Teams Enhances End-to-End Encryption to Bolster Security – UC Today

admin on July 25, 2023 Leave a Comment

Microsoft is launching Collaboration Security for Microsoft Teams, a solution whose features include an enhancement of full end-to-end encryption.

The solution is among several Defender for Office 365 tools and applications being introduced to Teams as Microsoft, and its other features include enhanced visibility into attacks through end-user reporting and the new capability for IT admins and SecOps to auto-purge malicious messages and attachments after their delivery.

Initially announced in March 2023, Collaboration Security for Microsoft Teams is rolling out now, with full, email-style end-to-end encryption arguably its highlight addition.

Sehrish Khan, Product Marketing Manager at Microsoft, wrote in a blog post in March:

With 71 percent of companies admitting that sensitive and business-critical data is regularly shared via collaboration tools like Microsoft Teams, organizations are increasingly realizing the need to make collaboration security an integral part of their overall SOC strategy. Thats why we are bringing the full feature set that customers use to protect their email environments across prevention, detection, and response to Microsoft Teams.

Microsoft state that Collaboration Security for Microsoft Teams was catalysed by the growth of hybrid and remote working, with the risks to data protection, privacy and security inherent to working over UC and collaboration platforms.

Attacks like phishing and ransomware that for decades have primarily used email as an entry point are now also targeting users on collaboration tools with growing frequency, Khan added.

Customers of Microsoft E5, Microsoft E5 Security, or Microsoft Defender for Office 365 can now leverage this update to improve their Teams security.

As well as introducing full end-to-end encryption in Teams, Microsoft also adds capabilities to improve cybersecurity awareness and resilience for business users.

All collaboration security functions will be integrated with the unified security operations (SecOps) experience of Microsoft 365 Defender, Microsofts Extended Detection and Response (XDR). As a result, all signals and alerts will be compiled across other domains, including endpoints, identities, email, DLP, and SaaS apps.

Microsoft now enables users to report suspicious messages directly in Teams, similar to how users can report suspicious emails in Outlook. The security team will be alerted whenever users report suspicious messages and can note them in the 365 Defender portal. This is an update of Microsofts Safe Links feature, initially launched in 2021, which scanned URLs shared in Teams conversations, chats, or channels for possibly malicious content at time-of-click to prevent users from accessing malicious websites.

All user submissions will be compiled into an auto-generated investigation of suspicious URL clicks. This will streamline the experience of reviewing suspicious messages for SOC teams, allowing them to respond more quickly.

The automatic purging of potentially malicious messages and attachments is an intriguing capability. For a faster response and automatic action, we are bringing zero auto purge (ZAP) to Teams, which protects end-users by analysing messages post-delivery and automatically quarantines messages that contain malicious content to stop the actor from compromising the account, Khan wrote.

Once a malicious message or attachment has been identified, the entire Teams ecosystem will be automatically scanned for the same sign of compromise before quarantining all other relevant messages at scale for better protection.

The default configuration for ZAP is to transfer all malicious messages into quarantine, where SOC teams can assess them further before deciding on the next steps, but the policy can also be customised to suit each businesss needs.

Other Collaboration Security features include providing SecOps with proactive tools for the advanced hunting of threats, which comprises a query-based threat-hunting tool that lets admins and SecOps examine up to 30 days of raw data. Microsoft is also adding attack simulation and training tools to bolster education, awareness, and risk assessment to support Teams user resilience against security threats.

Microsoft announced a series of new Copilot capabilities for Teams Phone and Chat. Copilot will be adding generative AI to phone calls for Teams Phone. With this new function, users can make and receive calls from their Teams app on any device and get real-time summarization and insights.

For Teams chat, users can quickly synthesise important information from their chat threads, allowing them to ask specific questions to catch up on the conversation so far, manage key discussion points, and summarise data relevant to their workflows.

Other new Teams features announced at Inspire included the Teams chat window being able to transfer to the Edge browser when opening webpage link from Teams chat, a keyboard shortcut to search chats and channels, collaborative notes in Teams meetings, and enhanced external collaboration requests.

Microsoft launched Bing Chat Enterprise, bringing Bing Chats generative AI features into the business world.

While Bing Chat Enterprises capabilities could be seismic for businesses around the world, Microsoft went to great lengths during the solutions announcement to emphasise how secure and safe its offering will be for companies with anxiety around data protection.

Microsoft emphasised the strength of Bing Chat Enterprises security because the most widely available generative AI solutions have come under close scrutiny in recent weeks and months for their handling of privacy and protection of business data.

The central issue is that OpenAIs ChatGPT, the most generally used generative AI service, leverages user prompts to develop and improve its model unless users deliberately opt out. This has galvanised worries that employees might inadvertently include proprietary or confidential data or information in their prompts, which ChatGPT utilises to answer future queries.

However, when business users utilise Bing Chat Enterprise, their chat data is not saved and, therefore, not extracted to train AI models. No one else can view the users prompts and data.

In this context, Collaboration Security for Microsoft Teams maintains MicrosMicrosoftstment in strengthening its security offerings across its suite.

See the article here:
Teams Enhances End-to-End Encryption to Bolster Security - UC Today

Related Posts
Posted in Encryption

Comments are closed.