Podcasts about microsoft purview

Boost data security and automate prioritization for data alerts with Security Copilot-powered Alert Triage Agents for Microsoft Purview Data Loss Prevention and Insider Risk Management. Surface the highest-risk alerts across your environment, no matter their default severity, and take action. Customize how your agents reason, teach them what matters to your organization, and continuously refine to reduce time-to-resolution. Talhah Mir, Microsoft Purview Principal GPM, shows how to triage, investigate, and contain potential data risks before they escalate. ► QUICK LINKS:  00:00 - Agents in Microsoft Purview 00:58 - Alert Triage Agent for DLP 01:54 - Customize Agents 03:32 - View prioritized alerts 05:17 - Calibrate Agent Behavior with Feedback 06:38 - Track Agent Performance and Usage 07:34 - Wrap up ► Link References Check out https://aka.ms/PurviewTriageAgents ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

In part two of our Microsoft Build special, the trio continues exploring updates. They dig into the Azure AI Foundry Agent Service and local deployment options, and take a look at the new Digital Twin builder in Microsoft Fabric.SQL Server 2025 brings some notable features like native support for open formats and improvements vector functions, change event streaming and a new edition out there. Fabric mirroring also expands support to older SQL Server versions and PostgreSQL.And on the security side, Microsoft Purview gets smarter for AI scenarios, but it's the new Entra Agent ID that really stands out. Hosted on Acast. See acast.com/privacy for more information.

Heute geht's um ein Thema, das viele von uns betrifft, ohne dass wir es merken: Oversharing in OneDrive. Also: Wann wird Teilen eigentlich zu viel des Guten? Wie behält man den Überblick? Und was ist Microsoft Purview?

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM FULL SHOW NOTES https://www.microsoftinnovationpodcast.com/692 When organizations rush to adopt AI tools like Microsoft Copilot, they often overlook a critical prerequisite: a secure, well-structured data environment. In this episode, Åsne Holtklimpen—Cloud Solution Architect at Crayon and Microsoft MVP—shares how her journey from SharePoint veteran to Copilot expert revealed a hard truth: without strong information governance, AI can do more harm than good. Åsne walks us through real-world challenges, practical frameworks, and the mindset shift needed to make AI adoption safe, scalable, and truly transformative. KEY TAKEAWAYS Security Before AI: Successful Copilot implementation starts with robust information security—classification, labeling, and governance must come first. Start Small, Scale Smart: Åsne recommends a phased approach using Microsoft Purview, beginning with basic data classification before layering on policies and automation. Expose the Risks: Demonstrating real data exposure—like personal identity numbers or health info—helps organizations understand the urgency of securing their environments. AI Readiness ≠ Cloud Presence: Many companies assume they're ready for AI because they use Teams or SharePoint, but Åsne stresses the need for deeper structural alignment. Public Sector Pressure: Norway's public sector faces a mandate to adopt AI by 2030, but Åsne warns that without guidance and foundational readiness, this push could backfire.  RESOURCES MENTIONED

Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM FULL SHOW NOTES https://www.microsoftinnovationpodcast.com/691    What happens when cybercrime becomes as organized—and profitable—as a Fortune 500 company? In this episode, Louis Arthur-Brown, a cybersecurity leader and solutions partner at CodeStone, pulls back the curtain on the evolving threat landscape. From ransomware-as-a-service to deepfake deception, Louis shares real-world insights and practical strategies for defending your organization in an AI-accelerated world. Whether you're a tech leader or a curious professional, this conversation will sharpen your security instincts and help you build resilience where it matters most. KEY TAKEAWAYS Cybercrime is industrialized: Ransomware-as-a-service and affiliate models make it easy for anyone—even non-technical actors—to launch attacks for as little as $50. AI is amplifying threats: A 1,300% rise in phishing emails last year is just the beginning. Deepfakes and voice cloning are reshaping social engineering tactics. MFA and basic hygiene go a long way: Implementing multi-factor authentication and conditional access can block up to 92% of cyberattacks. Zero Trust is essential: Organizations must move beyond the “walled garden” mindset and adopt a “never trust, always verify” approach to access and data. Data strategy is security strategy: Tools like Microsoft Purview and Windows 365 help classify, protect, and monitor sensitive data—especially in AI-enabled environments.   RESOURCES MENTIONED

Unify and secure your data—no matter where it lives—without sacrificing control using OneLake security, part of Microsoft Fabric. With granular permissions down to the row, column, and table level, you can confidently manage access across engines like Power BI, Spark, and T-SQL, all from one place. Discover, label, and govern your data with clarity using the integrated OneLake catalog that surfaces the right items fast. Aaron Merrill, Microsoft Fabric Principal Program Manager, shows how you can stay in control, from security to discoverability—owning, sharing, and protecting data on your terms. ► QUICK LINKS: 00:00 - OneLake & Microsoft Fabric core concepts 01:28 - Table level security 02:11 - Column level security 03:06 - Power BI report 03:28 - Row level security 04:23 - Data classification options 05:19 - OneLake catalog 06:22 - View and manage data 06:48 - Governance 07:36 - Microsoft Fabric integration 07:59 - Wrap up ► Link References Check out our blog at https://aka.ms/OneLakeSecurity Sign up for a 60-day free trial at https://fabric.microsoft.com ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Stay in control as GenAI adoption accelerates across your organization using Data Security Posture Management for AI in Microsoft Purview. With built-in visibility into how AI apps and agents interact with sensitive data—whether inside Microsoft 365 or across unmanaged consumer tools—you can detect risks early, take decisive action, and enforce the right protections without slowing innovation. Monitor usage trends, investigate prompts and responses, and respond to potential data oversharing or policy violations in real time. From compliance-ready audit logs to adaptive data protection, you'll have the insights and tools to keep data secure as AI becomes a part of everyday work. Shilpa Ranganathan, Microsoft Purview Principal Group PM, shares how to balance GenAI innovation with enterprise-grade data governance and security. ► QUICK LINKS: 00:00 - GenAI app security, governance, & compliance 01:30 - Take Action with DSPM for AI 02:08 - Activity logging 02:32 - Control beyond Microsoft services 03:09 - Use DSPM for AI to monitor data risk 05:06 - ChatGPT Enterprise 05:36 - Set AI Agent guardrails using DSPM for AI 06:44 - Data oversharing 08:30 - Audit logs 09:19 - Wrap up ► Link References Check out https://aka.ms/SecureGovernAI ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.  • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Manage the rise of generative AI across your organization using the Copilot Control System in Microsoft 365. Control who can find, use, and create agents, define permissions, approve or block agent deployments, and configure billing models including pay-as-you-go or prepaid options. Get detailed visibility into how agents are used, which users and groups are driving consumption, and how much they're costing you. With Microsoft Purview integration, monitor for sensitive data exposure, track compliance risks, and audit agent activity to stay secure and aligned with your organization's data policies.  Jeremy Chapman, Director of Microsoft 365, shares how to configure, deploy, monitor, and secure AI agents at scale. ► QUICK LINKS: 00:00 - Copilot Control System 01:34 - Copilot Chat 02:21 - Manage agent use 03:23 - Agent deployment 04:09 - Visibility into how agents are used 05:10 - Copilot Dashboard 06:06 - DSPM for AI 06:47 - Microsoft Purview agent protections 07:32 - Wrap up ► Link References  Check out https://aka.ms/CopilotAgentControls ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Streamline your day with new, user-focused updates to Microsoft 365 Copilot. Jump into work faster with a redesigned layout that puts Chat, Search, and your agents front and center. New Copilot Search lets you yse natural language to find files, emails, and conversations—even if you don't remember exact keywords—and get instant summaries and previews without switching apps. Create high-impact visuals, documents, and videos in seconds with the new Copilot Create experience, complete with support for brand templates. Tap into powerful agents like Researcher and Analyst to handle deep tasks or build your own with ease. And if you manage Copilot across your organization, you now have better tools to deploy, monitor, and secure AI use—all from a single view. ► QUICK LINKS: 00:00 - Microsoft 365 Copilot new capabilities 00:36 - Microsoft 365 Copilot app 01:49 - Copilot Search 03:09 - Specialized agents 04:06 - Create experience 06:07 - Copilot Notebooks 07:40 - Updates for IT admins 08:16 - Data security with AI apps & agents in Purview 08:51 - Reports 09:20 - Wrap up ► Link References Check out https://aka.ms/CopilotWave2Spring ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Use Microsoft Purview and Microsoft 365 Copilot together to build a secure, enterprise-ready foundation for generative AI. Apply existing data protection and compliance controls, gain visibility into AI usage, and reduce risk from oversharing or insider threats. Classify, restrict, and monitor sensitive data used in Copilot interactions. Investigate risky behavior, enforce dynamic policies, and block inappropriate use—all from within your Microsoft 365 environment.  Erica Toelle, Microsoft Purview Senior Product Manager, shares how to implement these controls and proactively manage data risks in Copilot deployments.  ► QUICK LINKS: 00:00 - Microsoft Purview controls for Microsoft 365 Copilot 00:32 - Copilot security and privacy basics 01:47 - Built-in activity logging 02:24 - Discover and Prevent Data Loss with DSPM for AI 04:18 - Protect sensitive data in AI interactions 05:08 - Insider Risk Management 05:12 - Monitor and act on inappropriate AI use 07:14 - Wrap up ► Link References Check out https://aka.ms/M365CopilotwithPurview Watch our show on oversharing at https://aka.ms/OversharingMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Protect your organization's data with Microsoft Purview. Gain complete visibility into potential data leaks, from AI applications to unmanaged cloud services, and take immediate action to prevent unwanted data sharing. Microsoft Purview unifies data security controls across Microsoft 365 apps, the Edge browser, Windows and macOS endpoints, and even network communications over HTTPS —all in one place. Take control of your data security with automated risk insights, real-time policy enforcement, and seamless management across apps and devices. Strengthen compliance, block unauthorized transfers, and streamline policy creation to stay ahead of evolving threats. Roberto Yglesias, Microsoft Purview Principal GPM, goes beyond Data Loss Prevention (DLP) and shows how to ensure your data stays protected no matter where it goes. ► QUICK LINKS: 00:00 - Data Loss Prevention in Microsoft Purview 01:33 - Assess DLP Policies with DSPM 03:10 - DLP across apps and endpoints 04:13 - Unmanaged cloud apps in Edge browser 04:39 - Block file transfers across endpoints 05:27 - Network capabilities 06:41 - Updates for policy creation 08:58 - New options 09:36 - Wrap up ► Link References Get started at https://aka.ms/PurviewDLPUpdates ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

