, I’m taking the lazy approach. Let the C2R do its job, Microsoft improved a lot here and it is working smoothly. Via collections I’m identifying the amount of clients under each major version and if I see higher amount of clients stuck in older version I’ll dig into it.
We had SCCM management in place where the source was DFS share, not happy with it, always to keep the sources up-to-date. We thought about SCCM/CDN but we asked ourselves why to administrate SCCM to tell C2R what to do as C2R is already grown up and can handle it on its own.
We’re installing all O365 applications, language packs and proofing tools through CDN/DO, why not doping it with the updates, too.
SCCM has of course the monitoring and reporting capabilities, I’m missing those in the cloud but rumors say they are coming at some point.
So far relying on the hardware inventory is ok with me.
I’m interested to hear from your experience with SCCM/DO
Welcome to Part 3 of this blog series. First I want to apologize for the delay in getting this Part 3 published, my day job got in the way a bit! If you have not already read the first two parts I recommend it prior to reading this one. In Part 1 we discussed why a company would want to use EDM and the benefits it provides. We also began the setup of EDM in our tenant. Part 2 finished up the overall configuration of EDM, specifically the rule pack file. We ended Part 2 with the upload of our datastore. We are now ready to work on the DLP Policies that will utilize the EDM sensitive info types we created.
To start creating the DLP Policies, go to the new Compliance Center, compliance.microsoft.com. This site is not 100% completed with the move away from the Security and Compliance Center (SCC), protection.office.com, but is making great progress. Once in the Compliance Center, we can check on the new Sensitive Info Types that were created as part of the EDM setup. To do this go to the Data Classification blade in the left-hand menu. Select Sensitive Info Types from the top menu and you should then be able to find the four new types we created. Two of them we already went over when setting up the Rule Pack, and the two newer ones were created once the rule pack was uploaded.
Now that we have verified the new ExactMatch custom Sensitive info types, we can build a DLP policy using them. If you do not see “Data loss prevention” on the left-hand menu, scroll all the way down to the bottom and select “Show all” Once you do this you will see all the menu items, select Data loss prevention.
Note: If you want an option to always be present in the navigation, click on “Show in Navigation” in the upper right of the screen. Now the item will always be visible in the navigation without the need to select “Show all” first.
- From the Data Loss Prevention blade, select Create policy
- Keep custom policy selected and press Next
- Give the policy a name and description. Click Next
- Select Let me choose specific locations, click Next
- De-select SharePoint Sites (currently EDM does not work with SharePoint Sites, but will support soon), click Next
- Select Use advanced settings, click Next
- Select New Rule
- Give the rule a name and description
- Click Add Condition then Content Contains in the Conditions section
- Select Add then Sensitive Info Type
- Select Add then locate and select the Superhero-SRN-EDM and Superhero-Nickname-EDM sensitive info types, click Add
- Click done
- I then modified the Match Accuracy to be between the Confidence Levels set within the Rulepack for just finding the SRN and Nickname without any other fields. Also be sure that Any of These is present, this results in an OR situation, where the service can find an SRN or Nickname, but both do not need to be present. Editing the fields by just selecting the numbers and changing them.
Note: You could use the Add group button to add more Sensitive info types and require either an AND or OR criteria with the first set of sensitive info types.
- Click add a condition and content is shared and then choose with people outside my organization.
Note: you can add additional conditions if you wish, but for this rule I only am configuring the Content is shared condition
- For this rule I am not going to have any actions taken, just notify the user, the next rules will have actions.
- Within User Notifications, turn them on and then you can configure what notifications are sent to whom and customize the messages if you would like. I have elected to notify the user who sent, shared, or last modified the content and I also customized the email and policy tip for the rule.
- Because we do not have any actions on this rule, I do not have to configure User overrides, we will do this in later rules
- Next configure Incidents Reports, for this low rule condition I might not normally configure this but will for this demo. I am specifically keeping the severity for this rule as low and just including the Admin for both alert and incident report notification.
