What email address or phone number would you like to use to sign in to Docs.com?
If you already have an account that you use with Office or other Microsoft services, enter it here.
Or sign in with:
Signing in allows you to download and like content, and it provides the authors analytical data about your interactions with their content.
Embed code for: 17.01.26.O365Club_3e_End2EndDataGovernance_Compliance_Governance
Select a size
Information Governance And Compliance (Data Governance, eDiscovery, Auditing)
“How to be compliant with regulations in a modern cloud environment?“ (Part 2) Information Governance And Compliance
Office 365 Technical Professional
Patrick Van Asch
Office 365 Product Marketing Manager
Information Governance & Compliance
Top 3 cloud concerns
73% orgs indicated security as a top challenge holding back SaaS adoption
89% of orgs required to govern content for compliance or business continuity purposes
63% of orgs state transparency challenges restrict them from growing their cloud usage
Built-in capabilities and customer controls
Privacy by design with a commitment to use customers’ information only to deliver services
Best-in-class security with over a decade of experience building Enterprise software and online services
Commitment to meeting industry standards and delivering a rich set of applications which enable organizational compliance
Transparency in our operations so you can monitor the state of your service, track issues, and have historical view of availability
Office 365 Service Compliance
What is Office 365’s commitment to meeting and staying up to date with the ever-evolving industry standards across geographies?
Global, hyper-scale, enterprise-grade infrastructure
Enterprise reliability via 100+ data centers and Microsoft’s global network edge
No standing access to data, transparent operational model, and financial-backed 99.9% SLA
Secure by design operationalized at the physical, logical, and data layers
Compliance leadership with standards including ISO 27001/27018, FedRAMP, FISMA, and EU Model Clauses
Commitment to meeting industry standards
CS Mark (Gold)
ISO/IEC 27001, 27018
Japan My Number Act
SOC 1, 2
EU Model Clauses
SOC 1, 2, 3
Over 900 controls in the Office 365 compliance framework enable us to stay up to date with the ever-evolving industry standards across geographies
EU-U.S. Privacy Shield
Trust Microsoft’s verified services
Microsoft is regularly audited, submits self-assessments to independent 3rd party auditors and holds key certifications
China GB 18030
SOC 1, 2,
FDA CFR Title 21 Part 11
Section 508 VPATs
Office 365 Compliance Solutions
What solutions does Microsoft provide to bring data overload under control and support my ability to achieve organizational compliance?
Electronic data is exploding
Achieving organizational compliance is challenging
of orgs state enforcing a governance policy is their biggest issue
of orgs state lack of governance opens them to security & compliance risks
year over year growth rate in electronic data
Volume and complexity of data is increasing
Office 365 In-place Compliance Solutions
Meeting organizational data compliance needs
Preserve vital data
Find relevant data
Import, store, preserve and expire data
Quickly identify the most relevant data
Monitor and investigate actions taken on data
Security & Compliance Center
Manage compliance for all your data across Office 365
Educate and empower end users to be compliant without affecting productivity
Deliver rich, low cost compliance via built in features
Easily apply compliance controls and access reports via a consistent UX across Office 365 workloads
Office 365 compliance investment areas
Security & Compliance
Security and Compliance Center
Powerful for experts, and easier for generalists to adopt
Scenario oriented workflows with cross-cutting policies spanning features
Powerful content discovery across Office 365 workloads
Proactive suggestions leveraging Microsoft Security Intelligence Graph
Profile customized recommendations
Microsoft Intelligent Security Graph
Security & Compliance
Effectively governing data is important
Allows for effective knowledge sharing & business agility
Proactively meet evolving compliance & legal requirements
Protect against increasing threats & data leakage
“In the case of litigation, we face rigorous requirements to preserve all relevant documentation, including email messages. It has been exceptionally useful to quickly segregate our searches and comply with requirements using Office 365. The results have been impressive.”
Top 5 Data Governance Challenges
I have a lot of data – in multiple places
It is too expensive
I want it to be easy and intuitive for my admins to manage
I do not want it to get in the way of my end users
I need to do everything to meet regulations and standards
One source of data, no copies, no moving!
