{"id":21164,"date":"2023-02-06T09:01:02","date_gmt":"2023-02-06T17:01:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/02\/06\/news-14896\/"},"modified":"2023-02-06T09:01:02","modified_gmt":"2023-02-06T17:01:02","slug":"news-14896","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2023\/02\/06\/news-14896\/","title":{"rendered":"Introducing Adaptive Protection in Microsoft Purview\u2014People-centric data protection for a multiplatform world"},"content":{"rendered":"<p><strong>Credit to Author: Christine Barrett| Date: Mon, 06 Feb 2023 17:00:00 +0000<\/strong><\/p>\n<p>At Microsoft, we never stop working to protect you and your data. If the evolving cyberattacks over the past three years have taught us anything, it\u2019s that threat actors are both cunning and committed. At every level of your enterprise, attackers never stop looking for a way in. The massive increase in data\u20142.5 quintillion bytes generated daily\u2014has only increased the level of risk around data security.<sup>1<\/sup> Organizations need to make sure their information is safe from malicious attacks, inadvertent disclosure, or theft. During the third quarter of 2022, insider risks, including human error, accounted for almost 35 percent of unauthorized access incidents.<sup>2<\/sup> But on the positive side, we\u2019re seeing a growing awareness across all areas of organizations about the need to safeguard data as a precious resource.<\/p>\n<p>Our customers have been clear in voicing their need for a unified, comprehensive solution for data security and management, one that\u2019s as scalable as their business needs. In the Go Beyond Data Protection with Microsoft Purview <a href=\"https:\/\/mspurviewdigitalevent.eventcore.com\/?ocid=cmmiva9roly\" target=\"_blank\" rel=\"noreferrer noopener\">digital event<\/a> on February 7, 2023, Alym Rayani, General Manager of Compliance and Privacy Marketing at Microsoft, and I will discuss Microsoft\u2019s approach to data security, including how to create a defense-in-depth approach to protect your organization\u2019s data. We\u2019ll also introduce some groundbreaking innovations for our <a href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-purview\">Microsoft Purview<\/a> product line\u2014such as Adaptive Protection for data powered by machine learning\u2014and invite new customers to sign up for a <a href=\"http:\/\/aka.ms\/PurviewTrial\" target=\"_blank\" rel=\"noreferrer noopener\">free trial<\/a>. We remain guided by our core belief that security is a team sport. So in this blog, I\u2019ll address how our newest innovations can help your team keep your data safe while empowering productivity and collaboration. We\u2019ll also look at steps you can take to build a layered data security defense within your organization.<\/p>\n<h2>A new approach for a new data landscape<\/h2>\n<p>We\u2019ve all seen how the ongoing shift to a hybrid and multicloud environment is changing how organizations collaborate and access data. Considering the massive amounts of data generated and stored today, it\u2019s easy to see how this creates a business liability. More than 80 percent of organizations rate theft or loss of personal data and intellectual property as high-impact insider risks.<sup>3<\/sup> Often the risk stems from organizations making do with one-size-fits-all, content-centric data-protection policies that end up creating alert noise. This signal overload leaves admins scrambling as they manually adjust policy scope and triage alerts to identify critical risks. Fine-tuning broad, static policies can become a never-ending project that overwhelms security teams. What\u2019s needed is a more adaptive solution to help organizations address the most critical risks dynamically, efficiently prioritizing their limited security resources on the highest risks and minimizing the impact of potential data security incidents.<\/p>\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-1024x623.png\" alt=\"Venn diagram showing how Adaptive Protection optimizes data protection automatically by balancing content-centric controls and people-centric context. \" class=\"wp-image-125743\" width=\"840\" height=\"511\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-1024x623.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-300x182.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-768x467.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-1536x934.png 1536w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1-440x268.png 440w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture2-1.png 2020w\" sizes=\"auto, (max-width: 840px) 100vw, 840px\" \/><\/figure>\n<p><a href=\"https:\/\/aka.ms\/adaptiveprotection\/blog\" target=\"_blank\" rel=\"noreferrer noopener\">Adaptive Protection in Microsoft Purview<\/a> is the solution. This new capability, now in preview, leverages Insider Risk Management machine learning to understand how users are interacting with data, identify risky activities that may result in data security incidents, then automatically tailor Data Loss Prevention (DLP) controls based on the risk detected. With Adaptive Protection, DLP policies become dynamic, ensuring that the most effective policy\u2014such as blocking data sharing\u2014is applied only to high-risk users, while low-risk users can maintain their productivity. The result: your security operations team is now more efficient and empowered to do more with less.