- After setting up Incident reports, you can click Save. Will discuss rule priority later
20. That will bring you back to the Policy settings page again, select New rule again and give the rule a name and description
- For Conditions add the same two sensitive info types as the previous rule, but this time I am going to change the match accuracy to match on the SRN and Nickname with supporting info. For SRN this is 75-84, which means the system will have found the SRN and 2 other fields of data. For Nickname it will be 75-84, which means the system will have found Nickname with 2 other fields. I am taking these ranges from the rulepack file created in Part 2 again.
- Add in the same condition as the previous rule, Content is shared with people outside my organization
- For this rule we will add an action “Restrict or encrypt the content” keep the defaults to “block people from sharing…and Only people outside your organization…”
- The User actions section is like the last rule, just changed the wording in the email and policy tip
- For this rule will allow User Overrides, I am setting it to require a business justification. If you are familiar with DLP, this will require the user to give justification for overriding a policy and will become an auditable entry as well.
- Incident reports section will be the same as the first rule except will raise the severity of this alert to medium.
- Options will remain unchanged, click save.
- From the Customize Type of content to protect screen click on New rule one last time
- Name the Rule
- Add the same two sensitive info types as the previous two rules for the condition. This time I am raising the Match accuracy to match additional criteria found as configured in the rulepack. Also set the same condition as the 2nd rule for sharing with people outside my organization.
- In Actions I am setting the same action as rule two, block people from sharing with people outside my organization.
- User notifications are like the last two rules
- No User overrides, this requires that the data be removed before the action attempted (sharing, sending email) can be completed
- Incident reports, only change it to set the sensitivity as High
- Click save and done creating the rules for the Policy
- Back at Policy settings, you can turn rules on or off as well as select the 3 dots you can move the priority of the rule up or down. Click Next
- Select to turn the policy on or put it in test mode first. Since I am working in a demo lab I will turn in on, click Next
- Review the settings and click Create
- I changed the order so my new Superhero Secret Identity Protection Policy would be set at 0 or the first policy evaluated. In my lab it did not matter much as I only have 1 active Policy. But you will want to pay attention to Order when you have multiple policies and specifically if you select the “Stop processing additional DLP Policies and rules if this rule matches” option
Next step is to test out the Policy and the Rules! Best to let the policy replicate for a couple hours before testing to ensure it will be fully enabled.
For testing the Policy and rules I am going to switch to login as Megan Bowen to do the test. I have logged into Office 365 as Megan and going to start by showing the Policy and rules in action via email.
- Now I am going to compose an email to Adele Vance, another internal SIPA employee, and provide information about Superman
- I have highlighted the data that is present in the email that is also in the datastore CSV that we uploaded. Why did I not get a Policy tip for finding this data in the email? I did not get a policy tip because Adele, as mentioned, is an internal employee and my rules only apply to sharing with people outside my organization. Now I will add an additional recipient to someone outside the organization and see what happens, lets try sending to Lex Luthor of Legion of Doom.
- Now see the highlighted Policy tip, this is the policy tip from our 3rd rule we created within the DLP Policy. Let’s examine the show details
Now I see the reason for the alert is that Lex.luther@legionofdoom.org is not authorized to receive this type of info. I also see what sensitive message type was found.
- If I try to send the email without removing Lex or the sensitive data then this pops up, not allowing the email to be sent.
5. When I attempt to share a file that contains Sensitive Info to someone outside my organization, I am blocked from doing so as well
The above shows how the Office 365 DLP policy uses EDM data. What about Microsoft Cloud App Security (MCAS)? It is just as easy. For MCAS I will create a simple File Policy, here are the steps
- Login to the MCAS Admin portal at Portal.cloudappsecurity.com, select Control and Policies on the left-hand menu and then select Create Policy
- Select File Policy from the drop-down menu
- Give the policy a name and description. For this policy I will not use any filters as I want to include all files.