In this episode, we discuss and show the types of copilot interactions in Microsoft Purview that eDiscovery Administrators can search and see. https://learn.microsoft.com/en-us/purview/ediscovery-search-and-delete-copilot-data

Celebrate the 50 year anniversary of Microsoft. Like them or not you have to admire what they have been able to achieve and opportunities they have provided my business with their products and services. Unsurprisingly, AI was also part of that celebration with a raft of updates worth noting. Purview is big! If you haven't yet dived in then maybe it's time you did. Lots of things to learn in this episode. Brought to you by www.ciaopspatron.com Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS MS turn 50 50 Years of Microsoft | Our future is you Satya Nadella recreates Microsoft's first product Microsoft 50th anniversary + Copilot event Cheers to 50 years The origin story of Microsoft Source code - Bill Gates AI Your AI Companion Introducing Copilot Search in Bing Create pages with Copilot in SharePoint  Security Strengthen data security posture in the era of AI with Microsoft Purview Microsoft Purview – Data Security Posture Management (DSPM) for AI  Multi-workspace for Multi-tenant is now in Public Preview in Microsoft's Unified SecOps Platform Threat actors leverage tax season to deploy tax-themed phishing campaigns Why Windows Autopatch is the smart update solution New innovations in Microsoft Purview for protected, AI-ready data New innovations in Microsoft Entra to strengthen AI security and identity protection Building layered protection: New Microsoft Purview data security controls for the browser & network Windows 365 Maximize productivity and ROI with Windows 365: New innovations now generally available Vibe coding Introducing GitHub Copilot agent mode (preview)

Investigate data security, risk and leak cases faster by leveraging AI-driven insights with Microsoft Purview Data Security Investigations. This goes beyond the superficial metadata and activity-only signals found in incident management and SIEM tools, by analyzing the content itself within compromised files, emails, messages, and Microsoft Copilot interactions. Data Security Investigations allows you to pinpoint sensitive data and assess risks at a deeper level—quickly understanding the value of what's been exposed. Then by mapping connections between compromised data and activities, you can easily find the source of the security risk or exposure. And using real-time risk insights, you can also apply the right protections to minimize future vulnerabilities. Data Security Investigations is also integrated with Microsoft Defender incident management as part your broader SOC toolset. Nick Robinson, Microsoft Purview Principal Product Manager, joins Jeremy Chapman to share how to enhance your ability to safeguard critical information.  ► QUICK LINKS: 00:00 - Microsoft Purview Data Security Investigations 01:00 - Risks of data theft & data leaks 03:20 - Start an investigation 04:45 - Results of an investigation 06:15 - Vector-based search & semantic indexing 08:00 - Use AI for the investigation 09:21 - Map activities 10:44 - Connect SOC & Data Security teams 11:21 - Known leaked information 12:26 - Steps to get DSI up and running 13:15 - Wrap up  ► Link References Get started at https://aka.ms/DataSecurityInvestigations Stay up-to-date with our blog at https://aka.ms/DSIBlog ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Hallo Cloud Inspires Freunde, in dieser Folge freuen wir uns Alain Schneiter zu Gast zu haben, um mit ihm über das Thema Datensicherheit und Compliance mit Microsoft Purview zu sprechen. Al ist schon seit längerer Zeit imDefender Umfeld unterwegs und hat bereits viele PurviewProjekte umgesetzt. Er stellt uns Purview vor, wie es sich ins Defender for Cloud Umfeld integriert und welche Fallstricke und Best Practices zu betrachten sind, um Purview einzusetzen.Event Tipps 09.-10.04.2025 Windows Server Summit 2025 Leipzig11.04.2025 Expertslive Germany (Leipzig)20.05.2025 Swiss Microsoft Security SummitHilfreiche LinksAlain Schneiter | LinkedInMicrosoft Purview | Microsoft LearnLearn about Microsoft Purview | Microsoft Learn

In this episode of CISO Tradecraft, host G. Mark Hardy dives into the evolution, challenges, and solutions of Data Loss Prevention (DLP). From early methods like 'dirty word lists' in the military to advanced AI and machine learning models of today, discover how DLP technologies have developed to safeguard sensitive information. Learn about different DLP phases, regulatory impacts, and modern tools like Microsoft Purview that can help manage and classify data effectively. This episode is packed with valuable insights to help you tackle data security with confidence and efficiency. Transcripts https://docs.google.com/document/d/1u7owNI5P3WajJvRPIXbzrUYy-PCsRcfC References Crash course in Microsoft Purview: A guide to securing and managing your data estate Chapters 00:00 Introduction to Data Loss Prevention (DLP) 00:45 Early Days of DLP: Dirty Word Lists and Simple Networks 02:39 Evolution of DLP: Content Filtering and Endpoint Protection 06:05 Advanced Content Inspection and Policy Enforcement 09:19 Unified DLP and Cloud Adoption 16:04 Modern DLP: AI, Machine Learning, and Zero Trust 19:12 Implementing DLP with Microsoft Purview 28:59 Summary and Final Thoughts  

Easily access and unify your data for analytics and AI—no matter where it lives. With OneLake in Microsoft Fabric, you can connect to data across multiple clouds, databases, and formats without duplication. Use the OneLake catalog to quickly find and interact with your data, and let Copilot in Fabric help you transform and analyze it effortlessly. Eliminate barriers to working with your data using Shortcuts to virtualize external sources and Mirroring to keep databases and warehouses in sync—all without ETL. For deeper integration, leverage Data Factory's 180+ connectors to bring in structured, unstructured, and real-time streaming data at scale. Maraki Ketema from the Microsoft Fabric team shows how to combine these methods, ensuring fast, reliable access to quality data for analytics and AI workloads. ► QUICK LINKS: 00:00 - Access data wherever it lives 00:42 - Microsoft Fabric background 01:17 - Manage data with Microsoft Fabric 03:04 - Low latency 03:34 - How Shortcuts work  06:41 - Mirroring 08:10 - Open mirroring 08:40 - Low friction ways to bring data in 09:32 - Data Factory in Microsoft Fabric 10:52 - Build out your data flow 11:49 - Use built-in AI to ask questions of data 12:56 - OneLake catalog 13:36 - Data security & compliance 15:10 - Additional options to bring data in 15:42 - Wrap up ► Link References Watch our show on Real-Time Intelligence at https://aka.ms/MechanicsRTI Check out Open Mirroring at https://aka.ms/FabricOpenMirroring ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

