The Microsoft Purview team and I are thrilled to showcase the latest innovations in Microsoft Purview and Microsoft Fabric, designed to help customers secure, govern, and manage their complex data estates in the AI era. We’re excited to announce the preview of Microsoft Purview Information Protection, which allows for content restriction in Fabric using sensitivity labels, and Microsoft Purview Data Loss Prevention policies for lakehouses. Additionally, we’re highlighting the recent general availability of the Microsoft Purview Data Governance solution.

Customers are asking for a seamless solution that turns data security, governance, and compliance into a team sport to effectively address the converging trends across 1. scale and sophistication of data threats; 2. increasing regulations; 3. ever-expanding data estate; and 4. acceleration of AI adoption within the business.

Microsoft Purview delivers a comprehensive set of solutions that can help your organization secure, govern, and manage data for compliance and regulatory needs, wherever it lives. As we engage with customers at the Fabric Conference this week, we underscore the pivotal role of security and governance in laying the groundwork for responsible analytics. For businesses all over the world, this comprehensive approach balances the need to secure and protect data from cyberthreats with the need to activate data for business insights and AI.

Integrated with Microsoft Fabric

Microsoft Purview and Microsoft Fabric are committed to delivering a rich integrated experience so customers can seamlessly secure and govern their data estate efficiently to help meet regulatory, compliance, and privacy requirements while ensuring high-quality data for data activation. For Fabric customers, this means you can discover, secure, govern, and manage Fabric items from within Microsoft Purview as a single pane of glass across your heterogeneous data estate.

Microsoft Purview helps you seamlessly discover data assets in OneLake, extend the same Microsoft Purview data security sensitivity labels and policies from Microsoft 365 to Fabric items, and curate your Fabric data assets into a single enterprise data catalog along with other data sources like Azure Databricks, Snowflake, and Google Big Query. And this seamless integration doesn’t require any data movement or duplication, helping you reduce data sprawl and silos.

Seamlessly secure your data

Microsoft Purview Data Security capabilities are already loved and leveraged by customers around the world for their Microsoft 365 data, and with today’s announcements, we are extending this value further to Microsoft Fabric customers. These added investments enhance the Microsoft Purview Data Security capabilities already available for Fabric released in March.

Now in preview, Microsoft Purview Information Protection now includes the ability to restrict access to content based on sensitivity labels for Fabric data, which helps you discover, classify, and protect sensitive information, including the ability to apply sensitivity labels. By extending the sensitivity label support to Fabric data, security admins can now use sensitivity labels to manage who has access to Fabric items with certain labels. For example, a security admin could restrict access to data items with a “financial data” sensitivity label to only users in the finance department.

We are also extending support for Microsoft Purview Data Loss Prevention (Purview DLP) policies for your Fabric items. Purview DLP helps an organization protect sensitive data and reduce the risk of data oversharing by letting organizations define and apply policies. With these new integrations, security admins can now apply Purview DLP policies to Fabric data. As an example, a policy can be set to help detect the upload of sensitive data, like social security numbers to a lakehouse in Fabric. If detected, the policy will trigger an automatic audit activity, which can alert the security admin, and can also surface a custom policy tip to data owners to take action and remedy the non-compliance with the policy.

Learn more about Microsoft Purview Data Security integrations in Fabric.

Confidently activate your data

Microsoft Purview’s new data governance experience was made generally available on September 1, 2024. This newly reimagined solution is purpose-built for federated data governance and offers a business-friendly experience, AI-powered experiences for dramatic efficiencies, and all the key ingredients you’d expect, including catalog curation, data quality management, actionable insights, rich user experiences, and integration with third-party data management solutions—helping organizations to confidently activate their data for analytics and AI.

Microsoft Fabric customers can complement the governance capabilities in Fabric for a single-pane-of-glass experience in Microsoft Purview for data catalog curation, data user access, data quality management, health controls, and actionable insights for Fabric items and for data assets across your heterogeneous data environment.

A complete solution for the modern data governance practice

Data Catalog management offers a business-friendly experience and terms, making it easy to logically build a data catalog for your unique business needs while built-in AI serves up recommendations based on your active metadata. Data owners and data stewards can easily participate across data curation and management, responsible data access, and impact analysis—easily combining data assets from the heterogenous data estate (for example: Fabric, Databricks, Snowflake, and Google). Data users can seamlessly and securely request access to data assets for use in insights, analysis, development, and AI.

Data Health management offers a rich experience across data quality capabilities, actionable insights, and health reports, which help organizations to assess and action the quality of their governed data estate—making it easy and efficient to support a strong healthy data governance posture. With complete data quality capabilities, you can apply built-in rules and AI-generated rules that are applied and translate into data quality scores and actions across your data assets, data products, and governance domains, helping you to more effectively manage and improve your data governance posture. Data Health controls enable data stewards and chief data officers to assess the health of their data estate through the lens of industry-recognized standards and controls. While the control rules are established at a global level, execution is delegated to individual governance domains, allowing for the application of broad standards while meeting the specific needs of various groups within the organization.

Purpose-built integration with industry-leading master data management and data modeling solutions extend the value of Microsoft Purview further and help customers maximize their existing data management investments.

• CluedIn brings native master data management and Data Quality functionality to Microsoft Fabric, Microsoft Purview, and the Azure stack. Learn more about CluedIn. 
• Profisee Master Data Management is a complimentary and necessary piece of your data governance strategy. Learn more about Profisee. 
• Semarchy combines master data management, data intelligence, and data integration into a singular application in any environment. Learn more about Semarchy.  
• RELTIO’s AI-powered data unification and management solutions unify data from disparate sources, delivering a single source of truth. Learn more about RELTIO.
• ER/Studio (an Idera company) delivers advanced data modeling and metadata management to help organizations improve their data posture. Learn more about ER/Studio.

The general availability release also delivered new data governance capability not previously available during preview. Some of these new capabilities include: customers can now delete business concepts, more easily manage data access through the data catalog admin settings, view data product access request workflows, browse an enterprise glossary to better understand terms, and apply the Data Quality capabilities to Azure Synapse, Databricks Unity Catalog, Fabric Lakehouse, Google Big Query (preview), and Snowflake. Check out the complete list of new capabilities in Microsoft Purview Data Governance.

Learn more about Microsoft Purview

• Try Microsoft Purview today.
• Watch the webinar The CDO Dilemma.
• Visit the Microsoft Purview website.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Activate your data responsibly in the era of AI with Microsoft Purview appeared first on Microsoft Security Blog.

Microsoft Purview Audit

Discover new capabilities that will transform how you secure your organization's data across clouds, devices, and platforms.