- Now select Data Classification for the Inspection method and the choose to add the two EDM Sensitive Information type created previously, set the Alerting you wish
- You can elect to provide Governance Actions if you want. Once the policy is completed, sit back, and wait for the alerts to come in
I can see alerts show up in the Alerts Area
Clicking on the Top alert allows me to review the information
Clicking on the 1 Policy Match I can see the actual data the caused the file to be alerted.
This is going to wrap up the blog series. Hope you found this informative and useful when you look to integrate EDM into your DLP solution!
Announcing general availability of ‘know your data’ (discovery and review capabilities) in the Microsoft 365 compliance center
As employees shift to working remotely, it is more important than ever that organizations prioritize protecting their business-critical and sensitive data. Your employees are accessing, sharing, creating, and storing data in new ways, and you need to make sure this is being done in a protected and compliant manner. At Microsoft, our goal is to provide a built-in, intelligent, unified, and extensible solution to protect and govern your data across your digital estate – in Microsoft 365 cloud services, on-premises, third-party SaaS applications, and more. With our Information Protection & Governance solution, we are building a unified set of capabilities for discovery, classification, labeling, protection, and governance not only in Office apps, but also in other popular productivity services where information resides (e.g. SharePoint, Exchange, OneDrive).
Know your sensitive data
The first step in the journey to protect and govern your data is getting a holistic understanding of the sensitive data in your digital estate. The data classification capabilities in the Microsoft 365 compliance center enable you to discover, classify, review, and monitor your data and establish appropriate policies to better protect and govern critical data (e.g. by applying sensitivity and retention labels or data loss prevention policies).
Today, we are excited to announce the general availability of ‘Overview’, ‘Content explorer’, and ‘Activity explorer’ capabilities to give you a holistic view of your sensitive data.
The Overview tab shows you at-a-glance the most common sensitive information types and labels used in your organization and how they are being used. You do not need to set up any policy to understand these details.
Figure 1. Overview tab showing a quick snapshot of data classification and usage of sensitivity and retention labels
The Content explorer tab provides you with a richer understanding of data at risk by displaying the amount and types of sensitive data in a document. An integrated viewer displays the full content in documents or emails for those with appropriate permissions. You can also filter by label or sensitive type to get a detailed view of locations where sensitive data is stored. Based on your feedback, we have added the ability to ‘Search’ and find sensitive files in specific locations or by specific file types or file names. You can also now ‘Export’ the meta data of content displayed into Excel, for further reporting and investigation, with a single click.
Figure 2. Integrated viewer showing contents of document in the ‘Content explorer’ tab
Note: OneDrive views in this experience will remain in ‘preview’ mode while we incorporate your feedback. We appreciate your continued support on this and thank you for your feedback.
The Activity explorer tab provides a better understanding of activities related to your sensitive data, sensitivity and retention labels , such as decreased protection due to label downgrades or changes. It helps you investigate events that could be leading towards data leak scenarios (e.g., removal of labels). Understanding these activities gives you the ability to identify the right policies for protection or data loss prevention (DLP) to ensure that your most sensitive data is secure.
Figure 3. Activity explorer tab displaying activity related to sensitive information
Customer feedback
A large financial services customer, for example, used these new capabilities to discover vulnerable data on their 8000 SharePoint sites and then prevent its overexposure, thereby reducing their risk on vulnerable data.
Several other customers have shared that they were pleasantly surprised to see the quantity and quality of insights available in Content explorer and Activity explorer, and it prompted them to create protection policies they had previously not considered. Microsoft’s IT also relies on these capabilities to ensure that the data in over 150,000 mailboxes and 300,000 SharePoint /Teams sites is protected even as a huge amount of sensitive data continues to be created and shared.