With the Copilot Control System, you can control Copilot experiences spanning IT administrator tools used every day across the Microsoft 365, Microsoft Purview, and Power Platform admin centers. As an IT administrator, you're in control of Microsoft 365 Copilot and agent experiences, ensuring security and compliance while optimizing productivity. Copilot Control System focuses on three core areas, where Microsoft Copilot services and the agents you create and use have unmatched manageability and visibility, compared to other AI options. —Protect your data by enabling intelligent grounding on enterprise data that respects your organization's controls. —Management controls to govern access and usage by setting who can use Copilot and agents, while monitoring agent status and lifecycle.  —Report and measure impact with detailed insights into adoption patterns, usage, and ROI, to help you track and maximize business value. ► QUICK LINKS: 00:00 - Copilot Control System 00:40 - Data Protection 01:32 - Built-in Content Filters 02:33 - Management Controls 03:12 - Measurement and Reporting 03:59 - Wrap up ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Locate, access, and trust the data you need using Microsoft Purview's Unified Catalog. By leveraging AI-powered search and automated quality checks, you can use data across your organization while staying compliant and meeting privacy standards. With streamlined approval workflows, request and gain access to data quickly, collaborate with stakeholders, and ensure data quality across projects.  Daniel Hidalgo, Microsoft Purview Senior Product Manager, joins Jeremy Chapman to share how to manage data governance, drive better decisions, and support meaningful AI outcomes with Microsoft Purview.   ► QUICK LINKS: 00:00 - Microsoft Purview Data Governance 00:29 - Data visibility and access 01:46 - Universal data catalog 03:23 - Crowdsourcing approach 04:24 - Business user demo 06:58 - How it works 08:05 - Create new governance domain 08:53 - Define data products 09:39 - Automate data quality checks 10:33 - Day-to-day management 11:57 - Wrap up   ► Link References Get started at https://aka.ms/PurviewDataGovernance     ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft Power Platform has incredible security features, but it only gets better when the rest of the Microsoft Security stack gets included. In this example, Scott Magee joins the podcast to go over why Microsoft Purview and Microsoft Power Platform is a better together story to reduce risk and increase security.  Learn more about protecting your data with Microsoft Purview and Microsoft Power Platform: https://learn.microsoft.com/en-us/power-platform/release-plan/2023wave2/power-platform-governance-administration/monitor-protect-data-purview

Deze week zijn er veel nieuwe features aangekondigd voor Azure Kubernetes Services. Daarnaast hebben we het over hoe Copilot je kan helpen je Purview beter in te richten. Azure Kubernetes ServicesMeer over network-isolated AKS clustersHandleiding voor het herstellen van AKS-back-ups over regio's heenVerbeteringen in container image pull performance Microsoft Purview Data Security Posture ManagementNieuwe functies ter bescherming en governance van data Logic App resume from actionAlgemene beschikbaarheid van Resume From Action in Logic Apps Skype for Business, SCCM & Exchange Server updatesCU8 voor Skype for Business Server 2019Updates voor Exchange Server 2019 New Zealand regionOpening van Microsoft's datacenters in Nieuw-Zeeland Azure Automation Accounts limietenNieuwe limieten voor Azure Automation Accounts

Can government agencies use M365 Copilot? Soon! Richard chats with Angela Dugan about how government entities: federal, state, counties, and cities, are exploring the power of M365 Copilot. Angela talks about the US Government GCC process for making M365 Copilot available in the next few months. The conversation turns to the usual challenges of data governance and security - all the same problems any other organization would have with tools that explore every element of data. Getting your data estate in order isn't easy - but the potential benefits in government are tremendous - providing more services to constituents for less cost!LinksMicrosoft 365 Copilot GCCSharePointOneDrive for US GovernmentMicrosoft PurviewRecorded October 29, 2024

This week, we're live from ESPC 2024, and we'll talk with Jasper Oosterveld from Rubicon about Microsoft Purview. What is it? What's included? How should you approach your compliance and data security projects? What things to consider ? Also, we ask Jasper an unexpected question.(00:00) - Intro and catching up.(02:05) - Show content starts.Show links- Microsoft Purview- Jasper Oosterveld (Linkedin) - Give us feedback!

Summary In this episode, hosts Andy and Adam recap the key announcements from Microsoft Ignite, focusing on new features in Microsoft Edge, enhancements in Microsoft Teams for global collaboration, and significant updates in security management tools like Security Co-Pilot and Microsoft Purview. They discuss the importance of data security, the role of AI in improving security posture, and the latest improvements in Intune for device management. The conversation covers significant advancements in Microsoft's technology offerings, focusing on improvements in Intune for device management, updates to the Entra Suite and Security Service Edge, AI integration in security management, innovations in Defender for Cloud, and enhancements aimed at strengthening security posture for SMBs. Additionally, the discussion highlights new features in Windows 365 and concludes with insights into Microsoft's progress in quantum computing. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠ ---------------------------------------------------- Documentation: https://news.microsoft.com/ignite-2024-book-of-news/ ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Bluesky: https://bsky.app/profile/bluesecuritypod.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Bluesky: https://bsky.app/profile/ajawzero.com LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Stay ahead of evolving risks and mitigate vulnerabilities with Microsoft Purview Data Security Posture Management (DSPM). Gain prioritized visibility into data security risks, track unprotected sensitive information, and receive actionable insights. With built-in classifiers, automated risk assessments, and AI-powered capabilities like Security Copilot, you can identify and mitigate threats, ensuring a compliant data security environment. Talhah Mir, Microsoft Purview's Principal Group Product Manager, shows how to transform your data security strategy with automated, intelligent risk management and maintain continuous protection across your organization.   ► QUICK LINKS: 00:00 - Build and maintain a strong data security posture 01:25 - Start in Microsoft Purview Portal 02:14 - Microsoft Purview solutions 03:39 - Analytic reports 04:39 - Take action 05:30 - AI app-focused view 06:13 - View trends 06:59 - Add Security Copilot capabilities 09:37 - Wrap up   ► Link References Get started at https://aka.ms/DSPM   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Minimize risks that come with oversharing and potential data loss. Use Microsoft Purview and its new Data Security Posture Management (DSPM) for AI insights, along with new Data Loss Prevention policies for Microsoft 365 Copilot, and SharePoint Advanced Management, which is now included with Microsoft 365 Copilot. Automate site access reviews at scale and add controls to restrict access to sites if they contain highly sensitive information. Erica Toelle, Microsoft Purview Senior PM, shows how to control data visibility, automate site access reviews, and fine-tune permissions with Pilot, Deploy, Optimize phases. ► QUICK LINKS: 00:00 — Minimize risk of oversharing 01:24 — Oversharing scenarios 04:03 — How oversharing can occur 05:38 — Restrict discovery & limit access 06:36 — Scope sites 07:15 — Pilot phase 08:16 — Deploy phase 09:17 — Site access reviews 10:00 — Optimize phase 10:54 — Wrap up ► Link References Check out https://aka.ms/DeployM365Copilot  Watch our show on the basics of oversharing at https://aka.ms/SMBoversharing ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

It's OneDrive's turn in the spotlight. After a recent dedicated OneDrive event I have all the latest about updates and improvements that have been announced. Of course, there is plenty of other news also around security and Copilot as well as improvements to the new Outlook that you should check out. Thanks again for listening. Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Welcome to the New Era of Microsoft OneDrive: AI, Productivity, and Memories at Your Fingertips  Get to know Copilot in OneDrive Introducing Copilot in OneDrive: Now Generally Available What's New In Copilot | September 2024 New Copilot enhancements help small and medium-sized businesses innovate Introducing Copilot Labs and Copilot Vision New experiences coming to Copilot+ PCs and Windows 11 An AI companion for everyone  Create desktop flows using the AI Recorder  Token theft protection with Microsoft Entra, Intune, Defender XDR & Windows Use community queries to hunt more effectively across email and collaboration threats What's new in Microsoft Entra – September 2024  What is Microsoft Entra (and why use it)? Research Threat intelligence Microsoft Defender XDR Business email compromise Improved user experience for Dictate in new Outlook for Windows and Outlook for the web Getting started with the new Outlook for Windows Learn about the new Outlook for Windows Level Up Your Security Skills with the New Microsoft Sentinel Ninja Training! Microsoft Defender XDR Monthly news - October 2024  Windows 11, version 24H2 security baseline Windows 11, version 24H2: What's new for IT pros Security settings management is available for multi-tenant environments in Microsoft Defender XDR Implementing a secure by default approach with Microsoft Purview and address oversharing Microsoft Intune support for Apple Intelligence Microsoft is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms Microsoft Ignite  

Check out Microsoft 365 Copilot Wave Two updates, featuring Business Chat and the new Copilot Pages for enhanced collaboration, advancements in Excel data analysis, AI-driven file comparisons in OneDrive, and easy-to-create Copilot agents for automating business processes. If you are in IT, we'll show you improved integrations with our security and compliance stack. Mary Pasch, Principal Product Manager, joins Jeremy Chapman to walk through the updates, including what it means for Microsoft 365 admins. ► QUICK LINKS: 00:00 - Microsoft 365 Copilot Wave Two 00:45 - How Copilot is evolving 01:32 - BizChat and Copilot Pages 02:58 - Copilot in Excel 04:41 - Copilot using Python in Excel 06:05 - Compare and contrast documents 07:18 - Create Copilot agents from BizChat 08:44 - Create Copilot agents from SharePoint 10:12 - .copilot files 10:44 - Enterprise-grade data protection 13:54 - Wrap up   ► Link References Check out new Copilot experiences at https://aka.ms/CopilotWave2 Access advanced enterprise data protections at http://microsoft.com/copilot   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Prevent attackers from stealing your identity and data by protecting your tokens. In single sign-on systems like SAML and OAUTH, tokens are how services know who you are and what you can do. When you sign in to your machine with your Microsoft Entra ID account, you are getting a session token you can use to access things like your email, teams and other apps. Check out new capabilities like Credential Guard in Windows enforced by device policies in Intune, Token Protection enforcement in Microsoft Entra, and Token theft detections in Microsoft Sentinel and Defender XDR. Alex Weinert, from the Microsoft Entra team, explains what tokens are, how token theft works, and how to defend yourself from these attacks.   ► QUICK LINKS: 00:00 - Token theft attacks 01:39 - Token basics 02:59 - Token theft demo 03:41 - How to use token protection 05:22 - Additional Token theft defenses 06:25 - How to detect and shut down attacks 08:01 - Wrap up   ► Link References Get started at https://aka.ms/TokenTheftDefense   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

