SlideShare a Scribd company logo

Intro to Office 365 Security & Compliance Center

Download as PPTX, PDF
Craig Jahnke
Craig Jahnke

This is a session I gave at SharePoint Saturday Atlanta --> The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365. Microsoft has been adding many new features and services for those companies that have data protection or compliance needs, or want to audit user activity in their organization. Come to my session to learn how to get started with Security & Compliance Center, and find out you can better manage and secure you data.

1 of 35
Click to edit Master text styles Intro to the Office 365 Security & Compliance Center By Craig Jahnke
About • Craig Jahnke – Strategic Advisor at AvePoint, Inc. • Working with SharePoint for last 8 years • M.S. in Information Systems • Organize SPS Chicago Suburbs and Cloud Saturday Chicago • www.craigjahnke.com • @TechJahnke on Twitter
Thank Our Sponsors…
Thank Our Sponsors…
Thank Our Sponsors…
Thank Our Sponsors… Attendee Shirts
Reinventing Productivity Borrowed from Michael Richards Ingite Australia Presentation
Electronic Data Is Exploding Borrowed from Karissa Larson’s Ingite Presentation
Attack Risks Borrowed from Karissa Larson’s Ingite Presentation
Agenda • The Security & Compliance Center • Alerts • Permissions • Threat Management • Data Governance • Search & Investigation • Reports • Service Assurance • PowerShell for the Security & Compliance Center
Security & Compliance Center • The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365 • https://protection.office.com/#/homepage
Security & Compliance Matrix https://technet.microsoft.com/en-us/library/dn933793.aspx
Alerts • View and manage alerts for your Office 365 organization, including Advanced Security Management alerts. • How alert Policies work: 1. An admin in your organization creates, configures, and turns on an alert policy by using the Alert policies page in the Security & Compliance Center. 2. A user performs an activity that matches the conditions of an alert policy. 3. Office 365 generates an alert that's displayed on the View alerts page in the Security & Compliance Center. Also, if email notifications are enabled for the alert policy, Office 365 sends an notification to a list recipients. 4. An admin manages alerts in the Security & Compliance Center. Managing alerts consists of assigning an alert status to help track and manage any investigation.
Click to edit Master text styles DEMO
Permissions • Grant permissions to people who perform compliance tasks like device management, data loss prevention, eDiscovery, and retention • Relationship of members, roles, and role groups • A role grants permissions to do a set of tasks; for example, the Case Management role lets people work with eDiscovery cases. • A role group is a set of roles that lets people perform their job across the Security & Compliance Center; for example, the Compliance Administrator role group includes the roles for Case Management, Content Search, and Organization Configuration (plus others) because someone who’s a compliance admin will need the permissions for those tasks to do their job. • The Security & Compliance Center includes default role groups for the most common tasks and functions that you’ll need to assign people to. It is recommended to add people as members to the default role groups • You can edit or delete the existing role groups, but don’t!!! Instead of editing a default role group, you can copy it, modify it, and then save it with a different name. Project Costs
Click to edit Master text styles DEMO
Data Loss Prevention • A DLP policy helps you identify, monitor, and automatically protect sensitive information that’s subject to common industry regulations. • You choose what types of sensitive information to protect, and what actions to take when content containing such sensitive information is detected. • A DLP policy can notify the compliance officer by sending an incident report, notify the user with a policy tip on the site, and optionally block access to the document for everyone but the site owner, content owner, and whoever last modified the document. • Finally, the policy tip has an option to override the blocking action, so that people can continue to work with documents if they have a business justification or need to report a false positive.
Click to edit Master text styles DEMO
Data Governance • Allows for the import email from other systems, enables archive mailboxes or set policies for retaining email and other content within your organization • Import - Import PST files to Exchange mailboxes then you can use the Intelligent Import feature to filter the items in PST files that actually get imported to the target mailboxes. • Archive - Enable or disable a user's archive mailbox, which provide users with an alternate storage location for historical messaging data. • Retention - Manage the lifecycle of email and documents by keeping the content you need and removing content after it’s no longer required. While your organization may be required to retain content for a period of time because of compliance, legal, or other business requirements, keeping content longer than required might create unnecessary legal risk. • Supervision - Define supervision policies that capture email and 3rd-party communications in your organization so they can be examined by internal or external reviewers.
Click to edit Master text styles DEMO
Threat Management • Manage mobile devices and set up data loss prevention for your organization. • Help protect inbound and outbound messages from malicious software and spam. • Manage which apps have access to Office 365 • Use Threat management to help control and manage mobile device access to your organization's data, help protect your organization from data loss, and help protect inbound and outbound messages from malicious software and spam. • Use threat management to protect your domain's reputation and to determine whether or not senders are maliciously spoofing accounts from your domain.
