Updates from: 01/04/2024 04:26:33
Category Microsoft Docs article Related commit history on GitHub Change details
commerce Understand Eos Products https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/understand-eos-products.md
+
+ Title: "Understand end-of-sale products in the Microsoft 365 admin center"
+f1.keywords:
+- CSH
++++
+audience: Admin
++
+ms.localizationpriority: medium
+
+- Tier2
+- scotvorg
+- M365-subscription-management
+- Adm_O365
+
+- commerce_subscriptions
+- AdminTemplateSet
+search.appverid: MET150
+ROBOTS: NOIINDEX, NOFOLLOW
+description: "Learn about end-of-sale products in the Microsoft 365 admin center."
Last updated : 01/03/2024++
+# Understand end-of-sale products in the Microsoft 365 admin center
+
+> [!IMPORTANT]
+> This article only applies to customers with a Microsoft Customer Agreement (MCA) billing account. [Find out what type of billing account you have](../manage-billing-accounts.md#view-my-billing-accounts).
+
+When you buy a subscription from Microsoft, you get a bundle of products and services that are sold as an offer. Different offers can have different configurations of products and services. Sometimes we decide to stop selling a particular offer. When an offer is no longer available to buy, we call this end-of-sale (EOS). An EOS scenario can apply to entire products and services, and regions and markets. This article describes how EOS affects your subscription, and how it limits certain changes you might want to make to your subscription.
+
+> [!NOTE]
+> If you bought perpetual software, there's no EOS impact to your software because itΓÇÖs a one-time purchase without the ability to renew.
+
+## How do I know if my offer is at EOS?
+
+We send multiple communications to let you know that a subscription you own will be marked as EOS.
+
+If you have a subscription that is marked as EOS, you see a warning on the subscription details page in the Microsoft 365 admin center that says, "This product is no longer available to buy, so some actions below are turned off."
+
+## How does EOS affect my existing subscriptions?
+
+For existing subscriptions bought before the EOS date, your service isnΓÇÖt affected. Subscriptions continue to renew until you change your recurring billing settings, or the subscription expires. You can continue to manage your existing subscriptions. For example, you can update assign or unassign licenses. You can also change EOS offers to other active products and services.
+
+## How does EOS limit changes to my subscriptions?
+
+After the EOS date is reached, and depending on how a particular subscription handles EOS, there might be limits to the tasks you can do to manage your subscription. For example, you wonΓÇÖt be able to do the following tasks:
+
+- Buy more licenses for EOS offers.
+- Upgrade subscriptions, convert trials for EOS offers.
+- Change the subscription length for EOS offers.
+
+For information about specific EOS limitations that apply to your subscriptions, refer to email communications from Microsoft and the Microsoft 365 admin center.
loop Loop Compliance Summary https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-compliance-summary.md
Where the loop content was originally created determines its storage location:
|Admin Management: Multi-Geo |**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** capabilities, including creation of .loop files in a user's OneDrive in the geo that matches the user's [preferred data location](/microsoft-365/enterprise/plan-for-multi-geo#best-practices) and ability to move the user's OneDrive when their preferred data location changes.|**Not Yet Available**: <br>**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** capabilities, including creation of .loop files in a user's Loop workspaces in the geo that matches the user's [preferred data location](/microsoft-365/enterprise/plan-for-multi-geo#best-practices). <br>**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** rehome of Loop workspaces and contained .loop files as needed.| |Admin Management: User leaves organization |When a user leaves an organization, [OneDrive retention policies](/sharepoint/retention-and-deletion) apply to the .loop files just as they do to other content created by the user.|Manage the lifetime of shared Loop workspaces like you would other collaboration artifacts, like SharePoint sites or Teams channels.| |Admin Management: Loop workspaces |n/a|See [Admin Management of Loop workspaces](#admin-management-of-loop-workspaces) for a list of capabilities that are available and also not yet available.|