Better knowledge sharing, collaboration, user experience
Intelligence, insights & correlation
Traditional Organization Data Management Lifecycle
Many organizations transfer data to a third party hosted archiving service which has challenges
Outsourced Data Journaling
Having a separate copy of the data being stored significantly increases costs
Content may be compromised moving from one environment to another
Third party outsourced journaling
Point in time data
Captures data at a point in time which miss any edits in place or from transport agents in flight
Waiting for indexing increases time required to find relevant data
No service wide insights
Unable to leverage service wide machine learning to draw correlations between the data
Office 365 In-Place Data Lifecycle
In-Place Office 365 Data Governance
Data stays in-place and does not need to be continually transferred out of Office 365 providing benefits
Benefits of In-Place Office over Journaling
Data is not duplicated to another provider or compliance boundary. Record all actions taken on the data
Higher fidelity and lower costs
Content stays in Exchange and SharePoint, which results in lower storage costs, and higher fidelity data
Location, query or policy based
Apply preservation to mailbox or SharePoint site, apply a query to hold less content, or use preservation policies
No impact to users
Seamlessly create, edit, and delete without knowing data is being preserved
Insights to enable you to keep what’s important, delete what’s not, and to share according to policy
Ingestion of data outside Office 365
In-Place data creation, retention and archiving
3rd party archive
Compliance Center Office 365
Yammer, LinkedIn, etc.
OneDrive for Business
Long-term Auditing Storage in O365
Yahoo Messenger, Google Talk, Cisco Jabber, etc.
Box, Dropbox, etc.
Salesforce Chatter, Thomson Reuters, Bloomberg, etc.
Identifying Relevant Data
Skype for Business
Management Activity API
BlackBerry, MobileGuard, etc.
Office 365 Compliance Data Lifecycle
Data Governance: Where we are today
Drive Shipping, Network Upload and 3rd Party Data Ingestion (Facebook, Twitter, Bloomberg) through partners to provide cross platform compliance and governance
Unified Retention and Disposition Policy for all of Office 365
End user classification in Outlook, SharePoint, OneDrive and Groups. Event triggered records management, manual review and disposition, reporting and permissions
SEC 17A-4 compliant
SEC 17A-4 whitepaper covering SharePoint, OneDrive, Groups, Skype, Preservation Lock, immutability, Supervisory Review
Office 365 experience to bring together all compliance and security experiences
Data Governance: Where we are going
Retention based on classifications
Document fingerprints, content analysis, query and metadata, and site and groups
Intelligent import and Retention
Age, Data type and user filters when importing data into Office 365, intelligent recommendation retention policies
Review & Reporting for email messaging and all 3rd-party data (social, instant messaging, vertical, etc.) communications
PST collection tool
Enterprise scale utility to gather PSTs across network to import into Office 365
Help gain an accurate and intuitive understanding of how compliance features are being used in your organization and across Office 365
Retention Policies across Office 365
Select the O365 locations
Not linked to content type or so
Define the settings
Save for later
See the impact of a retention on your system
Advanced Retention Options
Tags set by the user
Classification across Office 365 workloads
Definition of tags / Classification labels
Create a policy for tag
Publish tag on all workloads
User can select tag as metadata of doc, mail, ...
Classification / Tags
40% of large organizations have one or more lawsuits with $20+ million at issue
Median litigation budget, excluding settlement costs, is $1.2 million
Legal costs for the biggest U.S. banks alone totaled $30 billion in 2014
The cost of non-compliance
A financial institution was fined $9 million for failing to produce customer emails in arbitration proceedings.
The Wall Street Journal. “LPL Fined $9 Million for Email ‘Failures.’” 2013.
