Protected Content, Information Barriers, and More
Following up on yesterday’s report that Office 365 Groups will soon support sensitivity labels, more details emerged at Microsoft Ignite about how this support will flow through to group-enabled SharePoint Online sites. This is part of a big set of new features coming to improve the capabilities of SharePoint Online in the compliance space.
SharePoint Embraces Protection
From a SharePoint perspective, the big news is that SharePoint will soon be able to deal with encrypted content more elegantly than is possible today. After applying sensitivity labels with an Office app (desktop, mobile, or online – see Figure 1), SharePoint Online can index document content protected with a sensitivity label that invokes encryption (through rights management). Support for sensitivity labels in the Office Online apps also co-authoring of protected content.
Being able to index protected content is a big change. Up to now, SharePoint could only index the document metadata (like the subject or topic fields) of protected documents and the content remained inaccessible. Now, administrators will be able to search protected documents using Office 365 content searches (just like they can search protected email today). Naturally, users will also be able to search sites for protected content, but only content they have permission to access.
Protected documents downloaded from SharePoint sites retain their protection because the protection settings are part of the document metadata that apps respect inside or outside Office 365.
DLP and Protected Content
Along with search, Office 365 Data Loss Prevention policies will be able to examine protected content and apply policies to content found to violate policies because of the presence of sensitive data such as credit card or social security numbers.
Sensitivity Labels and Document Properties
One thing you won’t be able to do (for now) is apply a sensitivity label by editing document properties in the same way you can apply a retention label today. SharePoint’s new functionality concentrates on the storage and management of content marked with sensitivity labels instead of the direct application of the labels. However, you can expose a new Sensitivity column in document views to highlight protected documents (Figure 2).
SharePoint Online and Information Barriers
Most of what’s described above will be in public preview from November 20. Private previews are spinning up for more advanced functionality, like the ability to auto-apply sensitivity labels to documents based on their content. Also in private preview is SharePoint Online support for Office 365 Information Barriers. In this implementation, SharePoint will block sharing of documents with people inside the organization if mandated by an information barrier policy.
Expiring External Access
Finally, SharePoint is introducing new controls to allow organizations to set expiration periods for external access to content. You’ll be able to define how long a sharing link should last for external people. Once the period elapses, they lose access to the shared content. Lots of good stuff!
Stay up-to-date with developments in compliance across Office 365 with the Office 365 for IT Pros eBook.