Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

New Security Capabilities Announced for Microsoft 365, Azure

Microsoft on Tuesday unveiled several new security capabilities for its Microsoft 365 and Azure solutions, including for data security, compliance, and risk management.

Microsoft on Tuesday unveiled several new security capabilities for its Microsoft 365 and Azure solutions, including for data security, compliance, and risk management.

Microsoft 365 has built-in data loss prevention capabilities for Teams, Exchange, SharePoint, OneDrive and third-party cloud apps. The new Endpoint Data Loss Prevention (DLP) solution, which is currently available in public preview, extends those DLP capabilities to the endpoint in an effort to help organizations protect sensitive information on endpoints and meet compliance requirements.

Endpoint DLP is built into Windows 10, Edge and Office apps, and security teams can see what data has been accessed and shared directly from the Microsoft 365 compliance center.

Microsoft also announced new Microsoft 365 features designed to help organizations address insider risk and code of conduct violations. These features, also available in public preview, enhance the detection and remediation capabilities in Insider Risk Management and Communication Compliance.

Specifically, the latest Insider Risk Management release expands the quality of signals used to detect potentially risky behavior associated with malicious or non-malicious insider activity. These improvements included new Windows 10 signals (e.g. copying files to a USB drive or a network share), integration with Defender ATP, additional native signals from Microsoft 365 products, and improvements to the native HR connector.

Customers are also provided new data leak policy and security policy violation templates to help them identify more risks, and Microsoft has announced integration with ServiceNow to allow incident responders to easily create tickets for identified risks.

As for Communication Compliance, which is designed to allow companies to detect violations of regulatory compliance and code of conduct (e.g. harassment and threats), Microsoft has introduced enhancements designed to make it easier to review and address potential issues.

In the case of its Azure Sentinel SIEM solution, Microsoft announced new third-party connectors that will enable organizations to easily obtain data from third-party firewall, endpoint security, network security and vulnerability management products.

Finally, Microsoft announced Double Key Encryption for Microsoft 365, which enables organizations to remain in full control of the encryption keys they use to protect their most sensitive data. Microsoft believes this will be highly useful to certain organizations, such as ones in the financial sector, which need to meet stricter compliance requirements.

“Double Key Encryption for Microsoft 365 uses two keys to protect your data, with one key in your control and the second in Microsoft’s control. To view the data, one must have access to both keys. Since Microsoft can access only one key, your data and key are unavailable to Microsoft, helping to ensure the privacy and security of your data,” Microsoft explained.

Endpoint DLP, Insider Risk Management, Communication Compliance, and Double Key Encryption are all available in public preview starting on July 21 for Microsoft 365 E5 customers.

Related: Microsoft Announces New Security Capabilities Across Platforms

Related: Microsoft Unveils New Azure, Windows Defender ATP Tools

Related: Microsoft Threat Protection Now Generally Available

Related: Microsoft Open-Sources COVID-19 Threat Intelligence

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.