Microsoft 365 合規性中心的新功能What's new in Microsoft 365 compliance

無論是將新的解決方案加入至 Microsoft 365 規範中心、根據您的意見反應更新現有的功能,或是推出全新和更新的檔,Microsoft 365 都會協助您不斷掌握不斷變化的相容性形勢。Whether it be adding new solutions to the Microsoft 365 compliance center, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. 請參閱下列內容,以查看目前的 Microsoft 365 合規性的新功能。Take a look below to see what’s new in Microsoft 365 compliance today.

注意

有些規範功能會以不同的速度向客戶推出。Some compliance features get rolled out at different speeds to our customers. 如果您還沒有看到功能,請嘗試將您新增至 目標版本If you aren't seeing a feature yet, try adding yourself to targeted release.

提示

對其他系統管理中心的進展感興趣嗎?Interested in what's going on in other admin centers? 請參閱下列文章:Check out these articles:
Microsoft 365 系統管理中心的新功能What's new in the Microsoft 365 admin center
SharePoint 系統管理中心的新功能What's new in the SharePoint admin center
Microsoft 365 Defender 的新功能What's new in Microsoft 365 Defender

請造訪 microsoft 365 藍圖 ,以瞭解已啟動、已開發、已取消或先前發佈的 microsoft 365 功能。And visit the Microsoft 365 Roadmap to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.

2021 年 1 月January 2021

支援小組中的卡片內容Support for card content in Teams

下列 Microsoft 365 規範解決方案現在支援透過小組訊息中的應用程式所產生的 卡片內容 的偵測:The following Microsoft 365 compliance solutions now support the detection of card content generated through apps in Teams messages:

資訊管理與記錄管理Information governance and records management

使用資訊控管和記錄管理來處理的新評估,可協助滿足紐西蘭公開記錄法案的合規性義務。New assessment to address using information governance and records management to help meet compliance obligations for the New Zealand Public Records Act.

敏感度標籤Sensitivity labels

  • 現在,我們的政府承租人 (GCC 和 GCC-H) 支援敏感度標籤。Sensitivity labels are now supported for US Government tenants (GCC and GCC-H).
  • MacOS 的新 自動標籤 支援。New automatic labeling support for macOS.

2020 年 12 月December 2020

聚光燈:有問必答風險解決方案的新內容Spotlight: New content for insider risk solutions

Microsoft 365 合規性內容小組正在運作中建立「內容解決方案」檔,以提升如何搭配使用相容性功能,以協助符合您的合規性目標。The Microsoft 365 compliance content team is hard at work creating ‘content solution’ docs to promote how compliance capabilities can be used together to help meet your compliance goals.

第一個是將內幕程式風險解決方案結合在一起的內容:通訊法規遵從性、內幕風險管理、資訊障礙及特殊的訪問管理。First up is content that ties together our insider risk solutions: communication compliance, insider risk management, information barriers, and privileged access management. 以下是您將會發現的內容:Here’s a peek at what you’ll find:

更多即將推出的內容解決方案檔!More content solution docs coming soon!

進階電子文件探索Advanced eDiscovery

改進的工作流程和功能,可 將保管人非 custodial 資料來源 新增至高級 eDiscovery 案例。Improved workflow and functionality for adding custodians and non-custodial data sources to an Advanced eDiscovery case.

資料連線器Data connectors

發行四個新的 Globanet 連接器: Redtail 發言、Salesforce 交談、ServiceNow 及 Yieldbroker。Four new Globanet connectors released: Redtail Speak, Salesforce Chatter, ServiceNow, and Yieldbroker.

