Configuration

Migrate-EOPSettings now does ATP!

ATP! ATP!

At long last, I’ve made a first pass at updating the Migrate-EOPSettings script to now include settings for Advanced Threat Protection.  I’ve had several customers moving their instances from commercial EOP to Office 365 GCC, and while my Migrate EOP script would capture just about everything, it came to my attention that we still had configuration to do for ATP. … [ Continue reading ]

Information

Determining your Office 365 Tenant Location

During a conversation with my peers, the discussion came up on how to determine what environment a tenant is located in (usually between Commercial and Government).  Typically, the easiest way to determine this is to look at your account SKUs.  For example, from PowerShell, the cmdlet Get-MsolAccountSku will return a list of SKUs available in your tenant.… [ Continue reading ]

Configuration

Adding OneDrive Locations to an Existing Retention Policy

Yesterday, while working with a customer, I was asked if there is a way to programmatically add OneDrive locations to an existing retention policy.  Say, for example, you have a blanket retention policy that covers all of your tenant at a base level (which is what I typically recommend to ensure you at least have either belt or suspenders), but then you have a second set of users that need a longer policy.… [ Continue reading ]

Configuration

Creating Scoped DLP rules with Custom Sensitive Information Types

A few weeks ago, I put out a series of posts on creating and using custom sensitive information types (https://www.undocumented-features.com/tag/sensitive-information-types/).  The blog, posts, however, focus on using the DLP configuration options available in the Security & Compliance Center.

Rules created via the DLP wizard in the Security & Compliance Center have the benefit of being able to be applied globally across your organization and its content sources. … [ Continue reading ]

Configuration

Looky, looky! Custom sensitive information types with even more customitivity!

So, of course, as soon as I finish up posting a few entries (here and here), we go and release a new UI to help you get it done on your own!

You can do most of the effort of creating a data classification here, although if you want to use any of our built in functions (such as credit card Luhn check), you’ll need to export/modify/import, use the sensitive information type package that I created (referenced earlier) or use one of our native DLP classifications.… [ Continue reading ]

Configuration

Sensitive Information Types–now with more sensitivity!

UPDATE: The file link for this post has been updated.

So, this is an entry that has been long in the making.  I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form of patterns or keywords) to meet their organization’s very restrictive policies.… [ Continue reading ]

Exit mobile version