Close

BLOGS

Office 365 Security and Compliance - An Overview

In this article we are going to discuss about the following areas of Office 365 Security and Compliance at high level.

  1. Overview
  2. Alerts
  3. Permissions
  4. Data Loss Prevention
  5. Threat Management
  6. Data Governance
  7. Search & Investigation
  8. Reports
  9. Service Assurance
  10. PowerShell for the Security & Compliance Center

 

Overview:

The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365 https://protection.office.com/#/homepage

 

Alerts:

View and manage alerts for your Office 365 organization, including Advanced Security Management alerts. How alert Policies work:

  • - An admin in your organization creates, configures, and turns on an alert policy by using the Alertpolicies page in the Security &  Compliance Center.
  • - A user performs an activity that matches theconditions of an alert policy.
  • - Office 365 generates an alert that's displayed on the View alerts page in the Security & ComplianceCenter. Also, if email notifications are enabled for thealert policy, Office 365 sends an notification to a listrecipients.
  • - An admin manages alerts in the Security &Compliance Center. Managing alerts consists of assigning an alert status to help track and manageany investigation.

 

Permissions:

  • - Grant permissions to people who perform compliance tasks likedevice management, data loss prevention, eDiscovery, andretention.
  • - Relationship of members, roles, and role groups
  • - A role grants permissions to do a set of tasks; for example,the Case Management role lets people work witheDiscovery cases.
  • - A role group is a set of roles that lets people perform their job across the Security & Compliance Center; for example,Project Costs the Compliance Administrator role group includes the rolesfor Case Management, Content Search, and Organization Configuration (plus others) because someone who’s acompliance admin will need the permissions for those tasksto do their job.
  • - The Security & Compliance Center includes default rolegroups for the most common tasks and functions that you’llneed to assign people to. It is recommended to add peopleas members to the default role groups

 

Data Loss Prevention:

  • - A DLP policy helps you identify, monitor, and automatically protect sensitive information that’s subject to common industry regulations.
  • - You choose what types of sensitive information to protect, and what actions to takewhen content containing such sensitive information is detected.
  • - A DLP policy can notify the compliance officer by sending an incident report, notify theuser with a policy tip on the site, and optionally block access to the document foreveryone but the site owner, content owner, and whoever last modified the document.
  • - Finally, the policy tip has an option to override the blocking action, so that people cancontinue to work with documents if they have a business justification or need to reporta false positive.

 

 

Data Governance:

  • - Allows for the import email from other systems, enables archive mailboxes or set policies forretaining email and other content within your organization
  • - Import - Import PST files to Exchange mailboxes then you can use the Intelligent Import feature to  filter the items in PST files that actually get imported to the target mailboxes.
  • - Archive - Enable or disable a user's archive mailbox, which provide users with an alternate storage  location for historical messaging data.
  • - Retention - Manage the lifecycle of email and documents by keeping the content you need and  removing content after it’s no longer required. While your organization may be required to retain  content for a period of time because of compliance, legal, or other business requirements, keeping  content longer than required might create unnecessary legal risk.
  • - Supervision - Define supervision policies that capture email and 3rd-party communications in your  organization so they can be examined by internal or external reviewers.

 

 

Threat Management:

  • - Manage mobile devices and set up data loss prevention for your organization.
  • - Help protect inbound and outbound messages from malicious software and spam.
  • - Manage which apps have access to Office 365
  • - Use Threat management to help control and manage mobile device access to yourorganization's data, help protect your organization from data loss, and helpprotect inbound and outbound messages from malicious software and spam.
  • - Use threat management to protect your domain's reputation and to determine whether or not senders are maliciously spoofing accounts from your domain.

 

Dashboard, Threat explorer, and Incidents - Once enabled, these panes allow you to manage Office 365 Analytics and threat intelligence.

Mail filtering - Fine-tune and monitor settings that help prevent spam in Office 365.