加密Encryption

在承租人層級引進 Microsoft 365 的客戶金鑰Introducing Customer Key for Microsoft 365 at the tenant level. 使用您提供的金鑰,您可以建立資料加密原則 (DEP) 並指派給租使用者。Using keys you provide, you can create a data encryption policy (DEP) and assign it to the tenant. DEP 會針對這些工作負載在租使用者上進行資料加密:The DEP encrypts data across the tenant for these workloads:

  • 小組聊天訊息 (1:1 聊天、群組交談、會議聊天及通道交談) Teams chat messages (1:1 chats, group chats, meeting chats and channel conversations)
  • 小組媒體郵件 (影像、程式碼片段、影片、wiki 影像) Teams media messages (images, code snippets, videos, wiki images)
  • 小組儲存中儲存的小組通話和會議錄製Teams call and meeting recordings stored in Teams storage
  • 小組聊天通知Teams chat notifications
  • 小娜的小組聊天建議Teams chat suggestions by Cortana
  • 小組狀態郵件Teams status messages
  • Exchange Online 的使用者和信號資訊User and signal information for Exchange Online

記錄管理Records management

記錄管理系統管理員角色群組現在會授與所有記錄管理功能的許可權,包括「處置評審」。The Records Management admin role group now grants permissions for all records management features, including disposition review.

敏感度標籤Sensitivity labels

2020 年 11 月November 2020

只會有提醒,我們通常會在預覽狀態中發佈新的和更新的功能,以瞭解如何使用這些功能,讓我們能夠在發佈至一般可用性之前完善並改進這些功能。Just a reminder that we often release new and updated features in a preview state to learn how they're being used so we can hone and improve them before releasing to general availability. 在預覽 (和超過) 之後,您的意見反應很重要,所以請務必先開啟規範中心右下方的回饋卡片,讓我們知道您的想法。Your feedback is critical during preview (and beyond), so be sure to let us know what you think by opening the Feedback card at the bottom right of the compliance center.

回饋

聚光燈:端點資料遺失防護 (DLP) 已發行Spotlight: Endpoint data loss prevention (DLP) released

ENDPOINT dlp 會將 DLP 的活動監控和保護功能延伸至 Windows 10 裝置上的機密資訊。Endpoint DLP extends the activity monitoring and protection capabilities of DLP to sensitive info on Windows 10 devices. 在裝置 至 Microsoft 365 規範中心後,您可以設定 DLP 原則,以保護這些裝置上的機密資訊。After devices are onboarded to the Microsoft 365 compliance center, you can set up DLP policies to protect the sensitive info on those devices.

進階電子文件探索Advanced eDiscovery

為了讓您更容易管理 eDiscovery 工作流程中的加密內容,Microsoft 365 eDiscovery 工具現在整合了附加至電子郵件訊息並在 Exchange 中傳送的 加密檔案解密To make it easier to manage encrypted content in the eDiscovery workflow, Microsoft 365 eDiscovery tools now incorporate decryption of encrypted files that are attached to email messages and sent in Exchange. 此外,儲存在 SharePoint 和 OneDrive 中的加密檔會在 [Advanced eDiscovery] 中解密。Additionally, encrypted documents stored in SharePoint and OneDrive are decrypted in Advanced eDiscovery.

合規性管理員Compliance Manager

資料連線器Data connectors

預覽中的五個新 Globanet 連接器Five new Globanet connectors in preview. 新的連接器包括 Reuters 處理、Reuters FX、CellTrust、XIP、泛型 MS SQL 資料庫資料。New connectors include Reuters Dealing, Reuters FX, CellTrust, XIP, generic MS SQL Database data.

保留標籤 (處置評審) Retention labels (disposition review)

若要在處置檢查過程中查看專案,使用者現在必須是 內容瀏覽器內容檢視器和內容瀏覽器清單檢視器角色群組的成員。To view items during a disposition review, users must now be members of the Content Explorer Content Viewer and Content Explorer List Viewer role groups. 雖然必須複查專案,但在完成處置檢查時,並不需要這些角色群組。Although required to review items, these role groups aren’t necessary for completing the disposition review.

