Updates from: 01/17/2021 04:02:40
Category Microsoft Docs article Related commit history on GitHub Change details
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md
@@ -193,7 +193,7 @@ For more information about configuring Yammer in Native Mode, see:
- Confirm or update the policy name. Policy names cannot be changed once the policy is created.
- - Choose the users or groups to supervise, including choosing users or groups you'd like to exclude.
+ - Choose the users or groups to supervise, including choosing users or groups you'd like to exclude. When using the conflict of interest template, you'll select two groups or two users to monitor for internal communications.
- Choose the reviewers for the policy. Reviewers are individual users and all reviewers must have mailboxes hosted on Exchange Online. Reviewers added here are the reviewers that you can choose from when escalating an alert in the investigation and remediation workflow. When reviewers are added to a policy, they automatically receive an email message that notifies them of the assignment to the policy and provides links to information about the review process.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-feature-reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-feature-reference.md
@@ -41,8 +41,9 @@ Policy templates are pre-defined policy settings that you can use to quickly cre
| **Offensive language and anti-harassment** | Monitor communications for offensive language | - Locations: Exchange Online, Microsoft Teams, Yammer, Skype for Business <br> - Direction: Inbound, Outbound, Internal <br> - Review Percentage: 100% <br> - Conditions: Offensive language classifier | | **Sensitive information** | Monitor communications for sensitive information | - Locations: Exchange Online, Microsoft Teams, Yammer, Skype for Business <br> - Direction: Inbound, Outbound, Internal <br> - Review Percentage: 10% <br> - Conditions: Sensitive information, out-of-the-box content patterns, and types, custom dictionary option, attachments larger than 1 MB | | **Regulatory compliance** | Monitor communications for info related to financial regulatory compliance | - Locations: Exchange Online, Microsoft Teams, Yammer, Skype for Business <br> - Direction: Inbound, Outbound <br> - Review Percentage: 10% <br> - Conditions: custom dictionary option, attachments larger than 1 MB |
+| **Conflict of interest** | Monitor communications between two groups or two users to help avoid conflicts of interest | - Locations: Exchange Online, Microsoft Teams, Yammer, Skype for Business <br> - Direction: Internal <br> - Review Percentage: 100% <br> - Conditions: None |
-## Permissions (preview)
+## Permissions
>[!Important] >By default, Global Administrators do not have access to communication compliance features. The roles assigned in this step are required before any communication compliance features will be accessible.
@@ -230,7 +231,7 @@ If you enter multiple conditions, Microsoft 365 uses all the conditions together
If you want to reduce the amount of content to review, you can specify a percentage of all the communications governed by a communication compliance policy. A real-time, random sample of content is selected from the total percentage of content that matches chosen policy conditions. If you want reviewers to review all items, you can configure **100%** in a communication compliance policy.
-## Privacy (preview)
+## Privacy
Protecting the privacy of users that have policy matches is important and can help promote objectivity in data investigation and analysis reviews for communication compliance alerts. This setting applies only to user names displayed the communication compliance solution. It does not affect how names are displayed in other compliance solutions or admin center.
@@ -328,7 +329,7 @@ If you'd like to change the severity level assigned in an alert policy for a spe