Anti-malware - Protects against viruses and spyware traveling to or from your organization in Office 365. Viruses are malicious software  programs that, when executed, replicate themselves and modify other programs and data on the computer.

DKIM – Domain Keys Identified Mail (DKIM) helps ensure that other email systems trust messages that you send from Office 365. It does this  by adding a unique digital signature to email messages that you send from your organization. Email systems that receive email from you can  use this digital signature to help determine if the email is legitimate. ***

Safe attachments - Safe attachments is part of Advanced Threat Protection. When enabled, email attachments are opened in a special,  isolated environment that is separate from Office 365 before they are sent to recipient inboxes. Safe attachments is designed to help detect  malicious attachments even before anti-virus signatures are available.

Safe links - Safe links is part of Advanced Threat Protection. Safe links help prevent users from following links in email or in Office documents  that point to web sites that are recognized as malicious.

Quarantine - Set up Quarantine for incoming email messages in Office 365 where messages that have been filtered as spam, bulk, phishing,  and malware mail can be kept for later review. Both users and admins can work with quarantined messages. Users can work with just their  own filtered messages in quarantine. Admins can search for and manage quarantined messages for all users.

Advanced threats - View the threat protection status report to see information about the malicious content found and blocked by Exchange  Online Protection and Advanced Threat Protection.

 

Search & Investigation:

  • - Search for content and review user activity. Use eDiscovery to manage cases and set up supervisory review policies to help you capture communication for review
  • - Use the search and investigation features in the Office 365 Security & ComplianceCenter to quickly find content in mailboxes and documents or search audit logs forvarious types of user and admin activity.
  • - You can also create eDiscovery cases to manage a group of users who may beinvolved in a legal investigation.
  • - The best part of Search & investigation is you can find all content and useractivity—whether it’s in Exchange Online, SharePoint Online, or OneDrive forBusiness—providing you with unified protection for your Office 365 organization.

 

Reports:

  • - Use a variety of reports to help you understand how your organization is usingOffice 365, including reports related to auditing, device management, Supervisoryreview, and data loss prevention. View user activity reports such as sign-ins forSharePoint Online, Exchange Online, and Azure Active Directory
  • - Use the View reports page to quickly access audit reports for your SharePoint Online and Exchange Online organizations.
  • - You can also access Azure Active Directory (AD) user sign-in reports, user activityreports, and the Azure AD audit log from the View reports page.
  • - This is because your paid Office 365 subscription includes a free subscription toMicrosoft Azure. The first time that you try to access these Azure reports, you willhave to complete a one-time registration process.

 

Service Assurance:

  • - View details about how Microsoft keeps Office 365 customer data safe, and how Office 365 helps customers meet industry compliance requirements.
  • - Use Service Assurance to access documents that describe a variety of topics, including:
  • - Microsoft security practices for customer data that is stored in Office 365.
  • - Independent third-party audit reports of Office 365.
  • - Implementation and testing details for security, privacy, and compliance controls that Office 365 uses to protect your data.

Office 365 can help customers comply with standards, laws, and regulations across  industries, such as the:

  • - International Organization for Standardization (ISO) 27001 and 27018
  • - Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • - Federal Risk and Authorization Management Program (FedRAMP)

PowerShell:

  • - Remote PowerShell allows you to manage your Office 365 Security & Compliance Center settings from the command line.
  • - You use Windows PowerShell on your local computer to create aremote PowerShell session to the Security & Compliance Center.
  • - It’s a simple three-step process where
  • - Enter your Office 365 credentials.
  • - Provide the required connection settings.
  • - Then import the Security & Compliance Center cmdlets into your
  • - Local Windows PowerShell session so that you can use them.

https://technet.microsoft.com/library/mt587092(v=exchg.160).aspx

Example

  • - Remote Login
  • - Set-ExecutionPolicy RemoteSigned
  • - $UserCredential = Get-Credential
  • - $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic –AllowRedirection
  • - Import-PSSession $Session
  • Run Security & Compliance cmdlet
  • - Get-ActivityAlert | Format-List
  • - Disabled,Name,Description,Operation,UserId,NotifyUser
  • Close Session
  • - Remove-PSSession $Session

Please do leave feedback/comments below including any experience on the same topic that you would like to share. Thanks.