“Content explorer is a welcome addition to my remediation and tuning efforts. In the past, when I wanted to get a sense of the impact of a particular policy, we would run eDiscovery searches to know the amount of data out there that matches a particular sensitive type (built-in or custom). Now with Content Explorer, I can get a quick sense of the number of findings by simply selecting the sensitive type from the many filters available within Content Explorer. From there, I can explore those items to understand the signal to noise ratio and progress with my remediation efforts. The key is that I can quickly search for the site name and then the file name, which helps me to review content quickly without making copies of content. This used to take a lot of time but now with this tool I can do it in half the time.” John Cardarelli, Data Loss Prevention Architect in Microsoft’s IT Department
Get started
Overview, Content explorer and Activity explorer enable you to discover, classify, review, and monitor sensitive data in your Microsoft 365 services like SharePoint and Exchange ‘in place’ without having to move your data elsewhere. To learn more about how these capabilities enable you to know your sensitive information, watch this short video and see our online documentation. To experience this capability, click on ‘data classification’ in the Microsoft 365 compliance center. With a Microsoft 365 E3 license you can benefit from the Overview tab and get programmatic access to basic reporting and audit. Microsoft 365 E5 licensing SKUs (e.g. E5 Compliance and E5 Information Protection & Governance) get you access to advanced capabilities like Content explorer and Activity explorer. You can learn more about our licensing here.
We are excited to roll out general availability of these data discovery and review capabilities for SharePoint and Exchange today. We will continue to add more workloads like Office client apps, endpoints, Teams, on-premises. We are committed to expanding on these capabilities to enhance your ability to protect and govern data. We are working hard at other exciting innovations – stay tuned!
Am a keen follower of Microsoft's SharePoint Blog and proud to provide this direct from the Microsoft Tech Community:
Attendees, on your marks, get set, GO!
Lace up your training shoes. Load up on the v-carbs. And start pounding the water today. The Microsoft 365 Virtual Marathon is around the corner. World class speakers prepped to be your first-class training coaches. And the content, the content is what gets you across the finish line. So much good content.
Jeff Teper (CVP, Microsoft) will be giving a keynote that’s not to be missed, plus Microsoft speakers delivering breakout sessions among thought leaders and members of the community from around the world. Review all 200+ sessions and start your Marathon training plan today.
What: Microsoft 365 Virtual Marathon to learn more | Register today
When: May 27-28, 2020 (36 hours / 2 days)
Presenters: 300+ speakers (MVPs, RDs, Microsoft and community members) from 44 countries speaking in 7 different languages
Cost: Free
Primary Twitter hashtag: #M365VM (join in)
Microsoft 365 Virtual Marathon – May 27-28, 2020 (online training)
Set your pace and jump in. The Microsoft 365 Virtual Marathon has something for everyone running the “miles” of Microsoft 365, including Azure. You’ll find no hill or valley unmapped: AI, bots, sharing, intranet, BI, admin, Teams, SharePoint, OneDrive, Yammer, Power Platform, Microsoft Graph, SPFx, security & compliance, Project Cortex, custom development, migration, search and more.
Below is a list of the Microsoft sessions | presenters – including Jeff’s keynote:
- The latest innovations in SharePoint, OneDrive, and Office for content collaboration [Microsoft keynote] | with Jeff Teper
- Microsoft 365 Live Events and remote work | Lorena Huang Liu & Christina Torok
- Knowledge and Project Cortex – the Microsoft 365 Vision | Naomi Moneypenny and Chris McNulty
- Share and track your information with lists across Microsoft 365 | Lincoln DeMaris
- Design productivity apps with SharePoint lists and libraries, Power Apps, and Power Automate | Chaks Chandran
- Connect the workplace with engaging, dynamic experiences across your intranet | Debjani Mitra and Brad McCabe
- The New Yammer | Jason Mayans
- Architecting Your Intranet | Melissa Torres
- OneDrive powers intelligent file experiences across Microsoft 365 | Randy Wong
- Collaboration and external file sharing across Microsoft 365 | Ankita Kirti
- Migration to SharePoint, OneDrive, and Microsoft Teams in Microsoft 365, free and easy | Hani Loza and Eric Warnke
- Security and compliance in SharePoint and OneDrive | Sesha Mani
- SharePoint developer overview | Luca Bandinelli
- Jump start your projects with community projects from Patterns and Practices (PnP) | Vesa Juvonen
Shout out to community members and and the #M365VM team for putting together the online race, mapping the course and for supporting and promoting the knowledge and expertise that reaffirms this: Microsoft 365 has the best tech community in the world – with the endurance to prove it.