7. Select **Close** to exit the alert policy details page.
-## Power Automate flows (preview)
+## Power Automate flows
[Microsoft Power Automate](https://docs.microsoft.com/power-automate/getting-started) is a workflow service that automates actions across applications and services. By using flows from templates or created manually, you can automate common tasks associated with these applications and services. When you enable Power Automate flows for communication compliance, you can automate important tasks for alerts and users. You can configure Power Automate flows to notify managers when users have communication compliance alerts and other applications.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-investigate-remediate https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-investigate-remediate.md
@@ -111,7 +111,7 @@ Now that you've reviewed the details of the message for the alert, you can choos
- **Resolve**: Selecting the **Resolve** control immediately removes the message from the **Pending alerts** queue and no further action can be taken on the message. By selecting **Resolve**, you've essentially closed the alert without further classification and it can't be reopened for further actions. All resolved messages are displayed in the **Resolved** tab. - **False Positive**: You can always resolve a message as a false positive at any point during the message review workflow. False positive signifies that the alert was non-actionable or that the alert was incorrectly generated by the alerting process. The message cannot be reopened and all false positive messages are displayed in the **Resolved** tab.-- **Power Automate (preview)**: Use a Power Automate flow to automate process tasks for an alert message. By default, communication compliance includes the *Notify manager when a user has a communication compliance alert* flow template that reviewers can use to automate the notification process for users with message alerts. For more information about creating and managing Power Automate flows in communication compliance, see the [Communication compliance feature reference](communication-compliance-feature-reference.md#power-automate-flows-preview) article.
+- **Power Automate (preview)**: Use a Power Automate flow to automate process tasks for an alert message. By default, communication compliance includes the *Notify manager when a user has a communication compliance alert* flow template that reviewers can use to automate the notification process for users with message alerts. For more information about creating and managing Power Automate flows in communication compliance, see the [Communication compliance feature reference](communication-compliance-feature-reference.md#power-automate-flows) article.
- **Tag as**: Tag the message as *compliant*, *non-compliant*, or as *questionable* as it relates to the policies and standards for your organization. Adding tags and tagging comments helps you micro-filter policy alerts for escalations or as part of other internal review processes. After tagging is complete, you can also choose to resolve the message to move it out of the pending review queue. - **Notify**: You can use the **Notify** control to assign a custom notice template to the alert and to send a warning notice to the user. Choose the appropriate notice template configured in the **Communication compliance settings** area and select **Send** to email a reminder to the user that sent the message and to resolve the issue. - **Escalate**: Using the **Escalate** control, you can choose who else in your organization should review the message. Choose from a list of reviewers configured in the communication compliance policy to send an email notification requesting additional review of the message alert. The selected reviewer can use a link in the email notification to go directly to items escalated to them for review.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance.md
@@ -46,13 +46,13 @@ Communication compliance policies can assist with reviewing messages in your org
- **Risk management**
- Organizations are responsible to all communications distributed throughout their infrastructure and corporate network systems. Using communication compliance policies to help identify and manage potential legal exposure and risk can help minimize risks before they can damage corporate operations. For example, you could scan messages in your organization for unauthorized communications about confidential projects such as upcoming acquisitions, mergers, earnings disclosures, reorganizations, or leadership team changes.
+ Organizations are responsible to all communications distributed throughout their infrastructure and corporate network systems. Using communication compliance policies to help identify and manage potential legal exposure and risk can help minimize risks before they can damage corporate operations. For example, you could scan messages in your organization for unauthorized communications and conlficts of interest about confidential projects such as upcoming acquisitions, mergers, earnings disclosures, reorganizations, or leadership team changes.
- **Regulatory compliance** Most organizations must comply with some type of regulatory compliance standards as part of their normal operating procedures. These regulations often require organizations to implement some type of supervisory or oversight process for messaging that is appropriate for their industry. The Financial Industry Regulatory Authority (FINRA) Rule 3110 is a good example of a requirement for organizations to have supervisory procedures in place to scan user communications and the types of businesses in which it engages. Another example may be a need to review broker-dealer communications in your organization to safeguard against potential money laundering, insider trading, collusion, or bribery activities. Communication compliance policies can help your organization meet these requirements by providing a process to both scan and report on corporate communications. For more information on support for financial organizations, see [Key compliance and security considerations for US banking and capital markets](../solutions/financial-services-secure-collaboration.md).
-## New enhancements
+## Key feature areas
Communication compliance in Microsoft 365 offers several important features to help address compliance concerns on your messaging platforms:
@@ -66,7 +66,7 @@ Communication compliance in Microsoft 365 offers several important features to h
Intelligent customizable templates in communication compliance allow you to apply machine learning to intelligently detect communication violations in your organization. -- **Customizable pre-configured templates**: New policy templates help address the most common communications risks. Initial policy creation and follow-on updating are now quicker with pre-defined anti-harassment and offensive language, sensitive information, and regulatory compliance templates.
