Securing your data in SharePoint/OneDrive/Microsoft Teams with Sensitivity Labels

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] thank you all what is a great opportunity to share with you whatever team is up to in the context of security and compliance and today I'm going to focus on specifically around securing your data in SharePoint onedrive and teams with the sensitivity labels some of you might already know me Sasha mani I'm a principal group product manager at Microsoft I've been in this security and compliance industry for many many years and specifically with the SharePoint team for almost 11 years now let me go ahead and they share with you the agenda that I was planning to walk you through the door today I'll briefly mention what the trend we are seeing in the security landscape and then top level what are the security pivots that we use to sharpen our protection story and then we'll get into the what are the new controls specifically around sensitivity labels and I have lots of demos to walk you through and then finally we'll finish up with a quick roadmap slide and Q&A session as well now let's go to start with the security landscape so as you all know most of us are working from home I think I would say all of us I guess through about 300 million global office workers are actually expected to working from home and recent survey actually have indicated that 40% of the CFO's indicate that information see source indicate that information security is a primary risk when everyone is actually remotely working because when we were in a normal work life you have only a few percentage of your workforce typically works remotely but now all of your workforce is working in a more place so the security becomes even more important in these days and then 69% of the CX will indicate that the employee health and the safety is the key consideration now if you double-click on the Information Security one of the trend we're really seeing is what's called the zero trust model like gone are the days where you had to work inside your firewall your corporate content also always live within your corporate network and you need to VPN in to access your corporate data these days the data lives in the cloud are the users are actually expecting to access the data from anywhere from any devices from any applications that's the new norm that we are living in and this is exactly what we mean by zero trust model in the sense that we need to define the security strategy of protecting your data in a way that all the different layers that you think through and then corporate data is accessible at the same time from anywhere and any devices and any locations as well so really it comes to four major aspects one is having a strong user identity so make sure that when the users are authenticating we have a strong way of protecting that second of all what devices that users are using to access your corporate data so being able to manage it or even if they come from unmanaged devices providing them productivity at the same time to some level securing your corporate data and then what apps that they use or services they use to access your corporate data and then finally in the context of access you always want to follow the least privileged access principle so that you provide the access to the corporate data but only to the extent whatever needed privileges are but not giving them so much access super admin access and so on if they don't need it so really if they need to get a job done just provide the limited privileges that they need to access that particular corporate data so that's why this is around the zero trust model and this is a very common pattern across the industry and even within Microsoft we take that into really consideration while they think about our security pivots and our security strategies moving forward now let me briefly spend some time on security pivots that we normally think about and providing our controls for each of the security pivot I would put them in four major pivots the first is all about users so in this category of divet as you know we have both internal employees who are full-time employees they have contractual agreement with us and they follow the corporate rules and so on the from ethical boundary as well and then also you have extra users which are loosely referred as guest users that come and collaborate with your internal employees on a specific project purposes so you need to be mindful of this segments between internal employees versus the external users perhaps you have specific policies needs to be in place when external users come in and accessing your corporate data ensuring they get to access only the content or projects collaterals that are intended for those external users then the second aspect is MFA policy so MFA here stands for multi-factor authentication it's really passwords are good but the same time we're actually moving into the password les model and MFA multi-factor authentication is becoming a new norm and it has to be because you really want to have stronger authentications as a first gate of your security when users beat both internal or external users accessing your corporate data and then finally sharing policies as many of you know we have a SharePoint and onedrive and teams has many sharing Polly policy capabilities you can configure your site collection all the way from only accessible by internal employees to authenticated guest users and then all the way into the anyone users as well meaning anybody who has the link can access the data which is most permissive capability and you can share a file with that particular most permissive control as well so that's under the users pivot the one moving on to the devices limit as you as we all access our corporate data from mobile devices managing those mobile devices is super super critical so this is where products like Intune comes into play so that you can manage your own employees devices at the same time have unmanaged device policy which is the fine-grained conditional