Click to edit Master text styles DEMO
• Dashboard, Threat explorer, and Incidents - Once enabled, these panes allow you to manage Office 365 Analytics and threat intelligence. • Mail filtering - Fine-tune and monitor settings that help prevent spam in Office 365. • Anti-malware - Protects against viruses and spyware traveling to or from your organization in Office 365. Viruses are malicious software programs that, when executed, replicate themselves and modify other programs and data on the computer. • DKIM – Domain Keys Identified Mail (DKIM) helps ensure that other email systems trust messages that you send from Office 365. It does this by adding a unique digital signature to email messages that you send from your organization. Email systems that receive email from you can use this digital signature to help determine if the email is legitimate. *** • Safe attachments - Safe attachments is part of Advanced Threat Protection. When enabled, email attachments are opened in a special, isolated environment that is separate from Office 365 before they are sent to recipient inboxes. Safe attachments is designed to help detect malicious attachments even before anti-virus signatures are available. • Safe links - Safe links is part of Advanced Threat Protection. Safe links help prevent users from following links in email or in Office documents that point to web sites that are recognized as malicious. • Quarantine - Set up Quarantine for incoming email messages in Office 365 where messages that have been filtered as spam, bulk, phishing, and malware mail can be kept for later review. Both users and admins can work with quarantined messages. Users can work with just their own filtered messages in quarantine. Admins can search for and manage quarantined messages for all users. • Advanced threats - View the threat protection status report to see information about the malicious content found and blocked by Exchange Online Protection and Advanced Threat Protection. Threat Management
Click to edit Master text styles DEMO
Search & Investigation • Search for content and review user activity. Use eDiscovery to manage cases and set up supervisory review policies to help you capture communication for review • Use the search and investigation features in the Office 365 Security & Compliance Center to quickly find content in mailboxes and documents or search audit logs for various types of user and admin activity. • You can also create eDiscovery cases to manage a group of users who may be involved in a legal investigation. • The best part of Search & investigation is you can find all content and user activity—whether it’s in Exchange Online, SharePoint Online, or OneDrive for Business—providing you with unified protection for your Office 365 organization.
Click to edit Master text styles DEMO
• Use a variety of reports to help you understand how your organization is using Office 365, including reports related to auditing, device management, Supervisory review, and data loss prevention. View user activity reports such as sign-ins for SharePoint Online, Exchange Online, and Azure Active Directory • Use the View reports page to quickly access audit reports for your SharePoint Online and Exchange Online organizations. • You can also access Azure Active Directory (AD) user sign-in reports, user activity reports, and the Azure AD audit log from the View reports page. • This is because your paid Office 365 subscription includes a free subscription to Microsoft Azure. The first time that you try to access these Azure reports, you will have to complete a one-time registration process. Reports
Click to edit Master text styles DEMO
Service Assurance • View details about how Microsoft keeps Office 365 customer data safe, and how Office 365 helps customers meet industry compliance requirements. • Use Service Assurance to access documents that describe a variety of topics, including: • Microsoft security practices for customer data that is stored in Office 365. • Independent third-party audit reports of Office 365. • Implementation and testing details for security, privacy, and compliance controls that Office 365 uses to protect your data. • Office 365 can help customers comply with standards, laws, and regulations across industries, such as the: • International Organization for Standardization (ISO) 27001 and 27018 • Health Insurance Portability and Accountability Act of 1996 (HIPAA) • Federal Risk and Authorization Management Program (FedRAMP)
Click to edit Master text styles DEMO
• Remote PowerShell allows you to manage your Office 365 Security & Compliance Center settings from the command line. • You use Windows PowerShell on your local computer to create a remote PowerShell session to the Security & Compliance Center. • It’s a simple three-step process where 1. Enter your Office 365 credentials. 2. Provide the required connection settings. 3. Then import the Security & Compliance Center cmdlets into your local Windows PowerShell session so that you can use them. • https://technet.microsoft.com/library/mt587092(v=exchg.160).aspx PowerShell
Click to edit Master text styles DEMO
• Remote Login • Set-ExecutionPolicy RemoteSigned • $UserCredential = Get-Credential • $Session = New-PSSession -ConfigurationName Microsoft.Exchange - ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ - Credential $UserCredential -Authentication Basic -AllowRedirection • Import-PSSession $Session • Run Security & Compliance cmdlet • Get-ActivityAlert | Format-List Disabled,Name,Description,Operation,UserId,NotifyUser • Close Session • Remove-PSSession $Session PowerShell Example
Questions
Thank Our Sponsors… Join us for SharePint! • Immediately after the event! • Dave & Busters 2215 D and B Drive SE Marietta, GA 30067

Recommended

Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
David J Rosenthal
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
Abdul Manaf Vellakodath
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
CollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedCollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystified
Albert Hoitingh
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
Alistair Pugin
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
Drew Madelung
 

Recommended

Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
David J Rosenthal
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
Abdul Manaf Vellakodath
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
David J Rosenthal
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
CollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedCollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystified
Albert Hoitingh
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
Alistair Pugin
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
David J Rosenthal
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
Drew Madelung
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
Andrew Bettany
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
Eryk Budi Pratama
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
Vignesh Ganesan I Microsoft MVP
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
Quadrisk
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
Rahul Khengare
 
IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365
Joanne Klein
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
Ariel Martin Beliera
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
Drew Madelung
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
Drew Madelung
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)
Robert Crane
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
Arrow ECS UK
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
AntonioMaio2
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know Webinar
Robert Crane
 

More Related Content

What's hot

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
Andrew Bettany
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
Eryk Budi Pratama
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
Vignesh Ganesan I Microsoft MVP
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
Quadrisk
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
Rahul Khengare
 
IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365
Joanne Klein
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
Ariel Martin Beliera
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
Drew Madelung
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
David J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
Drew Madelung
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)
Robert Crane
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
Arrow ECS UK
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Eryk Budi Pratama
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 

What's hot (20)

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
 
Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1Security and compliance in Office 365 -Part 1
Security and compliance in Office 365 -Part 1
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
Container Security Using Microsoft Defender
Container Security Using Microsoft DefenderContainer Security Using Microsoft Defender
Container Security Using Microsoft Defender
 
IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365IRMS UG Principles of Retention in Microsoft 365
IRMS UG Principles of Retention in Microsoft 365
 
Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?What is a secure enterprise architecture roadmap?
What is a secure enterprise architecture roadmap?
 

Similar to Intro to Office 365 Security & Compliance Center

Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
AntonioMaio2
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know Webinar
Robert Crane
 
SC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance SolutionsSC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance Solutions
FredBrandonAuthorMCP
 
HSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceHSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data Governance
David Broussard
 
Office 365 Archiving Comparison to Dropsuite
Office 365 Archiving Comparison to DropsuiteOffice 365 Archiving Comparison to Dropsuite
Office 365 Archiving Comparison to Dropsuite
Dropsuite
 
SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365
David Broussard
 
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and ContrastManaging SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Christian Buckley
 
Data governance in Office 365
Data governance in Office 365Data governance in Office 365
Data governance in Office 365
CloudFronts Technologies LLP.
 
