able to do well on on premises. Uh but they really don't have a great solution, when it comes to core office apps or microsoft 365. Services, like teams, and sharepoint. So. What we, uh, you know from we, we want you to expect, from us, from microsoft, information protection. That comprehensive. Yet a unified, solution, where you're able to. Go to a single plane of glass, a single admin, console. And be able to consistently. Deploy. Your classification. And protection, policies, across, all your. Data locations. Um, and so you know it's we are definitely. Very well on our path, to sort of delivering, against that, um and really the what you see would depend, a bit on your commercial, customer, or your. Government, customer, as well. But one thing i do want to tell you is that the big shift, from aip, to mip, if you think about what azure information protection was about. It gave you. Uh you know it was, the predominant, product was the client plug-in. For office, apps on windows. Right what you get with microsoft, information protection. Is a lot broader. So if you if an. Not on pro plus, yes you can continue, with. The unified, labeling client that we have for windows, but, otherwise, you've got, native. Uh built-in. Uh labeling. And protection, experience. Across, all the office apps platforms, right and so that's really the. The um, the benefit, of going to mip and we know that. Um you know if you have built-in, labeling. It has a lot of benefits, both for you as an organization, as an admin. You know you don't have to. Buy this patchwork, of solutions. And these licenses, you don't have to maintain, these plugins. But you actually get, a more cost effective, and easier to maintain, built-in.
Solution, With map. But at the same time please note that you know, a lot of products that you use as part of azure information protection, that, uh whether it's the on-premises. Scanner. Um. You know those are continued, that they continue to be part of microsoft, for mission protection it's that superset. Is met right and all the solutions, you know and love. Uh are all part of that, uh from aip, so we're well on our path. And depending on whether your commercial, or customer. You know you would see us um, at different, stages. Great. You know, eram, i, i, actually want to come to you for a question that we got in some sessions. With customers, uh earlier. Um, you know there's. A e-discovery. When you've got a moderate size organization. There's built-in workflow. Some great tools in there but as you, as you become an organization, at scale there's often other tools that you have in the environment. That are part of the e-discovery. Landscape. And many of our questions are bringing this up in customer, meetings, and discussions, with microsoft, around the ignite event. Apis. Where are we going are we going to be able to tie. E-discovery. Products from microsoft. With third parties, in these enterprise, environments. Yeah absolutely. Um, the engagement, from customers, has been phenomenal, i mean the creativity. On how to build. Integrated, experiences, with the tools that you were mentioning wayne is something that comes up pretty often so we, announced, recently, that we have an api, for advanced e-discovery. And beta. It's in the graph data so if you go to the graph, site, and we can push some information, to you later but, there you'll see the documentation, with the calls that are available, and we're going to keep growing this list. Um scenarios, that we're trying to support besides integrated, experiences, like we're mentioning is we also have a lot of customers, that are, fairly, large. And. Have come up with ways to automate some of the repeatable. Processes, some of the repetitive, notions, so. Um this will help, block both customers, that want to build integrated, experiences, with some of the third-party, tools some of our partners. And also help automate, some of the flow, to be able to scale. Exciting. Fantastic. Uh, you know. I, i wanted to ask. Roberto. When we look at. The organization. And how policies, and mip, i mean we've talked about e-discovery, there's a lot of moving parts here. Specifically. When you're putting, mip, policies. Into the organization. And you're doing that inspection. And you're looking for files you're looking for sensitive, information, in the organization.