Learn more

New default retention period for activity logs

Starting in October 2023, we began rolling out changes to extend default retention to 180 days from 90 for audit logs generated by Audit (Standard) customers. Audit (Premium) license holders will continue with a default of one year, and the option to extend up to 10 years. Our public roadmaps detail when retention changes will reach your organization, starting with worldwide enterprise customers and quickly followed by our government customers in accordance with our standard service rollout process. This update helps all organizations minimize risk by increasing access to historical audit log activity data that is critical when investigating the impact from a security breach incident or accommodating a litigation event.

New logs for increased security

Every day, Microsoft Purview Audit Logs record and retain the thousands of user and admin activities that take place in Microsoft 365 applications. Authorized administrators can search and access the logs from the Microsoft Purview compliance portal to determine the scope of a compromise and enhance their investigations. Audit (Standard) license holders will be able to access an additional 30 audit logs, shown in the table below over the next several months. To learn more about when the logs will be available in your tenant, please visit the Public roadmap.

Microsoft has worked closely with CISA to identify these critical logs and include them in our Microsoft Purview Audit (Standard) license. Audit (Premium) license holders will continue to get longer default retention, broader access to export data, higher bandwidth API access, and logs enriched by Microsoft’s AI-powered intelligent insights.

Additional enhancements recently released and coming soon

In addition to the retention extension and newly available logs, we also have a number of new enhancements in Purview Audit recently released or coming soon, that will help improve your experience:

• Audit Search Graph API: Programmatically access new async Audit Search experience for improved reliability and search completeness, through Microsoft Graph API. 
• Granular scoping with role-based access controls: Delegate role-based permissions to users or analysts in a granular way and access role-based information with Audit search results.  
• Audit Custom Activities Search: Admins can use the custom search bar to search for several audit log events directly. 
• Customized retention policies (short): Customers with the 10-Year Audit Log Retention add-on for Microsoft Purview Audit (Premium) can create additional customized retention policies (7 days, 30 days, three years, five years, and seven years retention). And customers with the Audit (Premium) SKU will have additional short-term retention policies available (7 days and 30 days).
• Customized retention policies (long): New long-term retention policies for the 10-Year Audit Log Retention add-on for Microsoft Purview Audit (Premium) (three years, five years, and seven years).

We are pleased to share today’s cloud logging update as a continuation of the thoughtful conversations we’ve had with our security experts, customers, and influential authorities like CISA. Please visit the Public roadmap to get the latest information on updates coming to Microsoft Purview Audit. 

Learn more

Learn more about Microsoft Purview Audit or sign up now for a free trial.

Explore data security resources and trends

Gain insights into the latest data security advancements, including expert guidance, best practices, trends, and solutions.

Get started

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X, formerly known as Twitter, (@MSFTSecurity) for the latest news and updates on cybersecurity. 

¹Expanding cloud logging to give customers deeper security visibility, Vasu Jakkal. July 19, 2023.

The post Expanding audit logging and retention within Microsoft Purview for increased security visibility appeared first on Microsoft Security Blog.

As more organizations shift to a hybrid work model, cybersecurity leaders need a way to strengthen and secure growing boundaries. They are struggling now more than ever with a fragmented solution landscape and increased, more sophisticated threats to data security.

A Zero Trust architecture is a critical component to modernizing security programs and ensuring sensitive organizational data and identities are kept safe. Plus, it can help organizations stay in compliance with regulatory standards.

In this blog, we’ll discuss how implementing a Zero Trust framework helps organizations meet compliance and data security requirements, prevent, identify, and secure sensitive business data, and reduce business damage from a breach.

As regulatory and compliance requirements evolve in response to technological transformations, organizations must rapidly modernize their security posture to protect sensitive data and processes. A Zero Trust architecture is a comprehensive security strategy to help you secure your data and prepare your organization for future threats.

Prevent and reduce the impact of internal or external bad actors on business damage from a breach

Applying the Zero Trust principle of “assume breach” helps proactively minimize the impact of security attacks from internal and external bad actors by implementing specific security measures using all available data points and enforcing least privileged access to secure digital environments:

• Data classification and end-to-end encryption.
• Sequence detection and user context to detect critical insider risks.
• Policy configuration to prevent data loss.
• Automated threat detection and response.

Implementing redundant security mechanisms, collecting system telemetry and using it to detect anomalies, and—wherever possible—connecting that insight to automation empowers a business to prevent, respond, and remediate data security incidents efficiently.

Assuming breach involves organizations first determining if they have the right data security strategies and controls in place and if they can measure their breach risk. This also involves understanding both internal and external activity around sensitive data, wherever it lives and throughout its entire lifecycle. A Zero Trust lens can help organizations implement the right protection to detect and remediate modern and evolving cyber risks and vulnerabilities in a timely, preventative measure.

Managing insider risks provides insights into events that could potentially lead to data theft or other exfiltration activities happening inside of your organization. And by configuring dynamic policies with protective actions, you can prevent data from unauthorized use across apps, services, and devices, even in hybrid work environments. Implementing a Zero Trust architecture helps organizations confidently prevent sensitive data loss.

Identifying the business risk of a data breach and the resulting damage to reputations and relationships also reduces the impact of a major incident, such as serious risks to data security structure, financial health, and market reputation. A Zero Trust framework provides the visibility, controls, and redundancy necessary to quickly detect, deter, and defend against data security risks, and to secure sensitive data by proactively detecting and minimizing those risks.

Implementing a Zero Trust architecture ultimately bridges the gap between balancing data security and enabling productivity, without compromising either. Reduce the blast radius of security attacks and use proper access controls to strengthen security posture, which helps to minimize reputational damage, the financial costs of a security breach, cyber insurance premiums, and employee burnout among security teams.

Identify and protect sensitive business data and identities

Figure 1. Through a comprehensive Zero Trust approach, organizations can secure their most precious data and devices and prevent bad internal and external actors from breaching.

Identifying the most critical data and identities is important for a Zero Trust approach. A more robust security posture begins by understanding the organization’s security architecture before integrating controls and signaling across layers to apply and enforce unified policies. The Zero Trust architecture extends throughout the entire digital estate and serves as an integrated, unified security strategy to reduce the complexity and time-consuming aspects of end-to-end security.

Organizations must first gain visibility into what assets—such as identities, endpoints, apps, networks, infrastructure, and data—exist within their organization. Then, assess their current risk and identify which assets should be prioritized and which ones users are interacting with.

