Did you know you can now label your PDF files with the same sensitivity labels you use with your Word, PowerPoint and Excel files?
Using Microsoft Purview sensitivity labels, you can add a visible classification label, protect your PDF files with encryption and add visible marking such as headers, footers and watermarks. Your PDF file now respects any Data loss Prevention policies, such as blocking external sharing of confidential data.
…Email forwarding can be useful, but poses a security risk due to the potential disclosure of information. Therefore the Anti-spam outbound policy blocks the auto-forwarding at the tenant level by default. Although this minimises the security risks, it hampers productivity since there are valid reasons to allow auto-forwarding to an external domain.
There are valid use cases for external email forwarding such as:
Read on to learn how to allow auto-forwarding to Teams channels and other authorised external domains to increase productivity and reduce security risks.
…How secure are your Microsoft 365 Groups and Teams?
Did you know that your Guest access and external sharing controls are managed at the tenant level? As a result, security becomes ‘one size fits all’, rather than providing granular security controls based on Teams, Groups, and Sites’ confidentiality requirements.
For example
Check out the information below to learn how you can use sensitivity labels to apply granular security controls to Teams, Groups, and Sites.
…Are you effectively managing your Microsoft 365 evergreen change?
The pace of change in Microsoft 365 is rapid as Microsoft constantly delivers new features, updates to enhance customer value and ways to secure the environment better. We all know it is essential to keep on top of this constant flow of changes, but keeping track of the evergreen changes across the multiple different Microsoft 365 services can be challenging.
Microsoft post all change messages in the Microsoft 365 Message Center. However, the Message Center is not a workflow tool, so triaging and tracking the changes is difficult. In addition, people spend too much time manually copying content from Message Center to other applications and notifying stakeholders rather than assessing the change itself!
So how do you remove this manual overhead and automate your Microsoft 365 evergreen change process?
Read on for top tips and guidance on how to sync your Microsoft 365 messages to a Planner board, and then use Power Automate to automate and customise your process. My Power Automate Flow removes those repetitive tasks, giving you more time to focus on the triaging.
…We are in the middle of a digital revolution where information is a strategic asset, hybrid working is the norm and protecting your information assets is crucial to maintaining trust and meeting compliance requirements. As a result, organisations are now seeking external certifications such as ISO27001, Cyber Essentials or NIST 800-53 to manage compliance risks and to provide assurance of their overall information security and compliance posture.
Microsoft Purview Compliance Manager is a great solution to demystify the complexities of compliance by offering templates, improvements actions and risk-based reporting.
Using Microsoft Purview Compliance Manager, I was able to suggest best practices for our Microsoft 365 environment to help CloudWay achieve ISO27001 certification. Read CloudWay’s blog on becoming an ISO 27001 certified company.
Read on to see how Compliance Manager can support your compliance journey.
…📢It’s good news for Microsoft Purview Compliance Manager.
You can now bulk import your updated improvement actions directly into Microsoft Purview Compliance Manager using the Improvement actions export report. With no APIs or programmatic interfaces, bulk import is a significant improvement.
Having the ability to work on your improvement actions outside of the Microsoft Purview Admin Center is extremely helpful. You can work on the improvement actions with multiple businesses and IT stakeholders without giving them admin rights. In the past, any changes to improvement actions had to be manually updated in Compliance Manager. Organisations often only focus on the initial export of data, so they miss out on automatic testing notifications, reporting and updates.
By using the Excel export file to bulk upload your changes into Compliance Manager, there is no need to rekey any information, which is a significant time-saving improvement.
Additionally, keeping the Compliance Manager updated lets you see the impact of changes to regulations or configuration changes via automated testing.
Read on to find out more.
…With guest access switched on for Microsoft Teams, do you have a process to manage guest access reviews?
It is easy for Team owners to invite external guests into their Team. However, how do you proactively review guest accounts to ensure people only have access as long as they need it?
With internal users, there are joiners, movers and leavers processes to manage access and reviews, but these processes typically exclude guest users.
Read on to see how you create a regular review of external guest access to ensure they only have access as long as necessary.
…Did you know you can perform Teams and user admin tasks without leaving Microsoft Teams?
Just add the Admin-Microsoft 365 app to Teams and perform common User and Team admin-related tasks without leaving Microsoft Teams. To use the app you need appropriate admin permissions.
Read on to find out how
…I am often asked by clients how they can provide additional levels of controls to their Security and Compliance privileged roles to mitigate the risks of excessive, unnecessary, or misused access permissions to important resources.
Microsoft recommends the following best practice for managing privileged accounts:
If you have Azure AD Premium 2 licensing you can use Azure AD Privilege Identity Management (PIM) to provide just-in-time access to privileged admin accounts. PIM only provides just-in-time access to Azure AD and Azure privileged roles. The issue with Security and Compliance roles is that they are managed in Security and Compliance admin Centers and not in Azure AD.
So how can we protect Security and Compliance roles with just-in-time access to mitigate the risks of excessive, unnecessary, or misused access permissions to important resources?
Read on to discover how to use Privileged Access Groups in PIM to indirectly provide just-in-time access to your Security & Compliance roles. In addition, this process will work with other non-Azure AD roles such as roles from Exchange or SharePoint.
…How do you keep track of Microsoft Docs page updates?
Wouldn’t it be great if you could be notified when your favourite Microsoft Docs pages are updated rather than having to go to Microsoft Docs pages daily or relying on social media?
Read on and I will explain how you can create an RSS feed from Microsoft Search results to create a task in Microsoft To Do every time one of your favourite Microsoft Docs pages is updated.
…
