SlideShare una empresa de Scribd logo

SC-900 Capabilities of Microsoft Compliance Solutions

F
FredBrandonAuthorMCP

SC-900 Capabilities of Microsoft Compliance Solutions

Tecnología
1 de 38
© Copyright Microsoft Corporation. All rights reserved. SC-900T00-A Module 4: Describe the Capabilities of Microsoft Compliance Solutions
© Copyright Microsoft Corporation. All rights reserved. Module Agenda Describe the compliance management capabilities in Microsoft Describe information protection and governance capabilities of Microsoft 365 Describe insider risk capabilities in Microsoft 365 Describe eDiscovery, & audit capabilities in Microsoft 365 Describe resource governance capabilities in Azure
© Copyright Microsoft Corporation. All rights reserved. Lesson 1: Describe the compliance management capabilities in Microsoft
© Copyright Microsoft Corporation. All rights reserved. Lesson 1 Introduction
© Copyright Microsoft Corporation. All rights reserved. Common compliance needs Several measures to protect data: Granting individuals the right to access their data at any time. Granting individuals the right to correct or delete data about them if needed. Introducing minimum or maximum retention periods for data. Enabling governments and regulatory agencies the right to access and examine data when necessary. Defining rules for what data can be processed and how that should be done.
© Copyright Microsoft Corporation. All rights reserved. Service Trust Portal The Service Trust Portal provides: • Information • Tools • Other resources about Microsoft security, privacy, and compliance practices. You can access below offerings: • Service Trust Portal • Compliance Manager • Trust Documents • Industries & Regions • Trust Center • Resources • My Library
© Copyright Microsoft Corporation. All rights reserved. Microsoft's privacy principles Control: Putting you, the customer, in control of your privacy with easy-to-use tools and clear choices. Transparency: Being transparent about data collection and use so that everyone can make informed decisions. Security: Protecting the data that's entrusted to Microsoft by using strong security and encryption. Strong legal protections: Respecting local privacy laws and fighting for legal protection of privacy as a fundamental human right. No content-based targeting: Not using email, chat, files, or other personal content to target advertising. Benefits to you: When Microsoft does collect data, it's used to benefit you, the customer, and to make your experiences better.
© Copyright Microsoft Corporation. All rights reserved. Demo Service Trust Portal
© Copyright Microsoft Corporation. All rights reserved. Microsoft 365 Compliance Center Microsoft 365 Compliance center portal • A view of how the organization is meeting its compliance requirements • Solutions that can be used to help with compliance • Information about active alerts • And more… Navigation • Access to alerts, reports, policies, compliance solutions, and more. • Add or remove options for a customized navigation pane. • Customize navigation control.
© Copyright Microsoft Corporation. All rights reserved. Compliance Manager Compliance Manager simplifies compliance and reduces risk by providing: • Prebuilt assessments based on common standards • Workflow capabilities to complete risk assessments • Step-by-step improvement actions • Compliance score, shows overall compliance posture Key elements of Compliance Manager • Controls • Assessments • Templates • Improvement actions
© Copyright Microsoft Corporation. All rights reserved. Compliance score Benefits of compliance score: • Help an organization understand its current compliance posture. • Help prioritize actions based on their potential to reduce risk. Understand your compliance score • Actions - Your improved actions - Microsoft actions • Action types ( & action subcategory) - Mandatory (preventive, detective, or corrective) - Discretionary (preventive, detective, or corrective)
© Copyright Microsoft Corporation. All rights reserved. Demo Microsoft 365 Compliance Center
© Copyright Microsoft Corporation. All rights reserved. Lesson 2: Describe information protection and governance capabilities of Microsoft 365
© Copyright Microsoft Corporation. All rights reserved. Lesson 2 Introduction
© Copyright Microsoft Corporation. All rights reserved. Know your data, protect your data, and govern your data Know your data: Understand your data landscape and identify important data across on-premises, cloud, and hybrid environments. Protect your data: Apply flexible protection actions including encryption, access restrictions, and visual markings. Prevent data loss: Detect risky behavior and prevent accidental oversharing of sensitive information. Govern your data: Automatically keep, delete, and store data and records in a compliant manner.