Securing sensitive data must involve these key steps:

• Gaining visibility into the existence (across multicloud, on-premises, and hybrid environments) and risks associated with how sensitive data is being used, accessed, and shared through built-in, ready-to-use machine learning models.
• Understanding insider risks by gaining insight into how users are interacting with sensitive data and leveraging sequence detection to understand user intent.
• Preventing data loss by preventing sensitive data from unauthorized use across apps, services, and devices.
• Leveraging dynamic controls to adjust data loss prevention policies to address the most critical data risks.

These steps enable organizations to adopt a comprehensive end-to-end strategy to manage security and apply protection actions—such as encryption, access restrictions, and visual markings—that safeguard your data, even if it leaves the devices, apps, infrastructure, and networks that the organization controls.

When data and sensitive content is understood, classified, and identified, organizations can:

• Inform and enforce policy decisions to block sharing of emails, attachments, or documents that contain sensitive data.
• Encrypt files with sensitivity labels on device endpoints.
• Auto-classify content with sensitivity labels through policy and machine learning.
• Detect sensitive data that travels inside and outside your digital estate and understand user context to better investigate and mitigate risks.

Fine-tuned adaptive access controls, such as requiring multifactor authentication or device security policies, based upon user context, device, location, and session risk information, move the security perimeter to where data lives and encourage strict control over digital identities and identity access. This enables the implementation of security controls within each layer of the security architecture to further segment access.

Policies and real-time signals are required to determine when to allow, block, or limit access, or require additional proofs like multifactor authentication so that organizations can improve boundaryless collaboration without putting their data at risk.

By adopting Zero Trust, organizations understand the context of user activity around sensitive data and can prevent unauthorized use or loss of data. Types of data security that help protect against data breaches and help meet regulatory requirements include:

• Data loss prevention to guard against unauthorized use of sensitive data.
• Encryption to make files unreadable for unauthorized users.
• Information protection to help classify sensitive data found in files and documents.
• Insider risk management to mitigate potentially risky user activity that may result in a data security incident.

Proactively meet regulatory requirements

Microsoft’s Zero Trust security framework can help your organization meet many regulatory and compliance standards by default, including compliance requirements surrounding data, compliance, and law. This involves securing data, including personally identifiable information, financial data, health information, and intellectual property, all of which are at high risk of theft, loss, or exfiltration. Thus, protecting sensitive data is imperative.

While these regulatory standards will differ depending on the organization, they help organizations meet both security and compliance requirements.

Some important regulations include:

• General Data Protection Regulation (GDPR)
• Health Insurance Portability and Accountability Act (HIPAA)
• California Consumer Privacy Act (CCPA)

Adopting a Zero Trust architecture can also help you exceed standards and requirements, which enhances proactive, preventative security protection and enables:

• A deeper, more consistent integration across all security pillars, which will simplify unified policy enforcement.
• Increased empowerment across all security teams, allowing for protection against more sophisticated and serious security attacks.
• A more efficient management of organizational security posture management through the simplification of configuring and managing various policies and improving on old security practices.
• Enhanced security to protect against IT skills shortages and staff capacity, ultimately breaking down the silos between security pillars and enabling organizations of different sizes and industries to adopt Zero Trust more easily.
• Cross-platform and cross-cloud security protection to enable visibility across all workflows and integrate with Microsoft Azure platforms.

A Zero Trust model helps with understanding the policies needed to comply with governance requirements. It enables continuous assessments—from taking inventory of data risks to implementing controls and staying current with regulations and certifications.

Zero Trust journey: How to get started

Organizations can get started by determining their place in the Zero Trust journey:

• Getting started (first stage): Using strong authentication methods such as multifactor authentication and single sign-on access to cloud apps.
• Advanced (significant progress): Using real-time insider risk analytics and proactively finding and fixing security issues to reduce threats.
• Optimal (most mature stage): Using automated threat detection and response across all security pillars to speed up threat detection and prevention.

Embrace Zero Trust security

Adopting an end-to-end Zero Trust strategy is a critical step your organization can take to modernize your security posture and exceed required regulatory and compliance standards. To learn more about implementing Zero Trust with Microsoft:

• Get started with our Zero Trust assessment tool.
• 5 reasons to adopt a Zero Trust security strategy for your business.
• Securely work from anywhere.
• Safeguard your most critical assets.
• Meet regulatory and compliance requirements.
• Minimize the impact of internal or external bad actors.
• Rapidly modernize your security posture.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Cost of a Data Breach Report 2022, IBM. 2022.

²Building a Holistic Insider Risk Management Program, Microsoft. 2022.

The post Stay compliant and protect sensitive data with Zero Trust security appeared first on Microsoft Security Blog.

To help our customers navigate this complex data landscape, we are focused on delivering secure, intelligent, and user-centric solutions that provide visibility, reduce complexity, and mitigate risk. Over the past few years, we significantly increased our investment in building our Microsoft Purview data security capabilities across our information protection, data loss prevention (DLP), and insider risk management solutions, as well as our privacy solution: Microsoft Priva. A few recent capabilities are advanced ready-to-use machine learning-enabled classifiers, Adaptive Protection, a DLP migration assistant tool (on-premises DLP to cloud-native DLP), and right to be forgotten for Microsoft Priva Subject Rights Requests.

I am delighted to announce that Forrester listed Microsoft as a Leader in its  2023 Wave™ for Data Security Platforms. The Forrester Wave™ report evaluates the data security platform market and provides a detailed overview of the current offering, strategy, and market presence of these vendors. Microsoft received the highest possible score in the current offering category for data classification, data threat and risk visibility, data masking or redaction, encryption, rights management, privacy use cases, and integrations for Zero Trust criteria; and in the strategy category for the product vision, execution roadmap, and community engagement criteria.  

We believe our investments in advanced classification technology, data threats and risk visibility, rights management, and privacy resulted in this recognition.

The Forrester report also acknowledges: “Microsoft shines with its ecosystem approach—if you go all in,” wrote Heidi Shey, Forrester Principal Analyst, in the report. “Microsoft Purview brings together capabilities to 1. understand and govern data; 2. safeguard data; and 3. improve risk and compliance posture. But Microsoft’s security capabilities go beyond Microsoft Purview. By design, the entire Microsoft ecosystem working together multiplies its value via telemetry from across the environment.” She added, “The power of Microsoft’s telemetry is evident in its capabilities for identifying data threats and risk visibility. These offer strong controls for data masking, encryption, and rights management.”

Our work isn’t stopping there, however. We continue to work closely with our customers to gather feedback to help us build better products. Your input provides critical insights as we strive to create solutions to help you on your data security journey.

