Wednesday, January 6, 2021

Office 365 : Topic : Security & Compliance (Series 2)

Understanding different categories available to secure Office 365 services and data:

This section explains the different categories available to you to secure Office 365 services and data.

1. Managing Alerts

You can access the alerts section from the LHS panel available in the Office Security & Compliance widget as shown in the figure below.

Using Alerts an organization can configure and manage security alerts. A security admin can configure & manage alert policies. Alerts have the following options:

• Manage Alerts
• View Security Alerts
• Manage Advanced Alerts 

Security Alerts

Security Alerts can be configured to send out email notifications. You can also switch on Alerting with Advanced Security Management.

1. Advanced Security Management

Advanced Security Management includes:
• Threat detection: Helps you identify high-risk and abnormal usage, and security incidents.
• Enhanced control: Shapes your Office 365 environment leveraging granular controls and security policies.
• Discovery and insights: Delivers enhanced visibility into your Office 365 usage and shadow IT without installing an endpoint agent

2. Managing Permissions

Using Permission, you can assign permissions to people in your organization to perform tasks in the Security & Compliance Center. The Permission section is shown in the figure below.

While most permissions can be assigned with this feature, you’ll also need to use the Exchange admin center and SharePoint to set permissions for others.

Permissions in the Security & Compliance Center are based on the same Role Based Access Control (RBAC) permissions model that is used in Exchange Online. To access the Security & Compliance Center, users need to be a member of one or more Compliance Center role groups that are listed on the Permissions page.

The list shown in the figure below is of Security & Compliance Center role groups.

3. Understanding Classification & Labels

Classifications let you classify data using labels. You can classify data across your organization for governance, and enforce retention rules based on that classification. Under Classifications, you have three options as shown in the figure below.

Classifications can be used in different scenarios such as:

• Tax forms that need to be retained for a minimum period.
• Press materials that need to be permanently deleted when they reach a certain age.
• Competitive research that needs to be both retained and then permanently deleted.
• Work visas that must be marked as a record so that they can’t be edited or deleted.


Using Labels, you can perform the following tasks:
• Enable people in your organization to apply a label manually for their content in Outlook on the web, Outlook 2010 and later, OneDrive, SharePoint, and Office 365 groups. Users often know best what type of content they’re working with, so they can classify it and have the appropriate policy applied.
• Apply labels to content automatically if it matches specific conditions, such as when the content contains:
• Apply labels to specific types of sensitive information. This is available for content in SharePoint and OneDrive.
• Apply Specific keywords that match a query you create. This is available for content in Exchange, SharePoint, OneDrive, and Office 365 groups.

This ability to apply labels automatically to the content is important because:
• Users need not be trained on all your classifications.
• No dependence on users to classify all content correctly. Users no longer need to know about data governance policies – they can instead focus on their work.
• Apply a default label to a document library in SharePoint and Office 365 group sites, so that all documents in that library get the default label.
• Implement records management across Office 365, including both email and documents. You can use a label to classify content as a record. When this happens, the label can’t be changed or removed, and the content can’t be edited or deleted.
• Create and manage labels on the Labels page in the Office 365 Security & Compliance Center.
•Note that auto-apply labels require an Office 365 Enterprise E5 subscription.

4. Understanding Data Loss Prevention

Data Loss Prevention allows you to identify, monitor and protect sensitive information across the Office 365 platform. Data Loss Prevention offers three options as shown in the figure below.

To protect sensitive information and prevent its disclosure, the organization need to comply with several standards and industry regulations.
Examples of sensitive information are personally identifiable information (PII) like a medical record, social security information, etc.

As per a Microsoft Article Data Loss Prevention can do the following things:
• Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, and OneDrive for Business.
• Prevent any accidental sharing of sensitive information.
• Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
• Help users learn how to stay compliant without interrupting their workflow. View DLP reports showing content that matches your organization’s DLP policies.

5. Understanding Data Governance

Data governance is all about keeping your data around when you need it and getting rid of it when you don’t. With data governance in Office 365, you can manage the full content lifecycle, from importing and storing data at the beginning, to create policies that retain and then permanently delete content at the end. Data governance has five options as shown in the figure below.

Apart from this using Data governance, you can also import email from other systems, enables archive mailboxes or set policies for retaining email and other content within your organization as explained below.
• Import – Lets you import PST files to exchange mailboxes. You can then use the Intelligent Import feature to filter the items in PST files that get imported to the target mailboxes.
• Archive – Lets you archive mailboxes to provide additional email storage for your office associates. You can use enable or disable a user’s archive mailbox.
• Retention – Lets you create a policy to retain what you want and get rid of what you don’t. While your organization may be required to retain content for a period of time because of compliance, legal, or other business requirements, keeping content longer than required might create unnecessary legal risk.
• Supervision – Lets you define policies that capture email and 3rd-party communications in your organization so they can be examined by internal or external reviewers. Reviewers can then classify these communications, make sure they’re compliant with your organization’s policies, and escalate questionable material if necessary.

6. Understanding Threat Management

Threat management feature lets you protect your data. Following are some of the important functions of Threat Management.
• control and manage mobile device access to your organization’s data
• protect your organization from data loss
• protect inbound and outbound messages from malicious software and spam
• protect your domain’s reputation and to determine whether senders are maliciously spoofing accounts from your domain
Threat management offers two options as shown in the figure below.

The image below shows the options available in Office 365 for creating threat management policies:

7. Understanding Search & Investigation

Search & investigation lets you search through all the content of your organization. Everybody’s email, documents, Skype conversation history, everything really.
Some of the key things that can be done here are :
• Content Search : Lets you carry out a neatly ordered and automated version of the admin power-trip. You can search through all the content of your organization. Everybody’s email, documents, Skype conversation history, everything really.
• Audit Log Search : Lets you view all the actions in your Office 365 organization. Who accessed what, who shared what, which admin deleted that group. Every action is taken within Office 365 with a bunch of predefined result-filters.
• eDiscovery: Allows you to establish facts and prove something when you need it. Not only does it do the whole search of all the content, but also logs the actual search criteria so an investigator (read: non-it-admin, for instance, someone from the legal department) can not only produce the requested data, but also show how they acquired it. It also lets you delegate the searching for this data to a specific group of users (so legal can do it themselves without granting them uber-admin rights) and you can save the query so they can run it whenever they like (so no more ‘hey all that boring search-work you did for us last Friday, can you do that again, every Friday for the next 12 months or so?’).
· Productivity app discovery

8. Using Reports

Reports allow you to create a whole bunch of reports to help you understand how your organization is using Office 365. This includes reports related to auditing, device management, supervisory review, and data loss prevention. You can also view user activity reports such as sign-ins for SharePoint Online, Exchange Online, and Azure Active Directory.
Reports offer three sections as shown in the figure below.

9. Applying Service Assurance

Service assurance is used to access details of how Microsoft keeps Office 365 customer safe and meets industry compliance requirements. Following are few of the documents you can see here are:

• Microsoft security practices for customer data that is stored in Office 365.
• Independent third-party audit reports of Office 365.
• Implementation and testing details for security, privacy, and compliance controls that Office
365 uses to protect your data.
• You can also find out how Office 365 can help customers comply with standards, laws, and
regulations across industries, such as the:
• International Organization for Standardization (ISO) 27001 and 27018
• Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• Federal Risk and Authorization Management Program (FedRAMP)


Above are some of the key points to manage information in a secure way using Office 365. If you’d like to learn more on this topic or are keen to get answers to some specific queries, feel free to write to us at 
To check more on customized solutions for Office 365 do visit our website

Connect with me:
Blog: Twitter: