Top 10 use cases for Microsoft Purview.pptx
•Download as PPTX, PDF•
0 likes•17 views
So what is Microsoft Purview really? How is it supposed to help organisations with their overall Cloud Security Posture? In this session, we cover: - Data classification - Data loss prevention - Data lifecyle management - Data privacy management By approaching security from a compliance perspective, companies can manage governance and mitigate risk by using out of the box compliance solutions from Microsoft Purview
Recommended
Recommended
More Related Content
Similar to Top 10 use cases for Microsoft Purview.pptx
Similar to Top 10 use cases for Microsoft Purview.pptx (20)
More from Alistair Pugin
More from Alistair Pugin (10)
Recently uploaded
Recently uploaded (20)
Top 10 use cases for Microsoft Purview.pptx
- 1. Top 10 use cases for Microsoft Purview Alistair Pugin – Azure and Office Apps and Services MVP
- 2. Alistair Pugin @alistairpugin Azure and Office MVP | Blogger | Podcaster | Speaker | CTO - NBConsult 2 Guys and SharePoint Regarding 365 365 Unplugged Alistair has worked in various capacities in multiple verticals from retail – manufacturing to government, spanning 50 to 50000 users utilizing all aspects of pure Enterprise Information Management. His current position as an Azure and Office Apps and Services MVP in Cape Town, South Africa, provides him with a mechanism to assist companies with designing their Microsoft productivity stack using “best of breed”, proven methodologies to foster innovation and growth through an ECM framework while incorporating a Knowledge Management strategy.
- 3. NO 2 Data Risk NO 5 Data Retention NO 9 Data Loss Prevention NO 6 Data Compliance NO 3 Data Privacy NO 8 Data Identification NO 7 Data Classification No 1 Data Security NO 10 NO 4 Data Insights/ Mining I Lied, I only have 9
- 4. Data Map Automate and manage metadata at scale On-prem Cloud SaaS Applications Azure Synapse Analytics Power BI Azure SQL SQL Server Azure Purview Data Producers and Consumers Data Catalog Enable effortless discovery of trusted data Data Insights Assess data assets across your organization Generally Available Preview
- 6. Microsoft Purview Comprehensive solutions to help govern, protect, and manage your data estate
- 7. OS OS
- 8. OS OS
- 9. OS OS
- 10. 90% 80% 80% It’s challenging to find a solution that integrates with hybrid environments
- 15. The Microsoft approach to information protection & governance Know your data What data do I have? Where does the data reside? Protect your data How do I protect the data? What data is at risk? Prevent data loss How can I protect data with people working from home? How can I protect data when people collaborate with external users? Govern your data How can I retain or delete data? How can I manage the lifecycle of data? Protect and govern data wherever it lives
- 17. Support for 35 data sources and growing Unify and make data meaningful across your environment
- 18. Enable effortless discovery of trusted data
- 19. Gain a bird’s-eye view of your data landscape
- 21. An intelligent, built-in, and extensible solution to know and protect sensitive data Excel
- 22. Prevent accidental or unauthorized sharing of sensitive data
- 24. Organizations face a broad range of risks from insiders Compliance violations Policy violations Data theft Security violations Corporate sabotage Workplace violence Confidentiality violations Insider trading Conflicts of interest Fraud Data leakage Workplace harassment Certain risks are more prevalent, with significant negative impacts. Data theft by departing employees Data leakage, both malicious and inadvertent
- 25. Classify and govern data at scale
- 26. Microsoft Purview Microsoft Purview ecosystem Extend, integrate and automate compliance solutions beyond Microsoft 365 Built-in workflow automation with Power Automate
- 28. Your compliance score: 1254/2000 points achieved Compliance Manager 65%
- 31. Microsoft Purview Audit Power your forensic and compliance investigations
- 32. Passport number Medical information Address Name Phone number Social security number Privacy Management Safeguard personal data and build a privacy resilient workplace Identify critical privacy risks and conflicts Automate privacy operations and response to subject rights requests Empower employees to make smart data handling decisions