Learn more

Read this complimentary copy of The Forrester Wave™: Data Security Platforms, Q1 2023 for the analysis behind Microsoft’s position as a Leader.

Read more about Microsoft’s recognition as a leader in cloud security, email security, security analytics, and more:

• Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report.
• Forrester names Microsoft a Leader in Q4 2022 Security Analytics Platforms Wave report
• Microsoft achieves a Leader placement in Forrester Wave for XDR, Q4 2021.
• Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021.
• Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave.
• Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Cost of a Data Breach Report 2022, IBM. 2022.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

The post Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023 appeared first on Microsoft Security Blog.

Forward-thinking organizations are seeking to future-proof their DLP strategy with a comprehensive solution that scales across all applications, services, endpoints, and platforms. To help those that may be considering a DLP migration, Microsoft spoke to more than 300 data and compliance professionals to create the white paper “Data Loss Prevention: From on-premises to cloud.” We’ve presented some of the study’s highlights here, including common DLP states in use, challenges in migrating to a new DLP solution, best practices, and the benefits of adopting a cloud-native DLP solution.

“Data is not confined in a certain area. In today’s environment, it’s everywhere: someone else’s phone, tablet, data center, or software as a service application—because of that, you definitely see a lot more breaches happening.”

—Vice President, Information Security Officer, Financial Services

The stages of DLP deployment

We can define DLP as the people, processes, and technology that ensure data is not lost, misused, or accessed by unauthorized users. Our research revealed that 70 percent of companies see their DLP solution as a focal point of their overall data protection strategy. For that reason, a good DLP solution uses a holistic approach to protect the organization’s data assets, aid regulatory compliance, and prevent data leakage by monitoring all endpoints, apps, services, and the cloud—anywhere data is stored or shared. Most respondents said their ideal solution would be cloud-native DLP, which could provide scalability and flexibility, balancing protection and productivity.

An organization’s DLP can exist in five different stages with regard to deployment, starting from 100 percent on-premises (obsolete) and moving to 100 percent cloud-native (ideal). For this study, we focused on the three stages in the middle that involve some level of cloud deployment.

1. On-premises—anchored: In this stage, an organization’s DLP is roughly 40 percent cloud and 60 percent on-premises. These organizations often have concerns about cloud migration, whether because of misconceptions or real difficulties related to migrating a larger amount of on-premises data. They tend to be highly focused on maintaining their current infrastructure and managing device agents through on-premises DLP solutions. This stage is the costliest in terms of staff hours and infrastructure required. Organizations at this stage also report the lowest level of perceived success and confidence in their current DLP program.
2. Hybrid: Looking to push their program forward, these organizations currently have amostly equal split between on-premises and cloud DLP. They see their biggest challenges around custom integrations and tend to evaluate new DLP solutions annually, seeking improvements in scalability, flexibility, and accuracy. They expend a lot of effort stitching together and managing multiple DLP solutions to support their hybrid data environments.
3. Cloud-focused: These organizations are farthest along in their migration plans—60 percent cloud and 40 percent on-premises—and have the highest level of confidence and perceived success in their DLP program. Their goal is to improve visibility into their data, and they tend to evaluate new DLP solutions at a slower rate (every two to three years). They also experience fewer challenges with their current DLP programs and have a clearer understanding of their data. Their main challenge lies in ensuring that employees are following DLP policies for handling sensitive data.

Overall, the study found that organizations in on-premises-anchored states are experiencing the most discomfort. Hybrid organizations report feeling like they’re in a holding pattern, spending time and effort maintaining complex integrations and multiple DLP solutions across data environments. Fifty-nine percent of organizations with a hybrid DLP configuration report a desire to move to a cloud DLP solution.

The goal—cloud-native DLP: Beyond the cloud-focused stage, this is the desired destination. At this point, an organization’s DLP solution is fully cloud-native and the firm can benefit from scalable, holistic data protection across applications, services, endpoints, and platforms—all without hindering productivity or adding staff.

“It doesn’t make sense to maintain two or three different solutions because then you have to keep them updated, you have to make sure that there’s not a whole lot of difference between one, two, and three. So, you want to create the benefits and the economic savings of standardization. That’s why consolidation is critical.”

—Director, Technology Services

Benefits of leveraging a cloud-native DLP solution

In migrating your DLP solution, there are two options: a cloud-based or a cloud-native DLP solution. Both types will require the recreation of legacy policies, so how can you decide which solution better suits your organization?

• Cloud-based: This type of DLP solution integrates with your existing cloud and on-premises environments but isn’t natively built in the cloud environment or productivity suite. Therefore, it relies on installing and updating agents and custom integrations. Many cloud-based DLP solutions start on-premises and evolve into the cloud.
• Cloud-native: These DLP solutions are built in the cloud from the start. Meaning, this type of data protection already exists in a scalable, holistic environment. Cloud-native DLP is built into the cloud environment and productivity suite by the cloud and collaboration tools provider.

Organizations that use a cloud DLP solution were twice as likely to say that cloud-native DLP solutions are easier to scale and provide a better balance of data protection and productivity. A cloud-native solution can also help reduce costs by eliminating the need for agents, infrastructure, or custom integrations while replacing inefficient silos and patchwork solutions that can create vulnerabilities. Organizations may also see improved performance because the data has to make fewer hops, enabling greater productivity.

As a cloud-native DLP solution, Microsoft Purview Data Loss Prevention provides all of the above benefits, with the added power of Adaptive Protection to help apply DLP policies dynamically based on users’ risk levels. By leveraging machine learning in Microsoft Purview Insider Risk Management, Adaptive Protection can understand how users are interacting with data, assign risk levels, and automatically tailor DLP controls. This enables DLP policies to become dynamic, ensuring that the strictest policies—such as blocking data sharing—are applied only to high-risk users. Microsoft Purview Data Loss Prevention does all this automatically wherever data is accessed or shared, so you can protect more data (with less).