In this episode of the Security Swarm Podcast, host Andy Syrewicze and our regular guest, Paul Schnackenburg, provide a comprehensive overview of the Microsoft Defender ecosystem. They cover the various Defender products, including:  Defender for Endpoint - Microsoft's enterprise endpoint security solution with different licensing tiers  Defender for Identity - Cloud-based threat detection for on-premises Active Directory  Defender Vulnerability Management - Inventory and risk assessment of software on endpoints  Defender for IoT - Security for Internet of Things and operational technology environments  Defender for Cloud - Cloud security for Azure, AWS, and GCP resources  And Others!  They also discuss the "Defender adjacent" services like Microsoft Entra (identity), Microsoft Purview (data security/governance), and Microsoft Defender for Cloud Apps (CASB).  A key focus of the discussion is the complexity and management challenges that come with this expansive Defender suite. The host and the guest note the large number of different management portals, the difficulty of adequately configuring and leveraging all the features, and the need for dedicated security teams to utilize these enterprise-grade tools fully.   Further down the line, Andy and Paul explore the significant value that third-party security solutions can provide in augmenting or simplifying the M365 security experience. They highlight how third-party tools can offer easier deployment, management, and specialized capabilities that may be outside the core focus of the broader Defender ecosystem, thereby enhancing the overall security posture of an organization.   Overall, this episode takes a deep dive into the Microsoft Defender landscape, exploring the pros and cons of the comprehensive suite and offering insights on how organizations can optimize their security with a mix of Microsoft and third-party solutions.  CTA: Overwhelmed by the complexity of the Microsoft Defender ecosystem? Simplify your Microsoft 365 security, risk management, governance, compliance, and backup with 365 Total Protection by Hornetsecurity.  Key Takeaways:  The Microsoft Defender ecosystem has grown significantly beyond the basic antivirus/anti-malware solution, now encompassing a wide range of security products and services across endpoints, cloud, identity, and more.  Navigating the Defender suite can be challenging due to the sheer number of products, overlapping features, and disparate management portals, especially for smaller organizations without dedicated security teams.  Licensing for Defender products can be complex, with different SKUs (P1, P2, Business Premium, E3, E5) offering varying levels of functionality and requiring careful evaluation to ensure the right fit.  Third-party security solutions can provide value by offering simplified management, enhanced detection capabilities, and avoiding over-dependence on a single vendor (Microsoft) for an organization's security needs.  Proper configuration and ongoing optimization of Defender tools is difficult and time consuming, leaving the full potential of the suite to enterprises with dedicated security teams.  Microsoft Defender XDR (Extended Detection and Response) aims to integrate Defender products into a more cohesive security platform. Still, it requires significant resources and expertise to implement effectively.  Timestamps:  (02:00) Overview of the Microsoft Defender ecosystem  (07:00) Differences between Microsoft Defender for Endpoint P1, P2, and Business Premium  (13:00) Explanation of Microsoft Defender for Identity and its on-premises vs cloud components  (19:00) Discussion of Microsoft Defender Vulnerability Management and its challenges for small/medium businesses  (32:00) Value that third-party security solutions can provide compared to the Microsoft Defender suite  Episode Resources:  Security Swarm Episode on M365 Security Licensing

Microsoft Fabric seamlessly integrates with generative AI to enhance data-driven decision-making across your organization. It unifies data management and analysis, allowing for real-time insights and actions. With Real Time Intelligence, keeping grounding data for large language models (LLMs) up-to-date is simplified. This ensures that generative AI responses are based on the most current information, enhancing the relevance and accuracy of outputs. Microsoft Fabric also infuses generative AI experiences throughout its platform, with tools like Copilot in Fabric and Azure AI Studio enabling easy connection of unified data to sophisticated AI models.   ► QUICK LINKS: 00:00 - Unify data with Microsoft Fabric 00:35 - Unified data storage & real-time analysis 01:08 - Security with Microsoft Purview 01:25 - Real-Time Intelligence 02:05 - Integration with Azure AI Studio   ► Link References This is Part 3 of 3 in our series on leveraging generative AI. Watch our playlist at https://aka.ms/GenAIwithAzureDBs   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Summary In this episode of the Blue Security Podcast, Andy and Adam discuss Microsoft's Defender for Storage, a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. They highlight the three major impacts on data workloads: malicious file uploads, sensitive data exfiltration, and data corruption. The solution offers activity monitoring, malware scanning, and sensitive data threat detection. They also mention the pricing model, the integration with Microsoft Purview, and the ease of deployment using Azure Policy and Logic Apps. Takeaways -Defender for Storage is a cloud-native security solution for Azure Blob Storage, Azure Files, and Azure Data Lake Storage. -The solution protects against malicious file uploads, sensitive data exfiltration, and data corruption. -It offers activity monitoring, malware scanning, and sensitive data threat detection. -Integration with Microsoft Purview allows for seamless inheritance of sensitivity settings. -Deployment can be done through the Azure portal, Azure Policy, or infrastructure as code using the REST API. -Logic Apps can be used to automate responses and streamline security operations. -A pre-purchase plan is available for Defender for Cloud workloads, offering programmatic discounts and predictable billing. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ https://youtu.be/_DNCcy4V5Uo⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Documentation: ⁠https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Along with all the news and updates from the Microsoft Cloud I muse on the fact that the new Microsoft 365 Backup service may have been partially created to solve the storage issues of deleted data in Microsoft 365 environments. Just a theory, but listen along if you like to hear my thoughts.  Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Microsoft 365 Insider Round Up Microsoft Defender XDR - Monthly news - August 2024  Windows 365 at three years: Customer-centric solutions for security, management and productivity New Windows 365 features help provide a more secure workspace Windows 365 GPU-enabled Cloud PCs now generally available Supercharge Your Business: Simplify communications with AI in Microsoft Teams and Teams Phone Microsoft Announces General Availability of Microsoft 365 Backup and Microsoft 365 Backup Storage SharePoint roadmap pitstop: July 2024 What's new in Copilot | July 2024 What's New in Microsoft Teams | July 2024 Looking back on FY24: from Copilots empowering human achievement to leading AI Transformation Best practices AI and machine learning Microsoft Purview 3 min read New Microsoft whitepaper shares how to prepare your data for secure AI adoption Use WinGet 1.8 to download Microsoft Store apps Monitoring Microsoft Sentinel Reports with Dashboard Hub & Power BI Announcing quarantine release integration in MDO hunting experience!! Windows Security best practices for integrating and managing security tools Microsoft Purview Data Governance will be generally available September 1, 2024 Migrate ADAL apps to MSAL with enhanced insights Public Preview: New Azure Monitor Auxiliary Logs Plan Onyx Sleet uses array of malware to gather intelligence for North Korea Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture Try out the new Copilot in Planner (preview) today in the new Microsoft Planner in Teams OneDrive in-depth: Learning content The Microsoft Copilot Dashboard is now included with Copilot for Microsoft 365  Prompts to try in Copilot for Microsoft 365   

How are you protecting your organization's data? Richard chats with Joanne Klein about her work with Microsoft Purview to help with data protection, management, and governance. Joanne talks about a spike in data protection concerns from Microsoft Copilot - if you have been securing data through obscurity, you're in for a nasty surprise! Copilot has a knack for finding every nook and cranny of data. Proper data protection also means effective archiving - getting rid of out-of-date or irrelevant data. And then there are the security concerns around data retention - how do you need to keep, and for how long? Microsoft Purview can help with all these problems, but you must work with leadership to get things right!LinksMicrosoft PurviewAdaptive Prevention in PurviewRecorded June 10, 2024

In this episode, MVPs Christian Buckley (⁠@buckleyplanet⁠) and Ragnar Heil (⁠@ragnarh⁠) explore the complexities of managing content in Microsoft 365, from creation and collaboration to publication and retirement. We'll be joined by Microsoft expert ⁠Erica Toelle⁠, who will share her knowledge on utilizing intelligence and out-of-the-box tools to automate lifecycle management, ensuring robust governance, security, compliance, and knowledge management.  We'll explore the latest updates in Microsoft Purview to help manage the data lifecycle, including retention, archiving, and deletion strategies for Teams, documents, emails, and sites, and how we can leverage Microsoft Purview to gain visibility, safeguard information, and meet regulatory requirements seamlessly.  Don't miss this episode, which is packed with practical insights and actionable steps to enhance your organization's data governance framework. --- Send in a voice message: https://podcasters.spotify.com/pod/show/ragnarheil/message

