Do you know you can now upload your improvements actions into the Microsoft Purview Compliance Manager

📢It’s good news for Microsoft Purview Compliance Manager.

You can now bulk import your updated improvement actions directly into Microsoft Purview Compliance Manager using the Improvement actions export report. With no APIs or programmatic interfaces, bulk import is a significant improvement.

Having the ability to work on your improvement actions outside of the Microsoft Purview Admin Center is extremely helpful. You can work on the improvement actions with multiple businesses and IT stakeholders without giving them admin rights. In the past, any changes to improvement actions had to be manually updated in Compliance Manager. Organisations often only focus on the initial export of data, so they miss out on automatic testing notifications, reporting and updates.

By using the Excel export file to bulk upload your changes into Compliance Manager, there is no need to rekey any information, which is a significant time-saving improvement.

Additionally, keeping the Compliance Manager updated lets you see the impact of changes to regulations or configuration changes via automated testing.

Read on to find out more.

Read More

How to manage guest access reviews in Microsoft 365

With guest access switched on for Microsoft Teams, do you have a process to manage guest access reviews?

It is easy for Team owners to invite external guests into their Team. However, how do you proactively review guest accounts to ensure people only have access as long as they need it?

With internal users, there are joiners, movers and leavers processes to manage access and reviews, but these processes typically exclude guest users.

Read on to see how you create a regular review of external guest access to ensure they only have access as long as necessary.

Read More

How to apply just-in-time access to Security & Compliance roles

I am often asked by clients how they can provide additional levels of controls to their Security and Compliance privileged roles to mitigate the risks of excessive, unnecessary, or misused access permissions to important resources.

Microsoft recommends the following best practice for managing privileged accounts:

  • Use least privileged access
  • Turn on multi-factor authentication for all your administrator accounts
  • Use Privileged Identity Management to grant just-in-time access with optional approvals
  • Configure recurring access reviews to revoke unneeded permissions over time

If you have Azure AD Premium 2 licensing you can use Azure AD Privilege Identity Management (PIM) to provide just-in-time access to privileged admin accounts. PIM only provides just-in-time access to Azure AD and Azure privileged roles. The issue with Security and Compliance roles is that they are managed in Security and Compliance admin Centers and not in Azure AD.

So how can we protect Security and Compliance roles with just-in-time access to mitigate the risks of excessive, unnecessary, or misused access permissions to important resources?

Read on to discover how to use Privileged Access Groups in PIM to indirectly provide just-in-time access to your Security & Compliance roles. In addition, this process will work with other non-Azure AD roles such as roles from Exchange or SharePoint.

Read More

How to track Microsoft Docs page updates in Microsoft To-do

How do you keep track of Microsoft Docs page updates?

Wouldn’t it be great if you could be notified when your favourite Microsoft Docs pages are updated rather than having to go to Microsoft Docs pages daily or relying on social media?

Read on and I will explain how you can create an RSS feed from Microsoft Search results to create a task in Microsoft To Do every time one of your favourite Microsoft Docs pages is updated.

Read More

How to use your Azure AD Premium 1 or 2 licencing to govern your Guest users

Have you enabled Guest users in your Microsoft 365 tenant? If your answer is yes then have you applied identity and access governance controls to your Guest users to help minimize security and compliance risks in your tenant?

Read on to find out how to use your existing Azure AD Premium 1 or Premium 2 licences to apply identity and access governance to your Guest users.

Read More

How to use Power Automate to manage Ownerless Teams (& Groups)

A Microsoft Team or Group without an owner is ungoverned and unmanaged. It is like a school classroom full of children without a teacher. You know it will end up in chaos.

So do you have an effective process to manage your ownerless teams?

Read on to find out how you can to mitigate the issue by using Power Automate to automatically transfer ownership to another user.

Read More

How to manage Microsoft 365 evergreen change using Power Automate

Are you effectively managing your Microsoft 365 evergreen change?

The pace of change in Microsoft 365 is rapid as Microsoft constantly delivers new features, updates to enhance customer value and ways to better secure the environment. We all know it is important to keep on top of this constant flow of changes, but keeping track of the evergreen changes across the multiple different Microsoft 365 services can be a challenging.

Microsoft post all change messages in the Microsoft 365 message center. However the message center is not a workflow tool so triaging and tracking the changes is difficult. In addition too much time is spent manually copying content from message center to other tools and notifying stakeholders rather than assessing the actual change itself!

So how do you remove this manual overhead and automate your Microsoft 365 evergreen change process?

Read on for top tips and guidance on how sync your Microsoft 365 messages to a Planner board and then use Power Automate to automate and customise your process. This will remove those repetitive tasks giving you more time to focus on the triage and track of the evergreen changes.

Read More

Create a simple Teams creation workflow using Power Automate

Why do I need to build a Teams creation process using Power Automate? What’s wrong with the standard Team creation process?

Well, when you create Microsoft Teams out of the box there are only limited governance capabilities. For example:

  • Limited Teams naming standard
  • Teams with duplicate display names can be created
  • Only one owner is mandated
  • No justification or approval process

This blog describes how you can create Teams using Power Automate plus add governance steps to the workflow to include:

  • Apply a tailored Teams naming convention
  • Add an approval step
  • Stop duplicate Team names
  • Add multiple owners
  • Add sensitivity label to allow or block guests and external sharing
  • Capture additional metadata such as justification, Team type, or Team duration

The step-by-step details on how to create the Power Automate Flow are described below.

Read More

How can I join my Microsoft Teams meeting from my mobile?

You don’t need to sit at your desk to join a Microsoft Teams meeting. The Teams mobile app allow you to join your Microsoft Teams meeting from wherever you are.

Whether this is going for a walk, just wanting to get away from your desk or needing to find a quiet place. Its so easy to join your Microsoft Teams meeting using the Teams mobile app on either your iOS or Android mobile device.

Here are my four top tips for joining a Microsoft Teams meetings from the Teams mobile app.

Read More