-|Admin Management: Recycle bin |**Not Yet Available**: <br>End user Recycle bin for deleted content.|**Not Yet Available**: <br>End user Recycle bin for deleted content. <br>End user Recycle bin for deleted Loop workspaces.|
+|Admin Management: Recycle bin |End user Recycle bin for deleted content.|End user Recycle bin for deleted content. <br><br>**Not Yet Available**: <br>End user Recycle bin for deleted Loop workspaces.|
|Audit: Version history |**Version History** [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export) or via [Graph API](/graph/api/driveitem-get-content-format).|**Version History** [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export). <br><br>**Not Yet Available**: <br>API access to Loop workspace containers - this impacts third party export and eDiscovery tools.| |Audit: logs and events |**Audit** logs for all events: search and export Microsoft 365 service events for security and compliance investigations <ol><li>use the [compliance admin center](https://compliance.microsoft.com/auditlogsearch)<li>search audit logs for "loop" or "fluid"<li>further filter exported results by "SourceFileExtension":"loop" or "SourceFileExtension":"fluid"|**Audit** logs for all events: search and export Microsoft 365 service events for security and compliance investigations <ol><li>use the [compliance admin center](https://compliance.microsoft.com/auditlogsearch)<li>search audit logs for Loop ApplicationID `a187e399-0c36-4b98-8f04-1edc167a0996`| |Audit: log access |**Audit** logs are retained, can be exported, and can be streamed to third party tools|**Audit** logs are retained, can be exported, and can be streamed to third party tools|
This section repeats capabilities which aren't yet available from the table abov
### Admin Management - **Programmatic APIs for Loop workspace content**: API access to Loop workspace containers isn't yet available. These APIs are required in order to use third party tools for export and eDiscovery, migration, communicate in bulk to end-users about their content such as compliance requirements, and developer APIs. - **Multi-Geo** rehome of Loop workspaces and all contained .loop files isn't yet available.-- When users delete an entire Loop workspace, or when they delete pages or components stored in a Loop workspace, these aren't yet available in an **end-user visible Recycle bin**.
+- When users delete an entire Loop workspace, these aren't yet available in an **end-user visible Recycle bin**.
- See [Admin Management of Loop workspaces](#admin-management-of-loop-workspaces) for a more detailed list of specific admin capabilities using PowerShell and the SharePoint Admin Center. ### Data Lifecycle Management
See more about how to use PowerShell to perform these tasks on Loop application
- edit sensitivity labels - above quota management of Loop workspaces - SharePoint Embedded Repository admin role integration-- End user Recycle Bin for deleted content
+- End user Recycle Bin for deleted workspaces
lti Index https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/index.md
For configuration steps, see:
- [Microsoft Reflect with Canvas](reflect-lti-canvas.md). - [Microsoft Reflect with Schoology Learning](reflect-lti-schoology.md).
+- [Microsoft Reflect with Moodle](reflect-lti-moodle.md).
+- [Microsoft Reflect with D2L Brightspace](reflect-lti-brightspace.md).
lti Reflect Lti Brightspace https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/reflect-lti-brightspace.md
+
+ Title: Integrate Microsoft Reflect LTI with D2L Brightspace
++++ Last updated : 11/28/2023
+audience: admin
+++
+- M365-modern-desktop
+- m365initiative-edu
+- tier2
+ms.localizationpriority: medium
+description: Create impactful check-ins to gain wellbeing insights and build a happier, healthier learning community with the Microsoft Reflect Learning Tools Interoperability App for D2L Brightspace.
++
+# Integrate Microsoft Reflect LTI with D2L Brightspace
+
+[Microsoft Reflect](https://reflect.microsoft.com) is a wellbeing app designed to foster connection, expression, and learning by promoting self-awareness, empathy, and emotional growth.
+
+Reflect LTI integration with D2L Brightspace is designed in compliance with the latest Learning Tools Interoperability (LTI) standards, ensuring strong security and straightforward installation within your D2L Brightspace environment.
+
+Integrate Reflect into D2L Brightspace to create impactful check-ins, gain wellbeing insights, and build a happier, healthier learning community.
+
+> [!NOTE]
+> This guide provides IT admins steps for registering the Reflect LTI app for Brightspace by D2L.
+>
+> The person who performs this integration should be an administrator of Brightspace and Microsoft 365 tenant.