Have you rolled out Microsoft Defender for Cloud? Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker. Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more! Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen! Check the links in the show notes for great resources, including an ebook on CNAPP strategy!LinksDefender for CloudOWASP Top 10 API Security RisksDefender for APIsMicrosoft SentinelData Security DashboardAttack PathsMicrosoft PurviewCloud Security Posture ManagementMicrosoft Copilot for SecuritySecurity Remediation with GovernanceDefender for Cloud ServiceNow IntegrationCNAPP Strategy EbookRecorded May 13, 2024

Anthony Diana and Samantha Walsh are joined by Lighthouse's Chris Baird as part of our series on what legal teams need to know about Microsoft 365 AI-driven productivity tool, Copilot. This episode presents an overview of the risks relating to Copilot's access to and use of privileged and sensitive data and how businesses can mitigate these risks, including using Microsoft 365's access control tools and user training.  In particular, the episode provides in-depth information about Microsoft 365's sensitivity labels and how they can be used to refine a business's approach to managing risk associated with privileged and sensitive data stored in Microsoft 365. ----more---- Transcript: Intro: Hello, and welcome to Tech Law Talks, a podcast brought to you by Reed Smith's Emerging Technologies Group. In each episode of this podcast, we will discuss cutting edge issues on technology, data, and the law. We will provide practical observations on a wide variety of technology and data topics to give you quick and actionable tips to address the issues you are dealing with every day.  Anthony: Hello, this is Anthony Diana, a partner here in Reed Smith's Emerging Technologies group, and welcome to Tech Law Talks and our podcast series on AI for legal departments with a focus on managing legal and regulatory risks with Microsoft Copilot that Reed Smith is presenting with Lighthouse. With me today are Sam Walsh from Reed Smith's Emerging Technologies Group and Chris Baird from Lighthouse. Welcome, guys. Just to level set, Copilot is sort of the AI tool that Microsoft has launched relatively recently to improve productivity within the Microsoft environment. There are a number of risks that we went through in a previous podcast that you have to consider, particularly legal departments, when you're launching Copilot within your organization. And let me just start to level set with Chris, if you could give a little bit of a technical background on how Copilot works.  Chris: Absolutely, Anthony. So thanks Thanks for having me. So I guess a couple of key points, because as we go through this conversation, things are going to come up around how Copilot is used. And you touched on it there. The key objective is to increase, improve data quality, increase productivity. So we want really good data in, want to maximize the data that we've got at our disposal and make the most of that data, make it available to Copilot. But we want to do so in a way that we're not oversharing data. We're not getting bad legacy data in, you know, stale data. And we're not getting data from departments that maybe we shouldn't have pulled it in, right? So that's one of the key things. We all know what Copilot does. In terms of its architecture, so think about it. You're in your Canvas, whatever your favorite Canvas is. It's Microsoft Word, it's Teams, it's PowerPoint. You're going to ask Copilot to give you some information to help you with a task, right? And the first piece of the architecture is you're going to make that request. Copilot's going to send a request into your Microsoft 365 tenant. Where is your data? It's going to use APIs. It's going to hit the Graph API. There's a whole semantic layer around that. And it's going to say, hey, I've got this guy, Chris. He wants to get access to this data. He's asking me this question. Have you got his data? And the first thing, really, there's this important term Microsoft use. They call it grounding. When you make your request into Copilot, whatever you request, you're going to get data back that's grounded to you. So you're not going to get data back from an open AI model, from Bing AI. You're only going to get data that's available to you. The issue with that is if you've got access to data you didn't know you had, you know, through poor governance. Maybe somebody shared a link with you two years ago. That data is going to be available to you as well. But what's going to happen, a few clever things happen from an architecture perspective. The graph gives a response. It says, hey, I've got Chris's data. It looks like this. That's going to go into the large language model. That's going to make it look beautiful and pass you all that data back in a way you can understand it. There's a final check that Copilot does at that point. It goes back to the graph and it says, I've got this response. I need to give it to the user. user, are there any compliance actions I need to perform on this response before I give it? And I think that's what we're going to focus on a lot today, Anthony, right? But the important thing is thinking about that grounding. And the one message I want to give to people listening is really, you know, don't be immediately scared and worried of Copilot. It respects a lot of the controls that are in there already. The challenge is if you have poor access control and governance, there are things that you need to work on.  Anthony: Yeah. And I think that's one of the challenges. I think a lot of legal departments don't know what access controls and what controls that the IT department has put in place into M365. And I think that's one of the things that you have to understand, right? I think that's one of the things we'll be talking about today is the importance of that. out. So Sam, just talking about what we're our focus today, which is on the risks associated with privileged information, highly confidential information, sensitive information. So can you just give a just a brief description of what those risks are?  Samantha: Sure. So I think one of the risks Chris just alluded to that Copilot is going to have access to information that you have access to, whether you know it or not. And so if you have privileged information that is sort of protected by just being in a spot maybe where people don't know it's there, but it's not necessarily controlled in terms of access, that could be coming up when people are using Copilot. I think another thing is Copilot returning information to people, you lose a bit of context for the information. And when you're talking about privilege and other types of sensitivity, sometimes you need some clues to alert you to the privilege or to the sensitive nature of the information. And if you're just getting a document sort of from the ether, and you don't know, you know, where it came from, and who put it there, you know, you're obscuring that sort of sensitive nature of the document potentially.  Anthony: Yeah. And then I guess the fear there is that you don't realize that it's privileged or highly confidential and you start sharing it, which causes all kinds of issues. And I think just generally for everyone is the regulators. And I think both on the privacy side, where there's a lot of concern about where you're using AI against personal information or highly sensitive personal information, as well as the SEC, which is very focused on material, not public information and how you're using AI against it. I think one of the things that people are going to be asking, the regulators are going to be saying, what controls do you have in place to make sure that it's not being used inappropriately? So again, I think that sets the groundwork for why we think this is important and you start setting things up. So one of the first things you do, let's talk about how you can manage the risk. I think one of the things you can do, right, which is pretty simple, is training, right? Like the users have to know how to do it. So Sam, what should they be thinking about in terms of training for this?  Samantha: I think you can sort of train users both on the inputs and maybe on what they're doing with the outputs from Copilot. I think there are certainly ways to prompt Copilot that maybe would reduce the risk that you're going to get just this information flooding in from parts unknown. known. And I think having clear rules about vetting of co-pilot responses or limitations on sort of just indiscriminately sharing co-pilot responses, you know, these are all kinds of things that you can train users in to try to sort of mitigate some of the data risk.  Anthony: Yeah, no, absolutely. And I think we're also seeing people just so in doing this and launching it, having user agreements that sort of say the same thing, right? What are the key risks? The user agreement says, make sure you're aware of these risks, including the risks that we've been talking about with sensitive information and how to use it. Okay, so now let's switch to more sort of from a technical perspective, some things you can do within the M365 environment to sort of protect this highly confidential information or sensitive information. Information so let's start with Chris sort of this concept of which i know is in there when you have a SharePoint online site or a team site that has a SharePoint online site i think one of the one of the things you can do is basically exclude those sites from co-pilot so if you give us a little a brief description of what that means and then a little bit about the pros and cons.  Chris: Yeah of course Anthony so that that control by the way that's that's nothing new. So for anybody that's administered SharePoint, you've always had the ability to control whether a site appears in search results or not. So it is that control, right? It's excluding sites from being available via search and via Copilot. You would do that at the SharePoint site level. So, you know, Microsoft makes that available. There's a couple of other controls, maybe one I'll mention in a second as well. These are kind of, I don't want to call it knee-jerk reaction, I guess I just did, but it's what are the quick things you can do if you want to get access to Copilot quickly and you're worried about some really sensitive information. And it is a knee-jerk, right? It's a sledgehammer to crack a door. You're going to turn off entire access to that whole site. But in reality, that site may have some real gems of data in that you want it to make accessible to Copilot. And you're going to miss that. The other quick win that's similar to that one, there's a product called Double Key Encryption. A lot of the products I'm going to talk about today are part of the Microsoft Purview stack. And as part of MIP, which is Microsoft Information Protection, we're definitely going to cover that, Anthony, shortly about labels. One thing you can do with the label is you can apply something called Double Key Encryption. And you would use your own encryption key. And that means Microsoft cannot see your data. So if you know you've got pockets of data that are really secret, really sensitive, but you want to activate Copilot quickly, you've got these options. You can disable a site from being available at search level. That's option one. The other option is at a data level. You can label it all as secret. That data is not going to be accessible at all to Copilot. But like I say, these are kind of really quick things that you can do that don't really fix the problem in the long term. don't help you get the best out of Copilot. The reason you're investing in Copilot is to get access to good quality data and hiding that data is a problem.  Anthony: Yeah. And I think one of the things that, and Microsoft has basically said, even though it's available, they've been pretty open about saying, this is not the way you should be managing the risks that we're talking about here. Because you do lose some functionality in that SharePoint site if you take it out of search. So it's an option if you're rushing. And that's basically why they said, If you frankly aren't comfortable and you haven't have all the controls in place and you really have certain data that you want excluded, it's an option. But I think, as you said, it's a sort of a knee-jerk short-term option if you really have to launch, but it's not a long-term solution. So, now let's focus a little bit on what they think is the right way to do it, which is, and first let's talk about the site level. I think you talked a little bit about this, is putting in this concept of a sensitivity label on a site. Now, before you do that, which we could talk about, is first you have to identify the site. So, Chris, why don't you talk a little bit about that, and then let's talk a little bit about the technical.  