© Copyright Microsoft Corporation. All rights reserved. Data classification capabilities in the Microsoft 365 Compliance Center Sensitive information types. Trainable classifiers: Pre-trained classifiers and Custom trainable classifiers. Understand and explore the data. The content explorer: It enables administrators to gain visibility into the content that has been summarized in the overview pane. The activity explorer: It can monitor what's being done with labeled content across the organization.
© Copyright Microsoft Corporation. All rights reserved. Sensitivity labels and policies Sensitivity labels Labels are: • Customizable • Clear text • Persistent Usage: • Encrypt email and documents. • Mark the content. • Apply the label automatically. • Protect content in containers: sites and groups. • Extend sensitivity labels to third-party apps and services. • Classify content without using any protection settings. Label policies Policies enable admins to: • Choose the users and groups that can see labels • Apply a default label to all new emails and documents • Require justifications for label changes • Require users to apply a label (mandatory labeling) • Link users to custom help pages Once a sensitivity label is applied to an email or document, any configured protection settings for that label are enforced on the content.
© Copyright Microsoft Corporation. All rights reserved. Demo Sensitivity labels
© Copyright Microsoft Corporation. All rights reserved. Describe data loss prevention (DLP) DLP protects sensitive information and prevents its inadvertent disclosure. • DPL policies protect information by identifying and automatically protecting sensitive data. • Protect sensitive information across Microsoft 365 – OneDrive for Business, SharePoint Online, Exchange Online and Microsoft Teams Endpoint Data Loss Prevention • DLP extended to Windows 10 devices. • Audit and manage activities including creating, coping, printing, & renaming items Data Loss Prevention in Microsoft Teams • DPL capabilities extended to Microsoft Teams chat and channel message.
© Copyright Microsoft Corporation. All rights reserved. Retention labels and policies Retention settings work with SharePoint, OneDrive, Teams, Yammer and Exchange and help organizations manage and govern information by ensuring content is kept only for a required time, and then permanently deleted. Retention labels: • Are applied at an item level. • Emails and documents can have only a single retention label assigned to it at a time. • Retention settings from retention labels travel with the content in your Microsoft 365 tenant. • Can be applied manually or automatically. • Retention labels support disposition review of the content before it's permanently deleted. Retention policies: • Are applied at site or mailbox level, • Can be applied to multiple locations or specific locations or users. • Items inherit the retention settings from their container. • If an item is moved, the retention setting does not travel to the new location.
© Copyright Microsoft Corporation. All rights reserved. Records management Records management in Microsoft 365 helps an organization look after their legal obligations and helps to demonstrate compliance with regulations. • When content is labeled as a record, the following happens: - Restrictions are put in place to block certain activities. - Activities are logged. - Proof of disposition is kept at the end of the retention period. • To enable items to be marked as records, an administrator sets up retention labels.
© Copyright Microsoft Corporation. All rights reserved. Lesson 3: Describe insider risk capabilities in Microsoft 365
© Copyright Microsoft Corporation. All rights reserved. Lesson 3 Introduction
© Copyright Microsoft Corporation. All rights reserved. Insider risk solutions in Microsoft 365 (Slide 1) Insider risk management helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Communication compliance helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Supported services: Microsoft Teams, Exchange Online, Yammer, & 3rd party communications in an org. Information barriers allow you to restrict communication and collaboration between two internal groups to avoid a conflict of interest from occurring in your organization. Supported in Microsoft Teams, OneDrive for Business, SharePoint Online, and more.
© Copyright Microsoft Corporation. All rights reserved. Insider risk solutions in Microsoft 365 (Slide 2) Privileged access management allows granular access control over privileged Exchange Online admin tasks in Office 365. Customer Lockbox ensures that Microsoft cannot access customer content to perform a service operation without the customer’s explicit approval. Supported services: Exchange Online, SharePoint Online, OneDrive for Business.
© Copyright Microsoft Corporation. All rights reserved. Lesson 4: Describe eDiscovery & Audit capabilities in Microsoft 365
© Copyright Microsoft Corporation. All rights reserved. Lesson 4 Introduction