敏感度標籤Sensitivity labels

  • (預覽) SharePoint 網站的外部共用設定(Preview) External sharing settings for SharePoint sites. 建立群組和網站所使用的標籤時,您會看到一個選項,可控制已套用標籤的 SharePoint 網站的外部共用。When creating a label that will be used for groups and sites, you’ll see an option to control external sharing for SharePoint sites that have the label applied. 您可以指定允許任何人、新的和現有的來賓、現有來賓或僅限您組織中的使用者共用。You can specify that sharing is allowed for anyone, new and existing guests, existing guests only, or just users in your organization. 套用標籤時,標籤設定會取代 SharePoint 系統管理中心內設定的任何外部共用設定。When the label is applied, the label settings will replace any external sharing settings configured in the SharePoint admin center.
  • 移除已標記檔中的標籤和加密Remove label and encryption from a labeled document. 若要從 SharePoint 中的標籤檔中移除標籤和其所強制執行的加密,global admins 和 SharePoint 系統管理員都可以執行新的 Unlock-SPOSensitivityLabelEncryptedFile Cmdlet。To remove both a label and the encryption it enforces from a labeled document in SharePoint, global admins and SharePoint admins can run the new Unlock-SPOSensitivityLabelEncryptedFile cmdlet. 即使系統管理員沒有網站或檔案的存取權限,或 Azure Rights Management 服務無法使用,此 Cmdlet 也會執行。This cmdlet runs even if the admin doesn't have access permissions to the site or file, or if the Azure Rights Management service is unavailable.

2020 年 10 月October 2020

進階電子文件探索Advanced eDiscovery

CJK 語言支援CJK language support. 「高級 eDiscovery」現在支援雙位元組字元集語言,統稱為 CJK 語言 (包含簡體中文版的繁體中文、繁體中文、日文和韓文) 。Advanced eDiscovery now supports double-byte character set languages, collectively known as CJK languages (includes Simplified Chinese, Traditional Chinese, Japanese, and Korean). 這些可用於數種高級複查集案例。These can be used in several advanced review set scenarios.

敏感度標籤Sensitivity labels

  • 標籤範圍Label scope. 建立靈敏度標籤時,您會看到新的選項,可定義標籤的範圍。When creating a sensitivity label, you’ll see a new option to define the scope for the label. 此選項可讓您設定標籤與電子郵件、容器 (SharePoint 網站和團隊) 或兩者等的標籤。This option lets you configure labels just for files and emails, containers (like SharePoint sites and Teams), or both.
  • 動態內容標示Dynamic content marking. 在設定敏感度標籤的內容標示時,您現在可以 ${Item.Label} ${Item.Location} 在您的頁首、頁尾或浮水印的文字字串中使用動態變數。When configuring content marking for a sensitivity label, you can now use the dynamic variables such as ${Item.Label} and ${Item.Location} in the text string for your header, footer, or watermark.

2020 年 9 月September 2020

聚光燈:合規性管理員Spotlight: Compliance Manager

Ignite 今年宣佈,合規性分數是 rebranded 為 合規性管理員Announced at Ignite this year, Compliance Score is rebranded as Compliance Manager. 此版本會在服務信任入口網站中完成從合規性管理員先前的首頁轉換,並在 Microsoft 365 規範中心引進端對端規範管理解決方案。This release completes the transition from Compliance Manager’s previous home in the Service Trust Portal, and introduces an end-to-end compliance management solution in the Microsoft 365 compliance center.

觀看下列影片,瞭解合規性管理員如何協助簡化組織管理規範的方式。Watch the video below to learn how Compliance Manager can help simplify how your organization manages compliance.

進階稽核Advanced Audit

  • 新的10年保留審計記錄檔可協助支援長期執行調查,並回應法規、法律和內部責任。New 10-year retention of audit logs helps support long running investigations and respond to regulatory, legal, and internal obligations.
  • 三個新的重要事件Three new crucial events. 下列新事件可協助您調查可能的破壞專案,並決定受損的範圍: Send、SearchQueryInitiatedExchange 及 SearchQueryInitiatedSharePoint。The following new events can help you investigate possible breaches and determine the scope of compromise: Send, SearchQueryInitiatedExchange, and SearchQueryInitiatedSharePoint.

