{"id":3817,"date":"2019-06-06T16:43:53","date_gmt":"2019-06-06T16:43:53","guid":{"rendered":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/blog\/?p=3817"},"modified":"2019-06-06T16:43:53","modified_gmt":"2019-06-06T16:43:53","slug":"office-365-topic-security-compliance-series-2","status":"publish","type":"post","link":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/office-365-topic-security-compliance-series-2\/","title":{"rendered":"Office 365 : Topic : Security & Compliance (Series 2)"},"content":{"rendered":"

Understanding different categories available to secure Office 365 services and data:<\/strong><\/p>\n

This section explains the different categories available to you to secure Office 365 services and data.<\/p>\n

1. Managing Alerts<\/strong><\/p>\n

You can access the alerts section from the LHS panel available in the Office Security & Compliance widget as shown in the figure below.<\/p>\n

\"\"<\/p>\n

Using Alerts an organization can configure and manage security alerts. A security admin can configure & manage alert policies. Alerts have the following options:<\/p>\n

\u2022\tManage Alerts
\n\u2022\tView Security Alerts
\n\u2022\tManage Advanced Alerts\u2003<\/p>\n

Security Alerts<\/strong><\/p>\n

Security Alerts can be configured to send out email notifications. You can also switch on Alerting with Advanced Security Management.<\/p>\n

Advanced Security Management<\/strong><\/p>\n

Advanced Security Management includes:
\n\u2022\tThreat detection: Helps you identify high-risk and abnormal usage, and security incidents.
\n\u2022\tEnhanced control: Shapes your Office 365 environment leveraging granular controls and security policies.
\n\u2022\tDiscovery and insights: Delivers enhanced visibility into your Office 365 usage and shadow IT without installing an endpoint agent.\u2003<\/p>\n

2. Managing Permissions <\/strong><\/p>\n

Using Permission, you can assign permissions to people in your organization to perform tasks in the Security & Compliance Center. The Permission section is shown in the figure below.<\/p>\n

\"\"<\/p>\n

While most permissions can be assigned with this feature, you’ll also need to use the Exchange admin center and SharePoint to set permissions for others.<\/p>\n

Permissions in the Security & Compliance Center are based on the same Role Based Access Control (RBAC) permissions model that is used in Exchange Online. To access the Security & Compliance Center, users need to be a member of one or more Compliance Center role groups that are listed on the Permissions page.<\/p>\n

The list shown in the figure below is of Security & Compliance Center role groups.<\/p>\n

\"\"<\/p>\n

3. Understanding Classification & Labels<\/strong><\/p>\n

Classifications let you classify data using labels. You can classify data across your organization for governance, and enforce retention rules based on that classification. Under Classifications, you have three options as shown in the figure below.<\/p>\n

\"\"<\/p>\n

Classifications can be used in different scenarios such as:<\/p>\n

\u2022\t Tax forms that need to be retained for a minimum period.
\n\u2022\t Press materials that need to be permanently deleted when they reach a certain age.
\n\u2022\tCompetitive research that needs to be both retained and then permanently deleted.
\n\u2022\tWork visas that must be marked as a record so that they can\u2019t be edited or deleted.<\/p>\n

Labels<\/strong><\/p>\n

Using Labels, you can perform the following tasks:
\n\u2022\tEnable people in your organization to apply a label manually for their content in Outlook on the web, Outlook 2010 and later, OneDrive, SharePoint, and Office 365 groups. Users often know best what type of content they\u2019re working with, so they can classify it and have the appropriate policy applied.
\n\u2022\tApply labels to content automatically if it matches specific conditions, such as when the content contains:
\n\u2022\tApply labels to specific types of sensitive information. This is available for content in SharePoint and OneDrive.
\n\u2022\tApply Specific keywords that match a query you create. This is available for content in Exchange, SharePoint, OneDrive, and Office 365 groups.<\/p>\n

This ability to apply labels automatically to the content is important because:
\n\u2022\t Users need not be trained on all your classifications.
\n\u2022\t No dependence on users to classify all content correctly. Users no longer need to know about data governance policies \u2013 they can instead focus on their work.
\n\u2022\t Apply a default label to a document library in SharePoint and Office 365 group sites, so that all documents in that library get the default label.
\n\u2022\tImplement records management across Office 365, including both email and documents. You can use a label to classify content as a record. When this happens, the label can\u2019t be changed or removed, and the content can\u2019t be edited or deleted.
\n\u2022\tCreate and manage labels on the Labels page in the Office 365 Security & Compliance Center.
\n\u2022Note that auto-apply labels require an Office 365 Enterprise E5 subscription.
\n\u2003<\/p>\n

4. Understanding Data Loss Prevention<\/strong><\/p>\n

Data Loss Prevention allows you to identify, monitor and protect sensitive information across the Office 365 platform. Data Loss Prevention offers three options as shown in the figure below.
\n\"\"<\/p>\n

To protect sensitive information and prevent its disclosure, the organization need to comply with several standards and industry regulations.
\nExamples of sensitive information are personally identifiable information (PII) like a medical record, social security information, etc.\u2003<\/p>\n

As per a Microsoft Article Data Loss Prevention can do the following things:
\n\u2022\tIdentify sensitive information across many locations, such as Exchange Online, SharePoint Online, and OneDrive for Business.
\n\u2022\tPrevent any accidental sharing of sensitive information.
\n\u2022\tMonitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.
\n\u2022\tHelp users learn how to stay compliant without interrupting their workflow.View DLP reports showing content that matches your organization\u2019s DLP policies.\u2003<\/p>\n