© Copyright Microsoft Corporation. All rights reserved. eDiscovery & content search Purpose of eDiscovery • Find electronic information to be used as evidence when a company is involved in litigation.. • Search for content in Exchange Online mailboxes, Microsoft 365 Groups, Microsoft Teams, SharePoint Online and OneDrive for Business sites, Skype for Business conversations, and Yammer teams. • Use to identify, hold, and export content found in mailboxes and sites. Content Search • Search Exchange Online mailboxes, SharePoint Online sites, OneDrive for Business, Teams, Microsoft 365 groups, Yammer groups • Build search queries and use conditions • Create, report on, and delete multiple searches • View keyword statistics • Search for third-party data • PowerShell scripts for more complex search related tasks
© Copyright Microsoft Corporation. All rights reserved. Core and advanced eDiscovery workflows Core eDiscovery 1. Create a hold to preserve content that might be relevant to the case (mailboxes, sites, and public folders). 2. Create and run searches for content that relates to the case. 3. Export and download search results. Advanced eDiscovery builds on core eDiscovery 1. Add persons of interest (custodians) and data sources that aren't associated with a specific user. 2. Use the built-in collections tool to search data sources for content relevant to the case. 3. Data added to a review set are copied from their original location to a secure Azure Storage location. The data is reindexed again to optimize for fast searches 4. Use a wide-variety of tools and capabilities to view and analyze the case data with goal of reducing the data set to what is most relevant to the case 5. Export and download case data
© Copyright Microsoft Corporation. All rights reserved. Audit capabilities of Microsoft 365 Core Audit • Allows organizations to view user and administrator activity. • An audited activity generates an audit record that is stored in the audit log. • Searching the audit log requires the search capability to be turned on and assigned the appropriate role. • The results can be filtered and exported to a CSV file. Advanced Audit - Core Audit, plus: • Long-term retention of audit logs • Customized audit retention policies • High-bandwidth access to Office 365 Management Activity API • Access to crucial events for investigations • MailItemsAccessed • Send • SearchQueryInitiatedExchange • SearchQueryInitiatedSharePoint
© Copyright Microsoft Corporation. All rights reserved. Lesson 5: Describe resource governance capabilities in Azure
© Copyright Microsoft Corporation. All rights reserved. Lesson 5 Introduction
© Copyright Microsoft Corporation. All rights reserved. Azure Resource Manager locks Azure Resource Manager locks • Prevent resources from being accidentally deleted or changed. • Apply a lock at a parent scope, all resources within that scope inherit that lock. • Apply only to operations that happen in the management plane. • Changes to the actual resource are restricted, but resource operations aren't restricted. A lock level • CanNotDelete • ReadOnly
© Copyright Microsoft Corporation. All rights reserved. Azure Blueprints • Azure Blueprints provide a way to define a repeatable set of Azure resources. • Rapidly provision environments, that are in line with the organization’s compliance requirements. • Provision Azure resources across several subscriptions simultaneously for quicker delivery. • Declarative way to orchestrate the deployment of various resource templates and artifacts, including: ‒ Role Assignments ‒ Policy Assignments ‒ Azure Resource Manager templates (ARM templates) ‒ Resource Groups • Blueprint objects are replicated to multiple Azure regions. • The relationship between the blueprint definition and the blueprint assignment is preserved.
© Copyright Microsoft Corporation. All rights reserved. Azure Policy Trigger a Policy evaluation • In-scope resource is created, deleted, or updated • A policy or an initiative is newly assigned to a scope. • A policy or an initiative assigned to a scope is updated. • The standard compliance evaluation cycle Azure Policy • Help enforce standards and assess compliance across your organization. • A compliance dashboard, to evaluate the overall state of the environment. • Evaluates resources in Azure and Arc enabled resources. Responses to non-compliant resources • Deny a change to a resource. • Log changes to a resource. • Alter a resource before or after a change. • Deploy related compliant resources.
© Copyright Microsoft Corporation. All rights reserved. Demo Azure policy
© Copyright Microsoft Corporation. All rights reserved. Module Summary • Learned about the information protection and governance capabilities of Microsoft 365, including sensitivity & retention labels, DLP, and more. • Learned about insider risk capabilities in Microsoft 365 • Learned about eDiscovery & audit capabilities of Microsoft 365 • Describe resource governance capabilities in Azure, including Azure policy, resource locks, Blueprints, and more.
© Copyright Microsoft Corporation. All rights reserved.