+
+## One-time setup by administrator
+
+> [!IMPORTANT]
+> To access the Reflect LTI app in your D2L Brightspace environment, you should complete **all** three steps detailed in this section: register Microsoft Reflect LTI for use in your D2L Brightspace, then deploy it, and finally add a link to it in your course navigation.
+
+### 1. Register Microsoft Reflect LTI for use in your D2L Brightspace
+1. Sign in with a *Microsoft 365 administrator account* to the [Microsoft LTI Registration Portal](https://lti.microsoft.com/registration).
+1. Select **Add new registration**.
+1. Select **Microsoft Reflect** and then select **Next**.
+1. Enter a friendly **Registration** name like *Reflect for D2L Brightspace* and select **D2L Brightspace** as the LMS platform. Select **Next**.
+1. You're given a list of keys that need to be added to your Brightspace LMS site.
+1. Open your D2L Brightspace environment in another tab. ***Don't*** close the Microsoft LTI portal tab.
+1. On D2L Brightspace, navigate to **Admin Tools** > **Manage Extensibility** and select **LTI Advantage** then **Register Tool**.
+1. Select **Standard** registration and enter the values listed in the table:
+
+ | Field on Brightspace form | Value |
+ | -- | |
+ | Name | Microsoft Reflect |
+ | Domain | https://reflect.microsoft.com |
+ | Redirect URLs | Copy the **Redirect URL** value from Microsoft LTI keys.|
+ | OpenID Connect Login URL | Copy the **Open ID connection URL** value from Microsoft LTI keys. |
+ | Target Link URI | https://reflect.microsoft.com/app |
+1. Select the **Register** button.
+1. A modal with Brightspace registration details appears. Add these values on the Microsoft LTI portal.
+1. On the **Microsoft LTI portal** tab, select **Next** to navigate to **LMS provided registration keys**. Enter the values listed in the table:
+
+ | Field on Microsoft LTI registration portal | Value |
+ | -- | |
+ | Issuer ID URL | Copy the **Issuer** value from Brightspace Registration Details. |
+ | Client ID | Copy the **Client Id** value from Brightspace Registration Details. |
+ | Keyset URL | Copy the **Brightspace Keyset URL** value from Brightspace Registration Details. |
+ | Platform authentication URL | Copy the **OpenID Connect Authentication Endpoint** value from Brightspace Registration Details. |
+1. Select **Done** in Brightspace Registration Details tab, and **Next** in the Microsoft LTI registration portal tab.
+1. In the Microsoft LTI registration portal tab, review the **Review and save** page. If there are no errors, select **Save and exit**. You should see a message indicating successful registration.
+
+### 2. Deploy Microsoft Reflect LTI to your D2L Brightspace
+1. On D2L Brightspace, navigate to **Admin Tools** > **External Learning Tools**.
+1. Select **New Deployment**.
+1. Select **Microsoft Reflect** as the **Tool**, and enter **Microsoft Reflect** as the **Name** as well.
+1. Select ***all*** security settings ***except*** **Anonymous** and **Classlist** (including Org Unit information, User Information, Link Information).
+1. Don't set configuration settings.
+1. Select **Add Org Units**, and then the **root org** or **all** units to deploy Microsoft Reflect for them.
+1. Select **Create Deployment** and confirm the deployment.
+1. Select **Microsoft Reflect** deployment, scroll down to **Deployment Id**, and copy its value.
+1. Open the [Microsoft LTI Registration Portal](https://lti.microsoft.com/registration).
+1. Select **edit** in the actions column of your *Reflect for D2L Brightspace* registration.
+1. Select **Connect LTI credentials**, and then **LMS provided registration keys**.
+1. Scroll down to **Deployment ID** and paste the value you copied from the **Brightspace Deployment Details**.
+1. Select **Next**, review the **Review and save** page, and then select **Save and exit** to complete the update.
+
+### 3. Add a link to Microsoft Reflect in your D2L Brightspace courses
+1. On D2L Brightspace, navigate to **Admin Tools** > **External Learning Tools**.