- 33. Build a privacy resilient workplace Help information workers stay productive and compliant via privacy built into Microsoft 365 Integrated Integrate Privacy Management with information security and compliance Empowered Contextually influence users to make proper data- handling decisions Enabled Enable businesses to safeguard customer and employee personal data Integrated Integrate Privacy Management with information security and compliance Empowered Contextually influence users to make proper data- handling decisions Enabled Enable businesses to safeguard customer and employee personal data Compliance/Risk management Understand the impact on the business beyond fines associated with non-compliance Privacy Interpret privacy requirements and work across organization to manage privacy risks Information security Create protection and governance strategy and enable technology to support privacy management Information workers Define the value and context of the personal data collected, processed, or shared
- 34. Dave Donaldson Programmatic access to API Integrate with your privacy management solution A customer/employee submits a subject access request Privacy ISVs automatically creates a request in Microsoft 365 The request is processed in Microsoft 365 Once complete, a secure link to access the data is automatically shared with ISVs ISVs inform and share all data access across systems with the data subject The data subject can access personal data including Microsoft 365 files
- 35. Vendor consolidation – Compliance per user Compliance Management * Search and eDiscovery; Auditing (Advanced) Insider Risk Management; Access Control Information Protection and Governance Examples of multi-vendor standalones per user per user Full suite * Simplify compliance and reduce risk, collaborate better across teams and manage your digital and compliance risk with recommended actions to implement effective controls. Web Direct/Base Price shown for Microsoft offerings. Multi-vendor prices based on publicly available estimated pricing for other vendor solutions and are illustrative.
- 36. How do we achieve this?
- 41. Understand Governance, Risk and Compliance Content is everywhere Vertical use cases It’s a JOURNEY Momentum
- 42. Q&A
- 43. THANK YOU FOR JOINING US Enjoy the rest of your week! @alistairpugin
Editor's Notes
- Data has become the lifeblood of every business, but with the shift to hybrid work and unprecedented levels of digital transformation, an organization’s data now lives outside of the traditional borders of business.
- Over 30% of decision makers don’t know where or what their sensitive business-critical data is, making it nearly impossible for organizations to protect that data, close exposure gaps, comply with regulatory requirements, or even manage access controls. For data to fuel digital transformation, it must be readily discoverable, understandable, high quality, accessible and used in compliance with corporate, regulatory, privacy, risk and ethical standards. Considering over 80% of data within an organization is dark, customers are faced with solving an immediate need to cull the data surface area to protect more effectively against leaks or breaches.
- Not only is this data across a range of systems and applications, but it is also subject to rapidly evolving global regulations.
- The market has responded with dozens of products that address fragments of the data governance and compliance landscape, forcing Chief Data, Security, Compliance, and Legal Officers to stitch together a patchwork of solutions that don’t work together, expose infrastructure gaps and are costly and complex to manage. In fact, a recent survey of decision-makers showed that to meet their compliance and data-protection needs, almost 80% had purchased multiple products, and a majority had purchased 3 or more.2 It’s not just more work; it’s also ineffective. Security outcomes are worse. Audits are failed. Legal cases lost. Brand reputation damaged. HOOK: WHAT IF YOU COULD SIMPLIFY YOUR JOURNEY TO DATA SECURITY CONVERGENCE?
- Introducing Microsoft Purview! To help organizations govern and protect data across their multi-cloud, multi-platform data environment, while meeting the compliance requirements they are subject to, we are announcing Microsoft Purview. Microsoft Purview is a comprehensive set of solutions to help govern, protect, and manage your data estate.
- Microsoft Purview unifies information protection, data governance, risk management, and compliance solutions so that customers can manage their data all from one place. Now, they can leverage that visibility across their environment to help close exposure gaps, simplify tasks through automation, stay up-to-date with regulatory requirements, and keep their most important asset, data, safe.