Recomendados

SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsFredBrandonAuthorMCP
 
SC-900 Intro
SC-900 IntroSC-900 Intro
SC-900 IntroFredBrandonAuthorMCP
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsFredBrandonAuthorMCP
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 

Recomendados

SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsFredBrandonAuthorMCP
 
SC-900 Intro
SC-900 IntroSC-900 Intro
SC-900 IntroFredBrandonAuthorMCP
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsFredBrandonAuthorMCP
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900thisiswali
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Chirag Patel
 
SC-900+2022.pdf
SC-900+2022.pdfSC-900+2022.pdf
SC-900+2022.pdfRitish H
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxMark Simos
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Azure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity ManagementAzure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity ManagementMario Worwell
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
CollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedCollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedAlbert Hoitingh
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarRobert Crane
 
Data Loss Prevention in O365
Data Loss Prevention in O365Data Loss Prevention in O365
Data Loss Prevention in O365Don Daubert
 

Más contenido relacionado

La actualidad más candente

Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900thisiswali
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security OverviewAlert Logic
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Chirag Patel
 
SC-900+2022.pdf
SC-900+2022.pdfSC-900+2022.pdf
SC-900+2022.pdfRitish H
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access managementDinusha Kumarasiri
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxMark Simos
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Azure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity ManagementAzure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity ManagementMario Worwell
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
CollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedCollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedAlbert Hoitingh
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 

La actualidad más candente (20)

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023Understanding Security and Compliance in Microsoft Teams M365 North 2023
Understanding Security and Compliance in Microsoft Teams M365 North 2023
 
SC-900+2022.pdf
SC-900+2022.pdfSC-900+2022.pdf
SC-900+2022.pdf
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
The Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptxThe Open Group - ZT Commandments and Reference Model.pptx
The Open Group - ZT Commandments and Reference Model.pptx
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
Azure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity ManagementAzure Just in Time Privileged Identity Management
Azure Just in Time Privileged Identity Management
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
CollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystifiedCollabDaysBE - Microsoft Purview Information Protection demystified
CollabDaysBE - Microsoft Purview Information Protection demystified
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
 

Similar a SC-900 Capabilities of Microsoft Compliance Solutions

March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarRobert Crane
 
Data Loss Prevention in O365
Data Loss Prevention in O365Data Loss Prevention in O365
Data Loss Prevention in O365Don Daubert
 
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022Chirag Patel
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityDrew Madelung
 
Tuga it 2018 advanced data governance
Tuga it 2018 advanced data governanceTuga it 2018 advanced data governance
Tuga it 2018 advanced data governanceAlbert Hoitingh
 
One name unify them all
One name unify them allOne name unify them all
One name unify them allBizTalk360
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionAlbert Hoitingh
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterCraig Jahnke
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Andy Talbot
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsDrew Madelung
 
Ensure your compliance in Microsoft Teams with Information Protection and Gov...
Ensure your compliance in Microsoft Teams with Information Protection and Gov...Ensure your compliance in Microsoft Teams with Information Protection and Gov...
Ensure your compliance in Microsoft Teams with Information Protection and Gov...Jasper Oosterveld
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365David Broussard
 
Microsoft Viva governance and compliance implications | Viva Explorers Commun...
Microsoft Viva governance and compliance implications | Viva Explorers Commun...Microsoft Viva governance and compliance implications | Viva Explorers Commun...
Microsoft Viva governance and compliance implications | Viva Explorers Commun...Nikki Chapple
 
Microsoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceMicrosoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceJoanne Klein
 
Advanced data governance in Office 365
Advanced data governance in Office 365Advanced data governance in Office 365
Advanced data governance in Office 365Albert Hoitingh
 
Understanding Compliance Archiving in Microsoft Teams
Understanding Compliance Archiving in Microsoft TeamsUnderstanding Compliance Archiving in Microsoft Teams
Understanding Compliance Archiving in Microsoft TeamsLeapXpert
 
2018 advanced data governance - slide share
2018 advanced data governance - slide share2018 advanced data governance - slide share
2018 advanced data governance - slide shareAlbert Hoitingh
 

Similar a SC-900 Capabilities of Microsoft Compliance Solutions (20)

March 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know WebinarMarch 2023 CIAOPS Need to Know Webinar
March 2023 CIAOPS Need to Know Webinar
 
Data Loss Prevention in O365
Data Loss Prevention in O365Data Loss Prevention in O365
Data Loss Prevention in O365
 
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
Understanding Security and Compliance in Microsoft Teams - Scottish Summit 2022
 
Labelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & SensitivityLabelling in Microsoft 365 - Retention & Sensitivity
Labelling in Microsoft 365 - Retention & Sensitivity
 
Tuga it 2018 advanced data governance
Tuga it 2018 advanced data governanceTuga it 2018 advanced data governance
Tuga it 2018 advanced data governance
 