+1. Select **Microsoft Reflect**.
+1. Scroll down to select **View Links**.
+1. Select **New Link**.
+1. Enter **Microsoft Reflect** as the **Name**.
+1. For the **URL**, access the [Microsoft LTI Registration Portal](https://lti.microsoft.com/registration) and copy the **Redirect URL** from your *Reflect for D2L Brightspace* registration.
+1. Select **Save and Close** to create the link.
+1. Navigate to **Admin Tools** > **Navigation & Themes**.
+1. Select **Standard Course Navigation**, and then **Add Links**.
+1. Select **Create Custom Link**.
+1. Enter **Microsoft Reflect** as the **Name**.
+1. For the **URL**, select **Insert Quicklink**, and then **Microsoft Reflect**.
+1. Select **Same window** for **Behavior**.
+1. Select **Create**.
+1. Ensure that the **Microsoft Reflect** checkbox is selected, and then select **Add**.
+1. Drag the Microsoft Reflect link to your preferred location in the course navigation.
+1. Select **Save and Close**.
+
+Reflect is now installed and ready to use in any course in your D2L Brightspace environment.
+
+## Ongoing use by course owners and members
+
+1. After the initial setup, course owners and members will find a link to Reflect in every course navigation.
+1. On their first access, they need to sign in using their Microsoft account to get started.
+1. Course owners can [create and share check-ins](https://support.microsoft.com/topic/c6cbbacc-5655-450e-bca9-988ddc506017).
+1. Once check-ins are created, course members can access and respond to them in their Reflect tab.
+
+> [!TIP]
+> [Explore the Educator Toolkit](https://reflect.microsoft.com/home/resources) for resources that can help educators bring the magic of Reflect to students and share it with peers.
+
+## Recommended browser settings
+
+- Cookies should be allowed for Microsoft Reflect.
+- Popups shouldn't be blocked for Microsoft Reflect.
+
+> [!NOTE]
+> Cookies aren't allowed by default in the Chrome browser incognito mode and will need to be allowed.
+>
+> Microsoft Reflect LTI works in the private mode in Microsoft Edge browser. Ensure that you haven't blocked cookies, which are allowed by default.
lti Reflect Lti Moodle https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/reflect-lti-moodle.md
+
+ Title: Integrate Microsoft Reflect LTI with Moodle
++++ Last updated : 11/28/2023
+audience: admin
+++
+- M365-modern-desktop
+- m365initiative-edu
+- tier2
+ms.localizationpriority: medium
+description: Create impactful check-ins to gain wellbeing insights and build a happier, healthier learning community with the Microsoft Reflect Learning Tools Interoperability App for Moodle.
++
+# Integrate Microsoft Reflect LTI with Moodle
+
+[Microsoft Reflect](https://reflect.microsoft.com) is a wellbeing app designed to foster connection, expression, and learning by promoting self-awareness, empathy, and emotional growth.
+
+Reflect LTI integration with Moodle is designed in compliance with the latest Learning Tools Interoperability (LTI) standards, ensuring strong security and straightforward installation within your Moodle site.
+
+Integrate Reflect into Moodle to create impactful check-ins, gain wellbeing insights, and build a happier, healthier learning community.
+
+## One-time setup by administrator
+
+> [!NOTE]
+> This section provides IT admins steps for registering the Reflect LTI app for Moodle.
+>
+> The person performing this initial registration should be an administrator of the Moodle site and Microsoft 365 tenant.
+
+1. Sign in with a *Microsoft 365 administrator account* to the [Microsoft LTI Registration Portal](https://lti.microsoft.com/registration).
+1. Select **Add new registration**.
+1. Select **Microsoft Reflect** and then select **Next**.
+1. Enter a friendly **Registration** name like *Reflect for Moodle* and select **Moodle** as the LMS platform. Select **Next**.
+1. You're given a list of keys that need to be added to your Moodle site.
+1. Open your Moodle site in another tab. ***Don't*** close the Microsoft LTI portal tab.
+1. On Moodle, navigate to **Site administration** > **Plugins** and select **External tool** then **Manage tools**.
