(tech whirring) - Coming up, I'll show
you how you can establish an intelligent information
governance approach for your data in Microsoft 365 and beyond, with the latest capabilities for governing and mitigating your compliance risks. Starting with understanding the internal and external data in your organization, central management of policies that trigger automatic data
retention and deletion, the ability to use AI
through trainable classifiers to automatically find the data so that policies can be applied at scale, and how you can evolve your policies and processes over time. For any organization,
regardless of the size, data is one constant
that's designed to grow. To meet your governance needs in one spot, we've designed the Microsoft
365 compliance center to give you a centralized management plane for all of your data compliance needs. From here in the Solution Catalog, we have a dedicated information
governance solution, in fact, it's a good idea to
pin it to your left navigation to easily get back to it. As you can see when I open it, this is where you can
keep track of the policies via labels that you have in
place across your environment. That said, any governance
strategy starts with knowing what data exists within your organization. Understanding the sensitivity of your data and where it may reside as it's
stored across environments, is one of the biggest challenges for establishing governance
over your data today. Information governance
has a few core concepts: Your information or files; setting policies to these files, this is usually retention or deletion; a set of processes to
apply labels to your files, either manual or intelligently automated. The good news is, the new
data classification tab gives you a consolidated view
of business-critical data across your organization, whether it's in Microsoft 365
or other data repositories. This view is a combination of pre-built sensitive classifier types, and custom labels that you have in place, matched against the data
in your organization. You're also able to see the
activity around your data, as well as the data that remains
unclassified and unmanaged, so that you can take appropriate actions. I'll show you how you
intelligently and automatically classify your data at scale in a moment. First, to get the most holistic
view of your data possible, we are also making it easier
for you to bring in data from systems outside of Microsoft 365 to take advantage of a
centralized governance approach. We give you a growing number
of native data connectors, for the ingestion of
data into Microsoft 365. For example, our improved
Instant Bloomberg connector, which if I click on Connectors, you'll see I already have
Instant Bloomberg configured. It maps email addresses in Bloomberg with corresponding
Microsoft 365 user accounts. Let's switch to the user experience. You'll see that Adele has conversations from Instant Bloomberg that
are now archived in her inbox. Once in Microsoft 365, this
data is now discoverable, and policies can be applied. In this case for example, we have applied seven years of retention. Speaking of which, let me show
you how you can easily set up data retention at scale. Back in the Compliance
Center under Governance, I can see the retention
policies I have running. I'm going to add a new retention policy. Give it a name. Give it a description. Click Next. Here is where you can set
the duration of the retention and related settings,
including automatic deletion. I'll click Next. And now I can select the locations where I want to retain data, everything from email to
SharePoint to Teams, and more. I'll cancel out of this policy, because I already have
one like this configured. Okay, so now I've set up retention across my various locations, the next thing that I want to
do is scope specific policies based on the data type and content. For that I need Labels, so
I'll go to the Labels tab. You can see I have nine
labels already created. I'll go ahead and create a new one. I'll give it a name, Project Orlando. If I want, I can give it a description for my admins and users, but
I'll skip that and click Next. This brings me into Label settings. I can configure my policy, I'll specify how long I want
to keep this content type and what needs to happen at
the end of my retention period. For example, I can trigger
a disposition review or I can trigger retention based on other parameters, as well. I'll keep when it was
created, and click Next. Now I'll review the Label
and choose Create this label. And I'll can see the Project
Orlando label I just created. And now I can go a step further. We'll automate when
this label gets applied as content is created in the
future that meets my criteria. This is how you can scale
over all the content your users create. I'll click Auto-apply label. Here you can see all the options. I can look for sensitive information type. If you're familiar with our DLP offering, we give hundreds of built-in
sensitive info types that you can use. You can also use specific
keywords or phrases so that the label is
triggered based on a keyword in a document or other metadata fields. Or something brand new. I can use machine learning
trainable classifiers, and click Next. Here you see built-in classifiers for things like Offensive
Language, Harassment, and Resumes to name a few, and
you can also build your own, such as here I have created one called Contoso Insider trading
as a custom classifier. I'll click on Create a new one to show you how these are built. I'd like to have a new
classifier for contracts, so I'll click Create. Give it a name, Contoso Contracts. First, we need to seed the
classifier with content. In our case existing contracts, so that it can identify similar content as it gets created in the future. For best results, you'll want
to point this to a location with 50 to 500 samples, and these can be Office document types, PDFs, text files, etc. I'll use an existing SharePoint site with the content that I want to seed. This content happens to be in a folder. Now I'll click the plus sign to add it. I'll click Next. I'll review what I just built and click Create trainable classifier. Now you'll see Contoso Contracts. In the background it is
creating a base model and predicting content that
matches the criteria I set. This can a take a while
based on your source content. This one is already complete
and we can review the results. In fact, you'll see
that classifier accuracy isn't available yet and I need to review before I can publish this classifier. So to do that, I'll click
on Tested items to review. Here you see all the
files that were predicted, and I can validate its assessment. I'll start with this one, 174283. It looks relevant, I
agree with the prediction, and click Yes. Now I'll go to the next one, and this doesn't look like
a contract or relevant. so I'll click No. In advance, I've gone through
this process a few times to reach an accuracy of 99.6%. So I'm ready to publish. Now I'll close this and
see that it's ready to use. Now let's try this out
with a new contract. I'll upload a contract
to a SharePoint site covered by my policy. Now it's in SharePoint. Now, it took a moment, but it detected it was a contract and you'll see that the
Project Orlando retention label and policy is automatically applied. Okay, so now let's switch gears and talk about deletion or disposition. Earlier, I selected automatic deletion when we were setting up
the retention policy, but I could have also triggered a disposition review workflow. Disposition is often just
as important as retention and in some cases, you'll want oversight
of what gets deleted. Let's look at the
disposition review process. Now I'll go back into
the Compliance Center. I'll click into the Disposition tab, and select Project Orlando. And you'll see that based on the policy there are seven items pending review. I'll click into this
Terms and Conditions doc and now I can decide whether to Dispose, Extend, or Tag the file. I won't take any action at this point, but this just shows you how easy it is to do a disposition review. Now, I do want to show you one more thing. With your data enlightened
through classification and retention policies and
everything centrally managed, as new data comes into your environment and your organization evolves, you need to get insight into
how policies are behaving and be able to efficiently make changes. Back in labels, we'll
select Project Orlando again and I can now explore items to see what labels have
been applied and removed. Such as here in October, I
can see 25 labels were applied and one removed and now I can monitor and take actions from there. So that was a quick tour of the Information Governance
solution in Microsoft 365, which allows you to know your data, including data from within
and outside of Microsoft 365, centrally manage and
automate governance at scale with machine learning, and
evolve your policies over time. To learn more, check out
aka.ms/InfoGovernance. Thanks for watching. (upbeat music)
