What's new in the Microsoft 365 compliance center
We're continuously adding new features to the Microsoft 365 compliance center, fixing issues we learn about, and making changes based on your feedback. Take a look below to see what's available for you today. Some features get rolled out at different speeds to our customers. If you aren't seeing a feature yet, try adding yourself to targeted release.
Interested in what's going on in other admin centers? Check out these articles:
What's new in the Microsoft 365 admin center
What's new in the SharePoint admin center
And visit the Microsoft 365 Roadmap to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.
Spotlight: New data connectors hit preview
Building on our promise to help you import data from more third-party sources into Microsoft 365, we’re pleased to announce the preview release of two more data connectors:
- Bloomberg message. Import and archive financial services email data from the Bloomberg Message collaboration tool. After the data’s stored in mailboxes, you can access and use the data in compliance features such as litigation hold, content search, In-place archiving, auditing, communication compliance, and retention policies.
- ICE Chat. Import and archive financial services chat data from the ICE Chat collaboration tool. After the data’s stored in mailboxes, you can access and use the data in compliance features such as litigation hold, eDiscovery, archiving, auditing, communication compliance, and retention policies.
Compliance Score & Compliance Manager: The hits keep coming
June updates include a new assessment drill-down view in Compliance Score. Monitor control progress, add, delete assessments directly from Compliance Score, and more.
Want to stay on top of updates to Compliance Score and Compliance Manager? Bookmark the Compliance Score release notes and check back often.
Spotlight: Data classification is officially released
Data classification, aka ‘Know your data’, features (analytics, content explorer, and activity explorer) have graduated from the preview phase and are available to all organizations. Powerful insights and tools can help you discover and evaluate how sensitive info and labels (retention and sensitivity) are being used in content across your organization. Review content that contains sensitive info or has labels applied, explore label activity across Microsoft 365 locations, create custom sensitive info types, and more.
Take a video tour...
Trainable classifiers: A fix and a feature
May brings more enhancements to trainable classifiers:
- A fix based on your feedback: When you seed and train a custom classifier, you no longer need to manually enter SharePoint site URLs and folder paths. You can now choose from a pre-populate list of sites and folders.
- New feature: When creating a sensitivity label and configuring auto-labeling settings for Office apps, you can now automatically apply (or recommend that users apply) the label to content that matches trainable classifiers. Learn more
Communication compliance: Yammer support is here
Private messages and public community conversations in Yammer are supported in communication compliance policies. Yammer is an optional channel and must be in native mode to support scanning of messages and attachments.
Data loss prevention: New sharing restriction
When setting up a DLP policy to protect content in SharePoint or OneDrive, you can now configure the “Restrict access to content” action to block people who were given access to the content through the ‘Anyone with the link’ option.
Insider risk management: Tailor your alert volume
User activities detected by insider risk policies are assigned a specific risk score, which in turn determines the alert severity (low, medium, high). By default, Microsoft 365 generates a certain amount of low, medium, and high severity alerts, but with the new alert volume setting, you can increase or decrease the volume to suit your needs.
PST import: New region supported
Network upload is now available in United Arab Emirates.
Sensitivity labels: New privacy option
When configuring site and group settings for a label, you can now set the privacy option to None - let user choose who can access the site. This is useful when you want to protect content in the container by using a sensitivity label, but still let users configure the privacy setting themselves.
Records management: Overhaul…and a new addition
April includes a couple key updates to our records management solution:
- The ‘Records management’ section is now fully available in the compliance center. Take advantage of updated user interfaces and functionality for file plan, retention labels and label policies, events, and disposition.
- Speaking of disposition, we also rolled out proof of disposition for records in SharePoint and OneDrive. You can now see a list of items in those locations that have been disposed of automatically or after a disposition review.
Sensitivity labels: Preview auto-labeling policies
With auto-labeling policies, you can now automatically apply sensitivity labels to SharePoint and OneDrive docs that are already saved (aka ‘data at rest) and emails that are already sent or received (aka ‘email in transit’). Because this labeling is applied by services rather than by apps, you don't need to worry about what apps users have and what version.
This capability extends the existing client-side labeling that’s already included in the ‘Auto-labeling for Office apps’ settings when you create a sensitivity label. To get up to speed on the differences and benefits of both auto-labeling options, check out the updated article.
Introducing Advanced Audit
Advanced Audit in Microsoft 365 introduces new auditing capabilities that can help your organization with forensic and compliance investigations. Highlights include long term retention of audit logs, custom audit log retention policies, new MailItemsAccessed mailbox auditing action, and the introduction of a new tenant-level throttling limit, which provides your organization with its own fully allocated bandwidth quota to access your auditing data.