Norton Rose Fulbright – Litigation Trends Survey May 2015
Bloomberg January 2015
Office 365 eDiscovery
Enabling in-place, intelligent eDiscovery, to quickly identify relevant data while decreasing cost and risk
Reducing the amount of data to quickly identify what’s relevant
Beyond litigation: Investigations
Wide range of scenarios
Regulatory compliance, employment law, HR, financial, internal business requirements
Provide access based on role, delegated access and enable security filters to scope access
Self service case management tools
Investigators can create & manage cases, put data on hold, perform searches and export
Identify subjects, witnesses, custodians
Search for relevant subjects or witnesses or custodians
Identify relevant data
Search for data relevant to the investigation across Office 365 and imported data
Between investigators & attorneys overseeing the case
Rich search capabilities
Real time In Place searching
No waiting for indexing, always live and up-to-date across Office 365
Quickly find relevant data
Proximity search, rich query syntax
Query and source statistics help you analyze
Export with analysis
Export into review tool
Full review tools
Collaboration on tagging & review
Download to PST or Native Folder
Manual data review
Move data between locations
Light weight tagging
Advanced eDiscovery Intelligently explore and analyze unstructured data to quickly identify what’s relevant
Identify relevant documents
Predictive coding enables you to train the system to automatically distinguish between likely relevant and non-relevant documents
Identify data relationships
Use clustering technology to look at documents in context and identify relationships between them
Organize and reduce data prior to review
Use near duplicate detection to organize the data and reconstruct email threads from unstructured data to reduce what’s sent to review
Advanced eDiscovery: Where we are going
Unified case management
Consistency across eDiscovery & Advanced eDiscovery with one consistent UX
New advanced analytics
Additional search types: fuzzy, phonic, stemming, keyword expansion, etc.; visualized filters, pivot bar, search profile (report), from-to analysis
RMS decryption, optical character recognition, additional file types and metadata
Error reporting, Search & Export analytics, auditing log enhancements
Expansion of markets
US Government Community Cloud, ITAR, data centers, e.g. Germany, China, etc.
Office 365 eDiscovery partners Help to ensure the success, usage and adoption of all O365 Compliance capabilities
Showing a live demo of the integrated Equivio capabilities available in Office 365
On by default for E3 & E5
Office 365 Auditing
Opt-in for all O365 tenants
distinct events tracked
100,000 searches run daily
1 billion events collected daily
Azure Active Directory
Why auditing is important
Losing intellectual property and customer data
Compliance risks if data isn’t preserved
Multiple sharing options
Productivity requires easier collaboration
Adding online services to your environment
Vendors, external partners, malicious insiders
Alert policy rules
Compliance Center Office 365 Activity Report
Unified Auditing Pipeline
What data is audited?
Exchange Online Admin activity, end-user (mailbox) activity
Security and Compliance Center Admin activity
Azure Active Directory Office 365 logins, directory activity
Power BI Admin activity
SharePoint Online and OneDrive for Business File activity, sharing activity
downloaded each month
300+ third party apps
See our Microsoft IT case study for DIY ideas
Office 365 Content Pack for PowerBI
• multi-dimensional analysis
• across Office 365 services
• pivot on user information in AD
• opt-in to initialize
Office 365 content pack for Power BI – Datasets
Usage by Product
Usage by Product Activity
User Activity MOM (for all products)
OneDrive Account Activity MOM
SharePoint Site Activity MOM
User Office Activations
User Products Assigned
Are there times when Microsoft would have access to my data, if so who and when?
Providing transparency to where your data is located and control over how and when it is being accessed is our top priority
Examples of Customer Content
Meet Compliance Needs
Customer Lockbox can help customers meet compliance obligations by demonstrating that they have procedures in place for explicit data access authorization
Is the data created by users of Office 365 Services
Extended access Control
Use Customer Lockbox to control access to customer content for service operations
E-mail body or e-mail attachments
SharePoint site contents
Information in the body of a SharePoint file
Skype for Business Presentation File body
IM or Voice Conversations
Customer blob storage (e.g., SQL Containers)
Customer-owned security information (e.g., certificates)
Inferences if customer content remains
100101 011010 100011
Visibility into actions
Actions taken by Microsoft engineers in response to Customer Lockbox requests are logged and accessible via the Management Activity API and the Security and Compliance Center
Where is my data?
This interactive data map provide specific geographic locations of our datacenters throughout the world where customer data is stored in Office 365 and Dynamics CRM Online.
Want to know more?