Key challenges of migrating to a DLP solution

To better understand the barriers keeping companies from moving to cloud-native DLP, the study looked at the on-premises-anchored respondents, who are nearly twice as likely to cite apprehension about the unknown as a barrier to migration. We found five common themes reported as challenges preventing their DLP cloud migration:

1. Dealing with the unknown: Reasons for being apprehensive about a cloud migration broke down predictably across roles. C-suite executives worried about the cost of a DLP migration, while IT administrators reported feeling uneasy about the perceived time and resources required. IT managers were uncertain about the unknowns of a new DLP solution, which potentially makes them hesitant to promote a cloud-based DLP solution when the one they’ve been using is still working (even if performance is unsatisfactory).
2. Funding the DLP migration: Nearly 60 percent of organizations surveyed reported cost as a top barrier to migration. With organizations in the on-premises–anchored category, the figure rose to 70 percent. It’s appropriate for a business to consider costs first; however, upfront migration costs are often mitigated by reduced infrastructure and maintenance costs down the road. And with fewer IT professionals required to protect data, those resources can be leveraged elsewhere.
3. Complexity of the problem: According to the study, on-premises-anchored organizations experience the highest levels of discomfort around DLP migration, with 73 percent naming it a top concern. Likewise, half of hybrid and cloud-focused companies who’ve gone through some of the migration process also stressed the high impact of data transformation. Nearly 50 percent of all organizations report that the challenge of re-engineering and recreating policies is preventing them from taking the next step.
4. Balancing protection and productivity: Nearly half (48 percent) of on-premises-anchored organizations say DLP gets in the way of productivity, whereas cloud-focused companies show the least concern about productivity impacts. On-premises–anchored organizations are also more likely (58 percent) than hybrid or cloud-focused companies to run their DLP solutions in audit-only mode, due to the perceived impact that blocking mode may have on productivity. However, because of access to more granular controls, cloud-focused organizations have greater control over where data exfiltration is likely to happen—striking the right balance.
5. Education of employees and administrators: On-premises-anchored companies face more challenges in educating employees on optimal data-handling practices, as well as educating administrators on better policy design. Cloud-focused and hybrid groups reported fewer challenges around education, viewing it as an important part of a holistic data-protection strategy. By prioritizing education, organizations can decrease data exfiltration risks and free up administrators to focus on other high-priority issues.

In an encouraging finding, respondents who’ve had experience migrating to a cloud-native solution report that the journey is not as difficult as others might imagine. Cloud-focused organizations were 46 percent less likely to say it’s risky to switch solutions. For the same firms, 60 percent were less likely to worry about losing control of their DLP program after migrating. They’re also 35 percent less likely to view recreating policies from their legacy DLP solutions as a major concern. In other words, migrating your DLP to a cloud-native solution isn’t as scary as it might seem.

Four best practices for migrating your DLP solution to the cloud

Moving to the cloud helps your organization future-proof its DLP solution, protecting your data across endpoints, clouds, and platforms with speed and scalability that on-premises solutions can’t match. By following a few guiding principles, your organization can achieve an effective DLP program that builds confidence and drives success.

1. Use a cloud-native DLP with a holistic approach: A robust DLP strategy emphasizes people, processes, and education in addition to technology. Look for a solution partner that offers integrations with other key elements of a holistic data-protection strategy, like the ability to classify and label data and address insider risks. Prioritize solutions that offer a trial period; this helps alleviate anxiety and convince reluctant stakeholders that a successful migration is within reach.
2. Recognize your apprehension so you can overcome it: Identify organizational challenges, then weigh those against the many benefits of migration, such as scalability and cost savings. Don’t let exaggerated worries hold your organization back from creating the efficient DLP solution it needs to maintain growth and respond to a changing data landscape.
3. Ensure security without compromising productivity: Striking the right balance between data protection and productivity is essential. Getting there requires a solution that allows for granular policy configuration, helping admins fine-tune policies to fit the way your organization accesses, shares, and stores data.
4.  Choose the right solution provider and take advantage of migration tools: A good solution provider understands the challenges of migration and offers tools that automatically convert policies from legacy solutions. This reduces manual work and helps reduce anxiety among stakeholders. A provider that offers documentation and support adds greater value.

For a small number of organizations, industry regulations, compliance, or budget constraints may prevent them from fully migrating to the cloud. However, our study concludes that the cloud-native state provides the ideal DLP approach for a majority of companies, with migration from the other stages as an inevitable progression.

Migrate to a cloud-native DLP solution—Microsoft is here to help

To learn more about migrating your DLP solution, make sure to download the complete study, Data Loss Prevention: From on-premises to cloud, containing 44 pages of valuable insights gathered from more than 300 DLP and compliance professionals. For an in-depth example of DLP migration complete with screenshots, check out this special how-to blog written by my colleague, Shilpa Bothra, Senior Product Marketing Manager for Microsoft Purview Data Loss Prevention: Easily migrate your Symantec DLP policies to Microsoft Purview Data Loss Prevention. And don’t forget to join us for the inaugural Microsoft Secure, March 28, 2023, where you can learn the latest cloud defense insights and be among the first to see the AI-powered future of cybersecurity.

Learn more about Microsoft Purview Data Loss Prevention.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Gain flexibility and scale with a cloud-native DLP solution appeared first on Microsoft Security Blog.

At this year’s Microsoft Ignite event, I co-hosted a special presentation on how your security and compliance teams can better manage risk, govern your data (wherever it resides), and maintain compliance. We also shared new product updates and insights to help your team get the most from your Microsoft security investments, as well as announced an exciting new capability that integrates Microsoft Purview natively within Adobe Acrobat. This type of extensible, multicloud, and multiplatform protection allows you to get more from the tools you already have. In this blog post, we’ll look at some of those scenarios where Microsoft Purview and Priva can help simplify data governance across your enterprise today.

New Adobe and Microsoft Purview integration delivers seamless security

Microsoft Purview’s mission is to help customers protect their entire data estate: that includes non-Microsoft environments as well. At this year’s Ignite presentation, we demonstrated a new capability that integrates Microsoft Purview Information Protection natively within the desktop version of Adobe Acrobat—accessible directly from the Protect tool. That means users now have the ability to apply and edit information-protection labels and policies directly to PDF documents. This integration brings the same classification, labeling, and protection already available in Microsoft Office file formats to PDF.

Over the next few months, we’ll continue to add new features that enhance support for PDFs in Acrobat add-ins, as well as for Acrobat Export PDF and mobile versions.

Streamlining data protection

Data is the lifeblood of your organization. It provides crucial insights that give your business a competitive advantage and empowers your employees to do more. For that reason, it’s critical to protect your data at every stage—from creation to storage—both from external threats and internal risks. That requires creating a layered defense strategy.

The first layer of defense: Discover and understand the sensitive data within your organization. You need to know where your data is, who’s accessing it, how it’s being shared and stored, and where it’s traveling. Considering that data storage is forecast to increase at a compound annual growth rate of 19.2 percent from 2020 to 2025, gaining complete visibility over your data estate is crucial.¹ At this first line of defense, Microsoft Purview Information Protection helps you classify and label your data across your entire data estate, both on-premises and in multicloud environments. By providing a single pane of glass to track and manage your data, Microsoft Purview helps to improve your team’s efficiency while tightening data protection.

