Office 365 Security and Compliance Tools for Collaboration Apps – Are You Covered?
- November 13, 2018
Microsoft has an ever-growing list of Security & Compliance tools for Office 365. With the multitude of tools and rapid pace of new releases, it can be challenging to keep track of everything. Ensuring security and compliance in the cloud is top of mind, especially with so many organizations moving to Office 365. After all, it’s the cloud productivity platform of choice. Therefore, you’ll want to ensure your organization is protected by understanding the most relevant security and compliance features for Office 365 collaboration services.
In the on-premises version (and earlier days of Office 365), SharePoint had its own features for security & compliance, including document deletion policies, in place record management, site closure / deletion, information management policies, and the eDiscovery Center. These features would allow you to manage the retention or modification of files; however, they only applied to content within SharePoint. In Office 365, content and data may be stored in multiple applications including Exchange, Teams, Skype, OneDrive, and of course SharePoint. As a result of this connected ecosystem of collaboration tools, Microsoft has built features that allow you manage retention and modification of files across all these services from a single place – the Security & Compliance Center. Instead of using the SharePoint-specific features, you should plan and implement retention policies and/or labels for more inclusive protection. Retention policies apply to ALL content within a selected service/area. Labels can be manually applied to individual items (or libraries) – or automatically applied (based on conditions) if you have an Office 365 E5 license. The auto-apply feature is particularly valuable when your business doesn’t want to leave this decision up to the content owners.
Another note on labels – the future of labels (starting to roll out now) also includes Azure Information Protection (AIP). Previously, this was a separate feature that also included “labels” to classify, protect, and/or encrypt content regardless of where it was stored (even outside of Office 365). As announced at Microsoft Ignite 2018, the AIP “labels” are soon going to integrate with Office 365 labels so that you can manage retention, records, and encryption/protection all through the same feature (labels) in the Security & Compliance Center.
Below are some of the other Security & Compliance Center features and how they relate to collaboration:
Using DLP, you can setup policies to search through content (no matter where it lives in Office 365) for sensitive information like credit cards, SSNs, drivers, licenses, etc. You can then complete some sort of action such as display a tool tip, send an incident report, block sharing, etc. when sensitive information is discovered.
eDiscovery allows you to complete searches across all Office 365 services to find content that may be related to a litigation or specific worker. Once discovered, you can then place that content on hold (and export) in the event it needs to be preserved for legal reasons or potentially as part of a worker termination.
Alerts utilize the Office 365 audit log to trigger messages when certain events occur in the environment. These can be used to notify administrators or compliance officers when workers complete an action (i.e. create/delete eDiscovery hold) so that they can follow-up.
AAD has a plethora of features and tools that can be used to help secure your Office 365 environment. Some that you should consider as part of your collaboration services design are:
Many of the AAD features above require you to have either Office 365 E5 or EM&S E3/E5 licenses.
Below are a few other security and compliance tools with specific tie-ins to the Office 365 collaboration apps are particularly noteworthy.
Note that Office 365 CAS and ATP require either Office 365 E5 or add-on licenses.
As with any release that impacts the features and functionality for your workers, ensure you have a communication and education plan in place – or adoption will suffer. Most of these features will impact your workers. They need to understand what’s coming, why it is important, and where they can go for education and help. Dell EMC offers services for every step of your Office 365 journey, so if you need assistance planning or deploying Office 365 security, reach out to your Dell EMC representative to learn how we can help. Or if you prefer, leave a comment here and I’ll be happy to respond.