5. Understanding Data Governance <\/strong><\/p>\n

Data governance is all about keeping your data around when you need it and getting rid of it when you don’t. With data governance in Office 365, you can manage the full content lifecycle, from importing and storing data at the beginning, to create policies that retain and then permanently delete content at the end. Data governance has five options as shown in the figure below.<\/p>\n

\"\"<\/p>\n

Apart from this using Data governance, you can also import email from other systems, enables archive mailboxes or set policies for retaining email and other content within your organization as explained below.
\n\u2022\t Import<\/em> – Lets you import PST files to exchange mailboxes. You can then use the Intelligent Import feature to filter the items in PST files that get imported to the target mailboxes.
\n\u2022\t Archive<\/em> – Lets you archive mailboxes to provide additional email storage for your office associates. You can use enable or disable a user’s archive mailbox.
\n\u2022\tRetention<\/em> – Lets you create a policy to retain what you want and get rid of what you don’t. While your organization may be required to retain content for a period of time because of compliance, legal, or other business requirements, keeping content longer than required might create unnecessary legal risk.
\n\u2022\tSupervision<\/em> – Lets you define policies that capture email and 3rd-party communications in your organization so they can be examined by internal or external reviewers. Reviewers can then classify these communications, make sure they’re compliant with your organization’s policies, and escalate questionable material if necessary. \u2003<\/p>\n

6. Understanding Threat Management <\/strong><\/p>\n

Threat management feature lets you protect your data. Following are some of the important functions of Threat Management.
\n\u2022\tcontrol and manage mobile device access to your organization’s data
\n\u2022\tprotect your organization from data loss
\n\u2022\tprotect inbound and outbound messages from malicious software and spam
\n\u2022\tprotect your domain’s reputation and to determine whether senders are maliciously spoofing accounts from your domain
\nThreat management offers two options as shown in the figure below.<\/p>\n

\"\"<\/p>\n

The image below shows the options available in Office 365 for creating threat management policies:<\/p>\n

\"\"<\/p>\n

7. Understanding Search & Investigation <\/strong><\/p>\n

Search & investigation lets you search through all the content of your organization. Everybody’s email, documents, Skype conversation history, everything really.
\nSome of the key things that can be done here are :
\n\u2022\tContent Search : Lets you carry out a neatly ordered and automated version of the admin power-trip. You can search through all the content of your organization. Everybody’s email, documents, Skype conversation history, everything really.
\n\u2022\tAudit Log Search : Lets you view all the actions in your Office 365 organization. Who accessed what, who shared what, which admin deleted that group. Every action is taken within Office 365 with a bunch of predefined result-filters.
\n\u2022\teDiscovery: Allows you to establish facts and prove something when you need it. Not only does it do the whole search of all the content, but also logs the actual search criteria so an investigator (read: non-it-admin, for instance, someone from the legal department) can not only produce the requested data, but also show how they acquired it. It also lets you delegate the searching for this data to a specific group of users (so legal can do it themselves without granting them uber-admin rights) and you can save the query so they can run it whenever they like (so no more ‘hey all that boring search-work you did for us last Friday, can you do that again, every Friday for the next 12 months or so?’).
\n\u00b7 Productivity app discovery
\n\u2003
\n8. Using Reports<\/strong><\/p>\n

Reports allow you to create a whole bunch of reports to help you understand how your organization is using Office 365. This includes reports related to auditing, device management, supervisory review, and data loss prevention. You can also view user activity reports such as sign-ins for SharePoint Online, Exchange Online, and Azure Active Directory.
\nReports offer three sections as shown in the figure below.<\/p>\n

\"\"<\/p>\n

9. Applying Service Assurance<\/strong><\/p>\n

Service assurance is used to access details of how Microsoft keeps Office 365 customer safe and meets industry compliance requirements. Following are few of the documents you can see here are:<\/p>\n

\u2022 Microsoft security practices for customer data that is stored in Office 365.
\n\u2022 Independent third-party audit reports of Office 365.
\n\u2022 Implementation and testing details for security, privacy, and compliance controls that Office
\n 365 uses to protect your data.
\n\u2022 You can also find out how Office 365 can help customers comply with standards, laws, and
\n regulations across industries, such as the:
\n\u2022 International Organization for Standardization (ISO) 27001 and 27018
\n\u2022 Health Insurance Portability and Accountability Act of 1996 (HIPAA)
\n\u2022 Federal Risk and Authorization Management Program (FedRAMP)<\/p>\n

Conclusion<\/strong><\/p>\n

Above are some of the key points to manage information in a secure way using Office 365. If you\u2019d like to learn more on this topic or are keen to get answers to some specific queries, feel free to write to us at emailid@domainname. To check more on customized solutions for Office 365 do visit our website https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Understanding different categories available to secure Office 365 services and data: This section explains the different categories available to you to secure Office 365 services and data. 1. Managing Alerts You can access the alerts section from the LHS panel available in the Office Security & Compliance widget as shown in the figure below. Using […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[78],"tags":[],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/posts\/3817"}],"collection":[{"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/comments?post=3817"}],"version-history":[{"count":0,"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/posts\/3817\/revisions"}],"wp:attachment":[{"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/media?parent=3817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/categories?post=3817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teamwp.mydevfactory.com\/abhisek-saha\/aqltech\/wp-json\/wp\/v2\/tags?post=3817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}