Sign in to exchange admin center (eac) with an admin account. Click “compliance management”> “in-place ediscovery & hold”. Click “import to a pst file” after the ediscovery is finished. Here is the information about office 365 ediscovery for your reference. To set up Office 365, go to Download and install or reinstall Office 365 or Office 2016 on a PC or Mac. You use the admin center to set up your organization in the cloud, manage users, manage subscriptions, and much more. • Exchange: messaging • Skype for Business: IM and telephony/teleconferencing • SharePoint: collaboration • OneDrive: file sharing • Yammer: collaboration • PowerApps: code-free cloud application development platform • Flow: workflow engine • Azure AD: identity management • Intune: endpoint management On one hand the Office 365 administrator needs to manage the different Office 365 services by using separate admin centers. On the other hand, you have (a) your users save enormous data volumes to the Office 365 tenant; and (b) compliance requirements that mean you need to secure, audit, and document the above infrastructure. Whoa—that is a lot of stuff to worry about! Fortunately, the Office 365 development teams gave us the Office 365 Security & Compliance Center. High-level overview From the Office 365 admin center (open the Admin center menu and select Security & Compliance. The Security & Compliance Center opens in a separate browser tab as shown next. The direct URL to the site is https://protection.office.com. Setting permissions • The Security & Compliance Center uses a role-based access control (RBAC) authorization model just like the other Office 365 services use. • The roles and permissions you assign here grant users permissions only to the Security & Compliance Center. The use case here is that you could, for example, grant select Legal team users membership to the built-in eDiscovery Manager role, and Compliance team users membership to the Compliance Administrator role. Of course, you can define your own custom roles if you wish. Next, let me show you some of the more important tasks you can accomplish in the Security & Compliance Center. In this article I'll show you some of them; you should certainly consult for full information. Another thing you'll want to do is navigate to Service assurance > Dashboard and give Office 365 your business' geographic location and industry. When you provide Microsoft with that data, Office 365 gives you compliance reports and trust documents customized to your business. Pretty awesome! NOTE: You need to assign your compliance officers' Office 365 user accounts to the Service Assurance User role in Permissions for them to access the compliance reports. Alerts The alerting function in the Office 365 Security & Compliance Center is a huge value to administrators because it proactively informs us when particular actions occur within the tenant. What kind of 'particular actions,' you wonder? Stuff like: • privilege escalation • deleted folders and files • deleted users and groups • eDiscovery activities • unusual external user activity • detected malware/phishing The New alert policy dialog shown in the next screenshot asks you to pick (a) which activities across the Office 365 services you want to watch; (b) which users, or all users, you need to scope the alert to; and (c) to whom you want to send the alert e-mail messages. An alert email message Data Loss Prevention (DLP) DLP in Office 365 combines the best parts of Active Directory Rights Management Services (AD RMS) and the Intune device management product. Whereas configuring AD RMS on premises is a giant pain in the you-know-where, configuring DLP in Office 365 is wizard driven and remarkably straightforward. The heart of DLP is the policy, which I show you in the next screenshot. Depending on your industry and security/compliance requirements, you may need to take special actions on sensitive data like patient records, financial numbers, and so forth. Creating a DLP policy A DLP policy can cover multiple data sources, such as Exchange Online, SharePoint Online, and OneDrive for Business. You can restrict access to data the policy identifies, including (a) notifying the users of any actions they need to take on the sensitive data; and (b) preventing users from copying, forwarding, and performing other actions on that data. You can run DLP reports from the Security & Compliance Center by navigating to the Reports > Dashboard page. Programmatic access Oh, there's so much to see in the Office 365 Security & Compliance Center! Let's finish up by learning how to connect to the center with PowerShell. The bad news is that the Office 365 PowerShell story is a royal, confusing mess.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |