Originally posted on Microsoft 365 blog
Being a customer-obsessed business means being privacy-obsessed. Customers are more aware and sensitive than ever before about your data privacy policies,1 making decisions to do business with you based on the trust they have about how you handle their data. According to industry analysts such as Forrester, companies with more advanced privacy practices are growing faster today than their peers with less mature policies.2
In this environment, privacy and compliance professionals play an increasingly strategic role within organizations. As data continues to grow exponentially and travel across organizational boundaries, providing your teams with the right tools to maintain control and manage risk across data, wherever it lives, is our priority.
Today, we are excited to share updates in Microsoft 365 that provide organizations with more control and options to strengthen their data privacy practices.
New capabilities coming to Microsoft 365 E5 and E5 Compliance
New capabilities coming to Microsoft 365 E5 and E5 Compliance—previously known as Information Protection & Compliance—include controls to automatically expire or revoke access to encrypted emails, data investigation capabilities, and new compliance features in Microsoft Teams. In addition, the new Advanced eDiscovery experience is now generally available.
Control encrypted emails shared outside your organization—When sensitive emails are shared outside your organization, despite encrypting the message, it can be difficult to further prohibit access. Now with Office 365 Advanced Message Encryption, admins have additional controls to automatically expire or revoke access to encrypted emails through a secure web portal.
For example, with Advanced Message Encryption, you can leverage sensitive information types—such as health IDs—and automatically encrypt and expire the message after 30 days, which may be specified by the organization’s internal or external compliance requirement. Learn more in our Tech Community blog.
Search and take action on at-risk sensitive data—Oftentimes, customers need to quickly investigate security and privacy incidents such as data leakage or phishing attacks. Data investigation capabilities in Microsoft 365 enable you to search and take action to remediate risk.
For example, in the event of a data leak, you can create an investigation to search and identify impacted content or people, then delete the email messages that may contain confidential information to prevent end users from accessing the content. The data investigation capabilities in Microsoft 365 are in preview. Learn more in this Tech Community blog.
Block sensitive information in chat messages and channel conversations—Microsoft Teams is improving workplace collaboration by bringing together chats, meetings, and calling in a more secure and compliant way. We recently introduced new features in Teams, including data loss prevention and information barriers, to help you prevent sensitive information unintentionally being shared or leaked when using Teams. Learn more in this recent announcement.
Keep relevant data in place for data discovery and workflow—The new Advanced eDiscovery experience that we announced in January is now generally available to help organizations perform in-place eDiscovery with Microsoft 365. Use the new built-in custodian management workflow, working sets, and review and redact features to significantly reduce the cost and risk associated with data discovery and investigation. Learn more in our Tech Community blog.
Additional updates to enhance your compliance and privacy controls
Additional compliance and privacy updates include new Compliance Manager features and additional options for Multi-Geo Capabilities.
Manage compliance beyond Microsoft Cloud and get automatic updates of security controls—Your organization’s data lives in a heterogeneous world beyond the Microsoft Cloud, and it’s important to manage compliance across data assets in a unified way. Compliance Manager now enables you to create your own assessments—including on-premises and non-Microsoft applications—against any regulation or standard. This allows you to manage your data protection controls, collaborate between teams, and prepare for audits—all from one cloud-based compliance management tool.
Additionally, Compliance Manager can now detect your tenant settings and automatically update the status of your controls by integrating with the Secure Score API. For example, when security-oriented controls, such as Multi-Factor Authentication (MFA), are implemented, the risk assessments in Compliance Manager automatically reflect the updated status.
These new features of Compliance Manager are in public preview for all commercial plans. Learn more at the Tech Community blog.
Implement granular data residency controls for shared resources—With more data residency measures being legislated around the world, global businesses are challenged with meeting certain compliance requirements while moving to the cloud. Multi-Geo Capabilities addresses these challenges by giving you the flexibility to choose where your Office 365 content is stored at rest. We’re expanding Multi-Geo Capabilities beyond Exchange Online and OneDrive to include SharePoint Online and Groups, so you can control where content from these shared resources is stored at rest. Multi-Geo Capabilities can be purchased as an add-on to Microsoft 365 and Office 365 subscriptions. Read Multi-Geo in SharePoint and Office 365 Groups to learn more.