+1. Select **Configure a tool manually** and enter the values listed in the table:
+
+ | Field on Moodle | Value |
+ | -- | |
+ | Tool name | Microsoft Reflect |
+ | Tool URL | https://reflect.microsoft.com/app |
+ | LTI version | LTI 1.3 |
+ | Initiate login URL | Copy the **Open ID connection URL** value from Microsoft LTI keys. |
+ | Redirection URI(s) | Copy the **Redirect URL** value from Microsoft LTI keys.|
+1. Select the **Save changes** button.
+1. In the **Tools** section, on the new **Microsoft Reflect** tile, select the **View configuration details** icon to view a modal with the configuration details for the Microsoft LTI portal.
+1. On the **Microsoft LTI portal** tab, select **Next** to navigate to **LMS provided registration keys**. Enter the values listed in the table:
+
+ | Field on Microsoft LTI registration portal | Value |
+ | -- | |
+ | Issuer ID URL | Copy the **Platform ID** value from Moodle tool configuration details. |
+ | Client ID | Copy the **Client ID** value from Moodle tool configuration details. |
+ | Keyset URL | Copy the **Public keyset URL** value from Moodle tool configuration details. |
+ | Platform authentication URL | Copy the **Authentication request URL** value from Moodle tool configuration details. |
+ | Deployment ID | Copy the **Deployment ID** value from Moodle tool configuration details. |
+ | Access token URL | Copy the **Access token URL** value from Moodle tool configuration details. |
+
+1. Select **Next** in the Microsoft LTI registration portal tab.
+2. Review the **Review and save** page. If there are no errors, select **Save and exit**. You should see a message indicating successful registration.
+
+Reflect is now installed and ready to use on your Moodle site after teachers add it to their courses.
+
+## Add Reflect to a course as the course teacher
+
+> [!IMPORTANT]
+> After the initial setup of Reflect as an LTI external tool in your Moodle site, course teachers need to add it to their courses to use it with their students.
+
+1. On Moodle, navigate to your course and in the course navigation, select **More** > **LTI External tools**.
+1. Find **Microsoft Reflect** and turn on the **Show in activity chooser** toggle.
+1. Navigate back to the course, ensure you are in **Edit mode**, and select **Add an activity or resource** in the **General** section.
+1. Search for **Microsoft Reflect** and select it.
+1. Enter **Microsoft Reflect** as the **Activity name**.
+1. Select **Save and return to course**.
+
+Reflect is now installed and ready to use in your course by both teachers and students.
+
+## Ongoing use by course teachers and students
+
+1. After the initial course setup, teachers and students will find a link to Reflect in the **General** section.
+1. On their first access, they need to sign in using their Microsoft account to get started.
+1. Course owners can [create and share check-ins](https://support.microsoft.com/topic/c6cbbacc-5655-450e-bca9-988ddc506017).
+1. Once check-ins are created, course members can access and respond to them in their Reflect tab.
+
+> [!TIP]
+> [Explore the Educator Toolkit](https://reflect.microsoft.com/home/resources) for resources that can help educators bring the magic of Reflect to students and share it with peers.
+
+## Recommended browser settings
+
+- Cookies should be allowed for Microsoft Reflect.
+- Popups shouldn't be blocked for Microsoft Reflect.
+
+> [!NOTE]
+> Cookies aren't allowed by default in the Chrome browser incognito mode and will need to be allowed.
+>
+> Microsoft Reflect LTI works in the private mode in Microsoft Edge browser. Ensure that you haven't blocked cookies, which are allowed by default.
security Mdb Manage Subscription https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-manage-subscription.md
audience: ITPro Previously updated : 01/02/2024 Last updated : 01/03/2024 ms.localizationpriority: medium
This article describes how to apply either Defender for Business or Defender for
> [!NOTE] > If you don't see **Change subscription settings**, at least one of the following conditions is true:
- > - You have Defender for Business or Defender for Endpoint (but not both); or
- > - The ability to change your subscription settings hasn't rolled out to your organization yet.
