Introduction to Security in Microsoft 365
The course is part of this learning path
In this course, we take an introductory look at the security tools within Microsoft 365.
- Explain what a Zero Trust Policy is and what value it can have.
- Explain identity and access management concepts.
- Explain threat and information protection in Microsoft 365.
- Understand the different tools and portals available to you in Microsoft 365 security offerings.
- Users who are new to Microsoft 365.
- Users looking to learn about the security offerings Microsoft 365 has to offer.
An understanding of general technical concepts.
Maintaining compliance is made easy in Microsoft 365 with all of the different tools Microsoft provides you to ensure that you meet regulatory compliance requirements. When starting out, the first place you should look is the Service Trust Portal. This is a tool that provides information all about Microsoft's security and compliance practices and principles. Specifically, there are six privacy principles that Microsoft reveres and holds accountable to whenever in control of data.
These principles are, One, Control; leaving the customer in control of their privacy. Two, Transparency; being transparent about data collection. Three, Security; protecting data trusted to Microsoft. Four, Strong Legal Protection; respecting local privacy laws. Five, No content-based targeting for no target advertisement. And six, Benefits to You; Microsoft collected data is used to improve that user experience. Understanding how Microsoft views your data is important to understanding and feeling secure about your choice of product usage. Along with the six privacy principles, Microsoft 365 also has a compliance center that provides all the tools you need to understand your organization's compliance standing.
Now, the compliance center is only accessible to users with one of three of the following roles: Global Administrator, Compliance Administrator, and Compliance Data Administrator. Assuming you have one of these roles, you can start utilizing the tools within the compliance center. The first thing you'll notice once you open up the dashboard are quick view cards that showcase different information about your organization. You can move around and adjust the dashboard to your liking. However, the main cards you'll want to look at first are the compliance score cards and the active alerts card.
Similar to the secure score we spoke about earlier, the compliance score provides a numerical value ranking you on how compliant your organization is and provides suggestions to improve your score. The active alerts card is exactly what it sounds like, in that it summarizes compliance alerts and allows you to organize it into a detailed and filtered view by severity, status, category, and more. From the dashboard, you can also see the navigation rail that shows you all of the tools accessible to you. Data classification, Data connectors, Alerts, Reports, Policies, Permissions, and so much more is available here to maintain the compliancy within your organization.
However, when you're done looking over the dashboard, the first tool you'll want to navigate to would be the Compliance Manager. The Compliance Manager is essentially a tool that helps IT manage an organization's compliancy. You may notice that the main thing here is the compliance score and key improvement actions. The Compliance Manager calculates your compliance score based on your organization's risks around compliancy and provides different suggestions to help improve your overall compliance posture which then improves your score. These suggestions are known as Improvement actions. And if you navigate to the tab, you can see much more information about each suggested action.
Once you've implemented an improvement action, you can navigate over to the Solutions tab which showcases your current actions that you've taken and provides information about how well they're being implemented, if they are effective, and if they can be improved upon. The main value of the Compliance Manager is that it helps break down and translate regulations and allows for easy implementation across your organization. By providing step by step guides on how to meet compliancy regulation requirements, you can ensure that your organization is kept up to date with all necessary compliance requirements.
Lee has spent most of his professional career learning as much as he could about PC hardware and software while working as a PC technician with Microsoft. Once covid hit, he moved into a customer training role with the goal to get as many people prepared for remote work as possible using Microsoft 365. Being both Microsoft 365 certified and a self-proclaimed Microsoft Teams expert, Lee continues to expand his knowledge by working through the wide range of Microsoft certifications.