Recent updates for Microsoft Purview Information Protection:

• Improvements in built-in features for Office that enhance visibility and encourage user adoption of sensitivity labels (such as the sensitivity label bar in Microsoft Word, Excel, PowerPoint, and Outlook; also, PDFs created in Office now inherit the source file’s sensitivity, encryption, and content marks).
• General availability: Co-authoring on documents protected with Microsoft Purview Information Protection is now generally available for Word, Excel, PowerPoint, and Office Mobile applications on Android and iOS devices.
• Preview: 42 new credentials for sensitive information that enable organizations to detect a wide range of digital authentication types (also known as “secrets”), such as user credentials, default passwords, and API and token access keys for Microsoft Azure, Amazon Web Services (AWS), and Google cloud resources.
• Preview: Server-side auto-labeling support for more than 24 new pre-trained, out-of-the-box classifiers that can be used to quickly discover and auto-classify more than 100 types of sensitive content in categories such as intellectual property (IP) and trade secrets, healthcare, operations, financial information, and HR-related information.

Lowering insider risk

Data breaches arising from insider actions are estimated to cost businesses an average of USD7.5 million annually. For that reason, it’s important to understand all data access and usage patterns within your organization. What does normal activity look like? Which types of activity should be flagged as risky? Understanding internal data usage can help protect against compliance violations and worse, including IP theft, insider trading, confidentiality violations, and other damaging outcomes.

The second layer of defense: Manage data security risks within your organization. Working in tandem with a holistic approach to managing internal risk, Microsoft Purview Insider Risk Management identifies potential risks and enables security teams to quickly take action. By bringing together the right people, processes, training, and tools, organizations that approach insider risk holistically are more likely to emphasize user privacy, foster collaboration, and use positive deterrents such as training and feedback loops as part of their data-protection strategy. The one-click analytics report allows you to generate aggregated, de-identified insights on risky activity over the past 48 hours—before you’ve even set up your first policy. Insights include the percentage of users who have performed exfiltration activities, such as downloading sensitive data, with an additional breakdown by activity type. To learn more about potential risks within your own organization, view the new Microsoft insider risk report.

All names in insider risk alerts are pseudonymized by default. This helps your data security team take a privacy-first approach. By clicking on a specific alert, you’ll be able to see a summary of all of the risk factors. Sequencing allows you to correlate across activities that involve the same files. This correlation can help your security team understand the possible intent behind the activities so you can reduce time to action. For example, you might see that just before a user submitted their resignation, they downloaded and exfiltrated confidential files, then deleted the files from their device to cover their tracks. Understanding this sequence of activities helps your security team decide when and how to take action.

Using sequences as triggers for your policies improves the signal quality of your alerts and focuses policy detection on users who have performed multiple-stage sequences. Priority Content Only Scoring, configurable in the policy wizard, empowers your team to focus policy detection on the most sensitive content. All of these insights help you better understand potential risks, so you can set up policies that meet the unique needs of your organization. With this information, analysts in your organization can take appropriate actions to help make sure users remain in compliance.

Recent updates for Microsoft Purview Insider Risk Management:

• Preview: Enhancements to triage and detection capabilities, including new abilities to customize a security trigger in the “data leaks” policy to surface when a user performs a sequence, to create policies with sequences without any other required underlying policy indicator selections, and fine-tune security policies directly from the alert review experience.
• Preview: Information type and trainable classifier exclusions, which means that actions related to file activities on the endpoint, SharePoint, Microsoft Teams, OneDrive, or Exchange will not generate alerts if the excluded sensitive information type or trainable classifier is matched with the content of the activity performed by the user.
• Preview: Ability to prioritize alerts for potential high-impact users with new risk booster score capabilities. Alerts for users found to have a potentially higher impact will have a higher priority alert in the dashboard, based on the frequency of accessing higher sensitivity content, like sensitive information types, labels, or priority content, compared with others in the organization, and if they are a leader in the organization based on Microsoft Azure Active Directory (Azure AD) configurations.

Protecting against data loss

The third layer of defense: Incorporate an integrated, in-depth approach to prevent data loss or unauthorized use. Among business leaders who responded to a 2021 survey, 62 percent felt that their companies should do more to protect customer data.² Microsoft Purview Data Loss Prevention (DLP) provides a balance between protection and productivity, ensuring the proper access controls are in place and policies are set to prevent actions such as improperly saving, storing, or printing sensitive data.  

Recent updates for Microsoft Purview Data Loss Prevention:

• Preview: Ability to create groups of printers, removable storage, network share path, and sensitive sites, as well as assign different restrictive actions to each group. As an example, you will be able to block the printing of sensitive information on all printer groups and allow printing on your corporate printers.  
• Preview: Ability to configure complex policy rules using “AND/OR/NOT” associations and create nested groups. 
• Preview: Visibility into contextual evidence, including sensitive content, surrounding characters, and other metadata on a DLP policy match on endpoint devices.
• Preview: Improvements in the speed of detecting and classifying sensitive content shared on Teams chat and channel messages to enforce DLP policies. 
• General availability: Ability to detect the presence of password-protected files on endpoint devices and configure specific restrictions for these files. 

These three components—Information Protection, Insider Risk Management, and Data Loss Prevention—form an integrated, holistic data-protection strategy that helps keep your organization’s data safe, wherever it lives.

Automating privacy

As more countries enact modern General Data Protection Regulation (GDPR) type regulations, consumers are demanding better controls over their data. This has spurred more organizations to move from a compliance-driven approach to privacy toward a more human-centric one. Toward that goal, Microsoft Priva currently offers two products to help manage privacy:

Privacy Risk Management helps organizations identify personal data and critical privacy risks and empowers employees to make smart data-handling decisions. With Priva, admins can configure a data minimization policy—automatically triggering an email to the data owner—so the person can review and delete unused files right from their Outlook inbox.

Subject Rights Requests help organizations manage requests at scale and respond with confidence. With the new pre-configured templates, admins can quickly create a data export request for a former employee. Once the data is collected, Priva can automatically detect files containing co-mingled personal data or confidential information; then admins can review and redact the data to avoid leakage. With the latest update, admins can now import files outside of Microsoft 365 to leverage this powerful review experience. Learn more about these new updates in this Priva Tech Community post.

Additional product updates

We’re also adding new features and capabilities within other product areas in our Microsoft Purview portfolio. These new features and enhancements will benefit your organization through granular eDiscovery, comprehensive audit controls, more effective data lifecycle management, and easier compliance.