access policy that we have in office 365 such that if an employee or an external user accesses the corporate data from unmanaged devices you provide them the appropriate access based on the sensitivity of the content for example you allow them full access if it is a general training material you allow them limited access if there is confidential material or you completely block them if it is a top-secret site that they are trying to access from unmanaged device and then the third one I would call it is the idle session timeout which is in the unmanaged devices you want to ensure that if the user is inactive for a certain period of time and the user forgets to click the sign out button you will be able to kick them out of the signing session so that inadvertently some unauthorized user doesn't come and start taking over the session so this is what we refer as idle session timeout this is something you can configure in the SharePoint and onedrive experience then moving on to the third pivot round locations and in this case we specifically focus around the IP address so you could create a control such that if the user is accessing my corporate data only from within this IP address range only then they can access my corporate data so this is most security centric customers they prefer this kind of approach because that way they have a definitive network range IP address range from which they know that the corporate access is only allowed it's both at the SharePoint level as well as at the azure active directory conditional access policy level you can configure this IP address policy and then the final pivot is around data itself like how do we protect that information or the data and this is where the sensitivity labels plays a vital role and this journey which I'll talk about most of the session is around Microsoft Information protection where you can create sensitivity labels as such as let's say general confidential top-secret and then protect your files as well as the T sites and the teams as well so that based on the sensitivity you will now be able to dictate what policies security policies need to be protected need to be ha nerd for those content and then finally we have automatic classification which I'm going to talk about in a minute all these policies are available generally available except the two items that I have those are available as public preview so you will be able to take advantage or try out these security policies and I have shot you coming up so that I can walk you through on where you can go and learn about these policies sincerity labels are really about helping you to easily classify your data and detect and label your sensitive content in your enterprise corpus as every company going through the digital transformation we are seeing ever-increasing digital data so classification becomes even more important in this digital world second of all with these labels you can associate a richer policies both security and access policies such that if a label is applied to a file or to a team on a site the appropriate policy will automatically get honored third of all these policies are actually consistent across sites teams and office 365 groups so you don't have to worry about having managing multiple places to to provide a consistent and unified policies for your ecosystem and finally these are unified labels across em 365 and what I mean by that is you create them at the m36 Microsoft 365 compliance center and all the Microsoft 365 resources such as SharePoint sites onedrive teams files experience in office apps all of them will now able to expose these labels so that the end user will have a consistent experience let me actually get into some demos of this particular experience so that you can see them in action so I'm going to go to the demo machine here so here I am in the n 365 compliance center as you can see I have created general confidential MLA legal top secret top secret and financial department specific labels so for example if I go and click on the confidential label I can see the policies that are configured for this labels so for example I have sites and group settings are configured as private and then allow limited and their only access so let me actually go ahead and click the Edit label here so it allows you to pick a name you can describe provide a description for this label that is visible to your end-user so this is as per your organization schema you can provide the tooltip that you want to show to the end-users and then you can go ahead and click Next you can select an encryption policy for this particular label and then you can also set the watermark policies so for example in this case I have a confidential text that needs to show up as the watermark if this confidential label gets applied to the file and then specifically around sites and groups settings for team sites and group settings you can set three different categories three different policies one is what's the privacy you want for this office if I group so you have a choice of private or public and then second of all external user access do you want allow external guest users to be added as members for this office by groups or not so you can select them right here and then the third one is a very interesting policy where unmanaged device policy if a resource is being accessed from an unmanaged device with this label which is the confidential label what's the experience you want to provide them you can say I want allow full access or allow limited access limited they're going to access that means user can see the site but they cannot download the files or you can completely block access let's say I'm creating a emanate legal top-secret as a label then of course I would want to Sue's block access because I don't want users to access those top-secret content from my unmanaged devices so by setting all these policies under that one label and if we go ahead and finish this label setting so here is the another auto labeling HIPPA and capabilities which I will talk about