Forum Widgets
Latest Discussions
New additions in Compliance manager
Hi everyone, I was just marveling about the addition of custom regulations in Compliance manager but apparently very few users seem to be using this particular module in Purview , at least I can't seem to find any user forum for it. Can anyone point me in the right direction or am I the only user of Compliance manager in the know universe 🙃 Regards, Guðjón
Is it possible to allow MFA registration only in a work profile on a managed phone
Hello, I'm currently rolling out MDM via Endpoint Manager and also enforcing compliance policies using conditional access. I would like to allow MFA registration only in work profiles, so that users can only register MFA (for Passwordless sign in) on the Microsoft Authenticator app in their work profile. Does anyone have experience with this, or is this currently even possible? BrS
Use Endpoint DLP to block uploads
Hello, I am trying to block files from being uploaded to specific domains using Endpoint DLP. I have added several domains to the Service Domain section of DLP and set it to Block. I have also added a Service Domain Group with those same domains (not sure if this is required in this case). Then I have created a DLP policy scoped to Devices only. The rule conditions in the policy are set to any file over 1 byte in size should be blocked from upload to those service domains. I have also added the Service Domain Groups to this policy and set it to block. I turn on the policy and it is applied to the appropriate endpoints but when I test, the only files blocked from being uploaded to those domains are files tagged a sensitivity label. Can this DLP policy apply to all files instead of just labelled ones? We just want to block upload to specific domains outright. Any help is appreciated!
Sensitivity Labels not working as expected
Hi experts, I've been playing with sensitivity labels recently and I'm in testing phase currently having few ppl testing it for me before I officially deploy to all. However, it looks like there are few things that do not work as expected and I'm not sure why. Hope I can find some help here. Here is what I have configured and what is the experience during our testing Email should inherit sensitivity label form attachment I have label for documents set as required , and email is set to no default label and selected "inherit" label from attachment I have "Confidential\View Only" label that has allowed only "View rights / Reply / Reply all" allowed permission. Testing experience: For emails, when I attach a document with this label assigned, there is no restriction at all and I can forward, download, etc... and the recipient can forward with no issues. Looks like inheritance of label from attachments to email is not working at all. When I (as a recipient) download the attachment, I see that the document has restricted permissions (can't print, save, etc) so it looks it is working on the document level. "Confidential\Internal" label should be blocked I can share with external users via SharePoint ...and can even open it as external user with no issues at all.. Label access control nor DLP prevents this!!! Is there something I miss here? Not sure if important - I have "MS Entra for Sharepoint enabled" DLP is configured to check Sharepoint, Emails, OneDrive for "Confidential\Internal" for "content shared outside the organization" and "sensitivity label Confidential\Internal" and BLOCK it DLP works fine for emails with attachments labelled with this label, and it is blocked as expected Confidential\Internal is blocked in the outlook when trying to send email when I am sending an attachment with Confidential\Internal document in Outlook (New Outlook), I see a note about external users that needs to be removed. When trying to send anyway, it is blocked and I get a message below. Which is great however, another two testers do not get this experience and their email is blocked with DLP (mentioned above) only - which is nice, but the experience I get is much better as users can correct recipients instantly (FYI - I am using NEW Outlook - need to check later this week with the testers if they are on Old or NEW one) Its a bit of text, and I apologize... Wanted to describe is as best as I can 🙂 ... and hopefully help anyone else facing the same... Would be grateful for your help.... As the testing is super time consuming due to the fact that any change I make to sensitivity label and policy, I prefer to wait recommended 24 hrs to see if it had any effect.... Update: forgot to ask, why I see some "built-in" labels when creating emails? When I go to "More Options", in new email, I can see the below: When I go through New Email > Options > Sensitivity - I can see the labels I configuredHere's how I prepared for the Microsoft Security, Compliance, and Identity Fundamentals exam SC-900!
Dear Microsoft 365 / Azure Security Friends, What I always have to tell myself when I read Fundamentals, never underestimate an exam like this. Such exams are always a kilometer long but only 1 centimeter deep. That means a lot of topics are asked, but not how to install or configure it. What does that mean exactly? For example, a question might be structured like this: You need to capture signals from an on-premises Active Directory with a cloud solution, what do you use? The answer is Microsoft Defender for Identity. On the exam there are single choice questions and multiple choice questions (minimum 2 answers). No case studies or sliding scale questions. Now to my preparations for the exam: 1. First of all, I looked at the Exam Topics to get a first impression of the scope of topics. https://docs.microsoft.com/en-us/learn/certifications/exams/sc-900 Please take a close look at the skills assessed: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4Mr81 2. So that I can prepare for an exam I need a test environment (this is indispensable for me). You can sign up for a free trial here. https://www.microsoft.com/en-us/microsoft-365/business/compare-all-microsoft-365-business-products I chose the "Microsoft 365 Business Premium" plan for my testing. 