Chris: No, absolutely. So a couple of terminology things. When I talk about data classification, I'm talking about something different to applying a label. When I often say to a lot of my clients, data classification, they think, oh, that's confidential, highly confidential secret. What I mean when I talk about data classification is what is the data in its business context? What does it mean to the organization? Let's understand who the data owner is, what the risk of that data is if it falls into the wrong hands. What are the obligations around processing and handling and storing that data? How do we lifecycle it? So simple things would be, really simple things would be social security numbers, names, addresses, right? We're identifying data types. We can then build that up. We can move on from those simple things and we can do some really clever things to identify documents by their overall type, their shape, their structure. We can use machine learning models to train, to look for specific documents, case files, legal files, customer files, client files, right? We can train these machine learning classifiers. But the great thing is if you get a good handle on your classification, you will be able to discover and understand your data risk across your enterprise. So you'll see there are tools within Microsoft 365 Purview, Content Explorer, data classification. These tools will give you insights into SharePoint sites that you have in your organization that have high amounts of social security numbers, high amounts of case files, legal affairs documents, right? It's going to come back and tell you, these are the sites that have this type of information. And you can do that analysis. You don't have to go out and say, guys, you've got to put your hand up and tell us if you've got a SharePoint site with this information. The administrators, the guys that are running Purview, they can do that discovery and reach out to the business and go and discuss that SharePoint site. But Anthony, what you're talking about there is once you've identified that SharePoint site, you know, if we know we've got a SharePoint site that contains specific case files that are highly confidential, we can apply a highly confidential label to that site. And the label does a number of things. It visually marks the file, right? And what I mean by that, at a file level from a metadata perspective, anybody interacting with that file electronically will receive a pop-up dialogue on a ribbon or a pop-up. It's going to be front and center to say this file is labeled as highly confidential. I've also got options, which I'm sure we've all done before in the day-to-day work. You can mark the document itself across. You can put a watermark across the document to say it's highly confidential. You can put headers and footers on. So the label isn't just this little concept, but it takes it a step further even more. And this is where it really, really works with Copilot is you can define custom permissions at a label level. So we can say for highly confidential labels, we might have a label for a particular case, a particular project. And if it is a case label, then we could give permissions to only the people involved in that case. So only those people can open that file and that means only those people can talk about that file to copilot you know if you're not in that case Anthony if you're not part of that case and me and Sam are and i use that label you're going to ask copilot to give you all the information it can about that case you're not going to get any information back because you don't have the permissions that's on that source file so that's that's one of the first things that we can do is we can take that label and apply it to a sharepoint site and that's going to apply a default label across all the documents that are in that site. What we're really talking about here, by the way, when we talk about labels, is we're trying to plug a hole in access control and governance. So think about SharePoint management and hygiene. The issue is SharePoint has just grown exponentially for many organizations. You know, there's organic growth, you've got SharePoint migrations, but then you have this explosion of use once you're on SharePoint online. There's going to be public sites. There's going to be SharePoint sites that are public, that are available to everybody in your organization. There'll be poor JML processes, join and move and leave processes, where people who move departments, their access isn't revoked from a SharePoint site. The issue with Copilot is if the site access control isn't strict, if it's open and the file doesn't have permissions on the file, Copilot is going to be able to see that file. If it's public, it's going to be able to see that file, right? So with the label, where that differs to the permissions is it puts the access controls on the files that are in that SharePoint site directly. So if you lift those files from that site, if it is a public site and I take those files, I put it in another SharePoint site or I put it on my laptop, it carries the access control with it. And that's what's really important. That means that wherever that file goes, it's going to be hidden from Copilot if I don't have that access. That's the important thing. So, you know, sensitivity labels are a huge part of ensuring compliance for co-pilot, probably the biggest first step organizations can take, And I think you touch on the first step quite nicely, Anthony. A lot of our clients say, well, we're scared of labeling everything in the organization, going out immediately, doing all that discovery, labeling everything, right? Maybe just knock off the top SharePoint sites, the ones that you know contain the most sensitive data. Start there. Start applying those labels there.  Anthony: Yeah, and Sam, we've talked with some clients about using their provisioning process or attestation process, process lifecycle management to start gathering this information because it's a big project, right? If you have thousands of sites, the concept of figuring out which ones have that. Obviously, Chris talked about, so the technical way you could do it, which would be fantastic because that obviously, but there are other ways of low-tech ways of doing this.  Samantha: Right. Just kind of relying on your human resources to maybe take a little bit more of a manual approach to speaking up about what kind of sensitive data they have and where they're putting it.  Anthony: Which they may be doing already, right? I think that's one of the things that you have to track is like they may, an organization, you know, a specific business line may know where their data is. They just haven't told, they haven't told IT to do something with it. So I think it's just getting that information, gathering it through, you know, whether it's the provisioning process, you could do an attestation or survey or whatever, just to start. And then as Chris said, once you have an idea of what the highly confidential information sites are, then you start doing the work. And again, I think it's applying the labels. One of the things that I think, just to emphasize, and I want to make sure people understand this, is in the sensitivity labels, it's not an all or nothing. At least what I've seen, Chris, is that for each sensitivity label, right, and you could have different types of highly confidential information. Maybe it's sensitive personal information, maybe a material non-public information. Whatever it is, privileged information, you can have different settings. So, for example, you can have it where the site is in essence like a read-only, right, where nobody can touch it, nobody can transfer the data, you can't copy it. That's the most extreme. But then you can have others where it's a little bit more permissive. And as you said, you can tailor it so it could be, you know, certain people have it, certain groups or security groups or whatever, how you want to play. But there is some flexibility there. And I think that's where the legal departments have to get, you know, really talk to the IT folks and really look and figure out what are the options for just not just applying the sensitivity label, but what restrictions do we want to have in place for this?  Chris: Anthony as well like you know you you're touching on the really important thing there and I'm going to go back to what Sam had talked about earlier with training as well about culture but I guess you know the the important thing is finding the balance right so with a sensitivity label you are able as an administrator as an IT administrator you can define the permissions for that label so like I say you could have a high level and by the way you can have sub labels as well so let's go with a common scheme that we see, public, internal, confidential, highly confidential. We've got four labels. Highly confidential could be a parent label. And when we click on that, we get a number of sub labels and we could have sub labels for cases. We could have sub labels for departments. And at an administrative level, each of those labels can carry its own predefined permission. So the administrator defines those permissions. And exactly as you say, Anthony, you know, one of the great things about it, it's not just who can access it, it's what can they do with it. Do not forward, block reply to all. You can block screen share screen copy all of those kind of things save and edit it can block all of those things where i say you need to find a balance is that's going to become onerous for the administrator if every time there's a case you're going back for a new label for each case and you're going to end up with thousands of labels right so what microsoft gives you is an option to allow the users to define the permissions themselves and this is where it really works well for copilot but before i talk about what that option is i want to go back to what Sam said and talking about the training. One of the important things for me is really fostering a culture of data protection across the organization, making people realize the risk around their data, having frequent training, make that training fun, make it interactive if you can. At Lighthouse, our training is, it's kind of a Netflix style. There's some great coffee shop things where it's fun. We get to watch these little clips. But if you make people want to protect their data, when they realize data is going to be available to co-pilot now, they'll be invested in it, right? They'll want to work with you. So then when you come to do the training, Sam, you need to say, right, we're not going to use the administrative defined labels. It's too much burden on the admin. We're going to publish this label for highly confidential that allows the users to define the permissions themselves. And that's going to pop up in Word. If you're in your favorite canvas, you're in Word, you click highly confidential, it's going to pop up and say, what permissions do you want to set on this file? If you haven't trained, if you haven't fostered that culture of information protection amongst the user community, people are going to hate it, right? People aren't going to like that. So it's so important to start to engage and discuss and train and coach and just develop that culture. But when it's developed, people love it. People want to define the permissions. They want to be prescriptive. They want to make sure that information cannot be copied and extracted and so on. And anything you do at that level, again, it protects that data from being read in by Copilot. That's bringing that back to the whole purpose of it.  Anthony: And I would just say, again, that this all goes about prioritization because people are like, I have 50,000 people in my organization. There's no way I'm going to train everybody. You don't. I mean, obviously some, but there's only certain people who should have access to certain of this information, right? So you may want to train your HR people because they have a lot of the personal sensitive information, the benefits folks or whatever, because you have to break it down because I think a lot of people get caught up into, I'm never going to have 50,000 people do this, but you don't. Everyone has different things that come across their desk based on the business process that you're working on. So again, it's just thinking logically about this and prioritizing because I think people think training and, oh my God, I'm relying on the user and this is going to be too much. I think to your point is if you do it in chunks and say, okay, here's a business line that we think is really high risk, just train them on that. And like you said, it's part of their job, right? HR is not going to have like compensation. They're not throwing that everywhere in the organization. They shouldn't be right. But if they do, they know they're sensitive about it. And now you're just giving a tool, right? We know you want to protect this. Here's the tool to do it. So again, I think this is really important. Before we end I know, Chris, I think you had one more thing that you want to add, which was on the monitor monitoring side, which I had not heard of, but could you just talk a little bit about that?  Chris: You know, this is sort of really key information that you can think of going up to your leaders in your organization to say, look, we've got a roadmap for co-pilot adoption. It's X many months or however long it's going to take, but now we can implement some quick wins that really give us visibility. So there's a product, there's two products. Many of the listeners will probably know the second product that I'm about to talk about, but the first one might be new. There's a product called Communication Compliance. It's part of the Microsoft E5 or E5 Compliance or IP and Governance Suite. It's in Purview. Technically speaking, it's a digital surveillance product that looks at communications through Teams and throughout Look and through Viva. But what Microsoft has introduced, and this is a stroke of genius, it really is, they've introduced co-pilot monitoring. So the prompt and the responses for co-pilot can now be monitored by communication compliance. And what that means is we can create simple policies that say, if personal information, client information, case information. Is passed through a prompt or a response in Copilot. Let us know about it. We can take it a step further. If we get the sensitivity labels in, we can use the sensitivity labels as the condition on the policy as well. So now if we start to see highly confidential information spilling over in a Copilot response, we can get an alert on that as well. And that I think is just for many of the listeners, it's a quick win. You can go, cause you're going to be your CIO or, or, you know, your VP is going to be saying, we need Copilot. We want to use Copilot. that your CISO and your IT guys are saying, slow down. You can go to the CISOs and say, we've got some controls, guys. It's okay. Now, the other tool, which a lot of the listeners will know about is eDiscovery Premium. What you can do with communication compliance once you're alerted is you can raise a case in eDiscovery Premium to say, go and investigate that particular alert. And what that means is we can use the eDiscovery tools to do a search, a collection. We can export and download. We can look at a forensic level. What information came back in the response? And if it was data spillage, if that data came from a repository that we thought was secure, specific to some case or legal information, and now it's in the hands of a public-facing team in the organization, you can use the tools. You can use eDiscovery through the Graph API to go and delete that data, that newly created data. So two real quick wins there to think about is deploying communication compliance with eDiscovery.  Anthony: That's fantastic. Well, thanks, everybody. This was really helpful. We're going to have additional podcasts. We'll probably talk about e-discovery and retention alike in our next one. But thank you, Chris and Sam. This was highly informative. And thanks to our listeners. Welcome back. We hope you keep listening to our podcast. Thanks.  Outro: Tech Law Talks is a Reed Smith production. Our producers are Ali McCardell and Shannon Ryan. For more information about Reed Smith's Emerging Technologies practice, please email techlawtalks@reedsmith.com. You can find our podcasts on Spotify, Apple Podcasts, Google Podcasts, reedsmith.com, and our social media accounts.  Disclaimer: This podcast is provided for educational purposes. It does not constitute legal advice and is not intended to establish an attorney-client relationship, nor is it intended to suggest or establish standards of care applicable to particular lawyers in any given situation. All rights reserved. Transcript is auto-generated.