CIE’ing = Believing: participate in a Customer Immersion Experience (CIE) session with a partner or Microsoft
REGISTER FOR UPCOMING EVENTS:
21 Feb - IT INSPIRATION DAY (Microsoft Zaventem):
28 Mar - OFFICE365 CLUB (EBC): GDPR Updates + Keep Pace with Security Challenges “(Enterprise Mobility + Security”-focus) –
25 Apr - IT INSPIRATION DAY (Microsoft Zaventem)
9 May - CIO ADVISORY BOARD
11-12 May - OFFICE365 CLUB (EBC): GDPR Updates + Windows focus (on Day1)
INDICATE ON YOUR EVAL FORM WHICH EVENT YOU LIKE TO REGISTER FOR
Try out Office 365 and The New Office
Contact your account manager to plan a proof of concept or pilot deployment
Request support through one of our partners or MCS, and FastTrack/Onboarding Services
Discover the #NewOffice on the
http://trust.office365.com/Office 365 Trust center
& OnDemand Viewing
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Microsoft Ignite 2016
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
we have heard that 73% of enterprises indicated security as a top challenge holding back SaaS adoption. At Microsoft we try to help alleviate these concerns and we will talk more about this in a minute.
63% of orgs state challenges with transparency restrict them from growing their cloud usage - http://www.information-age.com/businesses-may-be-ready-cloud-lack-transparency-limiting-its-usefulness-123460051/
Office 365 Trust has three main principles and they are realized in two distinct dimensions – Built-in capabilities and Customer controls
Built-in Capabilities is what we built into the service that is enabled by default:
We have many best practices in design and operations in our data centers to maintain Security, Privacy and Compliance.
Customer Controls is one that our customers have flexibility to implement in their environments:
Over and above what we do in the service, where we are differentiated is with giving flexible controls to achieve Security, Privacy and Compliance based on the needs of their organization. We bring in over two decades of experience to build these capabilities.
Let’s walk through each one of these important aspects one by one.
Microsoft has deep experience in building on premise or workplace environments. Using that knowledge and added operational best practices like regular penetration testing we have built a security hardened service in the cloud
Physical security with 24 hour monitoring, seismic bracing, multi-factor authentication for physical access to data centers.
Data security with features like encryption, logical isolation of customer data and strong authentication
Operational best practices like prevent breach and assume breach to monitor, anticipate, and mitigate threats to protect your data
Office 365 provides unique customer controls like Rights Management Services, Group policy settings empower you to tune up or tune down security controls based on your need.
We contractually commit to not mine your data for advertising purposes. In fact we do not use your data for anything other than providing you world-class services.
We are transparent with your data about the location where it is stored, who has access to it and when. We make this information accessible to you in http://trust.office365.com.
Further we give you flexibility so that if you decide to leave the service, you get to take your data with you – You can get more information in the Data portability section of the Trust Center – http://trust.office365.com.
Office 365 gives you capabilities to collaborate but also give you the ability to regulate information sharing
Rights management allows users to encrypt information and apply policies to give explicit permissions to only do what they are allowed to do with that information (like copy, share, print etc.
When we build features, we consider if privacy controls need to be enabled at the admin level or at the user level
Presence sharing with Lync allows users to let others see their online presence status or block it.
Microsoft is the experienced industry leader in cloud compliance for enterprise customers.
Office 365 is verified to meet requirements specified in ISO 27001, EU model clauses, HIPAA BAA, and FISMA.
What is important and differentiating is how we do it. We enable our customers to meet these compliance requirements through risk management processes refined over decades of experience in Enterprise IT
Our Data Processing Agreement addresses privacy, security and handling of customer data, which helps you comply with local regulations.
There are distinct capabilities that Office 365 provides with compliance controls like Data Loss Prevention, Legal Hold and E-Discovery to comply based on the needs of your organization
We have global, hyper-scale, enterprise grade infrastructure with enterprise reliability, no standing access to data that is secure by design and maintains leadership in meeting compliance certifications. We will talk more about these compliance certifications.
Note: For more detail on where our data centers are located please go here: https://www.microsoft.com/en-us/trustcenter/Privacy/Where-your-data-is-located or go to Aka.ms/dcstrategy for more content on data center strategy on OnRamp.