<\/p>\n<p><iframe loading=\"lazy\" title=\"Video Player\" src=\"https:\/\/www.microsoft.com\/en-us\/videoplayer\/embed\/RE5fZuO\" class=\"c-video\" frameborder=\"0\" width=\"100%\" height=\"420\" allowfullscreen=\"true\" style=\"\"><\/iframe><\/p>\n<h2>Adaptive Protection in action<\/h2>\n<p>Let\u2019s take a look at how Adaptive Protection can benefit your organization in everyday use. Imagine there\u2019s a company named Contoso where Rebecca and Chris work together on a confidential project. Rebecca and Chris both try to print a file related to that project. Rebecca gets a policy tip to educate her that the file contains confidential information and that she will need to provide a business justification before printing. But when Chris tries to print the file, he gets blocked outright by Contoso\u2019s endpoint DLP policy.&nbsp;<\/p>\n<p>So, why do Rebecca and Chris have different experiences? The security team at Contoso uses <strong>Adaptive Protection<\/strong>, which detected that Chris has a privileged admin role at Contoso, and he had previously taken a series of exfiltration actions that may result in potential data security incidents. As Chris\u2019s risk level increased, a stricter DLP policy was automatically applied to him to help mitigate those risks and minimize potential negative data security impacts early on. On the other hand, Rebecca has only a moderate risk level, so Adaptive Protection can educate her on proper data-handling practices while not blocking her ability to collaborate. This also influences positive behavior changes and reduces organizational data risks. For both Rebecca and Chris, the policy controls constantly adjust. In this way, when a user\u2019s risk level changes, an appropriate policy is dynamically applied to match the new risk level.<\/p>\n<p>With Adaptive Protection, Contoso\u2019s security team no longer needs to spend time painstakingly adding or removing users based on events, such as an employee leaving or working on a confidential project, to prevent data breaches. In this way, Adaptive Protection not only helps reduce the security team\u2019s workload, but also makes DLP more effective by optimizing the policies continuously.<\/p>\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"1024\" height=\"360\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture3-2-1024x360.png\" alt=\"Chart showing how Adaptive Protection applies Data Loss Prevention policies dynamically based on users\u2019 risk levels detected by Insider Risk Management.\" class=\"wp-image-125744\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture3-2-1024x360.png 1024w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture3-2-300x106.png 300w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture3-2-768x270.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/01\/Picture3-2.png 1341w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<p>Adaptive Protection in Microsoft Purview integrates the breadth of intelligence in Insider Risk Management with the depth of protection in DLP, empowering security teams to focus on building strategic data security initiatives and maturing their data security programs. Machine learning enables Adaptive Protection controls to automatically respond, so your organization can protect more (with less) while still maintaining workplace productivity. You can learn more about Adaptive Protection and watch the demo in this <a href=\"https:\/\/www.youtube.com\/watch?v=9GLsxvtoLWE\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Mechanics video<\/a>.<\/p>\n<h2>Fortify your data security with a multilayered, cloud-scale approach<\/h2>\n<p>As I speak with customers, I continue to hear about their difficulties in managing a patchwork of data-governance solutions across a multicloud and multiplatform environment. Today\u2019s hybrid workspaces require data to be accessed from a plethora of devices, apps, and services from around the world. With so many platforms and access points, it\u2019s more critical than ever to have strong protections against data theft and leakage. For today\u2019s environment, a <strong>defense-in-depth approach <\/strong>offers the best protection to fortify your data security. There are five components to this strategy, all of which can be enacted in whatever order suits your organization\u2019s unique needs and possible regulatory requirements.