- With Microsoft Purview we bring together compliance and data governance The risk and compliance portfolio joins with our unified data governance
- Slide objective: Align the questions from the previous slide with our information protection and governance solutions. Talking points: The Microsoft information protection and governance solutions help you to answer these questions. Know your data: Helps you understand wat data you have and where it resides. Protect your data: Applies protections to data. Prevent data loss: Protects data regardless of the work location, including collaborating with external users. Govern your data: Applies retention and deletion to data. Customer question: Within the four pillars of the Microsoft approach, what resonates with you most in terms of your own pain points? <NEXT SLIDE>
- Talk track: Let’s start with your first challenge: knowing and protecting sensitive data that resides across your hybrid environment. The bedrock of our solution is our comprehensive set of both manual and automatic data classification methods. Especially notable are our classifiers that leverage machine learning to automatically identify and classify sensitive content at scale using pattern-matching methods. You may not otherwise easily find this content, such as patents, contracts, and résumés. We have invested to ensure high accuracy in our various classification capabilities. Once you know your data, you can benefit from using our built-in labeling and protection experience in your core productivity solutions. Apps like Word, Excel, or PowerPoint, or services like SharePoint, Exchange, or Power BI, use these core workloads instead of a bolted-on, plug-in experience. This not only lowers your costs by eliminating the need to deploy and maintain additional software, but also delivers better performance by eliminating the need to load add-ons every time a user launches an app or service. The Microsoft information protection development platform further extends our classification, labeling, and protection experience, in a consistent way, to non-Microsoft apps, services, and file types. Using our platform (SDK/APIs), 200-plus industry partners create further customer value such as enabling users to open encrypted PDF files in the Edge browser and Adobe Acrobat Reader or allowing them to label and protect CAD artifacts. These are two of the 80+ product integrations available since GA of the SDK in November 2018. In addition to information protection for your productivity apps and services, we’ve also built encryption into Microsoft 365 services and data protection into Azure. The encryption built into Azure protects your data while at rest, in transit, and in use. We also offer guidance on deployment, leveraging the experience and learnings gained from enabling other similar organizations. <Internal: Library of case studies made available online for customers looking to learn from information-protection experience of peers> ------------------------- Internal reference only: EDM: A custom sensitive information type that uses exact data values, instead of matching only with generic patterns. In other words, EDM-based classification enables you to create custom sensitive information types that refer to exact values in a database of sensitive information. ML trainable classifiers: This classification method is particularly well-suited to content that either the manual or automated pattern-matching methods cannot easily identify. This method of classification is more about training a classifier to identify an item based upon what it is (e.g., résumé, contract, or invoice), as opposed to the elements the item contains (pattern matching). Encryption: Services like Azure storage and Azure SQL database encrypt data at rest by default and confidential computing can help protect your data while in use.
- Talk track: Now that you understand your sensitive data, you will want to establish a protection plan to address the risks of accidental or inappropriate sharing of sensitive information across the applications, services, and tools your users use every day. Your employees access data from a multitude of devices and locations and they engage with multiple internal and external business partners to perform a wide array of activities. These touchpoints can expose your organization to data oversharing or even present risks of inappropriate sensitive data disclosure which can result in regulatory compliance concerns. As part of our information protection solution, we offer unified data-loss-prevention that provides a consistent set of policies and actions across a broad ecosystem of user apps and services, both on-premises and in the cloud. These capabilities automatically classify your data, apply the correct information protection policy and then enforce policies in a way that’s consistent, fully transparent, and auditable. These capabilities ensure that your employees will only use and share sensitive information within its approved regulatory and internal security policy context. Microsoft's unified DLP solution automatically blocks actions outside of this context, which prevents accidental or inappropriate information sharing. Data-loss prevention's deep integration within the security stack creates a holistic and clearly differentiated information protection solution in the market because it provides full control and auditability from policy creation to policy enforcement to incident remediation and user education. The classification engine for DLP is common across Microsoft's offerings. The engine natively incorporates 90-plus sensitive information types, and also supports the creation of custom sensitive information types. Organizations that deploy the DLP can therefore consistently address standard and bespoke sensitive data policy requirements, regardless of whether you implement the DLP policy in the cloud or on-premises. You can access our comprehensive data-loss prevention capabilities universally in Microsoft 365 desktop apps like Word, Excel, PowerPoint, and Outlook, Edge; on-premises file shares; and within services like Teams, Exchange, SharePoint, and OneDrive. These capabilities also extend to third-party apps and browsers like Chrome and services such as Box, DropBox, Salesforce, and many others. Data-loss protection enables you to automatically block sharing of chat messages, emails, and documents that contain sensitive information. DLP also ensures that users remain fully productive and aware of policy violations via tips and notifications that explain why content they shared was blocked, specific compliance violations, and how they can address the issue in the future. DLP also supports provisions for activities deemed non-compliant by an applicable policy, but need to be allowed due to a business reason while limiting workflow interruptions. Business justifications can be reviewed post-event to ensure they were appropriate.