it in a minute so this is it so you basically have configured all the relevant policies for this label and let's actually go ahead and see how the label experience looks like from an end-user perspective so here I am in a team's experience I am logged in to my investment bankers team and for this demo sessions purpose I'm an employee in contoso a bank corporation I'm part of the investment banking team so you can first of all see the sensitivity as the first class experience right here in the team's files experience I can see that banking strategies document is labeled as top-secret I can also see that groups international product launch which is another file is also labeled as confidential so if I try to these files so it's a group internet into the International product launch as you can see here this particular file is marked with confidential as the watermark here and this watermark is being added here mainly because this particular file is flagged as confidential and that's the reason the file watermark is saying confidential and as you can see the rest of the labels are also available for me under the sensitivity experience and at the status bar you right here at the bottom you can see that the labels show up as well so if the label has encryption policy attached to it then you will see that lock icons show up in this particular experience so that's how easy it is for the end-user to be able to select a label and across the files experience be it Word Excel or PowerPoint now the appropriate watermark header and footer will also get applied now let's take a look at quickly on the container sites experience so for example here I am in the SharePoint home and if I go ahead and click create a site and let's say I'm going to create a team site and let's me give it a big site name for it you can be demo site and as you can see first of all the options right here available for me to pick the sensitivity of this particular site and the same list available for me general confidential M&A legal top secret top secret and none and if I want to know if I want to decide which is the right label for me I can click on this eye icon right here that shows me as an end-user what my admin has configured are informing me right here it tells me general confidential and you can tailor this experience text whatever the specific appropriate text is for your organization so in this particular case I can go ahead and create confidential and the moment I select conference you'll notice that that is the option laid out and it shows me automatically that private is being applied for this particular group so that's how from a induced perspective they just pick their label between the seam the rest of the security policies will get applied now in the interest of time I actually have created already at site which is the investment bankers site I told you with the confid as the label so you can see at the top here we also show you right in the navigation bar that the confidential label is an apply for this site collection and because I'm logging in from an unmanaged device and the unmanaged device policy is enabled for this label you can see that ello information bar that shows up at the top and it clearly tells me that my organization doesn't allow me to download print or sync using this unmanaged device and that's why on this files experience I don't have the option to download these files into my local device because this device is an unmanaged device so that kind of shows you an idea of how the policies both at the file level as well as at the team and decide collection level are being seamlessly shown to the end-user and taken to account now let's take this one step further so I'm going to go ahead and go to my first screen to do a quick search in one second okay so let's go up to be search experience in their SharePoint home go to click on cancel here so imagine that the multis protected files that I have and I have access to some of them already right and these are encrypted files that are sitting in SharePoint and onedrive and I have only I have access to them in the previous era before we enable this experience you cannot search for those protected files now we have we're glad to let you know that we have enabled that capability as well so for example I have a top-secret project called red zone that is one of the top-secret files that is always encrypted and I have access to those files now when I search for that in my enterprise search experience red zone I can see the files showed up for me and this particular file if I go and click on it it will actually show me up that the file from my branding site and it actually has the text the red zone right here and it's a top secret labeled as file itself so you can see at the bottom status bar that it has the lock icon that means the encryption policy is actually applied for it so what it shows you is as an end user now you can search for these encryption protected files in SharePoint onedrive and teams as well and this is a huge step forward from a Productivity experience point of view for this end users I'm glad I'm hope you guys you fall ops files will love this experience now let me go back to the PowerPoint so I'm sure many of you are thrilled to try this out so if you are gonna be like I would like to let you know that we have made generally available their sensitivity labels with protection for files in the SharePoint onedrive and teams as of May 4th and you can go to this aka door ms /m 365 files labels GA for the announcement as well as the link to the product documentation and how to get this enabled in your tenant and then start working you know start working through this also we have made the public preview for sensitivity labels for teams sites and office 365 groups and we're also looking at enabling this for general availability in the next few months you can learn more about this particular feature at AKA dot ms /m 365 sites labels ok let me pass that for a minute they said any questions that I should answer this point unmute