Data Loss Prevention in O365
Data Loss Prevention in O365Data Loss Prevention in O365
Data Loss Prevention in O365
Don Daubert
 
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Christian Buckley
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
Create a Compliance Strategy for Office 365
Create a Compliance Strategy for Office 365Create a Compliance Strategy for Office 365
Create a Compliance Strategy for Office 365
Erica Toelle
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
run_frictionless
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Chirag Patel
 
Governance - O365 How It's Affected & Where Do I Start
Governance - O365 How It's Affected & Where Do I StartGovernance - O365 How It's Affected & Where Do I Start
Governance - O365 How It's Affected & Where Do I Start
Stacy Deere
 
Office365 Governance Is Changing!!
Office365 Governance Is Changing!!Office365 Governance Is Changing!!
Office365 Governance Is Changing!!
Stacy Deere
 
Understanding and Tracking Office 365 Usage and Adoption
Understanding and Tracking Office 365 Usage and AdoptionUnderstanding and Tracking Office 365 Usage and Adoption
Understanding and Tracking Office 365 Usage and Adoption
Toni Frankola
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
Miguel Isidoro
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
Ajay Iyer
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
David Blumentals
 

Similar to Intro to Office 365 Security & Compliance Center (20)

Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know Webinar
 
SC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance SolutionsSC-900 Capabilities of Microsoft Compliance Solutions
SC-900 Capabilities of Microsoft Compliance Solutions
 
HSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data GovernanceHSPUG presentation - Advanced Data Governance
HSPUG presentation - Advanced Data Governance
 
Office 365 Archiving Comparison to Dropsuite
Office 365 Archiving Comparison to DropsuiteOffice 365 Archiving Comparison to Dropsuite
Office 365 Archiving Comparison to Dropsuite
 
SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365
 
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and ContrastManaging SharePoint On-Premises vs. Online -- Compare and Contrast
Managing SharePoint On-Premises vs. Online -- Compare and Contrast
 
Data governance in Office 365
Data governance in Office 365Data governance in Office 365
Data governance in Office 365
 
Data Loss Prevention in O365
Data Loss Prevention in O365Data Loss Prevention in O365
Data Loss Prevention in O365
 
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
Security, Administration & Governance for SharePoint On-Prem, Online, & Every...
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
 
Create a Compliance Strategy for Office 365
Create a Compliance Strategy for Office 365Create a Compliance Strategy for Office 365
Create a Compliance Strategy for Office 365
 
Security and Compliance
Security and ComplianceSecurity and Compliance
Security and Compliance
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023
 
Governance - O365 How It's Affected & Where Do I Start
Governance - O365 How It's Affected & Where Do I StartGovernance - O365 How It's Affected & Where Do I Start
Governance - O365 How It's Affected & Where Do I Start
 
Office365 Governance Is Changing!!
Office365 Governance Is Changing!!Office365 Governance Is Changing!!
Office365 Governance Is Changing!!
 
Understanding and Tracking Office 365 Usage and Adoption
Understanding and Tracking Office 365 Usage and AdoptionUnderstanding and Tracking Office 365 Usage and Adoption
Understanding and Tracking Office 365 Usage and Adoption
 
Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365Intelligent Security, Compliance and Privacy in Office 365
Intelligent Security, Compliance and Privacy in Office 365
 
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
St. Louis SharePoint User Group - Security and Compliance in O365 for SharePo...
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
 

Recently uploaded

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 

Recently uploaded (20)