- Talk track: Insider risk management leverages Microsoft Graph and other services to obtain native signals across Microsoft 365, Windows 10, and Azure. This includes file activity, communications sentiment, and abnormal user behaviors without the need to deploy end-point agents. You can include additional third-party signals from human resources systems, such as termination date or performance data, to further enhance the risk signal. A robust set of configurable templates tailored specifically for risks such as digital IP theft, confidentiality breach, and potential security violations use machine learning and intelligence to correlate the signals to identify hidden patterns and risks that traditional or manual methods might miss. Using intelligence and correlations allows the solution to focus on actual suspicious activities so you don’t get overloaded with alerts. Furthermore, you can create default pseudonymous display names for at-risk users to maintain privacy and prevent bias. A comprehensive 360° view provides a curated and easy-to-understand visual summary of individual risks within your organization. This view includes an historical timeline of relevant in-scope activities and trends associated with each identified user. For example, you can see if a user submitted their resignation, then downloaded files and copied them to a USB device. The system also evaluates whether any of those files contained classification labels as well as sensitive information or sensitivity labels from Information Protection. In addition, with the right permissions, investigators can determine risk by viewing files accessed from Microsoft cloud resources like SharePoint Online. End-to-end integrated workflows help ensure that the right people across security, HR, legal, and compliance can quickly investigate and take action once a risk has been identified. For example, if we determined the risk to be unintentional, we could send an email explaining how the user’s actions violate company policy with a link to training or the policy handbook. If we determine the risk was malicious, we could open an investigation that collects, collates, and preserves evidence, including the documents themselves, and open a case for legal and HR to take appropriate action. Finally, many organizations already leverage existing SOAR (Security Orchestration, Automation, and Response) systems to log and classify incidents by impact and urgency to prioritize actions for those assigned to them.
- Slide objective: Inform the customer on the different types of risks companies face from insiders. Talking points: There are many different types of risks that organizations face from insiders, which is why collaboration between team members is so critical. Certain risks are more prevalent than others, which require greater attention. Data theft and data leakage are major potential risks for organizations, and can have a huge impact on an organization’s financial stability. Customer question: What kinds of policies or tools to you have in place to ensure that employees can’t steal or leak data?
- Talk track: And finally, you can now put retention and deletion policies in place to help you manage information lifecycle and meet recordkeeping obligations for data in Microsoft 365 and beyond. Microsoft Information Governance helps classify and govern data at scale with the following capabilities: In-place management: On average, organizations are wrestling with five different content systems and repositories. Duplicate information across platforms not only causes productivity loss but also increases risks. In-place management enables companies to retain information and manage records where data is created to prevent productivity loss and reduce operational and legal risks. Automated policy: The volume of information is expected to grow 4.5 times over the next two years. Relying on manual classification is ineffective since users usually care the most about the value of the information, less about the risks it generates. It’s challenging to hold them accountable to classify and manage information accurately. By automating information governance, companies can leverage various auto-classification capabilities such as file properties (e.g., Content Type defined in SPO), pattern recognition, and machine-learning classifiers to classify and govern data at scale. Defensible process: Multiple regulations, such as SEC 17a-4 and FINRA, require companies to meet stringent information governance requirements like record immutability. Companies also need to demonstrate compliance by proving they follow a defensible process to dispose of content. Microsoft 365 provides transparent insights on how data is classified to help you audit and finetune classification and policies. Moreover, the records management capabilities within Microsoft Information Governance can help companies follow a defensible process to retain and dispose of information with proof of disposals that can be kept for 7 years, disposition reviews, and rich audit trails. Pre-built data connectors: To help companies leverage the capabilities above to govern data beyond Microsoft cloud, we provide pre-built data connectors for social media, text messages, chats, and collaboration data. Microsoft not only builds its own connectors but also works with hand-picked partners like TeleMessage and Globanet to enable ongoing and high-fidelity data import. In addition to the pre-built ones, customers and partners can build their own custom connectors to continuously ingest data into Microsoft 365. You can leverage these four key capabilities to govern both the general and high-value information across various data sources: General information governance: Retain only what you need and delete what you don’t to reduce risks and liability. High-value information management: Classify, retain, review, dispose, and manage records to meet recordkeeping obligations.