One name unify them all
One name unify them allOne name unify them all
One name unify them all
 
Deep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss PreventionDeep dive into Microsoft Purview Data Loss Prevention
Deep dive into Microsoft Purview Data Loss Prevention
 
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss PreventionaMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
aMS SouthEast Asia 2021 - Microsoft 365 Data Loss Prevention
 
Intro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance CenterIntro to Office 365 Security & Compliance Center
Intro to Office 365 Security & Compliance Center
 
Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)Microsoft Cloud GDPR Compliance Options (SUGUK)
Microsoft Cloud GDPR Compliance Options (SUGUK)
 
Breakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview SolutionsBreakdown of Microsoft Purview Solutions
Breakdown of Microsoft Purview Solutions
 
Ensure your compliance in Microsoft Teams with Information Protection and Gov...
Ensure your compliance in Microsoft Teams with Information Protection and Gov...Ensure your compliance in Microsoft Teams with Information Protection and Gov...
Ensure your compliance in Microsoft Teams with Information Protection and Gov...
 
Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365SPSTC18 Laying Down the Law - Governing Your Data in O365
SPSTC18 Laying Down the Law - Governing Your Data in O365
 
Andy Malone - Microsoft office 365 security deep dive
Andy Malone - Microsoft office 365 security deep diveAndy Malone - Microsoft office 365 security deep dive
Andy Malone - Microsoft office 365 security deep dive
 
Microsoft Viva governance and compliance implications | Viva Explorers Commun...
Microsoft Viva governance and compliance implications | Viva Explorers Commun...Microsoft Viva governance and compliance implications | Viva Explorers Commun...
Microsoft Viva governance and compliance implications | Viva Explorers Commun...
 
Microsoft Teams in the Modern Workplace
Microsoft Teams in the Modern WorkplaceMicrosoft Teams in the Modern Workplace
Microsoft Teams in the Modern Workplace
 
Advanced data governance in Office 365
Advanced data governance in Office 365Advanced data governance in Office 365
Advanced data governance in Office 365
 
Understanding Compliance Archiving in Microsoft Teams
Understanding Compliance Archiving in Microsoft TeamsUnderstanding Compliance Archiving in Microsoft Teams
Understanding Compliance Archiving in Microsoft Teams
 
2018 advanced data governance - slide share
2018 advanced data governance - slide share2018 advanced data governance - slide share
2018 advanced data governance - slide share
 

Más de FredBrandonAuthorMCP

Savings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptxSavings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptxFredBrandonAuthorMCP
 
Investing and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptxInvesting and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptxFredBrandonAuthorMCP
 
Exploring Blockchain in the Enterprise
Exploring Blockchain in the EnterpriseExploring Blockchain in the Enterprise
Exploring Blockchain in the EnterpriseFredBrandonAuthorMCP
 
Business Automation - Intro to the Power Platform
Business Automation - Intro to the Power PlatformBusiness Automation - Intro to the Power Platform
Business Automation - Intro to the Power PlatformFredBrandonAuthorMCP
 
Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI FredBrandonAuthorMCP
 
Automation for Small Business using the Power Platform
Automation for Small Business using the Power PlatformAutomation for Small Business using the Power Platform
Automation for Small Business using the Power PlatformFredBrandonAuthorMCP
 
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...FredBrandonAuthorMCP
 

Más de FredBrandonAuthorMCP (7)

Savings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptxSavings, Expenses, and Budgeting.pptx
Savings, Expenses, and Budgeting.pptx
 
Investing and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptxInvesting and Personal Financial Planning.pptx
Investing and Personal Financial Planning.pptx
 
Exploring Blockchain in the Enterprise
Exploring Blockchain in the EnterpriseExploring Blockchain in the Enterprise
Exploring Blockchain in the Enterprise
 
Business Automation - Intro to the Power Platform
Business Automation - Intro to the Power PlatformBusiness Automation - Intro to the Power Platform
Business Automation - Intro to the Power Platform
 
Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI Automating Business Process with PowerApps and Power BI
Automating Business Process with PowerApps and Power BI
 
Automation for Small Business using the Power Platform
Automation for Small Business using the Power PlatformAutomation for Small Business using the Power Platform
Automation for Small Business using the Power Platform
 
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...Automating Business Processes Create Expense Tracker using PowerApps and Powe...
Automating Business Processes Create Expense Tracker using PowerApps and Powe...
 