Dynamics365Authority.com is an ultimate source of all the key references on MS Dynamics 365 + Office 365 + MS Azure etc.- please use the CONTACT US form to connect with Urish Arora.

Print
Posted: Jan 28, 2018,
Categories: Office 365,
Comments: 0,
Author: Urish Arora
Tags:
Rate this article:
5.0

Urish AroraUrish Arora

Other posts by Urish Arora

, Contact author

Please login or register to post comments.

Name:
Email:
Subject:
Message:
x

SEARCH

Categories

Subscribe to our blog

«November 2019»
MonTueWedThuFriSatSun
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678

  • Featured Posts
  • Recent Posts
  • Recent Comments
Dynamics365Authority is a community platform for Professionals and Students to contribute or share their knowledge and skills on Microsoft Dynamics 365 Technologies. Our primary goal is to invite professionals on Dynamics 365 technology across the world to contribute & share their knowledge and skills through their blogs so that we can help other developers.
Stay updated with Dynamics 365 technology. Improve skills and knowledge from our blogs, articles and code snippets. Learn it. Follow professionals and learn from them.
Unified Service Desk Book(Online Edition) 

FOLLOW US

Stay connected with us on our social media channels for latest articles, blogs posts etc.  We will keep updating regularly on our social media platform and web platform.

FACEBOOK

Follow us on Facebook

 

TWITTER

View all our tweets

 

DYNAMICS365AUTH

Join us now

 

BLOGS

View our blogs

 

 

Latest Blog

Posted: Jun 20, 2019

Overview - Appendix (Unified Service Desk)

This blog is about Appendix

Read more
Posted: Jun 20, 2019

Overview - Troubleshoot and Debug (Unified Service Desk)

This blog is about Troubleshoot and Debug in Unified Service Desk

Read more
Posted: Jun 20, 2019

Overview - Performance (Unified Service Desk)

This blog is about the Performance in Unified Service Desk

Read more
RSS

ADDITIONAL RESOURCES

Dynamics 365 Authority.com - Search the library for "Dynamics 365"

  What's New in Dynamics 365

  Dynamics 365 Documentation

  

  Sign-up for 30 days trial

 

 

Recent comments

Ashish:

Nice blog. Very helpful to get all references to white papers at one place.

Previous Next

About Us

Here comes the Dynamics 365 Authority - Great technical blog posts are hidden gems. They are hard to find simply because not enough of us write them in the first place. Yet technical blogging is one of the best things we can do not only for ourselves, but also as members of the wider community of developers.

Dynamics 365 Authority leverages this platform to help developers and users to move from traditional paper-based process to modern digital business process. Dynamics365Authority.com helps your business grow, evolve and transform.

Dynamics365Authority.com is your Digital Transformation Partner

Recent Posts

Overview - Appendix (Unified Service Desk)

This blog is about Appendix
  • 238
  • Article rating: 5.0

Overview - Troubleshoot and Debug (Unified Service Desk)

This blog is about Troubleshoot and Debug in Unified Service Desk
  • 358
  • Article rating: 5.0
RSS

Get in touch

Follow Us

 

Tag cloud: Dynamics365Authority.com with Urish Arora; Dynamics365Authority.com; Sales; Leading community site on MS Dynamics 365; Dynamics 365 Authority; Service;Top CRM Blogs; Urish Arora - Australia's leading expert on Digital Transformation;  Digital Transformation; Field Service;Top Articles on MS Dynamics CRM Relationship Insights; Office 365 Security Compliance; Project Service; Microsoft Dynamics 365 for Sales; Relevance Search; Goal Metrics; Activities and Case; Sales Literature;Knowledge Management;

Terms Of UsePrivacy StatementCopyright 2019 by Dynamics365Authority
Back To Top