Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intro to the Office 365 Security & Compliance Center

Published byJodie Warren Modified over 6 years ago

Similar presentations

Presentation on theme: "Intro to the Office 365 Security & Compliance Center"— Presentation transcript:

1 Intro to the Office 365 Security & Compliance Center
By Craig Jahnke

2 About Craig Jahnke – Strategic Advisor at AvePoint, Inc.
Working with SharePoint for last 8 years M.S. in Information Systems Organize SPS Chicago Suburbs and Cloud Saturday Chicago @TechJahnke on Twitter

3 Platinum Sponsors

4 Platinum Sponsors

5 Gold Sponsors

6 Attendee Shirts

7 Reinventing Productivity

8 Electronic Data Is Exploding

9 Attack Risks

10 Agenda The Security & Compliance Center Alerts Permissions
Threat Management Data Governance Search & Investigation Reports Service Assurance PowerShell for the Security & Compliance Center

11 Security & Compliance Center
The Office 365 Security & Compliance Center is your one-stop portal for protecting your data in Office 365

12 Security & Compliance Matrix

13 Alerts View and manage alerts for your Office 365 organization, including Advanced Security Management alerts. How alert Policies work: An admin in your organization creates, configures, and turns on an alert policy by using the Alert policies page in the Security & Compliance Center. A user performs an activity that matches the conditions of an alert policy. Office 365 generates an alert that's displayed on the View alerts page in the Security & Compliance Center. Also, if notifications are enabled for the alert policy, Office 365 sends an notification to a list recipients. An admin manages alerts in the Security & Compliance Center. Managing alerts consists of assigning an alert status to help track and manage any investigation.

14 Permissions Grant permissions to people who perform compliance tasks like device management, data loss prevention, eDiscovery, and retention Relationship of members, roles, and role groups A role grants permissions to do a set of tasks; for example, the Case Management role lets people work with eDiscovery cases. A role group is a set of roles that lets people perform their job across the Security & Compliance Center; for example, the Compliance Administrator role group includes the roles for Case Management, Content Search, and Organization Configuration (plus others) because someone who’s a compliance admin will need the permissions for those tasks to do their job. The Security & Compliance Center includes default role groups for the most common tasks and functions that you’ll need to assign people to. It is recommended to add people as members to the default role groups You can edit or delete the existing role groups, but don’t!!! Instead of editing a default role group, you can copy it, modify it, and then save it with a different name.

15 Data Loss Prevention A DLP policy helps you identify, monitor, and automatically protect sensitive information that’s subject to common industry regulations. You choose what types of sensitive information to protect, and what actions to take when content containing such sensitive information is detected. A DLP policy can notify the compliance officer by sending an incident report, notify the user with a policy tip on the site, and optionally block access to the document for everyone but the site owner, content owner, and whoever last modified the document. Finally, the policy tip has an option to override the blocking action, so that people can continue to work with documents if they have a business justification or need to report a false positive.

16 Data Governance Allows for the import from other systems, enables archive mailboxes or set policies for retaining and other content within your organization Import - Import PST files to Exchange mailboxes then you can use the Intelligent Import feature to filter the items in PST files that actually get imported to the target mailboxes. Archive - Enable or disable a user's archive mailbox, which provide users with an alternate storage location for historical messaging data. Retention - Manage the lifecycle of and documents by keeping the content you need and removing content after it’s no longer required. While your organization may be required to retain content for a period of time because of compliance, legal, or other business requirements, keeping content longer than required might create unnecessary legal risk. Supervision - Define supervision policies that capture and 3rd-party communications in your organization so they can be examined by internal or external reviewers.

17 Threat Management Manage mobile devices and set up data loss prevention for your organization. Help protect inbound and outbound messages from malicious software and spam. Manage which apps have access to Office 365 Use Threat management to help control and manage mobile device access to your organization's data, help protect your organization from data loss, and help protect inbound and outbound messages from malicious software and spam. Use threat management to protect your domain's reputation and to determine whether or not senders are maliciously spoofing accounts from your domain.

18 Threat Management Dashboard, Threat explorer, and Incidents - Once enabled, these panes allow you to manage Office 365 Analytics and threat intelligence. Mail filtering - Fine-tune and monitor settings that help prevent spam in Office 365. Anti-malware - Protects against viruses and spyware traveling to or from your organization in Office 365. Viruses are malicious software programs that, when executed, replicate themselves and modify other programs and data on the computer. DKIM – Domain Keys Identified Mail (DKIM) helps ensure that other systems trust messages that you send from Office 365. It does this by adding a unique digital signature to messages that you send from your organization. systems that receive from you can use this digital signature to help determine if the is legitimate. *** Safe attachments - Safe attachments is part of Advanced Threat Protection. When enabled, attachments are opened in a special, isolated environment that is separate from Office 365 before they are sent to recipient inboxes. Safe attachments is designed to help detect malicious attachments even before anti-virus signatures are available. Safe links - Safe links is part of Advanced Threat Protection. Safe links help prevent users from following links in or in Office documents that point to web sites that are recognized as malicious. Quarantine - Set up Quarantine for incoming messages in Office 365 where messages that have been filtered as spam, bulk, phishing, and malware mail can be kept for later review. Both users and admins can work with quarantined messages. Users can work with just their own filtered messages in quarantine. Admins can search for and manage quarantined messages for all users. Advanced threats - View the threat protection status report to see information about the malicious content found and blocked by Exchange Online Protection and Advanced Threat Protection.

