Merge pull request #124695 from SrushtiMathur/patch-5

Update customer-lockbox-overview to add a statement in exclusions.

Author: Jak-MS

articles/security/fundamentals/customer-lockbox-overview.md

@@ -156,7 +156,7 @@ We introduced a new baseline control ([PA-8: Determine access process for cloud
 
 Customer Lockbox requests are not triggered in the following scenarios:
 
-- Emergency scenarios that fall outside of standard operating procedures and require urgent action from Microsoft to restore access to online services or to prevent corruption or loss of customer data. For instance, a major service outage or a security incident demands immediate attention to recover or restore services under unexpected or unpredictable circumstances. These "break glass" events are rare and, in most cases, do not necessitate access to customer data for resolution. The controls and processes governing Microsoft's access to customer data in core online services align with NIST 800-53 and are validated through SOC 2 audits. For further information, refer to the [Azure security baseline for Customer Lockbox for Microsoft Azure](/security/benchmark/azure/baselines/customer-lockbox-for-microsoft-azure-security-baseline).
+- Emergency scenarios that fall outside of standard operating procedures and require urgent action from Microsoft to restore access to online services or to prevent corruption or loss of customer data, or to investigate a security or abuse incident. For instance, a major service outage or a security incident demands immediate attention to recover or restore services under unexpected or unpredictable circumstances. These "break glass" events are rare and, in most cases, do not necessitate access to customer data for resolution. The controls and processes governing Microsoft's access to customer data in core online services align with NIST 800-53 and are validated through SOC 2 audits. For further information, refer to the [Azure security baseline for Customer Lockbox for Microsoft Azure](/security/benchmark/azure/baselines/customer-lockbox-for-microsoft-azure-security-baseline).
 - A Microsoft engineer accesses the Azure platform as part of troubleshooting and is inadvertently exposed to customer data. For example, the Azure Network Team performs troubleshooting that results in a packet capture on a network device. It is rare that such scenarios would result in access to meaningful quantities of customer data. Customers can further protect their data through the use of Customer-managed keys (CMK), which is available for some Azure service. For more information see [Overview of Key Management in Azure](key-management.md).
 
 External legal demands for data also do not trigger Customer Lockbox requests. For details, see the discussion of [government requests for data](https://www.microsoft.com/trust-center/) on the Microsoft Trust Center.