Communication compliance in Microsoft 365
In this tutorial, we will learn about Communication compliance in Microsoft 365 and its features.
Communication compliance is a Microsoft 365 insider risk solution that lets you discover, collect, and act on incorrect messages in your business, reducing communication risks. Internal and external communications may be scanned for policy matching using pre-defined and custom policies. So that they may be evaluated by reviewers who have been assigned to them. In your business, reviewers can look at scanned email, Microsoft Teams, Yammer, or third-party interactions. Furthermore, they take the necessary steps to ensure that they adhere to your organization’s communication standards.
Further, communication compliance policies in Microsoft 365 help you overcome many modern challenges associated with compliance and internal and external communications, including:
- Firstly, scanning increasing types of communication channels
- Secondly, the increasing volume of message data
- Lastly, regulatory enforcement and the risk of fines
Key feature areas
Communication compliance in Microsoft 365 offers several important features to help address compliance concerns on your messaging platforms:
1. Intelligent customizable templates
Intelligent customizable templates in communication compliance allow you to apply machine learning to intelligently detect communication violations in your organization.
- Customizable pre-configured templates. New policy templates help address the most common communications risks. Initial policy creation and follow-on updating are now quicker with,
- pre-defined anti-harassment and offensive language
- sensitive information
- conflict of interest
- regulatory compliance templates.
- Secondly, New machine learning support. The built-in threat, harassment, profanity, and image classifiers help reduce false positives in scanned messages. Thus, saving reviewers time during the investigation and remediation process.
- Lastly, Improved condition builder. Configuring policy conditions is,
- now streamlined into a single
- integrated experience in the policy wizard
- reducing confusion in how conditions are applied for policies.
2. Flexible remediation workflows
Built-in remediation workflows allow you to quickly identify and take action on messages with policy matches in your organization. However, the following new features increase efficiency for investigation and remediation activities:
- Firstly, Flexible remediation workflow: New remediation workflow helps you quickly take action on policy matches, including new options to escalate messages to other reviewers and to send email notifications to users with policy matches.
- Secondly, Keyword highlighting: Terms matching policy conditions are highlighted in the message text view to help reviewers quickly locate and remediate policy alerts.
- After that, New filters: Investigate and remediate policy alerts faster with message filters for several fields, including sender, recipient, date, domains, and many more.
- Next, User history view: Historical view of all user message remediation activities, such as past notifications and escalations for policy matches, now provides reviewers with more context during the remediation workflow process.
- Lastly, Show Translate view: Quickly investigate message details in eight languages using translate support in the remediation workflow. Messages in other languages are automatically converted to the display language of the reviewer.
3. Actionable insights
New interactive dashboards for alerts, policy matches, actions, and trends help you quickly view the status of pending and resolved alerts in your organization.
- Firstly, Proactive intelligent alerts: Alerts for policy matches requiring immediate attention include new dashboards for pending items sorted by severity and new automatic email notifications sent to designated reviewers.
- Secondly, Interactive dashboards: New dashboards display policy matches, pending and resolved actions, and trends by users and policy.
- Lastly, Auditing support: A full log of policy and review activities is easily exported from the Microsoft 365 compliance center to help support audit review requests.
Workflow
Internal regulations and regulatory compliance standards can be difficult to comply with, and communication compliance can assist. Identifying and addressing communication compliance concerns in Microsoft 365, on the other hand, follows the following workflow:
1. Configure
You determine your compliance needs and create suitable communication compliance policies in this workflow stage. Policy templates are a wonderful method to rapidly create new compliance policies as well as alter and update existing policies as your needs evolve. However, in the Microsoft 365 compliance centre, you may select from the following policy templates:
- Firstly, Offensive or threatening language: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that may be considered abusive or offensive.
- Secondly, Sensitive information: Use this template to quickly create a policy to scan communications containing defined sensitive information types.
- Thirdly, Regulatory compliance: Use this template to quickly create a policy to scan communications for references to standard financial terms associated with regulatory standards.
- Lastly, Custom policy: Use this template to configure specific communication channels, individual detection conditions, and the amount of content to monitor and review in your organization.
2. Investigate
This step includes the following actions available in the Microsoft 365 compliance center:
- Firstly, Alerts: When a message matches a policy condition, an alert automatically generates.
- Secondly, Issue management: For each alert, you can take investigative actions to help remediate the issue detected in the message.
- Thirdly, Document review: During the investigation of an issue, you can use several views of the message to help properly evaluate the detected issue.
- Then, Reviewing user activity history: View the history of user message activities and remediation actions, such as past notifications and escalations, for policy matches.
- Lastly, Filters: Use filters such as sender, recipient, date, and subject to quickly narrow down the message alerts that you want to review.
3. Remediate
The next step is to remediate communication compliance issues you’ve investigated using the following options:
- Firstly, Resolve: After reviewing an issue, you can remediate it by resolving the alert.
- Secondly, Tag a message. As part of the resolution of an issue, you can tag the detected message as compliant, non-compliant, or as questionable as it relates to the policies and standards for your organization.
- Thirdly, Notify the user. Often, users accidentally or inadvertently violate a communication compliance policy. You can use the notify feature to provide a warning notice to the user and to resolve the issue.
- Then, Mark as a false positive. Messages incorrectly detected as matches of compliance policies will occasionally slip through to the review process.
- After that, Remove the message in Teams (preview). Inappropriate messages may remove from display in Microsoft Teams channels or personal and group chats messages.
- Lastly, Escalate for investigation. In the most serious situations, you may need to share communication compliance information with other reviewers in your organization. Communication compliance tightly integrates with other Microsoft 365 compliance features to help you with end-to-end risk resolution. Escalating a case for investigation allows you to transfer data and management of the case to Advanced eDiscovery in Microsoft 365.
4. Monitor
The entire workflow process is spanned by keeping track of and handling compliance concerns highlighted by communication compliance regulations. Existing policies may need to be reviewed and updated when alerts are issued and investigation and remedial activities are undertaken, and new policies may need to be written.
- Monitor and report: Use communication compliance dashboard widgets, export logs, and events recorded in the unified audit logs to continually evaluate and improve your compliance posture.
Reference: Microsoft Documentation