+- **Customizable pre-configured templates**: New policy templates help address the most common communications risks. Initial policy creation and follow-on updating are now quicker with pre-defined anti-harassment and offensive language, sensitive information, conflict of interest, and regulatory compliance templates.
- **New machine learning support**: Built-in threat, harassment, profanity, and image [classifiers](classifier-get-started-with.md) help reduce false positives in scanned messages, saving reviewers time during the investigation and remediation process. - **Improved condition builder**: Configuring policy conditions is now streamlined into a single, integrated experience in the policy wizard, reducing confusion in how conditions are applied for policies.
@@ -121,8 +121,9 @@ In this workflow step, you identify your compliance requirements and configure a
You can choose from the following policy templates in the Microsoft 365 compliance center: - **Offensive or threatening language**: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that may be considered abusive or offensive.-- **Sensitive information**: Use this template to create a policy to scan communications containing defined sensitive information types or keywords to help make sure that important data isn't shared with people that shouldn't have access.-- **Regulatory compliance**: Use this template to create a policy to scan communications for references to standard financial terms associated with regulatory standards.
+- **Sensitive information**: Use this template to quickly create a policy to scan communications containing defined sensitive information types or keywords to help make sure that important data isn't shared with people that shouldn't have access.
+- **Regulatory compliance**: Use this template to quickly create a policy to scan communications for references to standard financial terms associated with regulatory standards.
+- **Conflict of interest**: Use this template to quickly create a policy to monitor communications between two groups or two users to help avoid conflicts of interest.
- **Custom policy**: Use this template to configure specific communication channels, individual detection conditions, and the amount of content to monitor and review in your organization. ### Investigate
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies-yammer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-yammer.md
@@ -23,6 +23,9 @@ description: "Learn about retention policies that apply to Yammer."
>*[Microsoft 365 licensing guidance for security & compliance](https://aka.ms/ComplianceSD).*
+> [!NOTE]
+> This feature is in preview and not yet available for all customers.
+ The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to Yammer. For other workloads, see:
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/whats-new https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md
@@ -95,7 +95,7 @@ Watch the video below to learn how Compliance Manager can help simplify how your
- [Updated role groups](communication-compliance-configure.md#step-1-required-enable-permissions-for-communication-compliance). Communication compliance role groups now match the role group structure available for the insider risk management solution. - [Reports dashboard](communication-compliance-feature-reference.md#reports-preview). Your central location for viewing all communication compliance reports. Report widgets provide a quick view of insights most commonly needed for an overall assessment of the status of communication compliance activities.-- [Power Automate flows](communication-compliance-feature-reference.md#power-automate-flows-preview). Set up flows to automate tasks for alerts and users, notify managers when users trigger an alerts, and more.
+- [Power Automate flows](communication-compliance-feature-reference.md#power-automate-flows). Set up flows to automate tasks for alerts and users, notify managers when users trigger an alerts, and more.
- [ΓÇÿImprove classificationΓÇÖ remediation action](communication-compliance-investigate-remediate.md#step-3-decide-on-a-remediation-action). Alerts containing items that match trainable classifiers might benefit from feedback to help minimize false positives in your organization. The **Improve classification** option lets you provide feedback whether detected items match the classifier configured in the related communication compliance policy. You can even suggest other classifiers to associate with the item to improve match accuracy for future alerts. ### Data connectors
@@ -165,7 +165,7 @@ Several new and improved features hit public preview this month:
- When [reviewing messages in an alert](communication-compliance-investigate-remediate.md#step-3-decide-on-a-remediation-action), you can now remove inappropriate messages in Microsoft Teams channels, 1:1, and group chats. Removed messages and content are replaced with a policy tip that explains that it was removed due to sensitive content. - New [communication roles](communication-compliance-configure.md#step-1-required-enable-permissions-for-communication-compliance) (these will also be included in new communication compliance role groups releasing in September).-- New communication compliance settings experience that includes settings for [privacy](communication-compliance-feature-reference.md#privacy-preview) and [notice templates](communication-compliance-feature-reference.md#notice-templates).