Office 365 is a global service and continuous compliance refers to our commitment to evolve the Office 365 controls and stay up to date with standards and regulations that apply to your industry and geography.
Because regulations often share the same or similar controls, this makes it easier for Microsoft to meet the requirements of new regulations or those specific to your organization and industry. We have built a specialist compliance team is continuously tracking standards and regulations, developing common control sets for our product team to build into the service.
· EU Model Clauses: Ensures appropriate safeguards are in place to protect personal data that leaves the European Economic Area (prep for any questions regarding safe harbor by reading this: http://blogs.microsoft.com/on-the-issues/2015/10/06/a-message-to-our-customers-about-eu-us-safe-harbor/
· ISO 27018: Microsoft was the first cloud service provider to comply with this new standard which protects personally identifiable information and ensures your data will not be used for advertising purposes
Data’s exploding, and it’s more complex than ever, and the growth is being driven by a variety of sources and types. In fact, every 18 months, a corporation doubles the amount of data that it has in its environment. That’s staggering. And a challenge is, they don’t even know what data they have. So how can they manage the liability and the risk? There’s email, documents, social media, instant messaging, video files. The list is endless. And their question to us is, How do I manage all this data?
How do you bring order to this chaos? As your data increases, so do the demands on your organization to govern it. You’re required by your business and legal and regulatory requirements to keep and protect what’s important, to quickly find what’s relevant and monitor and track actions related to your data.
In addition to compliance, legal and overall governance requirements, organizations must still get business done. Ensuring that users can quickly access the appropriate information, when and how they need it, is paramount to staying competitive. The ability to actively find information quickly, share knowledge, and make informed decisions can determine an organizations ability to remain agile.
Finally, protect content from the massive new threats, and the very visible impact of leaks and breaches is critical.
And it’s all about effective data governance governance. enterprises need to protect their content and be prepared for internal audits, external litigation, regulatory data requests, and e-discovery. Human beings, using manual processes, just cannot keep up with this data explosion
Our answer is to use machine learning to deliver intelligent, in-place solutions. We have the ability to draw correlations within the data in your organization in a way that an individual would not be able to.
Allow end user to make informed choice
User is educated through policy tips, without hampering the productivity
Compliance is baked into the product, not a different service. It is “Built-in” and not “Bolt-on”
Unified Compliance makes it easier to regulate and monitor across workloads.
Eventual goal is have Compliance across the Office suite of products.
We are investing across Office 365 in Compliance in three primary areas:
(and now Advanced eDiscovery)
Management made easier with Unified Compliance center
Microsoft Tech Summit FY17
size, geography, industry
Actions in the S&CC
We are investing across Office 365 in Compliance in four primary areas:
Equivio Analytics for eDiscovery
Content may be compromised moving from one environment to another, increasing risks
Reduces overall IW productivity due to client plug-ins/add-ins
Impedes infrastructure consolidation during upgrades/migrations due to presence of heterogeneous solutions
Migrating on-premises data
To apply compliance controls to on-premises data, organizations can migrate that data to Office 365. The Import Service for Office 365 makes it easy to migrate on-premises email and documents to Exchange Online, SharePoint Online, and OneDrive for Business.
Migrating data from outside of Office 365
When it comes to ensuring data is stored and protected in accordance with compliance standards, organizations can no longer afford to think about email alone. They must account for new communications mediums including social media, instant messaging, and other collaboration platforms. The comprehensive Office 365 Archiving solution covers a wide array ofthird-party data sources with connectors from our partners:
Social — Twitter, Facebook, LinkedIn, etc.
Instant messaging — Yahoo Messenger, GoogleTalk, Cisco Jabber, etc.
Document collaboration — Box, DropBox, etc.
Verticals — SalesForce Chatter, Thomson Reuters, Bloomberg, etc.
SMS/text messaging — BlackBerry, MobileGuard, etc.
