Remote work is the new normal. Remote learning has also become a reality for educational institutions, as many schools plan to operate in a hybrid or entirely remote learning environment. It’s not surprising that supporting remote work is the biggest priority, as well as the largest challenge, for security and compliance decision makers. Additionally, supporting employee wellbeing during these challenging times is top of mind for organizations, as they attempt to maintain a positive working environment that embraces diversity and inclusion.
With remote work driving an increasing volume of digital communications, organizations are struggling to meet their communication compliance obligations. Identifying and remediating these communication violations is critical to mitigating financial and regulatory risks as well as ensuring employee or student wellbeing. This is particularly important for organizations in highly regulated industries (e.g. financial services), that need to meet specific supervisory compliance requirements, such as FINRA Rule 3110 (Supervision) or SEC 17a-4.
Microsoft’s Communication Compliance solution helps detect and remediate regulatory compliance and code of conduct violations in communications. In July 2020, we announced the that further advance insights and actions in Communication Compliance.
Today, we are excited to announce the public preview of broader support for third-party communication channels, new automation features and the general availability of government community cloud support, further enhancing the already rich set of features available in Communication Compliance.
Enhanced visibility across a variety of communication channels
Having broad visibility into communications is important when it comes to identifying organizational risk. Communication Compliance already offers deep capabilities to detect and remediate policy violations in Microsoft Teams. In this release, we are extending the value of Communication Compliance by supporting 25 third-party connectors in preview to detect violations in other communication and collaboration channels, such as Slack, Zoom and SMS/Text. Customers can apply our pre-configured templates and built-in machine learning classifiers to reason over data that is ingested from these third-party channels, detecting code of conduct and regulatory compliance violations.
Figure 1: Selection of communication platforms, within Microsoft 365 and third-party sources.
Integration with Power Automate
The increase in messages sent over communication platforms makes it difficult for compliance managers to address violations in a timely manner, highlighting the need for automation. Today we published a new Power Automate connector, which allows customers to create their own Power Automate workflows, enabling automated review and remediation actions in Communication Compliance. With remote work, Power Automate becomes especially relevant for HR managers who are no longer in the same office as employees and need to handle investigations remotely. Through Power Automate, customers can execute a Power Automate flow to automatically notify a HR manager about a violation. This helps to reduce the burden on policy reviewers, by seamlessly automating tasks and creating better collaboration workflows to help remediate communication risks.
Figure 2: Power Automate connector published in the Communication Compliance workflow.
Support in Government Community Cloud environments
The pandemic has required government agencies to provide public services remotely, posing a greater risk for data leaks and regulatory compliance violations. Now supported in Microsoft’s GCC and GCC-High environments, Communication Compliance can help government cloud customers detect and remediate compliance violations intelligently, protecting classified information and as a result, preventing potential media scandals.
The new features in Communication Compliance will start rolling out to customer’s tenants today and will complete in the coming weeks. Communication Compliance is part of a broader set of Insider Risk Management solutions that help organizations mitigate insider risks and policy violations in Microsoft 365 E5, including Insider Risk Management, Information Barriers and Privileged Access Management. Together, these solutions are a powerful tool helping organizations to identify and act on critical insider threats.
Learn more about what’s new with Communication Compliance and how to get started and configure policies in your tenant in this supporting documentation. Watch these videos to see these features in action. We look forward to sharing more innovations in the future!
To learn more about Microsoft Compliance and access technical training, visit the Virtual Hub today.
, Principal Program Manager, Microsoft 365 Security and Compliance Engineering