myself so those few questions related on licensing and is it income governmental accounts or tenants the typical set of questions related on them I think from a licensing point of view you really need for just getting the basic labels available for your tenant you need to have an e license key one or III license you will be able to then create the appropriate labels but then the policies that you want to apply to the label so for example for encryption policy you need to have the RMS service license then for the device policy the unmanaged device policy that I showed you you need to have as your Active Directory premium plan one license those are the two license are required if you need those two policies but if you need the basic workflow then you can just have even III license and then enable the office e25 group settings was a question related on are there any plans to make the sensitivity label available for PDF documents for PDF yes yes definitely yes this is definitely in our radar we are working you know as our next back of our roadmap items to bring you forward PDF support as well absolutely then we have few developers on the call and they're interested on the API and extensibility model is there a way to automate this stuff for nothing yes absolutely we do have partials and API is available both ms graph api is and rest api is in sharepoint and i will share the article link to that it's that way you can get the labels on file or on this particular site you can get them and set the labels as well at a specific site level basically this is another SP site property that we and then you can basically enumerate them or set them as well at that site collection level cool a lot of other questions as well I think we need to come back on those you have some additional content to go through so that's that's continuing for a while I'll collect some of the questions on the side sounds good okay thank you visa yeah okay so let's say a continue on the next trip topic that I want to cover is automatic classification with sensitivity labels so what I showed you in the previous demos is manually the users can go into the file are going to the SharePoint site creation time and pick a label right that is the typical process that I showed you before but especially the files authoring experiences users sometimes forget or they neglect to label their sensitive data but at the same time as an enterprise security and compliance admin you do want to detect these files and label them as well so that appropriate security policies are always there learning these files and this is where automatic classification come is to play as you know we have over 100 sensitive information types that is out-of-the-box available in our system in our service and you can use those to create these auto labeling policies so for example you can imagine if the file has more than 10 credit card numbers in it then you want to label the file automatically as confidential right so you can create policies like that job rules based using these hundred plus sensitive information types also these automatic automatic classification policies we do want to help you to simulate them first and fine-tune the policies before you actually publish these automatic labeling policies in your service and that's where policy simulator comes into play so now let me actually quickly show you what that experience looks like so we'll go back to my browser here this con right here so here I am in the information production tab again where I have paid on the labels and if you notice on the top we have a new tab called automatic labeling Trivium and if you click on that particular tab here is where you can create these auto labeling policies for SharePoint and onedrive and also teams basically all the data that is residing in these services files data you can now create auto labeling policy here so as you can see here I have created a couple of policies and three of them are under simulation right now and then two of them are already enabled and working in my in my tenant itself so for example if I take the US financial data in one drives or let me go ahead and take the click on that and you can see that it basically ran the simulation and it came back to me there is not specific matches found and I can actually target specific sites so in this particular case I have targeted one drive of a specific users in this case the Sascha user account is what I have targeted and of course you can target many onedrive sites as well so you can select the high profile users onedrive if you wanted to target those as the onedrive location also you can target SharePoint sites as well not just onedrive sites so you can select the specific SharePoint sites URLs and then being able to target that as well so for example if I click on edit option let me quickly show you what that experience looks like so here I am onedrive accounts I can choose the accounts as I just talked about and I can click on SharePoint sites and then I can go ahead and click on choose sites and which will let me select specific sites URLs I can type it in and then add them to my policy as well and also we do that for exchange mailboxes - as you can see here and this is mainly for data in transit and you send a mail these rules will be applied for that - so that is how easy it is to create a policy or select a location specifically for your auto labeling policy then the next thing you select is the rules for this policy so for example here I have created US financial data credit card data so the condition is if the file contains credit card number US bank account number and ABA routing number and the content is shared with the external users then it will be picked up in this particular role or I can then select high volume low volume in the sense how many number of specific how many number of occurrences of this credit card number needs to be there in a given file to trigger this particular policy so for high-volume I've set it up as 10 for high for a low volume for high volume