Home

Security, Privacy & Compliance

281 Conversations

Latest Activity

Custom List Message Item

Compliance Manager preview program is now available at https://aka.ms/compliancemanager

We posted a blog to share more details about the key capabilities you can get from the public preview program. Learn more about Compliance Manager preview here.

Read More
113 Views
0 Reply

Hi,

 

We have a requirement wherein we need to be sure if our data within Office 365 will be ITAR regulator compliant? I believe by default it won't be, while we can achieve via Office 365 dedicated plans.

 

Please confirm my understanding and also does Micro

... Read More
303 Views
3 Replies

Microsoft's guidance with respect to ITAR is that clients should utilize GCC High version of Office 365.  This has some unique requirements and restrictions.  This has be

... Read More

I would like to understand this as well.

Do you have an link to ITRA certification? If I use bing, I find some different ones. Do you mean the certification for pilots?

I'm a little confused over the DLP settings for OneDrive. Currently it seems I can only create the policy based on the pre-existing sensitive information types alternatively on the document property rules. What options do I have to create a custom type fo

... Read More
307 Views
1 Reply

You can define your own custom sensitive type and upload to security and compliance center. Once it is uploaded, you can define your DLP policy using custom sensitive typ

... Read More

Are there any Security or Compliance features that depend on the Graph? i.e, are the Data Loss Prevention policies affected if the Graph is disabled in O365?

40 Views
1 Reply

DLP feature will not be affected if Graph is disabled. We have setup the same way in our tenant and is working.

I understand that you can add a distribution list to a hold, in addition to named individuals. 

Could someone explain how a Hold behaves when it includes a distribution list, and there are changes to the membership of that distribution list.  

 

What happ

... Read More
46 Views
3 Replies

It simply expands the *current* membership of the list, nothing else.

Hi - just starting looking more closely at Secure Score portal (https://securescore.office.com) and I am wondering if there is the ability to have auto notifications on score changes? 

 

So my thinking here is if another admin performs some kind of settin

... Read More
44 Views
1 Reply

It's a good question, as that would be a useful option but it's not available, at the moment at least, unfortunately.

How do we handle the scenario, where we generally want to retain group documents (due to compliance reasons but also due to the added capabilities for backup/restore) – but still want the ability to delete certain documents, e.g. due to GDPR and other com

... Read More
49 Views
0 Reply

I was wondering is Secure Score being updated to use the new Azure AD portal security reports? At the moment these actions are recommended and most of them are from the old Azure AD portal

 

Review signs-ins after multiple failures report weekly (Being Reti

... Read More
422 Views
14 Replies

even now i have checked on azure portal today for those Review parameters 

It still says error unable to proceed any suggestions

I guess it is not getting updated to new

... Read More
Me as well. I have access to the new portal, and some reason the old gives me a subscription error. I checked our reports regularly yet it doesnt show up :X

I'd like to know about this too. Are these reports no longer going to be available?

I'm trying to roll out Office Message Encryption in EOL (E5 org).  Having a major problem in my testing with the ICD 9/10 Sensitive Info types catching WAY too much, not to mention the inability to combine and use logical (AND/OR) operators to be able to

... Read More
168 Views
3 Replies

After more digging and testing different scenarios I don't believe that the SCC is quite ready for this and the integration with the EOL DLP is not yet complete.  I'm hop

... Read More

Afaik it's only doable via the SCC. As to whether this is rolled out to the entire O365 population, support should be able to answer (or at least give you specific answer

... Read More

Good day, I have been performing suggested actions, but they dont seem to be applying as my score doesnt change.

 

enable customer lockbox or audit logging for example, both have been turned on over a week ago, but it still shows I need to do this.

 

any

... Read More
117 Views
3 Replies

Hi Dan,

 

Thanks for note.  For audit logging, can you clarify which auditing control you have enabled?  If it is "enable mailbox auditing for all users" then you should

... Read More

With roughly 160 requirements, the complexities of the GDPR could have far-reaching impacts to how you gather, use, and manage data. For companies that need to comply with GDPR, this regulation signifies more than just updating policies. It is a new respo

... Read More
331 Views
0 Reply

Since the inception of Office 365 Advanced Threat Protection (ATP) in 2015, we have strived to provide best in class security that enhances and facilitates your end user’s productivity.  To this end, we now have reached >99.9% in our malware detection eff

... Read More
2,602 Views
1 Reply

Is this GA for all GOV clouds or commercial?  GCC, GCC High and DOD?

Testing out Search & Investigation within the Security & Compliance Admin Center.  What's the difference between performing a 'Content Search' on a specific mailbox vs utilizing the Search within an eDiscovery case on a specific mailbox?  I ran a search b

... Read More
984 Views
4 Replies

Should be the same, underneath they both use the same cmdlet. And it's easy to confirm that if you just provide the same name for the search.