- Talk track – tie it back to the opening statement (make it easy for customers) ---------------------------------- - : Vision Page : - What are we trying to achieve here? Our value can be extended to third-parties Customers can access their data using APIs Partners can use APIs to integrate Service providers to manage at scale
- Talk track: With Microsoft Purview Compliance Manager, you can now continuously assess and monitor data protection controls, get clear guidance on how to improve your score and thus reduce compliance risks, and leverage the built-in control mapping to scale your compliance effort across global, industrial, and regional standards. Intuitive management: The complexity of regulations makes it challenging for organizations and IT administrators to know specific actions they can take to meet their compliance requirements. Compliance Manager provides easy, guided onboarding and supports twenty four languages. With simple design that works out of box, IT admins and Compliance / Audit Officers can quickly collaborate to address compliance. With Compliance Manager, you don’t need to be an expert in complex regulations like the General Data Protection Regulation (GDPR) to know the actions you can take to improve compliance effectiveness. Compliance Manager now combines the functionality of compliance score and the existing Compliance Manager solutions, making it a single portal for end-to-end compliance management. Scalable assessments: Compliance Manager provides access to a vast library of 150+ assessment templates – from global regulations such as the GDPR, PCI-DSS, COBIT 5, to regional assessments such as Brazil’s LGPD data protection law and Malaysia’s Personnel Data Protection Act. Industry-specific assessments such as HITRUST and Cybersecurity Maturity Model Certification (CMMC) are also covered. Compliance Manager now provides the ability to quickly customize these assessments to meet your unique business requirements. With the custom assessments feature, you can manage compliance across your assets in one location by bringing your own assessments into Compliance Manager. For example, if you are currently tracking compliance of your SAP data in an Excel file, you can bring that into Compliance Manager. Built-in automation: Compliance management can be tedious, and organizations often find it difficult to know their degree of compliance with specific regulations. Translating ever-changing regulatory requirements into specific actions and controls is also challenging and not all organizations have the resources to do this accurately. Point-in-time assessments (e.g., for quarterly/semi-annual/annual audits) also mean that organizations tend to have ‘blind spots’ between these assessment windows. To help you with these challenges, Compliance Manager comes built-in with the following capabilities: compliance score, control mapping, continuous regulatory updates, and continuous assessments Microsoft Purview Compliance Manager measures your progress towards completing recommended actions that help reduce risks around data protection and regulatory standards.