3. Now it goes to the Microsoft Learn content. These learn paths (as you can see below, all 4) I have worked through completely and "mapped"/reconfigured as much as possible in my test environment. https://docs.microsoft.com/en-us/learn/paths/describe-concepts-of-security-compliance-identity/ https://docs.microsoft.com/en-us/learn/paths/describe-capabilities-of-microsoft-identity-access/ https://docs.microsoft.com/en-us/learn/paths/describe-capabilities-of-microsoft-security-solutions/ https://docs.microsoft.com/en-us/learn/paths/describe-capabilities-of-microsoft-compliance-solutions/ 4. Register for the exam early. This creates some pressure and you stay motivated. https://docs.microsoft.com/en-us/learn/certifications/exams/sc-900 5. Thomas Maurer's exam preparation information is super helpful! https://www.thomasmaurer.ch/2021/04/sc-900-study-guide-microsoft-security-compliance-and-identity-fundamentals/ 6. What you should also definitely watch is the YouTube of John Savill, really super informative! https://youtu.be/Bz-8jM3jg-8 I know you've probably read and heard this many times: read the exam questions slowly and accurately. Well, that was the key to success for me. It's the details that make the difference between success and failure. One final tip: When you have learned something new, try to explain what you have learned to another person (whether or not they know your subject). If you can explain it in your own words, you understand the subject. That is exactly how I do it, except that I do not explain it to another person, but record a video for YouTube! I hope this information helps you and that you successfully pass the exam. I wish you success! Kind regards, Tom WechslerLow reputation
I am an independent developer, and I've been unable to publish my app on the Microsoft Store for about three months — it keeps getting rejected due to "10.2.10 Security": I realize this is because I'm not well-known, but how can I build a reputation when it’s impossible? Microsoft blocks the download: Microsoft even prevents it from being opened: Sure, I could provide a step-by-step guide on how to unblock my app, but, as experience has shown, users don’t trust unfamiliar apps (and rightly so!), because Microsoft has conditioned them for years to avoid running unknown software: "Make sure you trust before you open it" and "Running this app might put your PC at risk". Don't get me wrong: as a regular user, I fully support these security measures because they truly work and help. But as an independent developer, I don’t know what to do :( My app doesn't engage in cryptojacking, doesn't initiate unauthorized network activity, and doesn't pose any threat to users — it doesn't transmit any data to me and/or third parties, doesn't use telemetry and/or monitoring tools, doesn't track actions and/or location, doesn't have built-in diagnostics and/or analytics, doesn't request privilege escalation, doesn't collect statistics and doesn't learn from personal data. My app passes all the necessary Microsoft checks: And I can’t afford an EV certificate since I’m an individual, not an organization: But my app gets blocked anyway. So... does anyone have any ideas on what I can do in my situation?
DLP Alerts Issue - Windows Defender
Hi, I am encountering an issue where a single file containing multiple policy matches triggers multiple DLP alerts defined for Exchange. I would prefer to receive just one alert per email, regardless of the number of files or policy/rule matches in Windows Defender. Any suggestions on how to resolve this would be greatly appreciatedAll the locations where you can find Sensitivity labels
Update (14-Mar-25): Removed Windows Explorer Here are the locations where you can find the sensitivity label of a document (if there are any that I've missed, please feel free to add it here) Sensitivity Label Button in the Document: In Office applications such as Word, Excel, and PowerPoint, you can find the Sensitivity label button on the Home tab. This button allows users to apply or view sensitivity labels directly within the document interface. (Sensitivity label app on the upper right) Document Properties > Advanced Properties Sensitivity labels can also be found in the document properties. To access this, go to File > Info > Properties > Advanced Properties. Here, you can see detailed metadata, including any applied sensitivity labels. Sensitivity Label Column in SharePoint: In SharePoint, sensitivity labels are displayed in a dedicated column. This allows users to quickly see the sensitivity level of documents stored within SharePoint libraries (Removed) Windows File Explorer: - As it was rightly pointed in the comment section, this is a roadmap item that has yet to materialise. Mobile Applications: Office mobile apps for iOS and Android also support sensitivity labels, enabling users to apply and view labels on the go. Microsoft Purview Compliance Portal: Administrators can manage and view sensitivity labels applied across the organization through the Microsoft Purview Compliance Portal. This portal is only accessible to IT admins who has the right Purview role.Get $25 USD for reviewing a Microsoft Security product on Gartner Peer Insights in 2025
Turn your expertise into impact—and $25—by sharing your review of Microsoft Security products on Gartner Peer Insights. Your feedback helps other decision-makers confidently choose the right solutions and provides valuable input to improve products and services. Select a product to review: Security Copilot Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Purview Microsoft Sentinel Here’s all you need to do: To submit a product review, log in to your Gartner Peer Insights account or create a free account in seconds. Once you have completed your review, Gartner Peer Insights will prompt you to choose a gift card option. Gift cards are valued at $25 USD and are available in multiple currencies worldwide. As soon as your review is approved, the gift card will be sent to you digitally via email What makes a successful review? Choose a Product You Know Well: Pick a product you’ve used extensively to provide detailed feedback. Share Your Experience: Describe your specific user experience with the product and any outcomes you realized. Highlight Features: Note any features and capabilities that made an impact. Terms & Conditions: Only Microsoft customers are eligible; partners and MVPs are not. Offer valid for reviews on Gartner Peer Insights as linked on this page. Non-deliverable gifts will not be re-sent. Microsoft may cancel, change, or suspend the offer at any time without notice. Non-transferable and cannot be combined with other offers. Offer runs through June 30, 2025, or while supplies last. Not redeemable for cash. Taxes are the recipient's responsibility. Not applicable to customers in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and China. Please see the below for more information Microsoft Privacy Statement Gartner’s Community Guidelines & Gartner Peer Insights Review GuideAzure Sentinel Training Lab solution is no longer on Azure Marketplace
Hi folks! It appears the Azure Sentinel Training Lab solution is no longer on Azure Marketplace. Was this removed for SFI security reasons and if so what are alternative deployments for this? https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Training/Azure-Sentinel-Training-Lab