通訊合規性Communication compliance

  • 更新的角色群組Updated role groups. 通訊相容性角色群組現在符合「內部使用者風險管理」解決方案可用的角色群組結構。Communication compliance role groups now match the role group structure available for the insider risk management solution.
  • 報表儀表板Reports dashboard. 用於查看所有通訊相容性報告的中央位置。Your central location for viewing all communication compliance reports. 報告構件可讓您快速瞭解對通訊規範活動狀態的整體評估,最常用的洞察力。Report widgets provide a quick view of insights most commonly needed for an overall assessment of the status of communication compliance activities.
  • 自動處理電源流程Power Automate flows. 設定流程以自動化警示和使用者的工作、在使用者觸發提醒時通知管理員等等。Set up flows to automate tasks for alerts and users, notify managers when users trigger an alerts, and more.
  • 改進分類」修正動作‘Improve classification’ remediation action. 包含符合 trainable 分類程式之專案的警示可能會受益于意見反應,有助於減少組織中的誤報。Alerts containing items that match trainable classifiers might benefit from feedback to help minimize false positives in your organization. [ 提升分類 ] 選項可讓您提供偵測到的專案是否符合相關通訊遵循原則中設定的分類器的意見反應。The Improve classification option lets you provide feedback whether detected items match the classifier configured in the related communication compliance policy. 您甚至可以建議其他分類器與專案產生關聯,以提升未來警示的相符準確度。You can even suggest other classifiers to associate with the item to improve match accuracy for future alerts.

資料連線器Data connectors

  • 新增協力廠商資料連線器New third-party data connectors. 25個新的資料連線器,包含從 Globanet 到8的14個連接器,從 Telemessage。25 new data connectors, including 14 connectors from Globanet and 8 from Telemessage.
  • 實體聲譽徽章授予連接器Physical badging connector. 匯入實體聲譽徽章授予資料,例如員工的原始實體存取事件,或是組織之聲譽徽章授予系統所產生的任何實體存取告警。Import physical badging data, such as employee’s raw physical access events or any physical access alarms generated by your organization's badging system. 範例包括辦公樓、伺服器機房或資料中心的專案。Examples include entries to buildings, server rooms, or data centers. 「內部使用者風險管理」解決方案可使用實體聲譽徽章授予資料,協助保護您的組織免受惡意活動或組織內的資料竊取。Physical badging data can be used by the insider risk management solution to help protect your organization from malicious activity or data theft inside your organization.

內部風險管理Insider risk management

  • Microsoft 小組整合Microsoft Teams integration. 當團隊整合在「內幕風險設定」中開啟時,您可以與工作小組中的其他專案關係人協調及共同作業,例如安全共用和儲存與個別案例相關的資料、追蹤及檢查分析員和調查人員的回應活動等等。When Teams integration is turned on in insider risk settings, you can coordinate and collaborate with other stakeholders in Teams on tasks like securely sharing and storing data related to individual cases, tracking and reviewing response activities from analysts and investigators, and more.
  • 自動處理電源流程Power Automate flows. 設定流程以自動化案例和使用者的重要工作,例如,檢索使用者、警示及案例資訊,以與專案關係人和其他應用程式共用、自動化動作(如張貼至案例記事)等等)。Set up flows to automate important tasks for cases and users, such as retrieving user, alert, and case info to share with stakeholders and other apps, automating actions like posting to case notes, and more.
  • 活動瀏覽器Activity explorer. 可用於審閱提醒時,活動 explorer 會提供調查人員和分析工具,以深入查看每個警示的綜合分析工具。Available when reviewing alerts, activity explorer provides investigators and analysts with a comprehensive analytic tool for drilling down into each alert. 快速查看偵測到風險的啟用時間表,並識別及篩選與提醒相關聯的所有風險活動。Quickly review a timeline of detected risky activity and identify and filter all risk activities associated with alerts.

保留原則和保留標籤Retention policies and retention labels

  • 對 Yammer 的支援Support for Yammer. 您現在可以使用保留原則來保留和刪除 Yammer 社區郵件和私人郵件。You can now use retention policies to retain and delete Yammer community messages and private messages.
  • 小組會議錄製套用標籤Apply labels to Teams meetings recordings. 建立自動標記原則時,請使用關鍵字查詢編輯器,識別儲存在使用者 OneDrive 帳戶或 SharePoint 中的小組會議錄製。When creating an auto-labeling policy, use the keyword query editor to identify Teams meeting recordings that are stored in users' OneDrive accounts or in SharePoint.