- Talk Track: Intelligent Customizable playbooks: There are four pre-configured templates within Communication Compliance: regulatory compliance, offensive language, sensitive information types, conflicts of interest. These are available across first- and third-party content, in 8 languages, with the ability to customize policies. ML models continue to learn with trainable classifiers including gory, racy, adult images, harassment, discrimination, threats, profanity. Remediation workflows: Collaborative and easy-to-navigate Identify risk communication with keyword highlighting and prioritization through past user behavior Ability to send notification to employee, escalate the case for investigation, remove message from Teams channels Able to provide feedback to improve the model Privacy built in: Rules-based access controls Admin opt in of users/reviews Pseudonymization and audit trails to scan behavior
- Talk Track: We put significant investments in eDiscovery. We built whole new stack –from ground up. Custodian Management It’s looking to simplify the process. For example, a typical case requires hunting down mailbox addresses and SharePoint urls in order to use scripts to find out the addresses, plus give the export of the scripts. Now, with eDiscovery, you have the ability to just tell us who has been escalated. Our solution then goes in the background and maps the content for you – these are the sources in play that you can hold to get started on a case. Review Before a user exports, we wanted to provide a view of the content in review. These review tools help with analytics for culling decisions (to show related content), near duplicate detection, email threading, and redaction of content. Deep Indexing Microsoft is using a search that is tuned for performance – finding the most relevant content quickly becomes critical. Because we tune it for speed, we give it rules to look for specific items (and skip specific items that may take too long). For example, if you put a file with too many attachments, this would be skipped to optimize for speed. In our new stack, we will look at that content before we search. For example, if Jane is the custodian, looking at her content will pick up any partially and unindexed content. Jane then has the ability to index that content, so that when she searches for something specific, she is able to access primary and secondary indexes.
- Talk Track: There are 3 key capabilities we offer customers in Audit to help with their regulatory, legal and compliance obligations. The first are additional audit events that help with forensic investigations. Earlier this year we delivered new events that helps investigators understand if mail items were accessed through the mail sync and mail bind operation. This is extremely helpful to organizations with regulatory obligations that require breach notifications, because now they can scope mail items that may have been compromised to reduce fines and penalties. Another key area is around retaining audit logs. According to the latest Ponemon research, it takes roughly 6 months to detect a data breach and organizations need a way to go back to the audit logs to conduct forensic investigations. Advanced Audit extends audit log retention from 90 days to 6 months. And new to Audit – optionally add 10-year retention for highly regulatory customers that need to keep audit log data for longer. And lastly, for those using activity API, Audit provides 2 times the bandwidth compared to other customers – which is valuable especially if customers are using audit data in 3rd party solutions.
- Talk Track: We think there is modern way to manage privacy requirements. Step one is still being able to discover personal data but helping organizations to discover personal data automatically instead of using surveys and spreadsheet. But discovering personal data is not enough – organizations need visibility into associated risks around the data. The solution helps identify these conflicts by providing context around the data – is the personal data sitting idle for a long time, how is being shared and transferred, are there legal or confidentiality holds, is the data part of an ongoing audit. The MVP solution focusses on oversharing, hoarding, and cross border data transfers. Once these risks are identified, organizations still struggle with figuring out what actions they can take to mitigate the risks. These companies might spend a lot of developer resources to build APIs that plug into different information security and governance solutions so to address the risk, but that is not very efficient as some of the context behind the data can get lost in integration process. With Privacy Management, organizations can automate their privacy operations and reduce such risks. The MVP solution provides customizable and out-of-box policy templates for data overexposure, data minimization, and data transfers. Once these policy templates are deployed in the tenants, the solution will be able to detect these risks and alerts the privacy admin about the violations so that an immediate action can be taken. In addition to detecting these three specific risks, Privacy Management is also able to help customers detect data conflicts such as legal hold or confidentiality hold when responding to subjects rights requests. In addition to providing visibility into privacy risks and violations, Privacy Management empowers employees to make smart data handling decisions. We have built capabilities into the solution where admins can interact with information workers within the productivity suits such as Teams and Outlook. IW’s will receive email digest, which will allow them to take remediation actions from within outlook itself. We will dive a little bit deeper into this in the following slides. We think organizations need to take a proactive approach to privacy and build a privacy resilient workplace that empowers information workers to make informed data decisions. Proactive privacy should educate IWs on understanding privacy risks are and what they can do to prevent them.