I set it up as I think 20 in this particular case so that's how you configure these rules if you want to create an add a new rule you just click on create rule you add your name here and then you can add the condition I want to look for specific sensitive types so you can add the specific sensitive types like I said there are 100 plus sensitive information types available out of the box for you to pick from so you can select them here so for example Finland national ID or you get the idea here so you can pick any of the available sensitive information types and also if you have a custom sensor information types you can add them as well and then those will become available for you for selection as well so I'm going to go ahead and click Next here and that's basically the experience to pick the location pick the rules and then finally you need to pick the label that you want to apply so in this case I can pick top secret or highly confidential or the other labels that I have in my organization so I can pick that label and hence if the rules satisfy that particular if the file satisfies a particular rule then the corresponding label will get applied ok so that's how you configure an auto labeling policy and as I said whenever you clean order labeling policy the first thing you do is run it in a policy simulation mode so that you get the results back on how many files potentially are going to be Auto labeled due to this policy and if you're satisfied with that then you can say publish the policy and that's really what happens here if I go back to the list view of the auto labeling policy that I created so you can see I have two policies that I have applied for and they're actually running in my service so let's take a look at what's one of those policies looks like so here I have a site collection micro banking strategies is the site collection that I have targeted this Auto labeling policy and as you can see I have a sensitivity column there in all the top secret confidential labels for showing up for these labels and if you hover over and leave it there you can see it says that this file has been automatically labeled so we also tell you for a given file if it is labeled is it labeled automatically or is it labeled manually so in this case this file customer credit card numbers is automatically labeled because the user forget to label it that's why the system picked up and labeled it and on the other hand I think there are other items like for example this particular new product overview PowerPoint is actually labeled manually as well okay so we give you that flavor whether it is automatically or manually label and also it shows you that even if the users neglect system will pick up and ensure that a sensitive content is protected slide here so this particular feature or a classification with sensitive labels is available as public preview you can go to aka.ms/offweb to try out these features and give us our feedback and this is I know the licensing question will come up this is actually an e5 premium feature so if you have an e5 trial v5 trial then you will be able to try this out feature so let me pause that for a minute they say any questions so quite a lot of questions so cute can you target Microsoft teams chat or a channel with their sensitivity labels that's an interesting one as well the team itself when you create a team you can pick a sensitivity label and that's the what we call the holistic view then that label protects everything that inside the team including the files experience that I talked about we don't have the capability where a specific chat or a specific channel within the team you can set the label we don't have that capability yet once the good feedback will definitely take that into consideration and that relates on another question which is so if you set it in the site level then it labels automatically everything in the site is that true no if you set it at the site level only then that site collection policies such as the device policy that I mentioned and the external yes taxes and the privacy policy those are the policies that will get honored we are looking at one of the road map feature which is if you set it at the site collection level then then the corresponding entry policy if the label has an encryption policy those will get honored by all the files underneath the site collection as well that is one of our roadmap item we are looking at it two more and then I think we have a few more slides so will this work also in a classic site if you have any existing classic SharePoint sites so is there a difference between that that's a great question yes you can apply the sensitivity label on a classic site as well however like I said the policies which is the device policy corresponding policies if it is available only those policies will get honored in the classic sites typically you know you don't need to have a groups connected site let me put it that way in order to apply this label any you know simple modern SharePoint site or communication site for example you can apply that same sensitivity label great and then last one because I know that you have still have some content sir and we'll get back on hopefully in the end and is it possible to sorry do we have any options to automate all the label policy using a partial or any SDK so again people are thinking on automating this to multiple tenants yeah so I think so this is mainly we do have an MIP SDK and as I said there are API is available in SharePoint and in ms graph and we are you know increasing that API surface I wouldn't say that everything is available as of today there are a few API is available to retrieve the labels of the sites or files and we are working on adding more capabilities in that regard the automatic classification that I just walked you through the demo with the auto labeling policy and so on we don't have those as API yet in fact that is as you can see it has more I would say closer in terms of extensive files it could potentially just touch all the files in your