Microsoft Ignite 2022: Top security announcements

clock • 8 min read

Announcements include Defender for DevOps, automatic ransomware attack disruption with Microsoft 365 Defender and a new public preview of Microsoft Entra Identity Governance.

Changes to Microsoft Purview

At Ignite 2022, Microsoft introduced new features for Purview Information Protection, including a preview of out-of-the-box trainable classifiers.

Microsoft will offer more than 20 classifiers to automate the classification of more than 30 types of sensitive content in various categories, according to the company.

Purview Information Protection for Adobe Document Cloud is now generally available, according to Microsoft.

The company also launched previews of new built-in features in Office and a scanner admin experience in Azure Information Protection.

The new built-in Office features include a more visible sensitivity bar and S/MIME (secure/multipurpose internet mail extensions) encryption in Outlook emails, according to Microsoft.

Along with this, a premium version of Purview eDiscovery can now capture reactions to Teams messages and conversations to see who reacted to a message and how - thumbs up, heard, laugh, and so on. Users can also see reactions to edited and deleted messages.

Purview's Insider Risk Management service received new capabilities in preview, including triage and detection enhancements, improved analytics assessment insights, insights for potential high-impact users and an integration with Communication Compliance, according to Microsoft.

More previews for Purview include an authorised printer feature for grouping devices and designating restrictive actions within Purview Data Loss Prevention (DLP). A similar feature for USB devices is in preview, with users able to make authorised and unauthorised device groups based on serial numbers.

A feature for authorised network share paths, using network locations as DLP conditions and sanctioned and unsanctioned site groups for sensitive files are also in preview, according to Microsoft.

Preview for Purview Data Lifecycle Management

Purview's Data Lifecycle Management received a host of updates in preview, including a retain shared versions capability. Retain shared versions allows users to keep an exact version of a file shared as a Microsoft Teams message or email link.

A Power Automate integration with Purview Data Lifecycle Management is in preview. The integration will allow for notifying users before data is deleted and other custom process building, according to Microsoft.

Also in preview are Graph APIs (application programming interfaces) for managing retention labels and event-based retention so that users can connect Purview Data Lifecycle Management to other systems.

Now generally available for Purview Data Lifecycle Management are retention labels for applying policies directly in the Microsoft Teams files tab, according to the vendor.

Azure Confidential VMs updates

Microsoft has a preview for an Azure Virtual Desktop confidential VM option. Users can turn to this option for desktop virtualization to ensure workloads in encrypted in memory, with data in use protected, according to the vendor.

The company has also made generally available confidential VM node pools for Azure Kubernetes Service (AKS), with the goal of making lift-and-shift of Linux container workloads to Azure.

The VMs are based on 3rd Gen AMD EPYC processors with Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP), according to Microsoft.

More security announcements from Ignite 2022

During Ignite 2022, Microsoft announced a preview of IP Protection for small and midsize businesses to provide adaptive real-time policy tuning, detailed attack analytics, service-level agreement (SLA) guarantees and other enterprise-grade capabilities.

Users of IP Protection will have the option for distributed denial of service (DDoS) protection on a single public IP, according to Microsoft.

Microsoft also launched a limited-time sale of 50% off Defender for Endpoint Plan 1 and Plan 2 licences, according to the company.

Now generally available are new options for ingesting and archiving data with Microsoft Sentinel, the vendor announced.

The new features include basic logs for ingesting data and incident investigation, archived logs for long-term storage searchable up to seven years and log restore.

Microsoft 365 E3 and E5 licence holders gained a new version of Audit Search that can run 10 concurrent jobs and review the progress%age, result number and job status from the user interface (UI), according to Microsoft.

Results are stored for 30 days and accessible after completion. Users can filter and export data. And browser windows can also be closed during searches, according to Microsoft.

A preview is now available for a premium version of eDiscovery that allows discovery of versions of a document at the time it was shared.

A version of this article first appeared on Computing's sister title CRN.

Related Topics

You may also like
Microsoft May Patch Tuesday fixes two actively exploited zero days

Threats and Risks

Microsoft May Patch Tuesday fixes two actively exploited zero days

Microsoft has fixed 60 Windows CVEs in its May Patch Tuesday update, two of which are actively exploited zero days. One is a critical vulnerability, earning an 8.8 CVSS rating.

clock 15 May 2024 • 3 min read
Chancellor wants to build $1tn 'British Microsoft'

Leadership

Chancellor wants to build $1tn 'British Microsoft'

Aims to challenge US giants with looser regulations

clock 14 May 2024 • 3 min read
Microsoft faces renewed antitrust charges in EU over Teams dominance

Compliance

Microsoft faces renewed antitrust charges in EU over Teams dominance

Global unbundling of Teams insufficient concession

clock 14 May 2024 • 2 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security Technology

Wales launches CymruSOC, the UK's first national cybersecurity operations centre
Security Technology

Wales launches CymruSOC, the UK's first national cybersecurity operations centre

A ‘defend as one' approach for public services

John Leonard
John Leonard
clock 10 May 2024 • 1 min read
How a council consolidated security tools and saved 40%
Security Technology

How a council consolidated security tools and saved 40%

Savings came from lower licencing costs and fewer training and service requirements

John Leonard
John Leonard
clock 24 April 2024 • 4 min read
Qualys announces service to help organisations comply with UK NCSC cyber guidance
Security Technology

Qualys announces service to help organisations comply with UK NCSC cyber guidance

NCSC advises patching window of 5-7 days; UK currently stands at 15-17 days MTTR.

John Leonard
John Leonard
clock 17 April 2024 • 3 min read