- Talk track: We know that privacy is different from information security in the sense that privacy requirements apply to the entire data lifecycle. You need to have context around personal data – how and why it is being collected, how it is being processed and shared etc. To achieve information security, organizations can have their sec-ops admins setup policies that apply to the entire organization but for privacy we really need the data owners to make informed decisions. Our approach here is to ensure that the privacy solution that we're building is integrated with information security and compliance as these topics are all related, but Privacy adds another layer of information worker actions. It is the IW that knows the context of the data as they are the data owners As an example: Let's say there is a SharePoint site with a lot of documents and these documents have Social Security numbers, credit card numbers other PII information and a substantial number of employees/IWs have access to the SharePoint site. Admins can see the site and who has access, but they are not the best person to know which IW should have access. It really depends on the IW, who is the owner of the SharePoint site to have that context and take appropriate remediation action So, one of the most important capabilities of the solution is enabling information workers not just admins to be able to make those privacy positive decisions and with the end goal being that we would help organizations safeguard their personal data and take a proactive approach to privacy
- Talk track: We do realize that most organizations already have some sort of third-party solutions that they are using to manage their privacy requirements, so we want to meet them where they are in their privacy journey. We are building API integration within with ISVs so that organizations can respond to subject rights requests in a unified manner across their digital estate both Microsoft and non-Microsoft environments. Currently, the integration supports requests originating in the 3P solution. As an example, Dave initiates a request in the ISV system and ISVs can automatically create the request in our Privacy Management solution, which then goes through all the stages we mentioned in the previous slide and sends the encrypted report to the ISV. ISVs then collate the information across all the different environments (this could be Salesforce or SAP etc) and send Dave a unified response to his request. We are exploring the technical details around how to integrate with ISVs when a request originates in our Privacy Management solution.
- <Use if E5 Compliance> Suggested Script: This describes how consolidating to a single vendor can cost much less than choosing different vendors for multiple capabilities within the compliance space. We aren’t saying that ever vendor you have for these capabilities will be able to be eliminated. But Microsoft 365 includes many of the capabilities for which you are currently paying other vendors. Let’s take a look at what’s on the screen to help visualize how you can drive down costs. On the left, we can see what it would cost to purchase individual compliance point solutions. We estimate this type of approach can cost an organization $33 per user. On the right, for our Microsoft 365 E3 customers, tapping into the Compliance add-on would cost just $10 per user. NOTES for presenter: Breakout of what MSFT products are included in the areas: Compliance Management: Compliance Score: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-score?view=o365-worldwide Compliance Manager: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-overview?view=o365-worldwide Search and eDiscovery; Auditing: Advanced eDiscovery: More info here: https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-advanced-ediscovery Advanced Auditing: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/advanced-audit?view=o365-worldwide Insider Risk Management: Insider Risk Mgt: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide Communication Compliance: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance?view=o365-worldwide Privileged Access Management: More info here: https://docs.microsoft.com/en-us/office365/securitycompliance/privileged-access-management-overview Information Protection and Governance: Information Protection: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/protect-information?view=o365-worldwide Classification: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-classification-overview?view=o365-worldwide DLP: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide Records Management: More info here: https://docs.microsoft.com/en-us/microsoft-365/compliance/records-management?view=o365-worldwide Encryption: More info here: https://docs.microsoft.com/en-us/office365/securitycompliance/service-encryption-with-customer-key-faq Advanced Data Governance: more info here: https://docs.microsoft.com/en-us/office365/securitycompliance/labels?redirectSourcePath=%252farticle%252faf398293-c69d-465e-a249-d74561552d30 <click to next slide>
- Key slide takeaway: Follow these three important steps to secure your remote workforce: Enabling remote access to apps Managing devices and apps Protecting corporate resources. Main points to cover: At Microsoft, we are committed to your success when it comes to securing remote work. We have been working with many organizations across the globe over the past months alongside our productivity and security experts to provide practical remote worker guidance and recommendations. We have identified three areas where you can make quick progress to make sure your people are productive and secure when working remotely: Enable remote access to all of your apps – that includes on-premises and cloud apps. Manage your devices and apps effectively, whether that’s protecting BYO or administering ongoing patches and updates. Protect your corporate resources from threats and keep your data protected. Presenter note: Take a moment to understand your customer’s most acute remote work needs. This will allow you to create a more customized discussion and to pinpoint the right sections to use during your discussion.