Configuration

Alerting on OneDrive Deleted Item Activity

I had a customer recently raise some questions about how to provide further enhancements and protections around their OneDrive for Business deployments.  Suppose this scenario exists:

  • Users are site collection administrators over their OneDrive for Business sites (default configuration)
  • Retention policies are configured, but may only be configured to provide a very minimal amount of data protection (such as 90 days from creation or last modification of data) due to organizational legal compliance
  • No retention policies are in effect for the target data (as all the data we’re concerned with is technically older than 90 day creation or last modified date)
  • Malicious or disgruntled user deletes OneDrive data
    • Deletes data in OneDrive
    • Empties recycle bin
    • Empties second stage recycle bin

At this point, for any data older than 90 days, it is lost.… [ Continue reading ]

Configuration

Migrate-EOPSettings now does ATP!

ATP! ATP!

At long last, I’ve made a first pass at updating the Migrate-EOPSettings script to now include settings for Advanced Threat Protection.  I’ve had several customers moving their instances from commercial EOP to Office 365 GCC, and while my Migrate EOP script would capture just about everything, it came to my attention that we still had configuration to do for ATP. … [ Continue reading ]