“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 

Intro to Office 365 Security & Compliance Center

  • 1. Click to edit Master text styles Intro to the Office 365 Security & Compliance Center By Craig Jahnke
  • 2. About • Craig Jahnke – Strategic Advisor at AvePoint, Inc. • Working with SharePoint for last 8 years • M.S. in Information Systems • Organize SPS Chicago Suburbs and Cloud Saturday Chicago • www.craigjahnke.com • @TechJahnke on Twitter
  • 7. Reinventing Productivity Borrowed from Michael Richards Ingite Australia Presentation
  • 8. Electronic Data Is Exploding Borrowed from Karissa Larson’s Ingite Presentation
  • 9. Attack Risks Borrowed from Karissa Larson’s Ingite Presentation
  • 10. Agenda • The Security & Compliance Center • Alerts • Permissions • Threat Management • Data Governance • Search & Investigation • Reports • Service Assurance • PowerShell for the Security & Compliance Center
  • 11. Security & Compliance Center • The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365 • https://protection.office.com/#/homepage
  • 12. Security & Compliance Matrix https://technet.microsoft.com/en-us/library/dn933793.aspx
  • 13. Alerts • View and manage alerts for your Office 365 organization, including Advanced Security Management alerts. • How alert Policies work: 1. An admin in your organization creates, configures, and turns on an alert policy by using the Alert policies page in the Security & Compliance Center. 2. A user performs an activity that matches the conditions of an alert policy. 3. Office 365 generates an alert that's displayed on the View alerts page in the Security & Compliance Center. Also, if email notifications are enabled for the alert policy, Office 365 sends an notification to a list recipients. 4. An admin manages alerts in the Security & Compliance Center. Managing alerts consists of assigning an alert status to help track and manage any investigation.
  • 14. Click to edit Master text styles DEMO
  • 15. Permissions • Grant permissions to people who perform compliance tasks like device management, data loss prevention, eDiscovery, and retention • Relationship of members, roles, and role groups • A role grants permissions to do a set of tasks; for example, the Case Management role lets people work with eDiscovery cases. • A role group is a set of roles that lets people perform their job across the Security & Compliance Center; for example, the Compliance Administrator role group includes the roles for Case Management, Content Search, and Organization Configuration (plus others) because someone who’s a compliance admin will need the permissions for those tasks to do their job. • The Security & Compliance Center includes default role groups for the most common tasks and functions that you’ll need to assign people to. It is recommended to add people as members to the default role groups • You can edit or delete the existing role groups, but don’t!!! Instead of editing a default role group, you can copy it, modify it, and then save it with a different name. Project Costs
  • 16. Click to edit Master text styles DEMO
  • 17. Data Loss Prevention • A DLP policy helps you identify, monitor, and automatically protect sensitive information that’s subject to common industry regulations. • You choose what types of sensitive information to protect, and what actions to take when content containing such sensitive information is detected. • A DLP policy can notify the compliance officer by sending an incident report, notify the user with a policy tip on the site, and optionally block access to the document for everyone but the site owner, content owner, and whoever last modified the document. • Finally, the policy tip has an option to override the blocking action, so that people can continue to work with documents if they have a business justification or need to report a false positive.
  • 18. Click to edit Master text styles DEMO
  • 19. Data Governance • Allows for the import email from other systems, enables archive mailboxes or set policies for retaining email and other content within your organization • Import - Import PST files to Exchange mailboxes then you can use the Intelligent Import feature to filter the items in PST files that actually get imported to the target mailboxes. • Archive - Enable or disable a user's archive mailbox, which provide users with an alternate storage location for historical messaging data. • Retention - Manage the lifecycle of email and documents by keeping the content you need and removing content after it’s no longer required. While your organization may be required to retain content for a period of time because of compliance, legal, or other business requirements, keeping content longer than required might create unnecessary legal risk. • Supervision - Define supervision policies that capture email and 3rd-party communications in your organization so they can be examined by internal or external reviewers.
  • 20. Click to edit Master text styles DEMO
  • 21. Threat Management • Manage mobile devices and set up data loss prevention for your organization. • Help protect inbound and outbound messages from malicious software and spam. • Manage which apps have access to Office 365 • Use Threat management to help control and manage mobile device access to your organization's data, help protect your organization from data loss, and help protect inbound and outbound messages from malicious software and spam. • Use threat management to protect your domain's reputation and to determine whether or not senders are maliciously spoofing accounts from your domain.
  • 22. Click to edit Master text styles DEMO