記錄管理Records management

支援法規記錄Support for regulatory records. 將標籤分類為法規記錄會增加標籤所套用的內容限制,並限制標籤本身可用的管理動作。Classifying a label as a regulatory record increases the restrictions placed on content to which the label is applied and limits the available management actions for the label itself. 例如,在套用至內容之後,任何人(甚至全域系統管理員)都可以移除標籤。For example, after it’s applied to content, nobody, not even a global admin, can remove the label. 深入瞭解 針對法規記錄允許和封鎖的動作。Learn more about which actions are allowed and blocked for regulatory records.

敏感度標籤Sensitivity labels

為美國政府客戶提供支援Support for US Government customers. 目前只有 Azure 資訊保護統一標籤用戶端和掃描器,才支援 GCC、GCC 高階及 DoD 客戶的靈敏度標籤。Sensitivity labels are now supported for GCC, GCC High, and DoD customers, only for the Azure Information Protection unified labeling client and scanner.

可訓練分類器Trainable classifiers

新的重新訓練和意見反應功能可協助提升精確度,並最小化所有自訂分類符和部分預先訓練的分類器的誤報。New retraining and feedback capabilities helps improve accuracy and minimize false positive matches for all custom classifiers and some pre-trained classifiers. 這段流程可讓您針對專案是否符合特定的分類器、建議其他分類器與專案產生關聯,以及重新整理分類器以精煉和提高相符精確度。This flow lets you provide feedback on whether items match certain classifiers, suggest other classifiers to associate with items, and retrain classifiers to refine and improve match accuracy.

下列功能包含這項新功能:This new capability is included in the following features:

注意

針對所有功能,如果您至少提供30項回饋回應,我們會建立該分類程式的 retrained 版本,您可以進行查看。For all features, if you provide at least 30 feedback responses, we'll create a retrained version of that classifier that you can review. 如果有改進,您可以重新發佈分類器。If there's improvement, you can republish the classifier.

  • Trainable 分類符。Trainable classifiers. 若要改善發佈的分類程式的準確性,您可以提供偵測到的專案是否符合分類程式的意見反應。To improve the accuracy of your published classifiers, you can provide feedback on whether the detected items match the classifier.
  • 通訊相容性Communication compliance. 新增的「 改進分類 修復」動作可讓您提供意見,以徵求通訊相容性警示中的專案是否符合通訊合規性原則中設定的分類器。The new Improve classification remediation action lets you provide feedback whether an item from a communication compliance alert matches the classifier configured in the communication compliance policy.
  • 內容瀏覽器Content explorer. 如果您設定保留自動標記原則,以自動將標籤套用至符合 trainable 分類程式的電子郵件,您可以使用內容瀏覽器來查看已標示的專案,並提供專案是否符合分類器的意見反應。If you set up a retention auto-labeling policy to automatically apply labels to email messages that match trainable classifiers, you can use content explorer to review the labeled items and provide feedback whether the items match the classifier.

2020年 8月August 2020

聚光燈:有問必答風險和通訊相容性更新Spotlight: Insider risk and communication compliance updates

這個月的公開預覽的一些新增及增強功能:Several new and improved features hit public preview this month:

內部風險管理Insider risk management

  • 查看我們的六個新 原則範本Check out our six new policy templates:

    • 依優先使用者的資料洩漏Data leaks by priority users
    • 因不滿使用者的資料洩漏Data leaks by disgruntled users
    • 一般安全性原則違規General security policy violations
    • 脫離使用者的安全性原則違規Security policy violations by departing users
    • 依優先順序的使用者所破壞的安全性原則Security policy violations by priority users
    • 不滿的使用者違反安全性原則Security policy violations by disgruntled users
  • Microsoft defender For Endpoint 整合可讓您匯入並篩選 microsoft defender,以取得從新的安全性違規原則範本所建立的原則所偵測到的活動的端點警示。Integration with Microsoft Defender for Endpoint allows you to import and filter Microsoft Defender for Endpoint alerts for activities detected by policies created from the new security violation policy templates. 此外,還有相關的 內幕使用者風險設定 ,您可以選擇根據 Microsoft Defender for Endpoint alert 會審狀態,選擇匯入「內幕風險管理」的安全性警示。There’s also a related insider risk setting where you can choose to import security alerts to insider risk management based on the Microsoft Defender for Endpoint alert triage status.