Compliance Score & Compliance Manager: Preview the latest enhancements
Key updates for this preview release include:
- Simplified process for creating and modifying templates
- Versioning notice and control for templates and actions
- Synchronizing common actions across groups
- Language support now extended to Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, and Spanish
Sensitivity labels: Support for labeling Office files in SharePoint and OneDrive (preview)
Enabling the preview allows users to apply sensitivity labels in Office on the web. They’ll be able to see the Sensitivity button on the ribbon and the applied label name on the status bar. In addition, if they use desktop apps to label and then save their files on SharePoint or OneDrive, Microsoft 365 will now be able to process the content of these files if the label has encryption settings applied. Coauthoring, eDiscovery, data loss prevention, search, and other collaborative features will also be supported in these circumstances.
Insider risk management is officially released
Drum roll, please...
Insider risk management is now available to organizations with the following subscriptions:
- Microsoft 365 E5 (paid or trial)
- Microsoft 365 Enterprise E3 subscription with the Microsoft E5 Compliance add-on
As always, please leave feedback as you use the solution so we can continue to make improvements.
This new solution brings all the records management capabilities under a single umbrella. Highlights include the introduction of records versioning for SharePoint and OneDrive and proof of disposal for records.
Solution spotlight: Data connectors for Facebook and Twitter
Data connectors released last month and we're looking for your help in testing out the following connectors.
- Facebook business pages. Imports and archives data from Facebook business pages to Microsoft 365. Beneficial for compliance solutions such as records management and eDiscovery.
- Twitter. Imports and archives data from Twitter to Microsoft 365. Beneficial for compliance solutions such as records management and eDiscovery.
As you set up and validate these connectors, please leave us feedback about what went well, what didn't, and what we can do to improve the experience.
The wait is over. We're pleased to announce that the Microsoft 365 compliance center is available to all customers with Microsoft 365, Office 365, Enterprise Mobility + Security (EMS), and Windows 10 Enterprise plans. Any data or policies you were managing in the Security & Compliance Center are available in the compliance center, so no need to jump back and forth.
Read through last month's update again for a refresher on some of the new solutions we previewed recently, as well as a roadmap showing where compliance features from the Security & Compliance Center now live in Microsoft 365.
We also released new and updated solutions this month. Here's a quick glance at the highlights.
Now in preview
Insider risk management (preview)
We're happy to announce that our insider risk management solution is now in public preview. In a nutshell, insider risk management helps your organization intelligently identify and take action on insider risks by providing:
- Anonymity controls to help ensure user privacy.
- Intelligent policy templates with native and third-party indicators that identify insider threats, such as data leaks.
- Integrated end-to-end investigation workflows that span across IT, HR and legal teams.
We'd love to hear what you think. As you use the solution, leave us feedback so we can make sure we're meeting your needs as we head toward general availability.
Graduating from the preview phase to full availability, communication compliance is a key component of our new insider risk solution set. This robust solution helps minimize communication risks using workflows for detecting, investigating, and taking remediation actions for messages that don't meet your organization's standards.
Customer feedback during the preview was fantastic. It resulted in several enhancements, including a first-run experience to get you started, improvements to investigation and remediation actions, and more.
Formerly sharing space with other 'Import' features in the Office 365 Security & Compliance Center, data connectors now have their very own home in the Microsoft 365 compliance center. Use the new 'Data connectors' page to import and archive data from your organization's human resources (HR) files and various third-party platforms (like Facebook, LinkedIn, Twitter, and Instant Bloomberg) to mailboxes in your Microsoft 365 organization. Once imported, this data can be managed in several compliance solutions, including eDiscovery, insider risk management, communication compliance, audit, retention policies, and more.
New assessment templates for Compliance Score (preview)
Always working hard to help you get ahead of the ever-evolving compliance landscape, our Compliance Score team shipped a new set of templates to help you assess your organization's compliance posture against recent regulations and get guidance on how to implement more effective controls. You'll see new templates for:
- ISO/IEC 27701:2019
- California Consumer Privacy Act (CCPA)
- Brazil General Data Protection Law (Lei Geral de Proteção de Dados - LGPD)
- SOC 1 Type 2 and SOC 2 Type 2
November & December 2019
Over the holidays, we started rolling out all the great compliance solutions that were demo'd at Ignite. Most are in a preview state, so test them out and be sure to let us know what you think by opening the Feedback card at the bottom right of the compliance center.