  • 23. • Dashboard, Threat explorer, and Incidents - Once enabled, these panes allow you to manage Office 365 Analytics and threat intelligence. • Mail filtering - Fine-tune and monitor settings that help prevent spam in Office 365. • Anti-malware - Protects against viruses and spyware traveling to or from your organization in Office 365. Viruses are malicious software programs that, when executed, replicate themselves and modify other programs and data on the computer. • DKIM – Domain Keys Identified Mail (DKIM) helps ensure that other email systems trust messages that you send from Office 365. It does this by adding a unique digital signature to email messages that you send from your organization. Email systems that receive email from you can use this digital signature to help determine if the email is legitimate. *** • Safe attachments - Safe attachments is part of Advanced Threat Protection. When enabled, email attachments are opened in a special, isolated environment that is separate from Office 365 before they are sent to recipient inboxes. Safe attachments is designed to help detect malicious attachments even before anti-virus signatures are available. • Safe links - Safe links is part of Advanced Threat Protection. Safe links help prevent users from following links in email or in Office documents that point to web sites that are recognized as malicious. • Quarantine - Set up Quarantine for incoming email messages in Office 365 where messages that have been filtered as spam, bulk, phishing, and malware mail can be kept for later review. Both users and admins can work with quarantined messages. Users can work with just their own filtered messages in quarantine. Admins can search for and manage quarantined messages for all users. • Advanced threats - View the threat protection status report to see information about the malicious content found and blocked by Exchange Online Protection and Advanced Threat Protection. Threat Management
  • 24. Click to edit Master text styles DEMO
  • 25. Search & Investigation • Search for content and review user activity. Use eDiscovery to manage cases and set up supervisory review policies to help you capture communication for review • Use the search and investigation features in the Office 365 Security & Compliance Center to quickly find content in mailboxes and documents or search audit logs for various types of user and admin activity. • You can also create eDiscovery cases to manage a group of users who may be involved in a legal investigation. • The best part of Search & investigation is you can find all content and user activity—whether it’s in Exchange Online, SharePoint Online, or OneDrive for Business—providing you with unified protection for your Office 365 organization.
  • 26. Click to edit Master text styles DEMO
  • 27. • Use a variety of reports to help you understand how your organization is using Office 365, including reports related to auditing, device management, Supervisory review, and data loss prevention. View user activity reports such as sign-ins for SharePoint Online, Exchange Online, and Azure Active Directory • Use the View reports page to quickly access audit reports for your SharePoint Online and Exchange Online organizations. • You can also access Azure Active Directory (AD) user sign-in reports, user activity reports, and the Azure AD audit log from the View reports page. • This is because your paid Office 365 subscription includes a free subscription to Microsoft Azure. The first time that you try to access these Azure reports, you will have to complete a one-time registration process. Reports
  • 28. Click to edit Master text styles DEMO
  • 29. Service Assurance • View details about how Microsoft keeps Office 365 customer data safe, and how Office 365 helps customers meet industry compliance requirements. • Use Service Assurance to access documents that describe a variety of topics, including: • Microsoft security practices for customer data that is stored in Office 365. • Independent third-party audit reports of Office 365. • Implementation and testing details for security, privacy, and compliance controls that Office 365 uses to protect your data. • Office 365 can help customers comply with standards, laws, and regulations across industries, such as the: • International Organization for Standardization (ISO) 27001 and 27018 • Health Insurance Portability and Accountability Act of 1996 (HIPAA) • Federal Risk and Authorization Management Program (FedRAMP)
  • 30. Click to edit Master text styles DEMO
  • 31. • Remote PowerShell allows you to manage your Office 365 Security & Compliance Center settings from the command line. • You use Windows PowerShell on your local computer to create a remote PowerShell session to the Security & Compliance Center. • It’s a simple three-step process where 1. Enter your Office 365 credentials. 2. Provide the required connection settings. 3. Then import the Security & Compliance Center cmdlets into your local Windows PowerShell session so that you can use them. • https://technet.microsoft.com/library/mt587092(v=exchg.160).aspx PowerShell
  • 32. Click to edit Master text styles DEMO
  • 33. • Remote Login • Set-ExecutionPolicy RemoteSigned • $UserCredential = Get-Credential • $Session = New-PSSession -ConfigurationName Microsoft.Exchange - ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ - Credential $UserCredential -Authentication Basic -AllowRedirection • Import-PSSession $Session • Run Security & Compliance cmdlet • Get-ActivityAlert | Format-List Disabled,Name,Description,Operation,UserId,NotifyUser • Close Session • Remove-PSSession $Session PowerShell Example
  • 35. Thank Our Sponsors… Join us for SharePint! • Immediately after the event! • Dave & Busters 2215 D and B Drive SE Marietta, GA 30067