Cheers and see you at the race,
Mark 🏃🏻
The above is kindly provided by the Microsoft Tech Community!
I am evaluating Whiteboard, its position in the Office 365 functionality landscape and how viable it is.
The desktop app has some great features (some in preview) while the web version seems a bit basic still.
How active is the development?
Do you know if the roadmap is up-to-date?
I’d e.g. love to see
- a clearer integration to Teams allowing whiteboards to created for a channel and/or be displayed as a tab
- embedding/integrating whiteboard to SharePoint or other webs
- organising whiteboards in some way
I’m ready to be amazed.
Am a keen follower of Microsoft's SharePoint Blog and proud to provide this direct from the Microsoft Tech Community:
In this weekly discussion of latest news and topics around Microsoft 365, hosts – Vesa Juvonen (Microsoft), Waldek Mastykarz (Rencore), are joined by Paul Schaeflein – MVP, Developer, Technical Architect and Microsoft 365 Podcaster in Chicago, Illinois, based Addin365.
Paul is focused on helping peers and customers use the parts of Microsoft 365 that are relevant to their job. What is the Microsoft 365 opportunity for developers? Of course, that depends. Microsoft 365 provides many options. First understand and bridge the gap between what your staff can do (their knowledge) and what the service can do for you/them. Key focus areas for newbies?
Learn how to write and secure an API, understand React and now React hooks, know your native coding tool – editor, know how to use search engines to find people and information efficiently, understand how to interact with a service you don’t own and finally, keep learning.
As always, if you need help on an issue, want to share a discovery, or just want to say: “Job well done”, please reach out to Vesa, to Waldek or to your PnP Community.
This episode was recorded on Monday, May 11, 2020.
Did we miss your article? Please use #PnPWeekly hashtag in the Twitter for letting us know the content which you have created.
The above is kindly provided by the Microsoft Tech Community!
In this difficult time, remote work is becoming the new normal for many companies around the world. Part of this new normal is increased focus on implementing stricter security controls and data loss prevention policies within the solutions that already exist within your environment. We understand that you may be looking at our portfolio of solutions and trying to better understand how we can help provide the appropriate balance of security and productivity.
References:
This webinar was presented on Mon Apr 27th, 2020, and the recording can be found here.
Attached to this post are:
- The FAQ document that summarizes the questions and answers that came up over the course of both Webinars; and
- A PDF copy of the presentation.
Thanks to those of you who participated during the two sessions and if you haven’t already, don’t forget to check out our resources available on the Tech Community.
Thanks!
@Adam Bell on behalf of the MIP and Compliance CXE team
Many of you have been looking for ways to bring the latest capabilities to your users to stay the most productive and secure. Customers who have switched to a faster update cadence, tell us about higher end-user satisfaction as they benefit from many capabilities and improvements as soon as they are available. The current worldwide environment has triggered an unprecedented acceleration in digital transformation, prompting IT to support companywide transitions to remote work without affecting productivity. Recent enhancements to popular collaboration capabilities such as Comments, While you were away, and @mentions have proven particularly useful, as the demand for real-time collaboration grows. To help you bring the latest capabilities like these and others to your users faster, we recommend customers choose Current Channel as their update cadence for servicing Microsoft 365 Apps for enterprise.*
We recognize that to manage more complex environments, you need extra tools and more time to validate new features without additional burden on IT. To support these requirements, we are releasing a whole new set of capabilities throughout the year. Based on a modern management approach, we’re focusing this wave of innovation on delivering servicing predictability, additional tools to manage the health of your environments, and a more efficient issue resolution process.** Today, we start by announcing the general availability of the new Monthly Enterprise Channel and a few other changes that modernize the way you service Microsoft 365 Apps, as you deliver the latest productivity value to your businesses.