19 Search & Investigation
Search for content and review user activity. Use eDiscovery to manage cases and set up supervisory review policies to help you capture communication for review Use the search and investigation features in the Office 365 Security & Compliance Center to quickly find content in mailboxes and documents or search audit logs for various types of user and admin activity. You can also create eDiscovery cases to manage a group of users who may be involved in a legal investigation. The best part of Search & investigation is you can find all content and user activity—whether it’s in Exchange Online, SharePoint Online, or OneDrive for Business—providing you with unified protection for your Office 365 organization.

20 Reports Use a variety of reports to help you understand how your organization is using Office 365, including reports related to auditing, device management, Supervisory review, and data loss prevention. View user activity reports such as sign-ins for SharePoint Online, Exchange Online, and Azure Active Directory Use the View reports page to quickly access audit reports for your SharePoint Online and Exchange Online organizations. You can also access Azure Active Directory (AD) user sign-in reports, user activity reports, and the Azure AD audit log from the View reports page. This is because your paid Office 365 subscription includes a free subscription to Microsoft Azure. The first time that you try to access these Azure reports, you will have to complete a one-time registration process.

21 Service Assurance View details about how Microsoft keeps Office 365 customer data safe, and how Office 365 helps customers meet industry compliance requirements. Use Service Assurance to access documents that describe a variety of topics, including: Microsoft security practices for customer data that is stored in Office 365. Independent third-party audit reports of Office 365. Implementation and testing details for security, privacy, and compliance controls that Office 365 uses to protect your data. Office 365 can help customers comply with standards, laws, and regulations across industries, such as the: International Organization for Standardization (ISO) and 27018 Health Insurance Portability and Accountability Act of 1996 (HIPAA) Federal Risk and Authorization Management Program (FedRAMP)

22 PowerShell Remote PowerShell allows you to manage your Office 365 Security & Compliance Center settings from the command line. You use Windows PowerShell on your local computer to create a remote PowerShell session to the Security & Compliance Center. It’s a simple three-step process where Enter your Office 365 credentials. Provide the required connection settings. Then import the Security & Compliance Center cmdlets into your local Windows PowerShell session so that you can use them.

23 PowerShell Example Remote Login Set-ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange - ConnectionUri - Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session Run Security & Compliance cmdlet Get-ActivityAlert | Format-List Disabled,Name,Description,Operation,UserId,NotifyUser Close Session Remove-PSSession $Session

24 Questions

25 Join us for SharePint! Immediately after the event!
Dave & Busters D and B Drive SE Marietta, GA 30067

Download ppt "Intro to the Office 365 Security & Compliance Center"

Similar presentations

Common Question Who can benefit from Cloud? Every enterprise today can benefit from Cloud.

Common Question Who can benefit from Cloud? Every enterprise today can benefit from Cloud.
Microsoft Ignite /17/2017 2:11 PM

Microsoft Ignite /17/2017 2:11 PM
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Agenda: Compliance Vision Archive Preserve (Hold) Delete (Messaging Records Management) Q&A.

Agenda: Compliance Vision Archive Preserve (Hold) Delete (Messaging Records Management) Q&A.
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.

Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.
CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.
Using Windows Firewall and Windows Defender

Using Windows Firewall and Windows Defender
COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.

COMPREHENSIVE Windows Tutorial 5 Protecting Your Computer.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Archiving emails. How to Manage Auto-Archive in Outlook 2014-15 Your Microsoft Outlook mailbox grows as you create and receive items. To manage the space.

Archiving s. How to Manage Auto-Archive in Outlook Your Microsoft Outlook mailbox grows as you create and receive items. To manage the space.
Empower the User Outlook, Word, PowerPoint, SharePoint, Mobile Apps, etc. Exchange, SharePoint, Lync, AD, File Server, third parties, etc. Exchange/

Empower the User Outlook, Word, PowerPoint, SharePoint, Mobile Apps, etc. Exchange, SharePoint, Lync, AD, File Server, third parties, etc. Exchange/
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Module 3 Configuring File Access and Printers on Windows 7 Clients.

Module 3 Configuring File Access and Printers on Windows 7 Clients.
Module 7 Planning and Deploying Messaging Compliance.

Module 7 Planning and Deploying Messaging Compliance.
Implementing Microsoft Exchange Online with Microsoft Office 365

Implementing Microsoft Exchange Online with Microsoft Office 365
One Drive for Business: More Than a File Share Erica Toelle

One Drive for Business: More Than a File Share Erica Toelle
Microsoft Exchange Server 2013 Security Mick Tomlinson– Technical Instructor New Horizons.

Microsoft Exchange Server 2013 Security Mick Tomlinson– Technical Instructor New Horizons.
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

Similar presentations

Ads by Google