 

I just run a search using bo

... Read More

I have had this rule enabled in the Exchange Admin Centre (Rules) since October 25th 2017 with a priority of 2 (recently changed priority to 0) but every time I run the Secure Score Analyser it is listed in the Incomplete Actions tab with a zero score. As

... Read More
116 Views
0 Reply

When I get an alert that someone has reported a message as "Unusual volume of messages reported as phish or junk/not junk", how do I determine if they marked it as "junk" or "not junk"?  If they've marked it as "not junk", I'd like to intervene and help t

... Read More
38 Views
0 Reply
Hi there, I've created a "test" Audit Log Search Alert Policy in the Security & Compliance portal for alerting me if there was any files deleted on our SharePoint. Now is there a way to delete this policy, cause apparently this alert is nowhere to be fin... Read More
91 Views
4 Replies

Depending on the licenses you have, the alert might end up in a "hidden" section of the portal. You can access it directly via: https://protection.office.com/#/managealerts

... Read More

How do you configure sharepoint to be GDPR compliant?

1,356 Views
3 Replies

Are you talking about On-premises or Office 365? On-premises you would have to elimanate certain types of personally identifiable information (PII) of European citizens (

... Read More

That's an interesting question, I am not aware of any specific steps right now to take for GDPR compliance in SharePoint.  Saying that, here is some related information,

... Read More
Best Response

According to the TechNet Overview of Office 365 DLP for SharePoint and OneDrive the Office Clients, like Word, Excel, and PowerPoint, should surface a Policy tip during document creation or editing.  According to the documentation this should happen in Re

... Read More
118 Views
3 Replies

It might take a while for the desktop apps, as they need to download the policy definition files. Check under %USERPROFILE%\Appdata\Local\Microsoft\Office\DLP

Read More

Hi,

 

I must be missing something, I can't get DLP to work in two completely seperate test tenants. I've set up a less restrictive rule to try and trigger DLP: One or more Credit Card numbers should trigger Notifications, restrict access, and send a report.

... Read More
225 Views
6 Replies

Hi Jack,

 

Did you get this to work?

Here's three documents I used in my tenant (both contain dummy creditcard numbers), which did trigger the DLP rules I set.

 

Kind regards,

... Read More

I'm having troubles getting policy tips to appear in Office apps too, and I've pretty much accepted that it's simply not working as expected atm. SPO/ODFB however should

... Read More

in Content search, when trimming down to a specific SharePoint Online site, are custom properties searchable? 

https://protection.office.com/#/contentsearch

 

I get results that seem to suggest "NO" which leaves me with no recourse to really narrow the se

... Read More
29 Views
0 Reply

I have been trying to improve our Secure Score score and have been running the reports that it suggests for a month or two now. I just realized that the reports have not been counting towards the score for some time. At first I thought it was because the

... Read More
322 Views
6 Replies
Is Secure Score going to update the links of the reports to point to where they are in Azure Active Directory rather than the old Azure AD before the cutover to the new A... Read More

I have been having this issue myself.  Now that the Azure AD is being replaced with the new one, how do we get the same reports scored with the new Azure Portal?

Read More

I'd be interested in hearing the answer as well.  

 

There appear to be at least seven controls for reviewing reports worth 60 points combined.  What does it mean exactly "

... Read More

Hi All,

 

I have a lot of SharePoint site in my environment. Because we want to ensure we retain data at SharePoint, we enabled the Retention policy for all the sites, Which worked fine, Sites/Lists/Items were being prevented from being deleted. Now i hav

... Read More
53 Views
3 Replies

Hello Anand,

 

When you no longer need a SharePoint site or subsite, such as one created for a completed project, you can delete it to free up space. To delete a site or

... Read More
Not sure if this is the correct group, but am hoping! I have a Customer who would like to license in O365 & Power BI 3 of 'their' customers. Is there a way of excluding these 3 customer users from the 'all organisation' feature. Meaning if in Power BI... Read More
58 Views
2 Replies
It's not really designed to work that way, because if they are licensed users then realistically they are treated as the same as other users inside the organisation.
You c... Read More

Compliance Manager preview program is now available at https://aka.ms/compliancemanager

We posted a blog to share more details about the key capabilities you can get from the public preview program. Learn more about Compliance Manager preview here.

Read More
113 Views
0 Reply

Hi All,

 

We have been looking at secure score for some time. It is kind of effective way to increase our tenant security. However, I've been notice that to enable some feature there we need an extra license (eg. E5).

That means if we don't have E5, we ca

... Read More
72 Views
0 Reply

Are you interested in getting an early look at the cloud-based version of Advanced Threat Analytics? At the Ignite conference, we announced Azure ATP, a cloud-based version of ATA. You can enjoy your own instance free of charge for 6 months by signing up

... Read More
45 Views
0 Reply