Category: Compliance

Section 17 – Implement and manage privacy requirements by using Microsoft Priva

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 03/05/2024
Posted in Azure, Compliance, Microsoft Purview, Purview, SC-400, Security, Study guide

Configure and maintain privacy risk management If you don’t Privacy Risk Management, you can enable the trial from the overview page Then add permission you need Role group Description Roles Privacy Management This role group contains all the Priva permission…

Continue Reading Section 17 – Implement and manage privacy requirements by using Microsoft Priva

Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/04/2024
Posted in Azure, Compliance, Information Barriers, Insider risks, Microsoft Purview, Purview, SC-400, Security, Study guide

Plan for IBs This table summarizes the features where Information Barriers (IB) policies can restrict communication and collaboration within your organization. Feature Microsoft Teams SharePoint & OneDrive Exchange Online Communication Yes No No Searching for users Yes No No Chat…

Continue Reading Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Section 14 – Implement and manage Microsoft Purview Communication Compliance

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/04/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Plan for communication compliance This tool helps you identify and address potential risks before they become problems. It can detect inappropriate messages like harassment or threats, as well as leaks of sensitive information across various communication channels, including email, Microsoft…

Continue Reading Section 14 – Implement and manage Microsoft Purview Communication Compliance

This is why I think you should join CCPs 💯

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/04/2024
Posted in Azure, Compliance, Copilot, Entra ID, Identity, Microsoft Purview, Security

Imagine a giant security geek party… but way cooler! That’s kind of what the CCPs are like. Instead of just listening to someone lecture at a conference, you get to chat directly with Microsoft engineers and other security pros. It’s…

Continue Reading This is why I think you should join CCPs 💯

Section 12 – Plan and manage eDiscovery and Content search

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/04/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Choose between eDiscovery (Standard) and eDiscovery (Premium) based on an organization’s requirements Feature Content Search eDiscovery (Standard) eDiscovery (Premium) Search Capabilities Basic Basic Basic Export Results Yes Yes Yes Permissions Role-based N/A N/A Legal Features – Yes Yes Case Management…

Continue Reading Section 12 – Plan and manage eDiscovery and Content search

Section 11 – Plan and manage regulatory requirements by using Microsoft Purview Compliance Manager

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/03/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Plan for regulatory compliance in Microsoft 365 It now works with Microsoft Defender for Cloud to assess compliance across Microsoft 365, Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS). This means you can see your entire compliance posture…

Continue Reading Section 11 – Plan and manage regulatory requirements by using Microsoft Purview Compliance Manager

Encrypting Data-At-Rest with Customer Managed Keys in M365

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/03/2024
Posted in Azure, Compliance, Entra ID, Identity, Key vault, Microsoft Purview, Security

As I mentioned in my previous posts. I like to keep my view as holistic as possible. Mixing a little bit of Azure infrastructure and Security side with a little hint of M365 Compliance and Entra Identity ingredients. So that…

Continue Reading Encrypting Data-At-Rest with Customer Managed Keys in M365

Section 8 – Implement data lifecycle and records management – Retain and delete data by using retention labels

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/02/2024
Posted in Azure, Compliance, Microsoft Purview, SC-400, Security, Study guide

Plan for information retention and disposition by using retention labels You can control how long your organization keeps content using two main actions: These actions allow you to configure various retention settings: Benefits of using these retention settings: Create retention…

Continue Reading Section 8 – Implement data lifecycle and records management – Retain and delete data by using retention labels

Section 7 – Implement DLP – Monitor and manage DLP activities

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 26/11/2023 0 Comments on Section 7 – Implement DLP – Monitor and manage DLP activities
Posted in Azure, Compliance, Microsoft Purview, SC-400, Study guide

Analyze DLP reports DLP transmits a substantial volume of data to Microsoft Purview, encompassing monitoring, policy matches, user activities, and subsequent actions. To effectively refine your policies and assess actions on sensitive items, you must engage with and respond to…

Continue Reading Section 7 – Implement DLP – Monitor and manage DLP activities

Section 6 – Implement DLP – Implement and monitor Endpoint DLP

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 19/11/2023 0 Comments on Section 6 – Implement DLP – Implement and monitor Endpoint DLP
Posted in Azure, Compliance, Defender, Intune, SC-400, Security, Study guide

Configure advanced DLP rules for devices in DLP policies Supported virtualization You can include virtual machines as monitored devices in the Microsoft Purview compliance portal, and the onboarding procedures remain the same as those listed above. Onboarding Endpoint Data Loss…

Continue Reading Section 6 – Implement DLP – Implement and monitor Endpoint DLP