    注意

    若要利用 Microsoft Defender 做為端點整合 (包括新的安全性原則違規模板) ,您的組織中必須設定 Microsoft Defender for Endpoint。To take advantage of Microsoft Defender for Endpoint integration (including the new security policy violation templates), you'll need to have Microsoft Defender for Endpoint configured in your organization. 您也必須 在 Microsoft defender For endpoint 中設定高級功能,以啟用內部使用者風險管理的 Microsoft defender 端點。You’ll also need to enable Microsoft Defender for Endpoint for insider risk management integration by configuring advanced features in Microsoft Defender for Endpoint.

  • 自訂 建立原則時的指示器閾值。Customize indicator thresholds when creating a policy.

  • 設定 優先順序的使用者群組 ,以定義組織中的使用者,其活動需要根據其位置、敏感資訊存取權或風險歷程等因素進行深入檢查。Set up priority user groups to define users in your organization whose activity requires closer inspection based on factors such as their position, level of access to sensitive information, or risk history.

  • 使用 Office 365 管理活動 APIs,將 內幕電腦風險警示詳細資料匯出 至組織可能用來管理或匯總「有問必答風險」資料的其他應用程式。Use Office 365 Management Activity APIs to export insider risk alert details to other applications your organization might use to manage or aggregate insider risk data.

  • 新的 網域設定 可協助您定義及控制特定網域中活動的風險層級。New domain settings help you define and control risk levels for activity in specific domains.

通訊合規性Communication compliance

  • 當您 在警示中檢查郵件時,您現在可以在 Microsoft 小組頻道、1:1 和群組聊天中移除不適當的郵件。When reviewing messages in an alert, you can now remove inappropriate messages in Microsoft Teams channels, 1:1, and group chats. 移除的郵件和內容會被取代,以解釋因敏感內容而被移除的原則提示。Removed messages and content are replaced with a policy tip that explains that it was removed due to sensitive content.
  • 新的 通訊角色 (也會包含在) 年9月發行的新通訊符合性角色群組中。New communication roles (these will also be included in new communication compliance role groups releasing in September).
  • 新的通訊相容性設定經驗包括 隱私權注意事項範本的設定。New communication compliance settings experience that includes settings for privacy and notice templates.
  • 新的 分類 器協助偵測成人、racy 及 gory 影像。New classifiers to help detect adult, racy, and gory images.
  • 提醒中檢查郵件 時出現新的「模式偵測」通知,可讓您瞭解使用者對相同行為的重複實例。New ‘Pattern detected’ notification that appears when reviewing messages in an alert lets you know about reoccurring instances of the same behavior by a user.

敏感度標籤Sensitivity labels

  • 針對美國政府租使用者(GCC、GCC-H,和DoD),目前僅支援 Azure 資訊保護統一標籤用戶端和掃描器的敏感標籤。For US Government tenants (GCC, GCC-H, and DoD), sensitivity labels are currently supported only for the Azure Information Protection unified labeling client and scanner. 如需詳細資訊,請參閱 Azure 資訊保護進階版政府服務描述For more information, see Azure Information Protection Premium Government Service Description.
  • 您現在可以 使用「安全性 & 規範中心」 PowerShell 建立及設定您在標記系統管理中心中看到的所有設定。You can now use Security & Compliance Center PowerShell to create and configure all settings you see in your labeling admin center. 這表示,除了使用 PowerShell 以用於標籤 admin center 以外的設定,您現在可以完全編寫敏感度標籤和敏感度標籤原則的建立及維護功能。This means that, in addition to using PowerShell for settings that aren't available in the labeling admin centers, you can now fully script the creation and maintenance of sensitivity labels and sensitivity label policies.

記錄管理:內容徹底檢修Records management: Content overhaul

涵蓋部署步驟、將內容標示為記錄及記錄版本的新檔:New docs covering deployment steps, marking content as records, and record versioning:

保留標籤 & 原則Retention labels & policies

保留相關的系統管理員活動現在已記錄下來,可在審核記錄中查看。Retention-related admin activity is now recorded and available to review in the audit log. 如需完整清單,請參閱保留原則和保留標籤活動For the full list, see Retention policy and retention label activities.

進階電子文件探索Advanced eDiscovery