Prioritize incidents based on data significance, detect insider risks, and adapt protections in real-time with Microsoft Defender XDR and Microsoft Purview. Customize thresholds and risk indicators to detect anomalous behavior and prevent potential breaches with Adaptive Protection. Receive real-time DLP alerts triggered by policy matches, ensuring immediate action to safeguard sensitive data. Gain comprehensive visibility into threats and enforce policies across all devices and applications. Sravan Kumar Mera, Principal Product Manager for Microsoft Purview shares how to stay ahead of evolving threats and maintain data integrity.   ► QUICK LINKS: 00:00 - Prioritize security incidents based on data importance 00:42 - High severity multistage incident 01:29 - DLP alerts 02:24 - Insider risk activity summary 03:30 - Set up data security foundation 04:47 - Adaptive Protection 05:50 - DLP policy & Conditional Access 06:33 - Wrap up   ► Link References Get started at https://purview.microsoft.com Watch our data security playlist at https://aka.ms/datasecuritymechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics    

Navigating the Future of AI in M365 Governance: Insights from Compliance Unplugged” Microsoft RD and MVPs Christian Buckley and Ragnar Heil are interviewing Joanne and David, here are main questions and topics: What are the challenges of case management in records management, particularly with Microsoft Purview? What key strategies should businesses adopt to integrate case management within their records management systems effectively? What are the most significant gaps in Microsoft Purview Compliance and what are recommendations for organizations to bridge these gaps? The importance of backend automation for event triggers in Microsoft 365 is increasing. What are practical examples of HR systems? What advice do we give to smaller organizations with limited IT resources? How is “Compliance Unplugged Podcast” evolving in 2024? Which specific areas of M365 governance that you're particularly excited to explore? What is the role of employee training and awareness in strengthening M365 governance, especially in the context of new technologies like AI and machine learning? How can AI and Copilot help us in this journey and challenges? Join us live in an interactive interview discussion on January 17th (4pm CET, 7am PT, 10am ET) Check out also Show Notes and Summary at TekkiGurus --- Send in a voice message: https://podcasters.spotify.com/pod/show/ragnarheil/message

In this episode, "Unlocking the Power of Data with Microsoft Fabric", Hanh Brown, your host, discussed how Microsoft Fabric is revolutionizing data management and analytics for businesses. As the core of Microsoft's Intelligent Data Platform, Fabric brings together all the tools needed to turn data into actionable insights. It seamlessly integrates data sources, provides real-time analytics, and offers a user-friendly interface for business owners of all technical levels. The Fabric community fosters collaboration and knowledge-sharing, while the platform's AI-powered features like Copilot make data exploration more intuitive than ever. With robust security and governance capabilities through Microsoft Purview integration, Fabric ensures data protection. As Fabric continues to evolve with Microsoft's commitment to innovation, it empowers businesses to unlock the true potential of their data. The episode concludes by encouraging listeners to explore Fabric further and reach out to AI50, a Microsoft Gold Partner, for expert guidance and support in leveraging the platform.

How can Microsoft Copilot for Security help you? While at NDC in Sydney, Richard chatted with George Coldham about Microsoft Copilot for Security - combining GPT-4 with information about Microsoft security products and your organization's resources in Azure to provide guidance and insight into making your company more secure. George talks about how it's early days for this copilot - and it's only in preview so far. Bringing together the vast array of security products that Microsoft makes, Microsoft Copilot for Security brings the ability of Large Language Models to summarize data to help you understand where the organization's security vulnerabilities exist and how to address them. You want to get in on this preview!LinksMicrosoft Copilot for SecurityUnified Security Operations PlatformMicrosoft SentinelMicrosoft Security Portals and Admin CentersMicrosoft Defender for EndpointMicrosoft Defender for CloudMicrosoft EntraMicrosoft PurviewMicrosoft PrivaKusto Query LanguageMicrosoft Defender Threat IntelligenceRecorded February 13, 2024

A unified solution for comprehensive data protection with Microsoft Fabric and Microsoft Purview. Extend the security measures of Microsoft 365 to your schematized data, ensuring consistent protection across your entire data estate. From detecting insider risks to mitigating data loss and unauthorized sharing, leverage advanced visibility and control to safeguard sensitive information effectively. Daniel Hidalgo, Microsoft Purview Product Manager, shares how to simplify your security strategy and gain deeper insights into data risks.   ► QUICK LINKS: 00:00 - Unified solution to prevent data loss and detect data risk 01:36 - Microsoft Fabric experience 02:53 - Confidential labels are automatically inherited 03:16 - Detect sensitive information with DLP policies 04:03 - Create and publish a label 04:59 - Define protections 05:50 - Data Loss Prevention experience in Microsoft Purview 06:57 - Insider Risk Management with Microsoft Fabric 07:39 - Visibility of sensitive data with Microsoft Purview 08:19 - Wrap Up   ► Link References: Check out https://aka.ms/PurviewforFabric Watch our shows on Insider Risk Management, check out https://aka.ms/IRMMechanics    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

