TechNsight

Ask a Question

How the new Communication Compliance classifiers can help you protect your organization from policy violations

Question:

How can I use the new Communication Compliance classifiers to monitor and prevent various types of policy violations in my organization?

The new classifiers are:

  • Leavers: Detects messages that indicate an intention to quit the organization.
  • Corporate sabotage: Detects messages that mention deliberate acts of damage or destruction to corporate assets or property.
  • Gifts & entertainment: Detects messages that involve exchanging gifts or entertainment for service, which may breach corporate policy.
  • Money laundering: Detects signs of money laundering or attempts to hide the source or destination of funds. This classifier is designed for regulated customers such as banking or financial services who need to comply with anti-money laundering regulations.
  • Stock manipulation: Detects signs of stock manipulation, such as recommending to buy, sell, or hold stocks to influence the stock price. This classifier is designed for regulated customers such as banking or financial services who need to comply with securities regulations.
  • Unauthorized disclosure: Detects sharing of information that is marked as confidential or internal to certain roles or individuals in the organization.
  • Workplace collusion: Detects messages that refer to secretive actions such as hiding information or having private conversations, interactions, or information. This classifier is designed for regulated customers such as banking, healthcare, or energy who need to comply with anti-collusion regulations.

    • The new classifiers will be available in public preview in late June and will be fully rolled out by mid-July. They are associated with Microsoft 365 Roadmap ID 93251, 93253, 93254, 93255, 93256, 93257, 93258.

    To

prepare for using the new classifiers, you need to enable Microsoft Purview Communication Compliance, which helps you detect code of conduct and regulatory compliance violations, such as harassment, threats, adult content, and sensitive information sharing. Communication Compliance is built with privacy by design, so usernames are anonymized by default, role-based access controls are enforced, investigators are authorized by an admin, and audit logs are maintained to ensure user privacy.

Answer:

How to use the new Communication Compliance classifiers to monitor and prevent policy violations in your organization

Communication Compliance is a feature of Microsoft Purview that helps you detect and respond to potential violations of your organization’s code of conduct and regulatory compliance obligations, such as harassment, threats, adult content, and sensitive information sharing. Communication Compliance uses artificial intelligence to analyze messages and attachments across various communication channels, such as email, chat, and social media, and flag any content that matches predefined classifiers or custom conditions.

Microsoft has recently announced the public preview of several new classifiers for Communication Compliance, which will expand its scope and capabilities to help you monitor and prevent various types of policy violations in your organization. These new classifiers are:

  • Leavers: This classifier detects messages that explicitly express intent to leave the organization, which is an early signal that may put the organization at risk of malicious or inadvertent data exfiltration upon departure.
  • Corporate sabotage: This classifier detects messages that explicitly mention acts to deliberately destroy, damage, or destruct corporate assets or property, which may indicate malicious intent or disgruntlement.
  • Gifts & entertainment: This classifier detects messages that contain language around exchanging of gifts or entertainment in return for service, which may violate corporate policy or ethical standards.
  • Money laundering: This classifier detects signs of money laundering or engagement in acts designed to conceal or disguise the origin or destination of proceeds. This classifier is designed for regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for money laundering in their organization.
  • Stock manipulation: This classifier detects signs of stock manipulation, such as recommendations to buy, sell, or hold stocks in order to manipulate the stock price. This classifier is designed for regulated customers such as banking or financial services who have specific regulatory compliance obligations to detect for stock manipulation in their organization.
  • Unauthorized disclosure: This classifier detects sharing of information containing content that is explicitly designated as confidential or internal to certain roles or individuals in an organization, which may breach data protection or privacy policies.
  • Workplace collusion: This classifier detects messages referencing secretive actions such as concealing information or covering instances of a private conversation, interaction, or information. This classifier is designed for regulated customers such as banking, healthcare, or energy who have specific regulatory compliance obligations to detect for collusion in their organization.

    • The new classifiers will be available in public preview in late June and are expected to be fully rolled out by mid-July. They are associated with Microsoft 365 Roadmap ID 93251, 93253, 93254, 93255, 93256, 93257, 93258.

    To prepare for using the new classifiers, you need to enable Microsoft Purview Communication Compliance in your Microsoft 365 admin center. You can then create and manage Communication Compliance policies that specify which communication channels, users, and groups to monitor, which classifiers or conditions to apply, and which actions to take when a violation is detected. You can also assign roles and permissions to investigators who can review and resolve the flagged items in the Communication Compliance portal. Communication Compliance is built with privacy by design, so usernames are pseudonymized by default, role-based access controls are built in, investigators are explicitly opted in by an admin, and audit logs are in place to ensure user-level privacy.

    By

using the new Communication Compliance classifiers, you can enhance your organization’s ability to detect and prevent various types of policy violations, protect your reputation and assets, and foster a culture of trust and compliance.

Related posts:

  1. WiFi Adapter Download Speeds: Causes and Fixes
  2. Overcoming File Access Hurdles: Professional Advice
  3. Adapter Hubs: The Key to a Smooth Transition from USB to DisplayPort 2.0?
  4. The Distinctive Role of PCIList Among Computer Inventory Systems
  5. Aeromium Barcode Maker: A Solution for Mass Barcode Creation
  6. FMV-Extractor Tips: How to Handle Multiple Files at Once

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Terms Contacts About Us