+- New communication compliance settings experience that includes settings for [privacy](communication-compliance-feature-reference.md#privacy) and [notice templates](communication-compliance-feature-reference.md#notice-templates).
- New [classifiers](communication-compliance-feature-reference.md#classifiers) to help detect adult, racy, and gory images. - New ΓÇÿPattern detectedΓÇÖ notification that appears when [reviewing messages in an alert](communication-compliance-investigate-remediate.md#step-2-examine-the-message-details) lets you know about reoccurring instances of the same behavior by a user.
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints.md
@@ -3,7 +3,7 @@ title: "Office 365 U.S. Government GCC High endpoints"
ms.author: kvice author: kelleyvice-msft manager: laurawi
-ms.date: 01/04/2021
+ms.date: 01/15/2021
audience: ITPro ms.topic: conceptual ms.service: o365-administration
@@ -32,7 +32,7 @@ Office 365 requires connectivity to the Internet. The endpoints below should be
||| |:-----|:-----|
-|**Last updated:** 01/04/2021 - ![RSS](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7) <br/> |**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7) <br/> |
+|**Last updated:** 01/15/2021 - ![RSS](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7) <br/> |**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7) <br/> |
Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who do not yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you are using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/urls-and-ip-address-ranges.md
@@ -57,7 +57,7 @@ Data columns shown are:
[!INCLUDE [Office 365 worldwide endpoints](../includes/office-365-worldwide-endpoints.md)] >[!Note]
->For recommendations on Yammer IP addresses and URLs, see [this blog post](https://techcommunity.microsoft.com/t5/Yammer-Blog/Using-hard-coded-IP-addresses-for-Yammer-is-not-recommended/ba-p/276592).
+>For recommendations on Yammer IP addresses and URLs, see [Using hard-coded IP addresses for Yammer is not recommended](https://techcommunity.microsoft.com/t5/Yammer-Blog/Using-hard-coded-IP-addresses-for-Yammer-is-not-recommended/ba-p/276592) on the Yammer blog.
> ## Related Topics
@@ -66,7 +66,7 @@ Data columns shown are:
[General Microsoft Stream endpoints](https://docs.microsoft.com/stream/network-overview#general-microsoft-stream-endpoints)
-[Monitor Microsoft 365 connectivity](https://docs.microsoft.com/microsoft-365/enterprise/monitor-connectivity?view=o365-worldwide)
+[Monitor Microsoft 365 connectivity](https://docs.microsoft.com/microsoft-365/enterprise/monitor-connectivity)
[Root CA and the Intermediate CA bundle on the third-party application system](../compliance/encryption-office-365-certificate-chains.md)
includes https://docs.microsoft.com/en-us/microsoft-365/includes/office-365-u.s.-government-gcc-high-endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/office-365-u.s.-government-gcc-high-endpoints.md
@@ -1,7 +1,7 @@
<!--THIS FILE IS AUTOMATICALLY GENERATED. MANUAL CHANGES WILL BE OVERWRITTEN.--> <!--Please contact the Office 365 Endpoints team with any questions.-->
-<!--USGovGCCHigh endpoints version 2021010400-->
-<!--File generated 2021-01-04 11:00:05.0106-->
+<!--USGovGCCHigh endpoints version 2021011500-->
+<!--File generated 2021-01-15 17:00:01.4418-->
## Exchange Online
@@ -10,7 +10,7 @@ ID | Category | ER | Addresses | Ports