This episode of the Blue Security Podcast covers the announcements made at Microsoft Secure, focusing on Microsoft Copilot for Security, Microsoft Security Exposure Management, and updates to Microsoft Purview and Intune. The episode also highlights the integration of Copilot with Intune and the economic study that demonstrates the increased efficiency and accuracy of security analysts when using Copilot. Overall, the announcements showcase the advancements in Microsoft's security offerings and the value they bring to organizations. Takeaways -Microsoft Copilot for Security is a powerful tool that provides security analysts with AI-driven assistance in incident analysis, policy management, and more. -The licensing model for Copilot for Security is consumption-based, allowing organizations to use it as much as needed without overwhelming costs. -Microsoft Security Exposure Management offers a comprehensive threat exposure management process, integrating various security solutions and providing insights to mitigate risks. -The integration of Copilot with Intune enables administrators to easily understand and manage policy settings, security impact, and more. ----------------------------------------------------------- Youtube Video Link: https://youtu.be/8CH_OasAo0Q⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Documentation: https://www.microsoft.com/en-us/security/blog/2024/03/13/microsoft-copilot-for-security-is-generally-available-on-april-1-2024-with-new-capabilities/ https://techcommunity.microsoft.com/t5/security-compliance-and-identity/introducing-microsoft-security-exposure-management/ba-p/4080907 https://techcommunity.microsoft.com/t5/security-compliance-and-identity/protect-at-the-speed-and-scale-of-ai-with-copilot-for-security/ba-p/4078785 https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-adds-identity-skills-to-copilot-for-security/ba-p/4081857 https://techcommunity.microsoft.com/t5/microsoft-intune-blog/microsoft-introduces-a-preview-of-copilot-in-intune/ba-p/4083276 ----------------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

Protect your organization from insider threats with Microsoft Entra's Conditional Access and Adaptive Protection in Microsoft Purview. Automatically block access to critical assets when insider risk levels elevate, ensuring data security and compliance seamlessly. Set up custom policies based on risk levels and enforce strong authentication measures, safeguarding against data breaches. Gain control and visibility over insider activities without manual intervention, empowering proactive security measures. Erin Miyake, Microsoft Purview's Principal Product Manager shares how to enhance your data protection strategy.   ► QUICK LINKS: 00:00 - Insider Risk in Conditional Access 00:41 - Extend Conditional Access 01:20 - Privacy-first approach 01:56 - Configure policy indicators 03:21 - Adapt protections based on changing risk 04:13 - Set custom policies 05:27 - Set a Conditional Access policy for moderate risk users 06:12 - Insider risk level changing over time 07:04 - Wrap Up   ► Link References: For more about the policies you can set up go to https://aka.ms/IRM Mechanics Get started today at https://aka.ms/adaptiveprotection  Watch our series on Insider Risk Management at https://aka.ms/IRMMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Protect data while getting the benefits of generative AI with Microsoft Defender for Cloud Apps and Microsoft Purview. Safeguard against shadow IT risks with Microsoft Defender for Cloud Apps, unveiling hidden generative AI applications. Leverage Microsoft Purview to evaluate data exposure, automating policy enforcement for enhanced security. Ensure compliance with built-in data protections in Copilot for Microsoft 365, aligned with organizational policies set in Microsoft Purview, while maintaining trust and mitigating risks seamlessly across existing and future cloud applications. Erin Miyake, Microsoft Purview's Principal Product Manager, shares how to take a unified approach to protecting your data. ► QUICK LINKS: 00:00 - Secure your data for generative AI 01:16 - App level experiences 01:46 - Block based on data sensitivity 02:45 - Admin experience 03:57 - Microsoft Purview AI Hub 05:08 - Set up policies 05:53 - Tailor policies to your needs 06:35 - Set up AI Hub in Microsoft Purview 07:09 - Wrap Up   ► Link References: For information on Microsoft Defender for Cloud Apps go to https://aka.ms/MDA Check out Microsoft Purview capabilities for AI go to https://aka.ms/PurviewAI/docs Watch our episode on Copilot for Microsoft 365 data protections at https://aka.ms/CopilotAdminMechanics Watch our episode about Data Loss Prevention policy options at https://aka.ms/DLPMechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

How are we going to manage the use of M365 Copilot? Richard chats with Martina Grom about her experiences helping organizations prepare for M365 Copilot. Martina talks about getting your data estate in shape - and the challenge that represents in terms of identifying what data should be available within an organization. The conversation also digs into the larger picture of the Microsoft Graph - all the information about how people interact on M365, the resources they create and use, and the potential the Graph offers to help with productivity. It's still early days, but it's never too early to work hard on ensuring we have the right governance in place to allow Copilot to help the company succeed!LinksSLRProjectMicrosoft DelveMicrosoft PurviewGitHub Copilot PoliciesData, Privacy, and Security for M365 CopilotExtend Microsoft Copilot for Microsoft 365Manage Microsoft Copilot for Microsoft 365 with the Copilot pageManage access to public web content in Microsoft Copilot for Microsoft 365 responsesMicrosoft Copilot for Microsoft 365 RequirementsProtect your sensitive data with Microsoft PurviewMicrosoft 365 Copilot Readiness AssessmentRecorded January 5, 2024

Sarahzin Shane and Andrew McMurray join us this week to talk about all things Microsoft Purview. Show Notes/Links: What is Microsoft Purview: https://learn.microsoft.com/en-us/purview/purview Just in Time for Purview: https://learn.microsoft.com/en-us/purview/endpoint-dlp-using-jit-protection Purview, turn on OCR capabilities: https://learn.microsoft.com/en-us/purview/ocr-learn-about Join the preview for the Cold Data Crawl: https://aka.ms/JoinCCP   Watch the live replay…  

On this episode, Adam and Andy talk with Carley and Megan, about compliance, auditing, and data protection in the cybersecurity industry. They emphasize the importance of understanding compliance frameworks and preparing for audits with the help of partners or consultants. They also highlight the need for continuous monitoring and a shift away from checkbox security. The conversation touches on the challenges of interpreting controls and the potential for risk acceptance. The experts discuss the impact of AI and large language models on data protection and provide insights into the remediation process after failing an audit. The conversation explores the implications of using Copilot and large language models in terms of sensitive information and data protection. It emphasizes the importance of identifying and protecting sensitive data to prevent unintentional exposure. The discussion also highlights the role of data governance and Microsoft Purview in managing and classifying data. Additionally, the integration of sensitivity labels and rights management is discussed as a way to ensure data protection. The conversation concludes with a recommendation to check out the podcast 'Cocktails and SOC Tales' hosted by Carley Salmon and Megan Maley. ------------------------------------------- Youtube Video Link: ⁠⁠⁠⁠⁠https://youtu.be/vWKA8-sib4s⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Documentation: Carley Salmon: https://www.linkedin.com/in/carley-s-9abb24241/ Megan Maley: https://www.linkedin.com/in/megan-maley/ Cocktails and SOC Tails Podcast: https://www.youtube.com/@cocktailssoctales ---------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threads: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.threads.net/@bluesecuritypodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitch: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://infosec.exchange/@ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

On today's episode, we chat with Joanne Klein - an expert on compliance in Microsoft 365. Joanne brings energy and technical expertise to real-world implementations of collaboration balanced with compliance. We spoke onsite during 365 EduCon - Chicago about records management and specific tooling (like Microsoft Purview), content lifecycle management best practices, and how to get it right from the get-go.   Read this episode's corresponding blog post.   15:52 Conversation with Joanne Klein 43:43 Upcoming Events   Joanne Klein | LinkedIn | X | Website [guest] SharePoint | Facebook | @SharePoint | SharePoint Community Blog | Feedback Mark Kashman |@mkashman [co-host] Chris McNulty |@cmcnulty2000 [co-host]   Microsoft Docs - The home for Microsoft documentation for end users, developers, and IT professionals.  Microsoft Tech Community Home Stay on top of Office 365 changes   Upcoming events: Microsoft Ignite now on-demand | from Nov. 14-17, 2023 Teams Nation 2024 | Feb. 21, 2024 | #TeamsNation + early tweet Microsoft Fabric Community Conference | March 26-28, 2024 in Las Vegas, NV AIIM | April 3-5, 2024 in San Antonio, TX North American Cloud & Collaboration Summit (NACS) | April 9-11, 2024 in Dallas, TX Microosft 365 Conference | April 28 - May 4, 2024 in Orlando, FL SharePoint Intranet Festival (Online) European Collaboration Summit | May 14-16, 2024 in Weisbaden, Germany 365 EduCon - Seattle | June 3-7, 2024 in Seattle, W   Discover and follow other Microsoft podcasts at aka.ms/microsoft/podcasts Follow the Intrazone at aka.ms/TheIntrazone.

It's episode 900! Richard brings friend Dana Epp onto the show to talk a bit about the last one hundred episodes of RunAs Radio - and a little look to the future as well. With Dana around, you know there will be lots of security conversation. Over the past hundred shows, ransomware has had quite the story arc, especially around Exchange Server and other products. The conversation then turns to more future-looking topics, including the various Microsoft Copilots being built - could these be tools to help sysadmins? Probably a topic for episode 1000!Links:Windows SandboxMicrosoft VivaMicrosoft Purview Data Loss PreventionRecorded September 15, 2023