Último

Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Último (20)

Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

SC-900 Capabilities of Microsoft Compliance Solutions

  • 1. © Copyright Microsoft Corporation. All rights reserved. SC-900T00-A Module 4: Describe the Capabilities of Microsoft Compliance Solutions
  • 2. © Copyright Microsoft Corporation. All rights reserved. Module Agenda Describe the compliance management capabilities in Microsoft Describe information protection and governance capabilities of Microsoft 365 Describe insider risk capabilities in Microsoft 365 Describe eDiscovery, & audit capabilities in Microsoft 365 Describe resource governance capabilities in Azure
  • 3. © Copyright Microsoft Corporation. All rights reserved. Lesson 1: Describe the compliance management capabilities in Microsoft
  • 4. © Copyright Microsoft Corporation. All rights reserved. Lesson 1 Introduction
  • 5. © Copyright Microsoft Corporation. All rights reserved. Common compliance needs Several measures to protect data: Granting individuals the right to access their data at any time. Granting individuals the right to correct or delete data about them if needed. Introducing minimum or maximum retention periods for data. Enabling governments and regulatory agencies the right to access and examine data when necessary. Defining rules for what data can be processed and how that should be done.
  • 6. © Copyright Microsoft Corporation. All rights reserved. Service Trust Portal The Service Trust Portal provides: • Information • Tools • Other resources about Microsoft security, privacy, and compliance practices. You can access below offerings: • Service Trust Portal • Compliance Manager • Trust Documents • Industries & Regions • Trust Center • Resources • My Library
  • 7. © Copyright Microsoft Corporation. All rights reserved. Microsoft's privacy principles Control: Putting you, the customer, in control of your privacy with easy-to-use tools and clear choices. Transparency: Being transparent about data collection and use so that everyone can make informed decisions. Security: Protecting the data that's entrusted to Microsoft by using strong security and encryption. Strong legal protections: Respecting local privacy laws and fighting for legal protection of privacy as a fundamental human right. No content-based targeting: Not using email, chat, files, or other personal content to target advertising. Benefits to you: When Microsoft does collect data, it's used to benefit you, the customer, and to make your experiences better.
  • 8. © Copyright Microsoft Corporation. All rights reserved. Demo Service Trust Portal
  • 9. © Copyright Microsoft Corporation. All rights reserved. Microsoft 365 Compliance Center Microsoft 365 Compliance center portal • A view of how the organization is meeting its compliance requirements • Solutions that can be used to help with compliance • Information about active alerts • And more… Navigation • Access to alerts, reports, policies, compliance solutions, and more. • Add or remove options for a customized navigation pane. • Customize navigation control.
  • 10. © Copyright Microsoft Corporation. All rights reserved. Compliance Manager Compliance Manager simplifies compliance and reduces risk by providing: • Prebuilt assessments based on common standards • Workflow capabilities to complete risk assessments • Step-by-step improvement actions • Compliance score, shows overall compliance posture Key elements of Compliance Manager • Controls • Assessments • Templates • Improvement actions
  • 11. © Copyright Microsoft Corporation. All rights reserved. Compliance score Benefits of compliance score: • Help an organization understand its current compliance posture. • Help prioritize actions based on their potential to reduce risk. Understand your compliance score • Actions - Your improved actions - Microsoft actions • Action types ( & action subcategory) - Mandatory (preventive, detective, or corrective) - Discretionary (preventive, detective, or corrective)
  • 12. © Copyright Microsoft Corporation. All rights reserved. Demo Microsoft 365 Compliance Center
  • 13. © Copyright Microsoft Corporation. All rights reserved. Lesson 2: Describe information protection and governance capabilities of Microsoft 365
  • 14. © Copyright Microsoft Corporation. All rights reserved. Lesson 2 Introduction
  • 15. © Copyright Microsoft Corporation. All rights reserved. Know your data, protect your data, and govern your data Know your data: Understand your data landscape and identify important data across on-premises, cloud, and hybrid environments. Protect your data: Apply flexible protection actions including encryption, access restrictions, and visual markings. Prevent data loss: Detect risky behavior and prevent accidental oversharing of sensitive information. Govern your data: Automatically keep, delete, and store data and records in a compliant manner.
