Before we start, please note that if you want to see a table of contents for all the sections of this blog, you can locate them at the following URL:
Microsoft Purview and Modern Work (Part 1) - Overview
This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix.
All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data.
Before we start, I wish to thank Tavis Hudson and Derek Peters for their recommendations, input, direction, and editing of this blog series. This blog would not be possible in this, or any form, without their assistance.
The Information Life Cycle Management section of this blog series is aimed at Security and Compliance and Modern Work officers who need to properly label data, encrypt it where needed.
Here are a few questions for you to consider before you read this blog series. If these questions or questions like them do not relate to your role or organization, then this blog series might not be meant for you.
This blog article is meant to help an IT administrator who is looking to secure their data throughout the lifecycle of the data.
It is presumed that you already have a basic understanding of the Purview tools and the Modern Work tools (including Exchange, Teams, SharePoint and OneDrive).
This document does not cover configuring any of the below, ie. Holding your hand through the process of configuration”, as that is covered via other blogs, official Microsoft documents, or through the aid of Microsoft implementation teams or Microsoft partners:
Here are the parts of the blog series:
Part 1 – Overview of the blog series
Part 2 – Collaboration Overview
Part 2a – SharePoint Sites and Files
Part 2b – OneDrive Files
Part 2c – Teams Sites and Files
Part 3 – Communication Overview
Part 3a – Exchange Email Messaging
Part 3b – Teams Chats and Streams
If we want to measure have a tool to help quantify the security of our data, the CIA triad (Confidentiality, Integrity, Availability) is a good place to start. Our goal as an organization should be to get our data within the center of the triad.
Let us take the CIA triad and map it to the various components of Microsoft Purview to the CIA triad. Here are two different “mappings” to try and help you visualize how the current Purview tools map to the CIA triad
Mapping Visualization #1
Mapping Visualization #2
Note – when it comes to Availability, backup tools should always be considered. However, Microsoft does protect the data inside of your tenant. Here are 2 links on this topic. There are more in the Appendix and Links section below.
Information Lifecycle Management (ILM) is standard way of looking at data within an organization. The process as diagramed below, 1) starts with the creation of data, 2) use of data, 3) retention of data and 4) deletion of data. There are many government regulations (ex. HIPAA, SOX, GDPR, etc) that dictate how data is protected, retained, and disposed of. There are also internal, organizational regulations driven by HR and Legal teams that dictate how data is protected, retained, and disposed of.
Now let us map the Information Lifecycle to the components of Microsoft Purview (as noted above, this will not be an exhaustive list of components at this point in the blog).
These are the Modern Work workloads we will cover in this blog series
Inside of these 2 workloads are technology-based applications.
1. Collaboration –this involves data sharing (ie. Files, folders, SharePoint sites, OneDrive data, Teams sites, etc). For this blog, I will focus on the following 3 items:
a. SharePoint sites and files
b. OneDrive files
c. Teams sites and files
2. Communications – This means things such as Teams chats and Exchange email messages. For this blog, I will focus on the following:
a. Exchange Email Messaging
b. Teams Chats and Streams
When looking at the lifecycle of data (Create – Use – Retain – Destroy) we need to map it, at least at a high level, to the Microsoft Collaboration and Communication tools and the data they generate.
Here is a visual map to get you thinking about this.
Now that we have mapped Lifecycle Management to the Microsoft Collaboration and Communications, we can map Purview tools and workloads to specific Modern Work data flows. We cover these in more depth Parts 2 and 3 of this blog series.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.