1 | Optimize<BR>Required | Yes | `outlook.office365.us`<BR>`40.66.16.0/21, 131.253.83.0/26, 131.253.84.64/26, 131.253.84.192/26, 131.253.86.0/24, 131.253.87.144/28, 131.253.87.208/28, 131.253.87.240/28, 131.253.88.0/28, 131.253.88.32/28, 131.253.88.48/28, 131.253.88.96/28, 131.253.88.128/28, 131.253.88.144/28, 131.253.88.160/28, 131.253.88.192/28, 131.253.88.240/28, 2001:489a:2200:28::/62, 2001:489a:2200:3c::/62, 2001:489a:2200:44::/62, 2001:489a:2200:400::/56` | **TCP:** 443, 80 4 | Default<BR>Required | Yes | `attachments.office365-net.us, autodiscover.<tenant>.mail.onmicrosoft.com, autodiscover.<tenant>.mail.onmicrosoft.us, autodiscover.<tenant>.onmicrosoft.com, autodiscover.<tenant>.onmicrosoft.us, autodiscover-s.office365.us` | **TCP:** 443, 80 5 | Default<BR>Required | Yes | `outlook.office365.us` | **TCP:** 143, 25, 587, 993, 995
-6 | Allow<BR>Required | Yes | `*.manage.office365.us, *.protection.office365.us, *.scc.office365.us, manage.office365.us, scc.office365.us`<BR>`13.72.179.197/32, 13.72.183.70/32, 23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.170.14/32, 52.227.170.120/32, 52.227.178.94/32, 52.227.180.138/32, 52.227.182.149/32, 52.238.74.212/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
+6 | Allow<BR>Required | Yes | `*.manage.office365.us, *.protection.office365.us, *.scc.office365.us, manage.office365.us, scc.office365.us`<BR>`13.72.179.197/32, 13.72.183.70/32, 23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.170.14/32, 52.227.170.120/32, 52.227.178.94/32, 52.227.180.138/32, 52.227.182.149/32, 52.238.74.212/32, 52.244.65.13/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
## SharePoint Online and OneDrive for Business
@@ -30,7 +30,7 @@ ID | Category | ER | Addresses | Ports
## Microsoft 365 Common and Office Online ID | Category | ER | Addresses | Ports
+-- | ------------------- | --- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------
11 | Allow<BR>Required | Yes | `*.gov.online.office365.us`<BR>`52.127.37.0/24, 52.127.82.0/23` | **TCP:** 443 12 | Default<BR>Required | Yes | `*.cdn.office365.us` | **TCP:** 443 13 | Allow<BR>Required | Yes | `*.gov.us.microsoftonline.com, graph.microsoft.us, graph.microsoftazure.us, login.microsoftonline.us`<BR>`20.140.232.0/23, 52.126.194.0/23` | **TCP:** 443
@@ -43,5 +43,5 @@ ID | Category | ER | Addresses | Ports
23 | Default<BR>Required | No | `*.office365.us` | **TCP:** 443, 80 24 | Default<BR>Required | No | `lpcres.delve.office.com` | **TCP:** 443 25 | Default<BR>Required | No | `*.cdn.office.net` | **TCP:** 443
-26 | Allow<BR>Required | Yes | `*.compliance.microsoft.us, *.security.microsoft.us, compliance.microsoft.us, security.microsoft.us`<BR>`13.72.179.197/32, 13.72.183.70/32, 23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.170.14/32, 52.227.170.120/32, 52.227.178.94/32, 52.227.180.138/32, 52.227.182.149/32, 52.238.74.212/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 443, 80
+26 | Allow<BR>Required | Yes | `*.compliance.microsoft.us, *.security.microsoft.us, compliance.microsoft.us, security.microsoft.us`<BR>`13.72.179.197/32, 13.72.183.70/32, 23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.170.14/32, 52.227.170.120/32, 52.227.178.94/32, 52.227.180.138/32, 52.227.182.149/32, 52.238.74.212/32, 52.244.65.13/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 443, 80
28 | Default<BR>Required | No | `activity.windows.com` | **TCP:** 443