The Microsoft 365 Business Basic and Std SKUs are extremely popular due to their lower price tags. While they lack the serious Security features available in Microsoft 365 Business Premium and EMS E3, they do pack a few Security related features that the Customers SHOULD use.
You can create various alert policies and then view alerts that match the conditions of the alert policies. These cover activities such as assigning admin access in Exchange Online, malware attacks, phishing attacks, and unusual volume of file deletions and external sharing
Identity and Access
Basic Multi Factor Authentication
SPF, DKIM, DMARC Records
Email DLP Standard
Restrict certain users to send emails only to Company users.
Auto Forward messages to a sender’s manager for approval
Forward message that contains sensitive information
Forward messages that match one of the several criteria
Setting up policy tips if there is policy violation
Supervisor Mailbox. All messages can be copied to this account or just those sent internally or externally. This feature is very useful in preventing data leakage via email.
Block browser access for email. Access only on Outlook app.
Archive mailbox – Users can use the archive mailbox, also called a personal archive, to store historical messaging data by moving or copying messages from their primary mailbox to their archive mailbox.
Retention Policies–Retention policies use retention tags to apply retention settings to e-mail messages and folders. Retention tags define an age limit that specifies how long items are retained, and a retention action that specifies what happens to items that reach the retention age limit.
Permission can be assigned/restricted to the users and groups to create, upload and delete files and folders in SharePoint. (If only read permission is assigned to any user, edit and download will be restricted).
Share files internally or externally with specific permissions.
Hide specific file and folder from any user.
Audit Logs.
Declare Record – (block edit and delete).
Hide sync button so that Document folders cannot be synced offline.
Restrict external Sharing.
Allow or block Domain level sharing.
Restrict access from different location besides office.
Alert Policy – modified, delete, and download. Email Notification occurs whenever any of the specified alert policy is matched.
Assign different permission (Read, Write And Full control) while sharing file to different users? If No, then how do you handle it?
OneDrive DLP
Do you have a system by which you assign different permission (Read, Write And Full control) while sharing file to different users? If no, then how do you handle it?
Can you have a system by which you allow or block Domain level sharing?
If there are certain document that you want, they can’t be access outside the organization. How do you do?
Sharing File With specific permission
Disable Sync Button
Restrict user from deleting file
Restrict user from uploading file
Restrict user from downloading file
Share file with Expiry date
Allow access only from specific IP locations
Block / Allow domain Sharing
Hide Specific File & Folder from any Use
Document Retention Policy Alert for Document Creation, Deletion, Shared, Site Admin Activity etc.
External User Restriction: Block external users completely or only selected domains or allow only selected domains. Users in R and D may need strict control. But Sales and Marketing teams may need less controls.
Manage Meeting Policies: You can set various policies to ensure that Teams meeting comply with the Company rules and compliances.
Decide who can edit or delete Chat messages
Disallow Screen share and Private calls
Shared device sign-out: Many Firstline Workers use a single tablet or mobile device that is shared between shifts. This can pose unique security challenges to the organization when different employees who have access to different types of data use the same device over the course of a day. With shared device sign-out, Firstline Workers will be able to log out of all their Microsoft 365 and custom applications and browser sessions with one click at the end of their shift—preventing their data as well as any access to customer data from being accessible to the next user of that device.
Chat retention policies (data preservation and deletion): By Default, Content is retained forever. But this can be changed with policies; 1 day delete; one month delete; one year delete; 7 years delete.
So do connect with us and give your Productivity a Boost with the help of Consultants from TechGyan.