dialog background

Digging into Microsoft Office 365 Security and Compliance features

Posted July 31, 2017
Quote

The Office 365 Security and Compliance Center helps your business to meet compliance and data protection obligations. Check out the key tasks and features available.

By Nick Hughes, Client, Solution and Strategy Manager

The Microsoft Office 365 Security and Compliance Center is designed for all organisations with data protection and compliance requirements. From one centralised portal, authorised users can establish and manage enterprise-wide archiving, retention, data loss prevention, permissions, device protection, searches and more. The interface is streamlined and intuitive, with a navigation pane that allows easy access to all functions.

Our previous blog ‘Use Office 365 to keep your Business Secure and Compliant’ provides an overview of the ways Microsoft Office 365 can help your business achieve compliance.

These are the key tasks you can manage using the Office 365 Security and Compliance Center.

eDiscovery

The eDiscovery page is used to manage cases and create policies to capture communications for future review. You can identify, search and export the content stored in SharePoint sites, Exchange mailboxes and OneDrive locations. This lets you quickly analyse large, unstructured data sets to pinpoint the information most relevant to a specific legal case. You can also add members to an eDiscovery case, control the actions that members may perform, place a hold on content, export results, and associate compliance searches with an eDiscovery case.

Use this tool to search for items in these Office 365 services:

  • Exchange Online mailboxes and public folders
  • SharePoint Online and OneDrive for Business sites
  • Skype for Business conversations
  • Microsoft Teams
  • Office 365 Groups

Data Governance

You can import email from external platforms (PST files to Exchange Online mailboxes), create archive mailboxes, and establish policies for retaining email and other content. With archive mailboxes enabled, messages from a user’s primary mailbox are automatically transferred to their archive mailbox after a specified time (two years by default). You can also import files to your SharePoint Online platform. Data may be uploaded via your network, or by shipping a copy on a hard drive to a Microsoft data centre.

· Import

Bulk-import PST files to Exchange mailboxes if you want to give users additional mailbox storage space, place mailboxes on hold to retain content, use Microsoft eDiscovery tools to search for mailbox content or benefit from the retention policies to control how long content is retained, and then deletion after the retention period expires.

· Data Retention

Your business may be obliged to keep content for a set period of time under legal or business guidelines, however retaining data for longer than necessary can create legal risks. The retention page lets you manage your document and email lifecycles by retaining the content you need and deleting content when it’s no longer required. You can also establish preservation policies to retain content indefinitely. A default retention policy is assigned to newly created mailboxes in Exchange Online.

· Archiving

Office 365’s Archiving feature transfers any Exchange Online email that is more than two years old into an archive mailbox, which is only accessible by the user or the eDiscovery tool. Custom retention policies and periods can be established by the administrator. The leaking of email information to unauthorised recipients can also be prevented using the Exchange Online Data Loss Prevention (DLP) tool.

· Supervision

Make sure emails and 3rd-party communications are compliant with your business policies. This tool allows you to capture emails so they can be examined by internal or external reviewers.

Office 365 guide what you need to know!

Threat Management

Control and manage mobile device access to your organisation’s data. Office 365 Threat Management helps you to secure your business from data loss and protects inbound and outbound messages from malicious software and spam. You can also use threat management to protect your domain’s reputation and to determine if senders are maliciously spoofing accounts from your domain.

· Data Loss Prevention

The data loss prevention page lets you create policies to safeguard sensitive data (financial or personally identifiable information) and prevent inadvertent disclosure. You can also protect messages from spam and malware, and choose which applications may access Office 365.

· Device Management

Manage and secure mobile devices that connect to your business’ Office 365 account. If your business allows BYOD or has many staff on mobile devices and tablets, protect your information with the built-in Mobile Device Management for Office 365. This feature can set device security policies and access rules, and wipe mobile devices if they’re lost or stolen.

· Main Filtering

Create allow and block lists, determine who is spoofing your domain and why, and configure and view spam filter policies.

· Anti-Malware

Configure anti-malware policies and protect your business from viruses and spyware travelling to or from your Office 365 business account.

Office 365 Auditing

Office 365 Auditing continuously logs and reports on relevant user or administration activity occurring across your applications, like SharePoint, OneDrive, Exchange and Azure Active Directory. These reports enhance transparency and allow you to investigate activities, identify risks, protect your intellectual property and respond rapidly to threats.

Source: https://blogs.office.com/2015/07/08/announcing-new-activity-logging-and-reporting-capabilities-for-office-365/ 

What activity can you track?

  • Administrator and user activity in SharePoint Online
  • Admin and user activity in Exchange Online
  • Admin activity in Azure Active Directory (the directory service for Office 365)
  • User and administrator activity in Sway
  • User and administrator activity in Power BI for Office 365
  • User & administrator activity in Microsoft Teams
  • User & administrator activity in Yammer
  • User activity in OneDrive for Business.

Set User Permissions

The permissions page grants access to specific functions for those personnel responsible for compliance tasks. These tasks commonly include device management, data loss prevention, eDiscovery and data retention. Users will only have access to what you grant them permissions to, and must be an Office 365 Global Administrator or member of one or more Security & Compliance Center role groups. Permissions are based on the Role Based Access Control model used in Exchange Online, so if you’re familiar with Exchange, granting permissions in the Security & Compliance Center will be very similar.

Alert Monitoring

You can manage and monitor alerts across your Office 365 platform, including Advanced Security Management alerts.
Here’s a quick overview of how alert policies work and the alerts that are triggered when a user or administrator activity match the conditions of an alert policy.

Source: https://support.office.com/en-us/article/Alert-policies-in-the-Office-365-Security-Compliance-Center-8927b8b9-c5bc-45a8-a9f9-96c732e58264?ui=en-US&rs=en-US&ad=US 

Reports

You can create reports to show how your business is using Office 365, including audits, data loss prevention, device management, and supervisory reviews. You can also run user activity reports – for example, user login activity on Exchange, Azure and SharePoint.

On the View Reports Page, you can view the following types of reports:

  • Auditing reports – Office 365, Azure AD and Exchange audit reports
  • Supervisory review report – Status of all the supervisory review policies in your organisation
  • Data loss prevention reports – Information about the DLP policies and rules that have been applied to content contain sensitive data in your Office 365 organisation.

Get a no cost cloud assessment for your business

To find out more about the Office 365 Compliance Center and how it can help your business to meet its compliance and data protection obligations, call Bremmar today on 1300 991 351 or email help@bremmar.com.au.

By Nick Hughes, Client, Solution and Strategy Manager

Result-driven professional with over 10 years’ experience in the IT industry specialising in process optimisation, strategic alignment and driving continual improvement.

Back to articles

Previous Articles