<\/p>\n<ol>\n<li><strong>Identify the data landscape: <\/strong>Before you can protect your sensitive data, you need to discover where it lives and how it\u2019s accessed. That requires a solution that provides complete visibility into your entire data estate, whether on-premises, hybrid, or multicloud. <a href=\"https:\/\/www.microsoft.com\/security\/business\/microsoft-purview\">Microsoft Purview<\/a> offers a single pane of glass to view and manage your entire data estate from one place. As a unified solution, Microsoft Purview empowers you to easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Now in preview are more than 300 new, ready-to-use trainable classifiers for source code discovery, along with 23 new pre-trained out-of-the-box trainable classifiers that cover core business categories, such as finance, operations, human resources, and more.<\/li>\n<li><strong>Protect sensitive data: <\/strong>Along with creating a holistic map, you\u2019ll need to <a href=\"https:\/\/aka.ms\/TrainableClassifiersFeb23\" target=\"_blank\" rel=\"noreferrer noopener\">protect your data\u2014both at rest and in transit<\/a>. That\u2019s where accurately labeling and classifying your data comes into play, so you can gain insights into how it\u2019s being accessed, stored, and shared. Accurately tracking data will help prevent it from falling prey to leaks and breaches. <a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-information-protection\">Microsoft Purview Information Protection<\/a> includes built-in labeling and data protection for Microsoft 365 apps and other Microsoft services, including sensitivity labels for Outlook appointments, invites, and Microsoft Teams chats. Microsoft Purview Information Protection also empowers users to apply customized protection policies, such as rights management, encryption, and more.<\/li>\n<li><strong>Manage risks:<\/strong> Even when your data is mapped and labeled appropriately, you\u2019ll need to take into account user context around the data and activities that may result in potential data security incidents. As I noted earlier, internal threats accounted for almost 35 percent of unauthorized access breaches during the third quarter of 2022.<sup>2<\/sup> The best approach to addressing insider risk is a holistic approach bringing together the right people, processes, training, and tools. Microsoft Purview Insider Risk Management leverages built-in machine learning models to help detect the most critical risks and provides enriched investigation tools to accelerate time to respond to potential data security incidents, such as data leaks and data theft. <a href=\"https:\/\/Aka.ms\/insiderriskblog\" target=\"_blank\" rel=\"noreferrer noopener\">Recent updates<\/a> include sequence detection starting with downloads from third-party sites and a new trend chart to show a user\u2019s cumulative data exfiltration activities. And to help reduce noise and ensure safe and compliant communications, we\u2019ve added a policy condition to exclude email blasts (such as bulk newsletters) from <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/security-compliance-and-identity\/identify-business-conduct-violations-with-microsoft-purview\/ba-p\/3687324\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview Communication Compliance<\/a> policies.<\/li>\n<li><strong>Prevent data loss: <\/strong>This includes unauthorized use of data. More than 85 percent of organizations do not feel confident they can detect and <a href=\"https:\/\/aka.ms\/DLPblog\" target=\"_blank\" rel=\"noreferrer noopener\">prevent the loss of sensitive data<\/a>.<sup>4<\/sup> An effective data loss protection solution needs to balance protection and productivity. It\u2019s critical to ensure the proper access controls are in place and policies are set to prevent actions like improperly saving, storing, or printing sensitive data. <a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-data-loss-prevention\">Microsoft Purview Data Loss Prevention<\/a> offers native, built-in protection against unauthorized data sharing, along with monitoring the use of sensitive data on endpoints, apps, and services. DLP controls can be extended to macOS endpoints, non-Microsoft apps through Microsoft Defender for Cloud apps, and to Google Chrome, providing comprehensive coverage across customers\u2019 environments. We now also support in preview DLP controls in Firefox with the <a href=\"https:\/\/learn.microsoft.com\/microsoft-365\/compliance\/dlp-firefox-extension-get-started?view=o365-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview Extension<\/a> for Firefox. And now with the general availability of the <a href=\"https:\/\/aka.ms\/DLPMigrationAssistantDocs\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview Data Loss Prevention migration assistant<\/a>, you\u2019re able to automatically detect your current policy configurations and create equivalent policies with minimal effort.<\/li>\n<li><strong>Govern the data lifecycle: <\/strong>As data governance shifts toward business teams becoming stewards of their own data, it\u2019s important that organizations create a unified approach across the enterprise. This kind of <a href=\"http:\/\/aka.ms\/DLM\/GoBeyond\" target=\"_blank\" rel=\"noreferrer noopener\">proactive lifecycle management<\/a> leads to better data security and helps ensure that data is responsibly democratized for the user, where it can drive business value. <a href=\"https:\/\/www.microsoft.com\/security\/business\/information-protection\/microsoft-purview-data-lifecycle-management\">Microsoft Purview Data Lifecycle Management<\/a> can help accomplish this by providing a unified data-governance service that simplifies the management of your on-premises, multicloud, and software as a service (SaaS) data. Now in preview, simulation mode for retention labels will help you test and fine-tune automatic labeling before broad deployment.