New Monthly Enterprise Channel
As an IT admin, you can control how often the users in your organization get new Microsoft 365 Apps features by specifying the update channel. Before today, some of our customers have opted for less frequent updates due to the unpredictable nature and network stress of a faster cadence. The new Monthly Enterprise Channel is designed to alleviate many of those concerns and reduce the burden on IT. Choosing this update channel will allow you to offer your company the latest productivity features, like real-time collaboration, the latest reliability and performance improvements, and security updates on a predictable, once-a-month cadence. All updates will be delivered as one package on the second Tuesday of each month, which we call “Patch Tuesday.”
Because all Monthly Enterprise Channel updates are shipped once a month, you will benefit from both low interruption and the ability to optimize network utilization for your enterprise. Capabilities like Delivery Optimization are already available to help you optimize bandwidth when downloading new bits, as well as regular updates.
To help you better manage changes while moving to a faster cadence, Monthly Enterprise Channel will be offering additional capabilities to advance the health of your environment and a more transparent and faster issue resolution process. To learn more about the new update channel and how it is different from other existing update channels, read this article.
Microsoft 365 admin center experience for setting up Monthly Enterprise Channel (new channel names will appear on June 9th).
Streamlining names for existing channels for Microsoft 365 Apps
As we introduce the new channel and our servicing model keeps evolving, we are renaming the existing update channels (Insider, Monthly, and Semi-Annual) to help you make better decisions about the servicing strategy for your organization. This change only applies to those of you running Microsoft 365 Apps on Windows devices. You will have an option to choose among Current, Monthly, or Semi-Annual channels. Testing channels will now be called Preview, instead of Targeted. While the Insider program remains, we will use Beta Channel as the new name for the channel designed for our early adopter/insider audience. Learn more about new update channel names in this article.
|
New names
|
Recommended use
|
|
Beta Channel
|
For early adopters, IT Pros, and developers who join the Insider community to get access to the earliest build
|
|
Current Channel (Preview)
|
For enterprises to have early access to the upcoming Current Channel release and for fans or early adopters who want early access but also more stability
|
|
Current Channel
|
To provide your end users with the most current Office features and latest security value as soon as they are ready
|
|
Monthly Enterprise Channel
|
For customers who need the latest features on a predictable monthly cadence
|
|
Semi-Annual Enterprise Channel (Preview)
|
For enterprises to preview the experience for the upcoming Semi-Annual Enterprise Channel release
|
|
Semi-Annual Enterprise Channel
|
For select devices in your organization where extensive testing is needed before rolling out new Office features (e.g., to comply with regulatory, governmental, or other organizational requirements)
|
Changing default update channel setting for new tenants to Current Channel
Along with the new capabilities to help you better service Microsoft 365 Apps, new tenants installing Microsoft 365 Apps will be defaulted to Current Channel. This update channel delivers feature updates as soon as they are production-ready and is fully compliant and supported. Feature updates, additional security updates, quality updates, and bug fixes are delivered about two or three times a month. This update channel is recommended for broad deployment across organizations of any size, including educational institutions. This change will start rolling out on June 9, 2020. There is no change to the default update channel setting for existing tenants.
Regardless of where you are in your cloud journey, your company looks to you for guidance on how to stay streamlined, cost-effective, and secure. This is only the beginning of the innovation wave offering you modern options to manage client app software, as you make your business competitive and productive.
Join us on May 27 at 9 AM PT for a live Ask Microsoft Anything session. We’d love to answer any questions you have about deploying Microsoft 365 Apps.
Thank you for your continuous feedback. Visit UserVoice to send us your ideas.
Ask us questions in our dedicated Tech Community space,*** watch new episodes on our Deployment Insider channel to learn more and explore the Office Insider program to give your users access to early features before deploying more broadly.