tenant so that's why we are starting in a very thoughtful fashion giving you that control through our auto labeling simulation experience and then we will look at how to gradually increase it into exposing as a programmatic API eventually sure sure let's continue now and let's see if we have time in dense because just few slides to go through perfect the last in this class bonding notion I want to talk about content Explorer and this is the experience there so now that we have this capability for labeling your enterprise corpus the next obvious question is I would like you know we want to give you ability to look at the whole enterprise corpus and say how many files are actually labeled and in what category or the top secret confidential or general and more importantly are there site collections that are not labeled and perhaps those are your weakest to link where you do need to run the order classification like a premium future to protect to detect the sensitive files and then also do auto label them as well so this is where the content Explorer view come into play so we provide you a full holistic view of all the files and the citations that are labeled here also you can look at in office e65 audit logs the full experience there as well so for example if I go back to my slide my demo mission here real quick so I can show you here here is the data classification content Explorer view so right here you can immediately see what are the sensitive information types used in your tenant this is across the tenant and you can also see what labels are heavily used so in my case in this particular demo tenant I have top secret label heavily used followed by a confidential followed by illegal top-secret so we show you this activity and if you go into the content Explorer you get even much richer granularity on insights across sensitive information types sensitivity labels like what labels are being used and so on so here I can see that credit card number is around 28 files in my tenant are using or having credit card numbers in them EU debit card number 25 files or having them on the other hand if I wanted to see by sensitivity label I can see them as well and of course as you look at these let's say top secret if you want to double click on it and if you wanted to know exactly which side collections or having those files you can now drill down them as well and similarly activity explorer gives you the complete activity which user labelled which file or which particular site collection you can get that few as well so not only here in also in office it 5 audit log you get that full capability as well so if you go for activity type like sensitivity you get the activity officer for example say Jie has removed sensitivity label from a site he applied the label to a file and then when you click on a specific activity it will tell you exactly which site that item that particular label activity got got done so we explain sure that the end-to-end you can see the full visibility as well well if we go back to the screen or point here but there is actually more coming what additional capability I want to call out is the sensitive information you may want to protect it from the get-go meaning when the user uploads a document into SharePoint onedrive or teams from the get-go you may want to protect it because even if you have automatic labeling turned on it might take some time for the engine to come and pick up and detect that if the file has content in it so that's why we have this feature called block external access by default and this is the tenant level feature that you can turn off the idea here is that if you are a very security centric enterprise corpus every upload that happens to the far to the service until an DOP scan happens on the file you don't want that file to be a turn Alicia because that avoids and protects your content from leaking to wrong hands of course once a DLP scan has run and an auto labeling policy has applied auto label to it then it's okay now you know that continent the file has no sensitive content or it has little content now the appropriate DLP policy has been applied so that's why we brought this feature called protect sensitive information from the get-go so this is one other feature I want to highlight it so just to summarize I know I covered a lot of ground on this topic and labels protection for files I showed you the HS perience also labels protection labels for sites and teams experienced automatic classification and then I showed you quickly the content explorer and office if I ordered log view and I finished with D of P block external access by default as well so that's the overall view there the only last item I want to leave you with and then I'll open up for questions is we have more stuff coming in this security space an additional feature that I'm want to give you a kind of a teaser at this point is so imagine you have segmented users in your enterprises like investment bankers and advisers and you want to allow them to be in their own segregated segmented view such that the contents that are associated with investment bankers is available only for investment bankers the content like teams or SharePoint site associated with advisers are only accessible by advisory users and the user who sits in the middle like the general users they cannot access none of those to content and this is the very I would say compliance heavy security heavy feature or competitors who really want to ensure the investment banking content our sites are only SSL by investment bankers the advisory content our sites are accessible only by advisory users so that's how you bring in the barrier even within your own organization to ensure that for example insider trading like scenarios cannot happen in the organization it's a very big especially in financial industry is the very big very big compliance need and this is called information barrier so you can create an information barrier create some segments in your organization and then create like the UX shows here barrier