Key functions: find, import, classify, apply policy, take actions
Key benefits: in-place, identification, automation, recommendations, secure
Key tech: ML, tagging, unified management
Stay compliant: Identify & retain high value data
Reduce risk: Discard redundant, obsolete & trivial data
Ensure business continuity: Leverage machine assisted policy recommendations
Organizations are facing significant data overload with the amount of electronic data not only exploding but also getting more complex.
Advanced Data Governance in Office 365 will intelligently bring this information overload under control and support our customers’ ability to achieve organizational compliance.
By leveraging machine assisted insights we will help organizations stay compliant and reduce risk by finding and keeping what’s important while leaving behind redundant, obsolete and trivial content (ROT).
In Q1 2017 we will deliver the following data governance capabilities in Office 365:
Import – Intelligently import only the data you need from on-prem and third party archives using classifications such as age, data type, user or groups, sensitivity, or importance.
Policies – Intelligently recommend policies such as delete, move, encrypt, or share, based on machine assisted insights of your data, classifications, tenant, organization, industry, geography and more.
Retention – Intelligently preserve only what’s important to you by using classifications such as keywords, age, data type, user or group, sensitivity, importance. In addition, you can integrate with line-of-business systems which allows you to trigger retention based upon events such as creation of an HR record.
Using Office 365 Advanced Data Governance to intelligently understand and retain high value data while leaving behind ROT, is absolutely critical to ensure that an organization can ensure business continuity and meet data compliance requirements while also reducing their overall risk profile.
Set your locations: all office 365 data locations or choose specific for polcicy creation (SP, EXO, ODFB, Groups (mailbox & site together), SFB, Public folders) – you can exclude or include or specific users (everyone execpt...)
Retention setting: preserve it for X years, and what you want to do after the time (delete it yes or no)- created or last modified
SLA for deletion is 7 days (so it will be deleted within 7 days)
I don’t want to delete – i can lock it Lock can not be broken (was needed for the certification) (you cannot change the policy after creation)
Save for it later What if scenario (for example for data which is already X years in system – will show you what is impact on current data in the system
Conflicts: longest preservation will win, shortest deletion wins, explicit wins over implicit
Advanced eDiscovery (Equivio Analytics for eDiscovery)
eDiscovery occurs when:
Gov agency wants to see whether you are following the right regulations and doing business properly
Competitor feels like you violated a patent or copied their work
You get an audit or request for information
For example, someone who left your organization sues you and requests electronic information to prove what happened and demonstrate in court what occurred
In all of these cases you are legally required to provide this information to the court
This adds up to a lot of money being spent on eDiscovery related activities within organizations
A key part of information governance is about finding the needle in the haystack. Office 365 advanced e-discovery helps you find any content within your organization, because you own your data. And once you’ve identified that dataset, it gives you the ability to mark that content under hold or render it immutable. You can then preview search results or export that content to any existing review tool that you already use.
Real time - no need for waiting and indexing - new information continually coming in
eDiscovery cases often require you to cover new data that is coming in after the case is created
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Streamline with advanced data analysis
The eDiscovery process often involves sorting through thousands of email messages, documents, and other data to find the small number of files that may be relevant. Office 365 Advanced eDiscovery integrates Equivio machine learning, predictive coding, and text analytics to reduce the costs and challenges of sorting through large quantities of data.
Enhanced focus on what’s relevant
Office 365 Advanced eDiscovery reduces the volume of data by finding near-duplicate files, reconstructing email threads, and identifying key themes and data relationships. You can also train the system to intelligently explore and analyze large, unstructured datasets and quickly zero in on what’s relevant. Finally, you can export this data to third-party applications for review.
Once your data is in Equivio, you can now start analyzing it. The Analyze tab allows you to select Near Duplicates and Themes and run an analysis on your data.
