Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

News & Events

Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

At Microsoft, we never stop working to protect you and your data. If the evolving cyberattacks over the past three years have taught us anything, it’s that threat actors are both cunning and committed. At every level of your enterprise, attackers never stop looking for a way in. The massive increase in data—2.5 quintillion bytes generated daily—has only increased the level of risk around data security.1 Organizations need to make sure their information is safe from malicious attacks, inadvertent disclosure, or theft. During the third quarter of 2022, insider risks, including human error, accounted for almost 35 percent of unauthorized access incidents.2 But on the positive side, we’re seeing a growing awareness across all areas of organizations about the need to safeguard data as a precious resource.

Our customers have been clear in voicing their need for a unified, comprehensive solution for data security and management, one that’s as scalable as their business needs. In the Go Beyond Data Protection with Microsoft Purview digital event on February 7, 2023, Alym Rayani, General Manager of Compliance and Privacy Marketing at Microsoft, and I will discuss Microsoft’s approach to data security, including how to create a defense-in-depth approach to protect your organization’s data. We’ll also introduce some groundbreaking innovations for our Microsoft Purview product line—such as Adaptive Protection for data powered by machine learning—and invite new customers to sign up for a free trial. We remain guided by our core belief that security is a team sport. So in this blog, I’ll address how our newest innovations can help your team keep your data safe while empowering productivity and collaboration. We’ll also look at steps you can take to build a layered data security defense within your organization.

A new approach for a new data landscape

We’ve all seen how the ongoing shift to a hybrid and multicloud environment is changing how organizations collaborate and access data. Considering the massive amounts of data generated and stored today, it’s easy to see how this creates a business liability. More than 80 percent of organizations rate theft or loss of personal data and intellectual property as high-impact insider risks.3 Often the risk stems from organizations making do with one-size-fits-all, content-centric data-protection policies that end up creating alert noise. This signal overload leaves admins scrambling as they manually adjust policy scope and triage alerts to identify critical risks. Fine-tuning broad, static policies can become a never-ending project that overwhelms security teams. What’s needed is a more adaptive solution to help organizations address the most critical risks dynamically, efficiently prioritizing their limited security resources on the highest risks and minimizing the impact of potential data security incidents.

Adaptive Protection in Microsoft Purview is the solution. This new capability, now in preview, leverages Insider Risk Management machine learning to understand how users are interacting with data, identify risky activities that may result in data security incidents, then automatically tailor Data Loss Prevention (DLP) controls based on the risk detected. With Adaptive Protection, DLP policies become dynamic, ensuring that the most effective policy—such as blocking data sharing—is applied only to high-risk users, while low-risk users can maintain their productivity. The result: your security operations team is now more efficient and empowered to do more with less.

Fortify your data security with a multilayered, cloud-scale approach

As I speak with customers, I continue to hear about their difficulties in managing a patchwork of data-governance solutions across a multicloud and multiplatform environment. Today’s hybrid workspaces require data to be accessed from a plethora of devices, apps, and services from around the world. With so many platforms and access points, it’s more critical than ever to have strong protections against data theft and leakage. For today’s environment, a defense-in-depth approach offers the best protection to fortify your data security. There are five components to this strategy, all of which can be enacted in whatever order suits your organization’s unique needs and possible regulatory requirements.

  1. Identify the data landscape: Before you can protect your sensitive data, you need to discover where it lives and how it’s accessed. That requires a solution that provides complete visibility into your entire data estate, whether on-premises, hybrid, or multicloud. Microsoft Purview offers a single pane of glass to view and manage your entire data estate from one place. As a unified solution, Microsoft Purview empowers you to easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Now in preview are more than 300 new, ready-to-use trainable classifiers for source code discovery, along with 23 new pre-trained out-of-the-box trainable classifiers that cover core business categories, such as finance, operations, human resources, and more.
  2. Protect sensitive data: Along with creating a holistic map, you’ll need to protect your data—both at rest and in transit. That’s where accurately labeling and classifying your data comes into play, so you can gain insights into how it’s being accessed, stored, and shared. Accurately tracking data will help prevent it from falling prey to leaks and breaches. Microsoft Purview Information Protection includes built-in labeling and data protection for Microsoft 365 apps and other Microsoft services, including sensitivity labels for Outlook appointments, invites, and Microsoft Teams chats. Microsoft Purview Information Protection also empowers users to apply customized protection policies, such as rights management, encryption, and more.
  3. Manage risks: Even when your data is mapped and labeled appropriately, you’ll need to take into account user context around the data and activities that may result in potential data security incidents. As I noted earlier, internal threats accounted for almost 35 percent of unauthorized access breaches during the third quarter of 2022.2 The best approach to addressing insider risk is a holistic approach bringing together the right people, processes, training, and tools. Microsoft Purview Insider Risk Management leverages built-in machine learning models to help detect the most critical risks and provides enriched investigation tools to accelerate time to respond to potential data security incidents, such as data leaks and data theft. Recent updates include sequence detection starting with downloads from third-party sites and a new trend chart to show a user’s cumulative data exfiltration activities. And to help reduce noise and ensure safe and compliant communications, we’ve added a policy condition to exclude email blasts (such as bulk newsletters) from Microsoft Purview Communication Compliance policies.
  4. Prevent data loss: This includes unauthorized use of data. More than 85 percent of organizations do not feel confident they can detect and prevent the loss of sensitive data.4 An effective data loss protection solution needs to balance protection and productivity. It’s critical to ensure the proper access controls are in place and policies are set to prevent actions like improperly saving, storing, or printing sensitive data. Microsoft Purview Data Loss Prevention offers native, built-in protection against unauthorized data sharing, along with monitoring the use of sensitive data on endpoints, apps, and services. DLP controls can be extended to macOS endpoints, non-Microsoft apps through Microsoft Defender for Cloud apps, and to Google Chrome, providing comprehensive coverage across customers’ environments. We now also support in preview DLP controls in Firefox with the Microsoft Purview Extension for Firefox. And now with the general availability of the Microsoft Purview Data Loss Prevention migration assistant, you’re able to automatically detect your current policy configurations and create equivalent policies with minimal effort.
  5. Govern the data lifecycle: As data governance shifts toward business teams becoming stewards of their own data, it’s important that organizations create a unified approach across the enterprise. This kind of proactive lifecycle management leads to better data security and helps ensure that data is responsibly democratized for the user, where it can drive business value. Microsoft Purview Data Lifecycle Management can help accomplish this by providing a unified data-governance service that simplifies the management of your on-premises, multicloud, and software as a service (SaaS) data. Now in preview, simulation mode for retention labels will help you test and fine-tune automatic labeling before broad deployment.

And lastly, we’re making it easier for you to assess and monitor your compliance posture with integration between Microsoft Purview Compliance Manager and Microsoft Defender for Cloud. This new integration enables your security operations center to ingest any assessment in Defender for Cloud, simplifying your work by bringing together multiple services in a single pane of glass.

BRAMS Partnership with the leader

With its expertise, BRAMS offers you market-leading cloud solutions billed per use. With BRAMS, now you can unleash your full potential and focus on what matters most: Your activities. Thanks to its partnerships and collaboration with the biggest global cloud pioneers: Microsoft, Amazon Web Services, IBM Cloud and Google Cloud, Brams has become a multi-industry focus, to support companies of different sectors and sizes to move to the Cloud for more than two decades of expertise.

Get in touch with an Expert ..