<\/li>\n<\/ol>\n<p>And lastly, we\u2019re making it easier for you to assess and monitor your compliance posture with integration between <a href=\"https:\/\/aka.ms\/CM\/GoBeyond\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview Compliance Manager and Microsoft Defender for Cloud<\/a>. This new integration enables your security operations center to ingest any assessment in Defender for Cloud, simplifying your work by bringing together multiple services in a single pane of glass.<\/p>\n<h2>Data protection that keeps you moving forward fearlessly<\/h2>\n<p>Data is the oxygen of digital transformation. And in the same way that oxygen both sustains life and feeds a fire, each organization must strike a balance between ready access to data and securing its combustible elements. At Microsoft, we don\u2019t believe your business should have to sacrifice productivity for greater data protection. This is where <a href=\"https:\/\/aka.ms\/adaptiveprotection\/blog\" target=\"_blank\" rel=\"noreferrer noopener\">Adaptive Protection in Microsoft Purview<\/a> excels\u2014empowering your security operations center to efficiently safeguard sensitive data with the power of machine learning and cloud technology\u2014without interfering with business processes. If you\u2019re not already a Microsoft Purview customer, be sure to sign up for a <a href=\"http:\/\/aka.ms\/PurviewTrial\" target=\"_blank\" rel=\"noreferrer noopener\">free trial<\/a>.&nbsp;<\/p>\n<p>Mark your calendar for <strong>Microsoft Secure<\/strong> on <strong>March 28, 2023<\/strong>, where you\u2019ll hear about even more Microsoft Purview innovations. This new digital event will bring together customers, partners, and the defender community to learn and share comprehensive strategies across security, compliance, identity, management, and privacy. We\u2019ll cover important topics such as the threat landscape, how Microsoft defends itself and its customers, the challenges security teams face daily, and the future of security innovation. <\/p>\n<h2>Learn more<\/h2>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Security<\/a>) and Twitter (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>)&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<div style=\"height:53px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n<p><sup>1<\/sup><a href=\"https:\/\/techjury.net\/blog\/how-much-data-is-created-every-day\/#gref\" target=\"_blank\" rel=\"noreferrer noopener\">How Much Data Is Created Every Day in 2022?<\/a> Jacquelyn Bulao. January 26, 2023.<\/p>\n<p><sup>2<\/sup><a href=\"https:\/\/www.securitymagazine.com\/articles\/98591-insider-threat-peaks-to-highest-level-in-q3-2022\" target=\"_blank\" rel=\"noreferrer noopener\">Insider threat peaks to highest level in Q3 2022<\/a>, Maria Henriquez. November 2022.<\/p>\n<p><sup>3<\/sup><a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE59jhs\" target=\"_blank\" rel=\"noreferrer noopener\">Build a Holistic Insider Risk Management Program<\/a>, Microsoft. October 2022.<\/p>\n<p><sup>4<\/sup><a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/2021\/results-and-analysis\/\" target=\"_blank\" rel=\"noreferrer noopener\">2021 Verizon Data Breach Report<\/a>. 2021.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/06\/introducing-adaptive-protection-in-microsoft-purview-people-centric-data-protection-for-a-multiplatform-world\/\">Introducing Adaptive Protection in Microsoft Purview\u2014People-centric data protection for a multiplatform world<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/06\/introducing-adaptive-protection-in-microsoft-purview-people-centric-data-protection-for-a-multiplatform-world\/\" target=\"bwo\" >https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Christine Barrett| Date: Mon, 06 Feb 2023 17:00:00 +0000<\/strong><\/p>\n<p>Learn how machine learning in Microsoft Purview enables people-centric data protection and saves your security teams time.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/02\/06\/introducing-adaptive-protection-in-microsoft-purview-people-centric-data-protection-for-a-multiplatform-world\/\">Introducing Adaptive Protection in Microsoft Purview\u2014People-centric data protection for a multiplatform world<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\">Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[25159,4500,22073,11671],"class_list":["post-21164","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","tag-compliance-series","tag-cybersecurity","tag-data-governance","tag-data-loss-prevention"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21164"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21164\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}