The Analyze Results tab labeled ND and ET which shows you:
Target population: summary of the data (e.g. total Files, email, data)
Inclusive = the parts of the thread that fully contain the other parts, meaning the ones with unique content
Unique Inclusive Copies = we check for completeness based on the content but ignore the header information (that way we can capture a newsletter sent to 50 people as the same even though the timestamp or recipient may be different). A Inclusive Copy is an exact duplicate of another Inclusive. A Unique Inclusive Copy means the content is the same in the body but the header does have at least one difference
Inclusive Minus = same as Inclusive but an email earlier in the thread had an attachment that does not exist on this Inclusive. So what it means is from the email side you just need to read this one, but you do have to go back to an earlier email and find the attachment
Attachments: you how many are unique and how many are duplicates
The focus here is on using data analytics to organize your unstructured data and reducing the amount sent to review
Once you have run an analysis pass on your data, you are ready to train the system to distinguish between relevant and non-relevant documents to the case or investigation you are working on.
Select R for Relevant or NR for Not Relevant
- This email looks relevant for this particular case, which is related to Enron, so we will select R
This email is not relevant so we will select NR
After you have done this 40 times, you will then be taken back to the Track screen and system tells you that you are unstable – meaning you haven’t yet identified enough relevant vs. not relevant documents
Then you keep going with training a few more times, repeating the process
and viola you jump ahead in time and the Track screen shows that you have Stable environment, meaning it can likely recognize whether a document is relevant or not – you have taught the system
How many documents do I have to look at? It depends, but 2500 to 3500 on average
You now run a Batch Calculation:
Goes through all other documents that you haven't looked at and gives every document a score between 0 to 100
100 means the document was looked at tagged as Relevant vs. 0 means the document was looked at and tagged as not relevant
The Decide screen is the heart of the Equivio application and allows you to make tradeoffs with regard:
How many documents you want to send to review?
How much that is going to cost you?
The more I review the more it is going to cost me
Where do the numbers come from?
Parameters you put in, we put in $1 a document to make it easy and on avg that is close
The gray box allows you to see how many documents are relevant
Moving the bar to the right allows you to find more documents that are relevant
Review to relevance data
Number of documents you have to look at to get to the % of document which are relevant
Rules call for proportionality
% I review moves the Recall % which indicates what % of the Relevant documents I am going to find
Richness shows how many documents of the total documents are relevant - Recall is % of these documents
More definitions in the appendix
In this particular scenario, if I review 20% of the total documents (~140K of the total files in the collection which are 685K), I will get 84.6% of the documents that the system has identified as likely being relevant (or 30K of the total ~35K identified as being likely Relevant).
Moving the slider to the right, if I review 28% of the total documents (~189K of the total files in the collection which are 685K), I will get 90.4% of the documents that the system has identified as likely being relevant (or 31K of the total ~35K identified as being likely Relevant). However, now my cost has gone up by $64K
Now, if my legal department comes back and says we need an even higher level of relevant documents, I can move the slider further to the right, and review 56% of the total documents (~385K of the total files in the collection which are 685K). I will now get 97% of the documents that the system has identified as likely being relevant (or ~34K of the total ~35K identified as being likely Relevant). However, now my cost has gone up to $385k
In the end, it is important to understand that in a well trained, well performing matter the Precision decreases as you move to lower score.
This is because we are determining the likelihood of a document to be relevant and it is many times easier to find them at first but as i go lower they become harder to identify.
Each document is given a score, and at the high scores every other doc may be R 9/10 or 7/10.
but as I go lower I may find only 1/5, or 1/20 or 1/50
The Export functionality allows you to export your data for review.
The data is already ready to go meaning you don't have to send it to an eDiscovery vendor who will charge you extra per GB to process it to get it ready to put into an eDiscovery Review tool. These files are ready to load into the Review tool meaning they have the extracted text, meta data, analytics, etc.
You have several options to choose from with regard to exporting your data:
Direct import into Review tool through integration
Simply choose the Review tool from the drop down
Only include ND, threaded docs,
All of this reduces your cost, time and risk - only data you need to export out goes out, rest stays securely within O365
Data is moving to the cloud at an increased pace
Employees are bringing their own devices and accessing corporate data to these devices
Multiple ways of sharing the data with both internal and external individuals
Need to be in touch with your tenant and what is happening with your tenant – who is logging in, where are the logging in from,
© Microsoft Corporation. All rights reserved.
Objective: Explain why auditing and alerting/insight is vital in an online service.
Time: 5 minutes
What are the business risks?