  • 16. © Copyright Microsoft Corporation. All rights reserved. Data classification capabilities in the Microsoft 365 Compliance Center Sensitive information types. Trainable classifiers: Pre-trained classifiers and Custom trainable classifiers. Understand and explore the data. The content explorer: It enables administrators to gain visibility into the content that has been summarized in the overview pane. The activity explorer: It can monitor what's being done with labeled content across the organization.
  • 17. © Copyright Microsoft Corporation. All rights reserved. Sensitivity labels and policies Sensitivity labels Labels are: • Customizable • Clear text • Persistent Usage: • Encrypt email and documents. • Mark the content. • Apply the label automatically. • Protect content in containers: sites and groups. • Extend sensitivity labels to third-party apps and services. • Classify content without using any protection settings. Label policies Policies enable admins to: • Choose the users and groups that can see labels • Apply a default label to all new emails and documents • Require justifications for label changes • Require users to apply a label (mandatory labeling) • Link users to custom help pages Once a sensitivity label is applied to an email or document, any configured protection settings for that label are enforced on the content.
  • 18. © Copyright Microsoft Corporation. All rights reserved. Demo Sensitivity labels
  • 19. © Copyright Microsoft Corporation. All rights reserved. Describe data loss prevention (DLP) DLP protects sensitive information and prevents its inadvertent disclosure. • DPL policies protect information by identifying and automatically protecting sensitive data. • Protect sensitive information across Microsoft 365 – OneDrive for Business, SharePoint Online, Exchange Online and Microsoft Teams Endpoint Data Loss Prevention • DLP extended to Windows 10 devices. • Audit and manage activities including creating, coping, printing, & renaming items Data Loss Prevention in Microsoft Teams • DPL capabilities extended to Microsoft Teams chat and channel message.
  • 20. © Copyright Microsoft Corporation. All rights reserved. Retention labels and policies Retention settings work with SharePoint, OneDrive, Teams, Yammer and Exchange and help organizations manage and govern information by ensuring content is kept only for a required time, and then permanently deleted. Retention labels: • Are applied at an item level. • Emails and documents can have only a single retention label assigned to it at a time. • Retention settings from retention labels travel with the content in your Microsoft 365 tenant. • Can be applied manually or automatically. • Retention labels support disposition review of the content before it's permanently deleted. Retention policies: • Are applied at site or mailbox level, • Can be applied to multiple locations or specific locations or users. • Items inherit the retention settings from their container. • If an item is moved, the retention setting does not travel to the new location.
  • 21. © Copyright Microsoft Corporation. All rights reserved. Records management Records management in Microsoft 365 helps an organization look after their legal obligations and helps to demonstrate compliance with regulations. • When content is labeled as a record, the following happens: - Restrictions are put in place to block certain activities. - Activities are logged. - Proof of disposition is kept at the end of the retention period. • To enable items to be marked as records, an administrator sets up retention labels.
  • 22. © Copyright Microsoft Corporation. All rights reserved. Lesson 3: Describe insider risk capabilities in Microsoft 365
  • 23. © Copyright Microsoft Corporation. All rights reserved. Lesson 3 Introduction
  • 24. © Copyright Microsoft Corporation. All rights reserved. Insider risk solutions in Microsoft 365 (Slide 1) Insider risk management helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Communication compliance helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Supported services: Microsoft Teams, Exchange Online, Yammer, & 3rd party communications in an org. Information barriers allow you to restrict communication and collaboration between two internal groups to avoid a conflict of interest from occurring in your organization. Supported in Microsoft Teams, OneDrive for Business, SharePoint Online, and more.
  • 25. © Copyright Microsoft Corporation. All rights reserved. Insider risk solutions in Microsoft 365 (Slide 2) Privileged access management allows granular access control over privileged Exchange Online admin tasks in Office 365. Customer Lockbox ensures that Microsoft cannot access customer content to perform a service operation without the customer’s explicit approval. Supported services: Exchange Online, SharePoint Online, OneDrive for Business.
  • 26. © Copyright Microsoft Corporation. All rights reserved. Lesson 4: Describe eDiscovery & Audit capabilities in Microsoft 365
  • 27. © Copyright Microsoft Corporation. All rights reserved. Lesson 4 Introduction