Get to know the new neighborhood
The new Microsoft 365 compliance center includes brand new solutions as well as the compliance features you know and love from the Office 365 Security & Compliance Center. Let's dig in a bit more…
New compliance solutions
You might be wondering what a solution is. As much as the cloud has revolutionized the way business is done, it's also opened the door for new methods of data theft and fraud and necessitated new regulations. Our compliance solutions are collections of integrated capabilities that can help you help you manage these evolving compliance requirements. A solution's capabilities might include a combination of policies, alerts, reports, and more.
Here's a summary of the new solutions you'll find. Keep an eye out for others coming soon.
These solutions are located only in the Microsoft 365 compliance center. They can't be managed in the Office 365 Security & Compliance Center.
|New solution||Description||Learn more|
|Microsoft Compliance Score (preview)
||Built from Compliance Manager, Compliance Score is a standalone feature with a simpler, more user-friendly design that helps you understand and improve your organization's compliance posture. It calculates a risk-based score measuring your progress in completing actions that help reduce risks around data protection and regulatory standards.
||Overview of Microsoft Compliance Score (preview)|
|Solution catalog (preview)
||The solution catalog is your one-stop-shop for discovering, learning about, and quickly getting started with our compliance and risk management solutions. The catalog is organized into three compliance categories, each containing details about the solutions that make up that category. Categories include Information protection & governance, Insider risk management, and Discovery & response
||Overview of the solution catalog (preview)|
|Communication compliance (preview)
||Communication compliance is part of the new insider risk management category that helps minimize communication risks by helping you detect, capture, and take remediation actions for inappropriate messages in your organization. The solution extends the capabilities of supervision policies in Office 365 by introducing several new enhancements such as intelligent templates, flexible remediation workflows, and actionable insights.
||Communication compliance in Microsoft 365 (preview)|
|Data classification (preview)
||Our new Data classification page contains powerful insights and tools to help you discover and evaluate how sensitive info and labels (retention and sensitivity) are being used in content across your organization. Review content that contains sensitive info or has labels applied, explore label activity across Microsoft 365 locations, create custom sensitive info types, and much more.
||Data classification overview (preview)|
|Trainable classifiers (preview)
||This powerful new tool uses our machine learning engine to help identify categories of content in your org, like regulatory docs or employee agreements. Once created, classifiers can be used in several compliance solutions to detect related content and classify it, protect it, retain it, and more.
||Getting started with trainable classifiers (preview)|
Updated compliance solutions
If you've been using the Office 365 Security & Compliance Center for your compliance needs, you might wonder where some features now live in the new Microsoft 365 compliance center. Here's a quick roadmap to help find their new homes.
Some features are still available only in the Office 365 Security & Compliance Center – these are noted below. But we're working hard to preview these in the Microsoft 365 compliance center, so stay tuned for updates.
Wondering why it's quiet on the release front this month? We're heads down building new, innovative compliance solutions that'll be unveiled at Microsoft Ignite in November. Stay tuned!
New encryption options for sensitivity labels
When configuring encryption for a sensitivity label, you now have two options that lets users assign permissions when they manually apply the label to email and docs:
- When applying the label to Outlook email, users can enforce restrictions equivalent to the Do Not Forward option. Recipients will be able to read the message but not forward, print, or copy the content.
- When applying the label to Word, PowerPoint, and Excel files, users will be prompted to assign access permissions to specific users and groups.
Go to Restrict access to content by using sensitivity labels to apply encryption to learn more.
Update to data investigations
When performing a data investigation, you can now delete items from their original locations. This means you can delete items from Exchange mailboxes, SharePoint sites, and OneDrive accounts across your organization. Because you collected the items as evidence, you'll have copies of them retained in the evidence set to you can investigate further or just keep as a reference. Go to Manage a data spillage incident in Microsoft 365 to learn more.
New admin roles
We released two new admin roles to help manage security and compliance in your org. Tell all your friends.
- Compliance data admin. Users with this role have permissions to protect and track data in the Microsoft 365 compliance center, Microsoft 365 admin center, and Azure. They can also manage everything the Exchange admin center, Compliance Manager, Teams & Skype for Business admin center and create support tickets for Azure and Microsoft 365.
- Security operator. Users with this role can manage alerts and have global read-only access to security-related features, including everything in the Microsoft 365 security center, Azure Active Directory, Identity Protection, Privileged Identity Management and Office 365 Security & Compliance Center.
Search and filtering for reports
No more scrolling through a sea of reports to find the ones you want. You can now search for reports (based on their titles) and filter on categories like 'Labels' and 'Compliance' and sources like 'Office 365' and 'Microsoft Cloud App Security'.