Are There implications. To sharepoint's. Um, kind of new, uh syntax, tech. Technologies. Is. Anything that we've got to change, architecturally. Uh yeah and i think what you're referring to is basically, we were talking about the integration, between that we announced, between, governance, and, and sharepoint. Syntax, and and how we actually, are, uh we're working together, to make sure that all the goodness, that that sharepoint, team has announced. Uh. Actually, is, supported, and can enhance, and, today. It will be able to, to apply, as soon as it goes generally available. It will be able to apply retention, labels so. It will all work seamlessly. Within. Sharepoint. And so, when you go in and you, just publish, a retention, label, to your, content center where you're going to create a document, understanding. Model, in sharepoint, syntax. And then you can create your model, just like any other sharepoint, syntax model to classify, your data extract, data out of it, uh, and in the settings, of that model. Where you can configure, which content type it might apply and things like that, you will be able to select. A retention, label that you've published to that content, center, as the label that should be automatically. Applied. To any, document. That syntax, detects, of that, type of uh. Of classification. And so. We're working on making sure that all of this is built in. Into the productivity. Solutions, that you're already using. Fantastic. Uh you know near i'd, i'd love to come to you for this this next question great question from the audience. When you're looking at. Dlp, in the organization. And. A lot of organizations. Are still hybrid, right now. They're moving to the cloud or they've moved the bulk of their data to the cloud but oftentimes, there's still. Sharepoint, farms things like that on premise. Um you know is it possible, to add dlp, to on-premise, sharepoint, 2013. How do you deal with that hybrid scenario. Yeah thank you for this wayne so. We talked about dlp, and server side, dlp that are sitting in the cloud and we talked about the endpoint dlp. But with that we are expanding. Our dlp, offering into two more domains. One is, for non-microsoft. Cloud capabilities, with cloud of security, that this is something, that is available, already in private preview. And another private preview that we plan to start. Next month, is about expanding. Our dlp, offering into on-premise, capabilities. Which is based on the, aap scanner technology, that already know to scan and discover, sensitive, information, and label them, in sharepoint, on-prem, and in on-premise, repositories. And discovers. And, shopping 2013. And 2016. And with that we're leveraging, the same technology. Into, dlp, capabilities. To detect sensitive, information. And to uh, ensure, that, it doesn't overshare, the. Access, for this information. Is indeed controlled. And to ensure. Um, dlp, capabilities. Based on this data, which is not just applying, labels and encryption, to these type of files, so this is something that is coming in private preview, very soon and it's part of the. Microsoft, information, protection, compliance. Preview community. Where we are announcing, such previews, as they are starting. Fantastic. You know um. Sanjay. I'd love to go to you for a, question. Around microsoft. Information, protection. That that's, come up a couple of times so far at ignite. Information, protection. Continues, to change it continues, to evolve. Uh, as we as we think about some of the answers that you gave earlier, on about how. Aip. Has become, mip, we're executing, on the mip vision. What are some of the differences, in microsoft's. Vision. Versus, the vision of some of our competitors. Or some other. Applications. That the customer might need to use. Yeah and i'll keep it um, pretty tight right i mean, i think the big, uh, difference. If you think about it there are two key pain points that we see, customers, are struggling, with. One is. No customer, wants to deal with, 10 solutions. And today, it's very common for customers, to have that patchwork. So we are driven. Uh by the desire, to sort of, be able to give a much more comprehensive, solution so if you see, even our own, effort to provide built-in, labeling. You know luckily, as microsoft. We are able to then. You know build in that production experience, into those core productivity, workloads, right and that really is stretching, every every day we're adding more like every passing month so it's not just office apps m365. Services, now power bi. Um and then the other big pivot that i want to talk about, is being able to bring machine, learning, and, automation.
To Really bear and that's something that we're very focused, on to help customers, really scale. Their data protection, program, and then the third piece is that ability, to unify. And bring all your controls, into one dashboard and make the life of the admins a lot easier. So those are things that motivate, us. Fantastic. Um, as we're entering, into, uh the last minute here, a few things i'd like to, bring to the attention, of the uh. The attendees. There are many sessions, still coming up at ignite, on microsoft, 365. Compliance. Uh, also there are new learning paths. Which have been made available, for insider, risk. Information, protection, governance. As well as discover, respond. Um, the compliance, manager is one of the big announcements, for this year's ignite. If you haven't had the opportunity. To, check it out, um. Check out the the blog entries, as, as well as the new micro site that's been put up on the website. Uh, and. Perhaps, uh use a trial. In your organization. To test out compliance, manager. Uh with that well thank you for attending we'll stay on for a few minutes and answer some questions in the q a log. But enjoy some of the other sessions at ignite.