Enhanced eDiscovery for the cloud

• Helping organizations meet their regulatory obligations for discovery, Microsoft Purview eDiscovery (Premium) now supports the ability to discover the exact version of a needed document, even when originally shared as a cloud attachment. This feature is currently available in preview.
• Drive efficiency across eDiscovery processes with improved usability and workflows. To learn more, read the eDiscovery blog post.

New search experience and security controls for Microsoft Purview Audit

• Improved search experience for Microsoft Purview Audit is now generally available and provides the following key improvements:
  • Search jobs continue to run, even if you close the browser.
  • Completed search jobs are now stored for 30 days, giving organizations the ability to reference and re-use historical audit searches.
  • Export up to half a million records in each search.
  • Each Purview Audit user can perform up to 10 concurrent search jobs at the same time.
• Given the sensitivity of Audit log data, many organizations want to add additional layers of protection to their data. Customer Key, coming soon to preview, allows organizations to use their own data encryption keys, giving them complete control over access to their data. To learn more, read the Advanced Audit blog post.

Microsoft Graph APIs and Power Automate workflows for Data Lifecycle Management

Microsoft Purview Data Lifecycle Management helps organizations manage the lifecycle of data. You can automatically retain, delete, and store data and records in a compliant manner. This solution delivers on our vision to protect and govern data wherever it lives. We have four exciting releases to tell you about:

• Power Automate integration helps you to customize lifecycle management workflows to meet your organization’s unique requirements. Now in preview. To learn more, read the Data Lifecycle Management blog.
• The ability to apply retention labels to files in Microsoft Teams enables users to apply retention and deletion settings where they do their work—in the Files tab of a Teams channel. Now generally available.
• Our new feature to find and retain cloud attachments helps admins undertaking investigations, as well as helping to meet financial services industry regulations. This feature keeps and associates the version of a file shared in a Teams message or email for later retrieval through eDiscovery (Premium). Now in preview.
• Microsoft Graph APIs for Records Management help organizations create new retention labels and manage event-based retention (now in beta). This release is our first round of APIs, with more coming in 2023.

Enhanced compliance and data residency

Microsoft Purview Compliance Manager helps organizations simplify compliance and reduce risk. It translates complex regulatory requirements into specific controls, allowing organizations to constantly assess, monitor, and improve their compliance posture—all while saving time and money. So, what’s new in Compliance Manager?

• New templates: Easily translate more than 350 regulations into tangible actions for your organization to improve its compliance posture.
• Continuous assessments: Last year we announced the ability to eliminate blind spots by adding continuous testing for technical controls. Today, we’re excited to share that we’ve added Microsoft Priva and App Governance as our newest first-party solutions.

More to come

I’d be remiss to not talk to you about some of the exciting capabilities we have coming up. For Microsoft Purview, you will start to see integrations across Microsoft 365 and Microsoft Azure to help increase the visibility of your data and easily automate data classification. For Microsoft Priva, you’ll soon see more multicloud privacy management capabilities that help you automate privacy controls and strengthen your privacy program. To learn more about potential risks within your own organization, read the new Microsoft insider risk report. Also, be sure to read Microsoft Security Corporate Vice President of Compliance, Identity, and Management Vasu Jakkal’s blog with highlights from her keynote address and insights into her vision for the Microsoft Security family of products and beyond.

Learn more

Learn more about Microsoft Purview and Microsoft Priva.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹Volume of data/information created, captured, copied, and consumed worldwide from 2010 to 2020, with forecasts from 2021 to 2025, Statista. September 8, 2022.

²Data privacy is a growing concern for more consumers, Lance Whitney. August 17, 2021.

The post How Microsoft Purview and Priva help simplify data protection appeared first on Microsoft Security Blog.

The Secure Collaboration Market Compass report covers solutions that protect sensitive data, which includes intellectual property or information restricted to certain audiences (such as trade secrets, some legal contracts, agreements, and financial statements), along with personally identifiable information (PII) and health information for regulatory standards such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Health Insurance Portability and Accountability Act (HIPAA). As companies shift towards remote hybrid work, protecting sensitive data that is continuously created and shared among employees, contractors, partners, and suppliers—while not impeding worker productivity—is becoming increasingly important. Enterprises today face the challenge of classifying large volumes of data, especially personal data, which is required by privacy regulations and laws worldwide.

At Microsoft, our goal is to provide a built-in, intelligent, unified, and extensible solution to protect sensitive data across your digital estate—in Microsoft 365 cloud services, on-premises, third-party software as a service (SaaS) applications, and more. With Microsoft Purview Information Protection, we are building a unified set of capabilities for classification, labeling, and protection, not only in Microsoft Office apps but also in other popular productivity services where the information resides (such as SharePoint Online, Exchange Online, and Microsoft Teams), as well as endpoint devices.

“Microsoft Purview Information Protection provides a sophisticated classification system that can apply labeling to a document based on the creator, the context in which it was created, and/or the content within the document. The functionality is natively embedded into Office services and apps, and third-party applications via the information protection SDK. Sensitive information is discovered and labeled with out-of-the-box, custom, and machine learning (trainable) functionality,” Annie Bailey, KuppingerCole analyst, writes in the report. “Information such as credit card, social security number (SSN), person names, licenses, and business categories like healthcare or financial can be classified out-of-the-box. Custom fields include RegEx, Dictionary, Fingerprint, Named entities detection (e.g., person name, address, medical terms), Exact Data Match, and credentials.”

We are also pleased that KuppingerCole recognizes the breadth and depth of our Microsoft Purview Information Protection platform and called out these strengths:

•  Double Key Encryption provides additional security and governance control.
•  Built into frequently used enterprise applications.
•  Simulations to test policy effectiveness.
•  Interoperates with Microsoft and third-party event logs.
•  Automated and manual classification options.
•  Coverage of structured and unstructured data in the Microsoft environment.
•  Data loss prevention functionality in Teams chat.
•  Option for no configuration, default classification.

We have made significant investments in our Microsoft Purview solutions (such as Data Loss Prevention, Compliance Manager, Data Lifecycle Management, Insider Risk Management, and eDiscovery) and Microsoft Priva privacy solution that leverage our advanced classifiers, unified labeling and protection, sensitive information types, and policy authoring templates provided by our Microsoft Purview Information Protection platform.

More than 200 partners are part of our Microsoft Intelligent Security Association (MISA). Partners can leverage our labeling features through our Information Protection SDK, data connectors, and Graph APIs to provide integrations with Microsoft applications and services, security and compliance solutions, and their own products.

We are honored to have been designated as “Outstanding in Functionality” by KuppingerCole and rated the highest possible score of “Strong Positive” in five different categories.

