{"id":92887,"date":"2021-03-02T06:00:11","date_gmt":"2021-03-02T14:00:11","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=92887"},"modified":"2023-05-15T23:09:15","modified_gmt":"2023-05-16T06:09:15","slug":"securing-and-governing-data-in-a-new-hybrid-work-reality","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2021\/03\/02\/securing-and-governing-data-in-a-new-hybrid-work-reality\/","title":{"rendered":"Securing and governing data in a new hybrid work reality"},"content":{"rendered":"

The past year has led to an evolution in not only how we think about work, but more importantly, where work gets done. Arguably, gone are the days that your organization\u2019s data is limited to the protected confines of your corporate network as your people continue to work remotely, return in some capacity to the office, or even adopt some hybrid of the two. With your people working across networks, devices, clouds, and apps, how do you ensure your data remains not only secure but compliant?<\/p>\n

A culture of security starts by securing data where people get work done. We have been investing in innovation to make this easier, and I\u2019m sharing with you some additional capabilities that enable you to extend data protection and governance across apps, clouds, endpoints, and on-premises file repositories that keep your people collaborative and productive while ensuring your most valuable asset\u2014your data\u2014remains secure and compliant wherever it lives.<\/p>\n

Co-authoring of\u00a0Microsoft Information Protection-protected\u00a0documents now available in\u00a0preview<\/h2>\n

With the shift to remote work, people are creating, storing, and sharing data in new ways. Collaboration and productivity are critical to getting work done, but you still need to ensure that the data remains safe wherever it is. Data classification in Microsoft Information Protection protects your business-critical data so your people can collaborate securely without having to sacrifice productivity.<\/p>\n

Today we are announcing the ability for multiple users to simultaneously edit a Microsoft Office document that has been encrypted using Microsoft Information Protection<\/a><\/strong>, now in preview. In the past, you had to choose between encrypting sensitive content and collaborating on it. If you encrypted the content, only one person could edit at a time. Everyone else would be locked out, and AutoSave would be disabled to preserve the encryption. With this new unique capability, multiple people can now be co-authors on a Word, Excel, or PowerPoint document simultaneously, frictionlessly, with auto-save, while maintaining the sensitivity labeling and document protections.<\/p>\n

Learn more on\u00a0Microsoft docs<\/a> and Tech Community<\/a>.<\/p>\n

Microsoft 365\u00a0data\u00a0loss\u00a0prevention\u00a0now available in preview for\u00a0Chrome\u00a0and\u00a0on-premises<\/h2>\n

Enabling a comprehensive and flexible approach to data loss prevention solutions is one of the most important ways to protect your data. \u00a0We have been investing heavily in this area, and our unified Data Loss Prevention (DLP) solution\u2014a key part of Microsoft Information Protection\u2014understands and classifies your data, keeps it protected, and prevents data loss across Microsoft 365 Apps (including Word, PowerPoint, Excel, and Outlook), services (including Microsoft Teams, SharePoint, and Exchange), third-party software as a service (SaaS) applications, and more\u2014on-premises or in the cloud. Microsoft\u2019s unified data loss prevention approach provides simplicity, enabling you to set a data loss prevention (DLP) policy once and have it enforced across services, endpoints, and first-and third-party apps.<\/p>\n

A few months ago, we announced Endpoint DLP<\/a>, which provides built-in data loss prevention into Windows 10 and Microsoft Edge. Today we\u2019re announcing that we are extending Microsoft\u2019s unified DLP capabilities natively to Chrome browsers and on-premises file shares and SharePoint Server<\/strong>.<\/p>\n

You can learn more about this preview on Tech Community<\/a>.<\/p>\n

Microsoft Azure Purview provides new multi-cloud support<\/h2>\n

In December 2020, we announced Azure Purview<\/a>, a unified data governance service that facilitates the mapping and control of organizational data no matter where it resides. Azure Purview is integrated with Microsoft Information Protection<\/a>,\u00a0which means you can apply the same sensitivity labels defined in Microsoft 365 Compliance Center to your data in Azure.<\/p>\n

Today we\u2019re sharing that we are extending Azure Purview\u2019s ability to automatically scan and classify data to other platforms<\/strong>, such as AWS Simple Storage Services (S3), SAP ECC, SAP S4\/HANA, and Oracle Database. Available now in preview, you can now automatically scan and classify data residing within various on-premises data stores using the Azure Purview Data Map.<\/p>\n

We are also expanding the insight available within Azure Purview. Available now in preview, Azure Purview can now scan Azure Synapse Analytics workspaces<\/strong>, which enables you to discover and govern data across your serverless and dedicated SQL pools. This expands on\u00a0Azure Purview\u2019s existing tools enabling\u00a0customers to scan data across various sources via out-of-the-box connectors in the Data Map.<\/p>\n

You can learn more in the Azure Purview blog<\/a>.<\/p>\n

Microsoft 365 Insider Risk Management Analytics available in preview<\/h2>\n

Another important component of securing your data as people work in new and different ways is effectively managing insider risk. Balancing the ability to quickly identify and manage insider risks while maintaining a dynamic culture of trust and collaboration is a priority for security leaders.<\/p>\n

With privacy built-in, pseudonymization on by default, and strong role-based access controls, Insider Risk Management in Microsoft 365<\/a> is used by businesses worldwide to quickly get started using machine learning to identify insider risks and take action with integrated collaboration workflows.<\/p>\n

Today we\u2019re announcing Microsoft 365\u00a0Insider Risk Management\u00a0Analytics<\/strong>, which can identify potential insider risk activity within an organization and help inform policy configurations. With one click, customers can have the system run a daily scan of their tenant audit logs, including historical activity, and leverage Microsoft 365\u2019s Insider Risk Management Machine Learning engine to identify potential risky activity with privacy built-in by design. Insider Risk Management Analytics will start rolling out\u00a0to tenants in\u00a0public\u00a0preview\u00a0in mid-March 2021.<\/p>\n

For more information, check out the Tech Community blog<\/a>.<\/p>\n

Continued investments to help you address compliance and risk<\/h2>\n

We\u2019ve been hard at work across our entire portfolio to ensure you have the capabilities you need to protect and govern your data while addressing regulatory compliance and eDiscovery. Here are a few more announcements we\u2019re making today:<\/p>\n