Adding online services to on-prem deployments means increased threat surface, less visibility. You’ve got tools in place (SIEM, CASB), but many other online services limit what data they can gather.
In a modern workforce, productivity demands sharing across your org and beyond your org. Vendors, external partners, inadvertent sharing, malicious insiders.
3 types of risk:
Malicious software in your network. Doesn’t really apply to well-run online services; see Sara’s session for those details (BRK2013: Keep calm and automate: How we secure the O365 service)
Phished/hacked accounts. When humans are the weakness, phishing will always work eventually. Studies show that even the best-trained employees have increased click-through rates when they’re tired, under stress. You will never eliminate this.
Malicious insiders. You need to trust your employees with data and make it easy for them to work anywhere. But what happens when a disgruntled employee wants to deliberately harm you?
There’s no automated way for technology to protect from human frailty. Or is there? Today, we’re going to show you the auditing platform that collects signals from all your Office 365 services to give you the transparency you need to secure and investigate any issues, as well as the intelligence, insights, and alerts that Office 365 employs to protect you by automatically detecting risky or anomalous usage and alerting you with actionable insights.
Monitor and investigate actions taken on your data, intelligently identify risks, contain and respond to threats, and protect valuable IP.
Continuous activity logging and reporting
User and admin activity events are logged across SharePoint Online, OneDrive for Business, Exchange Online and Azure Active Directory.
The Office 365 activity report enables you to investigate a user’s activity by searching for a user, file or other resource across SharePoint Online, OneDrive for Business, Exchange Online and Azure Active Directory.
Office 365 Management Activity API
The Management Activity API is a RESTful API that provides an unprecedented level of visibility into all user and admin transactions within Office 365.
The Management Activity API allows organizations and other software providers to integrate Office 365 activity data into their security and compliance monitoring and reporting solution
You can create an activity alert that will send you an email notification when users perform specific activities in Office 365. Activity alerts are similar to searching for events in the Office 365 audit log, except that you'll be sent an email message when an event for an activity that you've created an alert for happens.
Why use activity alerts instead of searching the audit log? There might be certain kinds of activity or activity performed by specific users that you really want to know about. Instead of having to remember to search the audit log for those activities, you can use activity alerts to have Office 365 send you an email message when users perform those activities. For example, you can create an activity alert to notify you when a user deletes files in SharePoint or you can create an alert to notify you when a user permanently deletes messages from their mailbox. The email notification sent to you includes information about which activity was performed and the user who performed it.
ISVs are already building security and compliance solutions!
Partners are building solutions with the API. These rule-based, variance-based and machine learning-based security and compliance solutions provide sophisticated reports, interactive visualizations and operational dashboards to satisfy the complex needs of today’s enterprises. The partner solutions run the gamut, from those providing Office 365-specific solutions, to others that combine Office 365 logs with logs from other cloud services as well as on-premises installations. These integrations create a single pane of glass for integrated operations, security and compliance across the enterprise.
Providing security, transparency and compliance in Office 365 is our top priority. Customer Lockbox for Office 365 can help your customers meet compliance obligations for data access authorization with logging and auditing controls.
Meet Compliance Needs
Customer Lockbox can enable customers to meet compliance needs by demonstrating that they have procedures in place for explicit data access authorization.
Customer Lockbox can help customers meet controls in regulations such as in HIPAA and FEDRAMP.
Extended Access Control
Use Customer Lockbox to control access to customer content for service operations.
Customers who initiate the original request will grant final approval access to the Microsoft engineer. Customers have visibility into the purpose and length of access. Access to customer content will be revoked when service operation is completed.
Visibility into Actions
Actions taken by Microsoft engineers in response to Customer Lockbox requests are logged and accessible via the Management Activity API or the Security and Compliance Center.
On the Office 365 Trust Center, we provide interactive data maps to provide specific geographic details about where data is stored for Office 365 and Dynamics CRM Online
© Microsoft Corporation. All rights reserved. those activities. For example, you can create an activity alert to notify you when a user deletes files in SharePoint or you can create an alert to notify you when a user permanently deletes messages from their mailbox. The email notification sent to you includes information about which activity was performed and the user who performed it.
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MA