Digital meetings have only increased recently. We save time and increase collaboration with the right type of skills in meetings regardless of where the participants are located.
When it comes to sensitive topics, there are still some meetings that are conducted physically solely to reduce the risk of sensitive information being leaked. We do have a lot of news within Microsoft Purview Information Protection that helps us to protect sensitive meetings.
This includes for instance protection of Outlook meeting invites where we can protect the invite itself and make sure that the invite and any attachments are protected. For instance, a sensitive internal meeting can be protected and restricted for only internal access that blocks the meeting invite as well as any content/attachments of being forwarded or shared externally.
For a sensitive project we can make sure that these meetings invite are restricted only to the project’s members regardless of internal or external members.
Let’s take an example with a use case.
Business Case Project Delta
This is Project Delta with sensitive information restricted only the project members. We need to make sure that all information and access are restricted only to the project members. The project leader is also Team owner and can control access by adding/removing users to the team.
With the sensitivity label encryption configuration based on the same Microsoft 365 group as the team project. The members get automatically:
- Access to the Team site
- Access to protected project information (regardless of where these files are stored)
- and now also the meetings invite
When the project leader wants to invite to a confidential meeting regarding the project he applies the sensitivity label for the project and send this to both external and internal members.
Sensitive Project meetings are classified (Labeled and Protected) either manually or automatically based on sensitive project information.
The invite and any attachment will be protected only to project members. The company’s internal members are restricted by Exchange Data Loss Prevention (DLP) to send the invites to anyone outside of the project.
If someone within the company by mistake adds a non-project member to the invite the sender is noticed and blocked:
The exchange DLP rule looks for both classified/labeled Project Delta emails and invites as well content of the email with detection of sensitive project information based on a sensitive information type. If this is sent to anyone that is not a member of the project this email/invite is blocked and the sender is notified by the following configuration:
With the sensitivity label we encrypt the information and define/restrict permissions like print, copy or forwarding. In this use case forwarding is allowed. But we still only allow access to the content for project members.
If the project leader sends this invite to an external project member, the external member has permission to forward the invite to another coworker. With help of the protection the coworker (or anyone outside of the project) can´t open the invite or any attachments that may have been downloaded from the invite.
But lets say that this coworker should be part of the project as well as the planned meeting.
The only thing the project leader needs to do, is to add this member to the project Team.
This user can now open the meeting invite that has been sent to him earlier (as well as any project files that has been shared and stored).
Control Teams meeting settings.
Based on the sensitivity we can also define settings for the meeting. For instance, require end-to-end encryption or prevent copying of chat content for sensitive meetings:
Sensitivity label settings for Teams meetings and chats
Define meetings settings based on the sensitivity for the Team or channel.
We can predefine what meeting sensitivity that should be set by the sensitivity of the Team or Channel.
In this case we have configure that meetings created from Secret Internal teams and channels get classified as secret with internal restrictions
For the Project Delta we can configure that meetings created within this team automatically get classified Confidential and labeled for Project Delta with correct permissions.
Notice that enhanced protection settings for Teams require additional license that are explained here