between investment bankers and advisory bankers as the picture shows here you are actually blocking the communication and collaboration between these two user segments and an example scenario here just to be clear this is not just for financial customers there are a lot of energy customers and healthcare customers where they need such a advanced security scenario one example references I always use is a friend Rock'em 'pliance in the financial and FSI SEC star that's where this is heavily used and I know I'm getting to the closer to the to the time so I'm going to skip that particular demo I'm going to go right into the roadmap slide and I will leave it here for questions so real quick I've showed you the sensitivity labels for teams and sites that's already in preview and it's going to GA this summer censored labels with protection for files is already g8 as of last week automatic classification with sensitivity labels the demo I showed you it's in public preview we plan to GA that in the summer as well the block external access by default this is to protect your sensitive data from the get-go it's actually available as GA for SharePoint sites so you can normally use them now for onedrive we are working on it and it will come to GA in the next few months information barrier that I briefly touched on is actually available in preview for SharePoint and teams connected sites and we're planning to GA a flavor of this in the summer as well and finally expiring permissions for external Isis I didn't get a chance to try it out I'll show it to you today but we have this cool feature for if the external users today invite you invite them to a SharePoint site or a file they get access until you go and revoke them right now that brings up the problem of stale permissions that are being there and we are now providing you a way to say any external access users that are coming trying to access content in your tenant you can say after 60 days that axis goes away and if the site owner or the if the site owner wants to he can extend that access so that's what is expiring permissions for external users he looks like so those are the availab things that are coming up in this summer through summer and then we also have few items by the end of the calendar year the count Explorer the view that I've showed you I think that will very soon GA as well the co-op experience which adding in a chance to show it to you today but the protected files you can actually co-author them in office on the web as well but for office which client we are working on bringing that forward and then also the multi-factor authentication at a site level so imagine you have a top-secret site and now you want to enforce multi-factor authentication you can use that you can do that as well that's something we are working on in our roadmap item and finally instant session revocation so if you have a compromised user account you can instantly they work their session and that will get Harnett across sharepoint onedrive and teams as well so that's my roadmap slide I think it's a good slide to be open and then I will take a few more questions back to you Alyssa any questions yeah so plenty of questions let's actually them true so and I'm gonna take it there one development-related can we can we advantage properties in the condition for their for a policy that's good question from a Shia Mendez manage the properties I think it's origines properties as a condition oh oh I see conditions this is for the automatic classification correct right correct for the yes okay definitely that's a good feedback not it's not there today in this v1 version but definitely we will that's a great feedback so we will take actually interesting right here that's that's clever but then they will say quite a few different kind of questions so that's office office 2016 and office 2019 have integration in there or MS and the sensitivity labels out of the box so do you need to install something or is the office clients automatically native support for this yeah office clients as the desktop clients the Office ProPlus and the 2019 that you mentioned automatically has this negative support now that's actually the biggest work that we have done on the client side itself so they do have the negative support and of course it doesn't you know it doesn't go all the way into like 2013 client or 2010 client like that but only for the Pro Plus and the 2019 client it will have it and as I can see as you can see here one other item I called out is office rich client coatt for protected files that's a specific feature that we are working on that is not yet but you can open the file in pro class or in 2019 you can see the sensitivity label and you can apply the label on the file good good now I'm gonna ask one more question I do apologize you missed quite a few of the questions thank you by the way for those who were answering and helping other questions in the chat as well but there is a tech Community Links which David Warner already shared on the chat as well and if you go to them in the SharePoint blog as an example and those are messages from xuxia and he can probably answer if there's any questions related on which we did an answer but there was a good question from Sean sorry so setting labels and from Cisco while power automate can I manage the labels so can I basically create a flow to automate labels in a power automate sign that's the great great thinking and the feedback there are we haven't yet finished the integration with the power automate and ability to set these properties in the files in SharePoint and definitely that is one of the integrations that we are looking into it and we'll keep you posted as we progress on that excellent Thank You Trisha [Music]

Info

Channel: Microsoft 365 Community

Views: 10,513

Rating: 4.9583335 out of 5

Keywords: SharePoint, Development, PnP, Dev, community, Microsoft, Teams, OneDrive, Sensitivity, Labels

Id: NxvUXBiPFcw

Channel Id: undefined

Length: 44min 58sec (2698 seconds)

Published: Mon May 18 2020