*Previously known as Office 365 ProPlus.
**Additional capabilities are shipping later this year.
***Previously known as the Office 365 ProPlus community space.
On Tuesday, May 5th, at 12:00 pm ET, I opened up my laptop, poured some coffee and joined hundreds of security awareness professionals at the Security Awareness Virtual Summit, 2020, hosted by Terranova Security and sponsored by Microsoft. The next 3 hours were chockfull of presentations, expert advice, a hands-on workshop and a deep dive into Terranova Security training.
Speak the language of business by using data
Brian Reed, Senior Director at Gartner kicked off the day with his keynote speech: “Three Ways to Gain Support for your Security Awareness Program.” Brian focused on a problem many security awareness professionals struggle with – how to secure executive buy-in for an organization’s security awareness program. Demonstrating ROI can be hard in the absence of standard metrics, and behavior change is difficult to measure. Brian advised professionals to “speak the language of business” translating the outcomes of security awareness programs into business outcomes and drilling down into the financial implications of improved awareness.
Later in the day, Terranova Security CISO, Theo Zafirakos also highlighted the importance of measuring total cost of breach. Designing and deploying a security awareness training will incur some cost, but if done well, it will save far more in lost productivity, remediation expense and downtime.
Storytelling is your secret superpower to boost engagement
An important takeaway from Brian’s speech was the power of storytelling in improving engagement and participation in security awareness training. Brian urged security awareness professionals to harness the power of stories to build emotional connection. Humans are hardwired to respond to stories—with elements like character, obstacle or challenge and eventual triumph. Usually, Brian said, we use a traditional crime or spy story in the realm of risk and security, but for awareness programs, and he encouraged the audience to think outside the box and experiment with adventure or humorous narratives to increase engagement.
Adopt an Attacker mindset through phish simulation to detect and quantify risk
Microsoft PM Lead, @Brandon Koeller discussed the importance of simulated phishing to your training program. As Brandon said, “Phishing is THE risk, capital T-H-E” when it comes to people.
Using phish simulations that accurately simulate your threat environment will help you establish a baseline of awareness, detect vulnerable users, quantify behavior change, and demonstrate the effectiveness of training. Koeller reminded us that as security professionals we tend to inhabit a defender mindset but to truly prepare and protect your employees, you need to inhabit an attacker mindset. Phish simulation that mimics real threats in your environment – using context-specific lures and the types of emails most likely to land in your employees’ inboxes.
The expert panel, featuring Lise Lapointe, CEO of Terranova Security, Erin Csonaki and Blythe Price, Program Managers for CyberSecurity Awareness and Education at Microsoft and Bill Dunnion, Director of the Cyber Resilience Office at Calian highlighted the organizational behavior axis of security awareness – they reminded listeners that their security awareness programs are not merely compliance checklists but a key component of security culture. They urged the audience to frame security awareness training as a key tool in elevating the importance of security and cyber hygiene in the minds of their employees.
If you missed out on signing up for the virtual summit and want to catch up on the learning, best practices, tips and advice, you’re in luck. The recorded Virtual Summit is available to watch here
Let us know what you think in the comments!
Custom sensitive information types are used to help prevent inadvertent or inappropriate sharing of sensitive information. As an administrator, you can use the Security & Compliance Center or PowerShell to define a custom sensitive information type based on patterns, evidence (keywords such as employee, badge, ID, and so on), character proximity (how close evidence is to characters in a particular pattern), and confidence levels. Such custom sensitive information types meet business needs for many organizations
References:
This webinar was presented on Wed Apr 22nd, 2020, and the recording can be found here.
Attached to this post are:
- The FAQ document that summarizes the questions and answers that came up over the course of both Webinars; and
- A PDF copy of the presentation.
Thanks to those of you who participated during the two sessions and if you haven’t already, don’t forget to check out our resources available on the Tech Community.
Thanks!
@Adam Bell on behalf of the MIP and Compliance CXE team