Learn more

We invite you to read the full KuppingerCole Secure Collaboration report. For more information on our Microsoft Purview solutions, please visit our website. Visit the Microsoft Purview Information Protection platform page to learn more about how to protect your data wherever it lives.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration appeared first on Microsoft Security Blog.

The Microsoft Compliance suite offers an integrated set of solutions to address the information risk and archiving challenges our customers face. We introduced multiple innovations over the past few years:

• Seamless risk management. Risk management is no longer a siloed activity. An EIA solution needs to work seamlessly with security, compliance, and productivity solutions. Our Microsoft 365 Advanced eDiscovery solution, for example, can automatically collect linked content with the original message in Microsoft Teams, Yammer, and Outlook.
• Leveraging machine learning to manage data at scale. With the large volume of data created every day, it is impossible to manually manage an organization’s content. It is easiest to manage data at scale with machine learning integrated throughout business processes, rather than as a separate add-on. For example, our trainable classifiers categorize content for retention, deletion, and protection policies.
• New data types and multi-cloud compliance. The rise of text messages, asynchronous communication, and other communication modes creates a variety of formats to manage risk and compliance. This year Microsoft introduced 65 plus new connectors built by Microsoft and partners. Customers can leverage their investments in Microsoft 365 Compliance to manage imported data alongside their Microsoft 365 data.

We are honored that Gartner has listed Microsoft as a Leader in its 2022 Magic Quadrant™ for Enterprise Information Archiving in recognition of our ability to execute and completeness of vision. This is the fourth consecutive year that Gartner recognized Microsoft as a Leader in this critical space. Additionally, Microsoft placed highest in the ‘ability to execute.’ Read the full report.

According to Gartner, “Leaders have the highest combined measures of ability to execute and completeness of vision. They may have the most comprehensive and scalable products. They have a proven track record of financial performance and an established market presence. In terms of vision, they are perceived to be thought leaders, with well-articulated plans for ease of use, product breadth, and how to address scalability. For vendors to have long-term success, they must plan to address the expanded market requirements for EIA, including support for multiple content types; support for the cloud; solid, relevant e-discovery functionality; and a seamless user experience.”

To us, this recognition would not be possible without the close partnership with our customers that provides critical insights for our solutions. We look forward to continuing this partnership and product innovation.

Learn more

We invite you to read to full Gartner® 2022 Magic Quadrant™ for Enterprise Information Archiving report.

For more details about our enterprise information archiving solution, please visit our website or view our Microsoft 365 for business subscription.

Microsoft continues to be a Leader in four additional Gartner Magic Quadrant reports in the broader security space:

• Gartner Magic Quadrant for Access Management
• Gartner Magic Quadrant for Unified Endpoint Management Tools
• Gartner Magic Quadrant for Cloud Access Security Brokers
• Gartner Magic Quadrant for Endpoint Protection Platforms

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER and Magic Quadrant are registered trademarks and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Gartner, Magic Quadrant for Enterprise Information Archiving, by Michael Hoeck, Jeff Vogel, Chandra Mukhyala. 24 January 2022.

The post Gartner® names Microsoft a Leader in the 2022 Magic Quadrant™ for Enterprise Information Archiving appeared first on Microsoft Security Blog.

Over the past few years, we significantly increased our investment in building risk management and compliance solutions, inclusive of information protection and data loss prevention (DLP). We delivered new solutions, such as Microsoft Information Protection, Endpoint DLP, and product features, including trainable classifiers, the “know your data” dashboard, and enhanced sensitive information types, to name a few. Additionally, we invested in extending the Microsoft Information Protection ecosystem with continued innovation via our SDK. Over 200 partners now extend our protection capabilities to various customer use cases.

In recognition of these investments, I am delighted to announce that Forrester listed Microsoft as a Leader in its 2021 Wave for Unstructured Data Security Platforms, receiving the highest score in the strategy category. The Forrester Wave report evaluates the data security platform market and provides a detailed overview of the current offering, strategy, and market presence of these vendors. Microsoft received the highest possible score in inspection, security and risk, APIs and integrations, data security platform vision, data security execution roadmap, market approach, performance, planned enhancements, Zero Trust enabling partner ecosystem, and diversity, equity, and inclusion criteria.

For us, this recognition reinforces our leadership in innovative data security and compliance solutions. We continue to work closely with our customers to gather feedback to help us build better products. Your input provides critical insights as we strive to create solutions to help you on your journey in managing information, compliance, and risk.

Learn more

Read this complimentary copy of The Forrester Wave™: Unstructured Data Security Platforms, Q2 2021 for the analysis behind Microsoft’s position as a Leader.

Read more about Microsoft’s recognition as a leader in cloud security, email security, security analytics, and more in these blogs:

• Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021
• Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave
• Azure Sentinel achieves a Leader placement in Forrester Wave, with top ranking in Strategy
• Forrester names Microsoft a Leader in 2020 Enterprise Detection and Response Wave
• Five Vendors Lead In Our Second Forrester Wave™ Evaluation On Unified Endpoint Management

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

The post Microsoft recognized as a Leader in The Forrester Wave™: Unstructured Data Security Platforms, Q2 2021 appeared first on Microsoft Security Blog.

According to Gartner, “Leaders have the highest combined measures of Ability to Execute and Completeness of Vision. They may have the most comprehensive and scalable products. In terms of vision, they are perceived to be thought leaders, with well-articulated plans for ease of use, product breadth and how to address scalability.” We believe this recognition represents our ability to provide best-in-class protection and deliver on innovations that keep pace with today’s compliance needs.

This recognition comes at a great point in our product journey. We are continuing to invest in solutions that are integrated into Office 365 and address information protection and information governance needs of customers. Earlier this month, at our Ignite 2019 conference, we announced updates to our compliance portfolio including new data connectors, machine learning powered governance, retention, discovery and supervision – and innovative capabilities such as threading Microsoft Teams or Yammer messages into conversations, allowing you to efficiently review and export complete dialogues with context, not just individual messages. In customer conversations, many of them say these are the types of advancements that are helping them be more efficient with their compliance requirements, without impacting end-user productivity.

Learn more

Read the complimentary report for the analysis behind Microsoft’s position as a Leader.

For more information about our Information Archiving solution, visit our website and stay up to date with our blog.

Gartner Magic Quadrant for Enterprise Information Archiving, Julian Tirsu, Michael Hoeck, 20 November 2019.

*This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.

Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.

The post Gartner Names Microsoft a Leader in the 2019 Enterprise Information Archiving (EIA) Magic Quadrant appeared first on Microsoft Security Blog.