  • 28. © Copyright Microsoft Corporation. All rights reserved. eDiscovery & content search Purpose of eDiscovery • Find electronic information to be used as evidence when a company is involved in litigation.. • Search for content in Exchange Online mailboxes, Microsoft 365 Groups, Microsoft Teams, SharePoint Online and OneDrive for Business sites, Skype for Business conversations, and Yammer teams. • Use to identify, hold, and export content found in mailboxes and sites. Content Search • Search Exchange Online mailboxes, SharePoint Online sites, OneDrive for Business, Teams, Microsoft 365 groups, Yammer groups • Build search queries and use conditions • Create, report on, and delete multiple searches • View keyword statistics • Search for third-party data • PowerShell scripts for more complex search related tasks
  • 29. © Copyright Microsoft Corporation. All rights reserved. Core and advanced eDiscovery workflows Core eDiscovery 1. Create a hold to preserve content that might be relevant to the case (mailboxes, sites, and public folders). 2. Create and run searches for content that relates to the case. 3. Export and download search results. Advanced eDiscovery builds on core eDiscovery 1. Add persons of interest (custodians) and data sources that aren't associated with a specific user. 2. Use the built-in collections tool to search data sources for content relevant to the case. 3. Data added to a review set are copied from their original location to a secure Azure Storage location. The data is reindexed again to optimize for fast searches 4. Use a wide-variety of tools and capabilities to view and analyze the case data with goal of reducing the data set to what is most relevant to the case 5. Export and download case data
  • 30. © Copyright Microsoft Corporation. All rights reserved. Audit capabilities of Microsoft 365 Core Audit • Allows organizations to view user and administrator activity. • An audited activity generates an audit record that is stored in the audit log. • Searching the audit log requires the search capability to be turned on and assigned the appropriate role. • The results can be filtered and exported to a CSV file. Advanced Audit - Core Audit, plus: • Long-term retention of audit logs • Customized audit retention policies • High-bandwidth access to Office 365 Management Activity API • Access to crucial events for investigations • MailItemsAccessed • Send • SearchQueryInitiatedExchange • SearchQueryInitiatedSharePoint
  • 31. © Copyright Microsoft Corporation. All rights reserved. Lesson 5: Describe resource governance capabilities in Azure
  • 32. © Copyright Microsoft Corporation. All rights reserved. Lesson 5 Introduction
  • 33. © Copyright Microsoft Corporation. All rights reserved. Azure Resource Manager locks Azure Resource Manager locks • Prevent resources from being accidentally deleted or changed. • Apply a lock at a parent scope, all resources within that scope inherit that lock. • Apply only to operations that happen in the management plane. • Changes to the actual resource are restricted, but resource operations aren't restricted. A lock level • CanNotDelete • ReadOnly
  • 34. © Copyright Microsoft Corporation. All rights reserved. Azure Blueprints • Azure Blueprints provide a way to define a repeatable set of Azure resources. • Rapidly provision environments, that are in line with the organization’s compliance requirements. • Provision Azure resources across several subscriptions simultaneously for quicker delivery. • Declarative way to orchestrate the deployment of various resource templates and artifacts, including: ‒ Role Assignments ‒ Policy Assignments ‒ Azure Resource Manager templates (ARM templates) ‒ Resource Groups • Blueprint objects are replicated to multiple Azure regions. • The relationship between the blueprint definition and the blueprint assignment is preserved.
  • 35. © Copyright Microsoft Corporation. All rights reserved. Azure Policy Trigger a Policy evaluation • In-scope resource is created, deleted, or updated • A policy or an initiative is newly assigned to a scope. • A policy or an initiative assigned to a scope is updated. • The standard compliance evaluation cycle Azure Policy • Help enforce standards and assess compliance across your organization. • A compliance dashboard, to evaluate the overall state of the environment. • Evaluates resources in Azure and Arc enabled resources. Responses to non-compliant resources • Deny a change to a resource. • Log changes to a resource. • Alter a resource before or after a change. • Deploy related compliant resources.
  • 36. © Copyright Microsoft Corporation. All rights reserved. Demo Azure policy
  • 37. © Copyright Microsoft Corporation. All rights reserved. Module Summary • Learned about the information protection and governance capabilities of Microsoft 365, including sensitivity & retention labels, DLP, and more. • Learned about insider risk capabilities in Microsoft 365 • Learned about eDiscovery & audit capabilities of Microsoft 365 • Describe resource governance capabilities in Azure, including Azure policy, resource locks, Blueprints, and more.
  • 38. © Copyright Microsoft Corporation. All rights reserved.