In addition to the various infrastructure, tools, Microsoft 365, and business updates revealed at Inspire, Microsoft also took the time to detail some of the partner enablement and security additions to its platforms.
Security and compliance
It'd be prudent to begin with security, and more specifically Azure Sentinel, the SIEM (security information and event management) solution which allows users to collect and analyze security data from various different sources in the enterprise. Initially unveiled at Ignite 2019, it now has support for a number of new connectors from various partners: Alcide kAudit (Kubernetes logs), Vectra AI, Perimeter 81 (Activity logs), Symantec Proxy SG, Symantec VIP, Pulse Connect Secure, Infoblox NIOS, Proofpoint TAP, Qualys VM, VMWare Carbon Black, Okta SSO, and a RiskIQ Azure Logic Apps custom connector.
On the subject of security, Communication Compliance for Microsoft 365, which allows folks to "intelligently detect regulatory compliance and code of conduct violations", has now received a number of enhancements which extend its visibility to image detection and third-party solutions like Instant Bloomberg and soon Slack and Zoom. Improved remediation actions are also available via the Teams integration, allowing admins to remove messages from a Teams channel.
Switching gears to sensitive data, Microsoft has a new solution called Endpoint Data Loss Prevention (DLP) to help its customers meet compliance requirements and "protect sensitive information on endpoints". There is integration with Office 365, Teams, and the cloud apps via Microsoft Cloud App Security.
Moving to Insider Risk Management within Microsoft 365 - generally available since February -, the updated solution will use much better quality signals and ML algorithms to flag potentially risky behavior, as well as include new policy templates for pushing alerts to solutions like ServiceNow or Azure Sentinel. Going forward, signals will be able to be captured from Windows 10 devices, Defender ATP, Microsoft 365 itself, and the company's native Human Resources connector.
Last but not least, available in public preview starting today is Microsoft Double Key Encryption, which gives full control over the encryption key to the customer using this solution, while also allowing for the protection of the most confidential data. As the name implies, the data is secured using two keys - one in Azure, one in the possession of the enterprise customer -, with both being required to access the data. Since Microsoft only has one of the keys, access to the second key and the data is dictated by the enterprise customer.
Beyond security, Microsoft was also keen to highlight some of the work it has done in the area of partner and customer enablement.
As such, it has announced that Azure Lighthouse - the offering which allows service providers to manage resources across multiple tenants -, now has Azure Privileged Identity Management support for just-in-time access, as well as support for Azure Multi-Factor Authentication. Additionally, Role Based Access Control (RBAC) for partners can now be either permanent or eligible, allowing for elevation of access to privileged for a shorter period.
Also in the realm of partner offerings, there are two new Cloud Practice playbooks - available today -, which offer "blueprints and tools to develop, analyze, manage and secure an effective cloud practice that's built to last." They are the Azure Center of Excellence and App Innovation Practice Development playbooks, written by Microsoft in collaboration with partners.
Lastly, of note in regards to partner announcements is Lenovo Managed Services, an array of managed IT services for small- and medium-sized businesses (SMBs) to better leverage Microsoft 365 cloud tools. Consisting of Cloud Solution Provider Managed Services (available this month) and Endpoint Managed Services (available in October), the solution makes it easier for businesses to not only manage tasks like tenant onboarding and migration, but also provide enhanced protection against threats.