+ > - You have Defender for Business or Defender for Endpoint (but not both)
+ > - You don't have enough Defender for Endpoint Plan 2 licenses for all users in your organization
+ > - The ability to change your subscription settings hasn't rolled out to your organization yet
4. On the **Subscription settings** flyout, choose whether to use only Defender for Business or Defender for Endpoint Plan 2 across your organization's devices. > [!IMPORTANT] > Keep the following important points in mind before you save your changes: >
- > - Make sure you have enough licenses for the subscription you're using for all users in your organization. If you choose Defender for Endpoint Plan 2, you're no longer using your Defender for Business licenses.
+ > - Make sure you have enough licenses for the subscription you're using for all users in your organization.
> - If you select **Only Microsoft Defender for Endpoint Plan 2**, the simplified configuration experience for Defender for Business is replaced with advanced settings that you can configure in Defender for Endpoint. If this change is applied, you can't undo it.
- > - Make sure to review your security policies and settings. To get help with Defender for Endpoint policies and settings, see [Configure Microsoft Defender for Endpoint capabilities](../defender-endpoint/onboard-configure.md). If you're keeping Defender for Business, see [Set up, review, and edit your security policies and settings in Microsoft Defender for Business](mdb-configure-security-settings.md).
> - It can take up to three hours for your changes to be applied.
+ > - Make sure to review your security policies and settings. To get help with Defender for Endpoint policies and settings, see [Configure Defender for Endpoint capabilities](../defender-endpoint/onboard-configure.md). To get help with Defender for Business policies and settings, see [Review and edit your security policies and settings in Defender for Business](mdb-configure-security-settings.md).
## Review license usage
-The license usage report is estimated based on sign-in activities on the device. Defender for Endpoint Plan 2 licenses are per user, and each user can have up to five concurrent, onboarded devices. To learn more about license terms, see [Microsoft Licensing](https://www.microsoft.com/en-us/licensing/default).
+The license usage report is estimated based on sign-in activities on the device. Defender for Endpoint Plan 2 licenses are assigned to users, and each user can have up to five concurrent, onboarded devices. To learn more about license terms, see [Microsoft Licensing](https://www.microsoft.com/en-us/licensing/default).
To reduce management overhead, there's no requirement for device-to-user mapping and assignment. Instead, the license report provides a utilization estimation that is calculated based on device usage seen across your organization. It might take up to one day for your usage report to reflect the active usage of your devices.
security Configure Exclusions Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-exclusions-microsoft-defender-antivirus.md
Title: Configure custom exclusions for Microsoft Defender Antivirus
description: You can exclude files (including files modified by specified processes) and folders from Microsoft Defender Antivirus scans. ms.localizationpriority: medium Previously updated : 07/18/2023 Last updated : 01/02/2024
If you're using another tool, such as Configuration Manager or Group Policy, or
- [Configure and validate exclusions based on file extension and folder location](configure-extension-file-exclusions-microsoft-defender-antivirus.md) - [Configure exclusions for files opened by processes](configure-process-opened-file-exclusions-microsoft-defender-antivirus.md)-- [Configure contextual file and folder exclusions](configure-contextual-file-folder-exclusions-microsoft-defender-antivirus.md) to configure restrictions for your exclusions. #### Manage antivirus exclusions in Intune (for existing policies)
security Onboarding Defender Experts For Hunting https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/onboarding-defender-experts-for-hunting.md
- tier1 search.appverid: met150 Previously updated : 11/17/2023 Last updated : 01/03/2024 # Start using Microsoft Defender Experts for Hunting
A sample Defender Experts Notification shows up in your **Incidents** page with
**To generate a sample notification:**
-1. In your Microsoft Defender XDR navigation pane, go to **Settings** > **Defender Experts** and then select **Sample DEN**.
-2. Select **Generate a sample DEN**. A green status message appears, confirming that your sample notification is ready for review.
-3. Under **Recently generated Defender Experts Notifications**, select a link from the list to view its corresponding generated sample notification. The most recent sample appears on the top of the list. Selecting a link redirects you to the **Incidents** page.
+1. In your Microsoft Defender XDR navigation pane, go to **Settings** > **Defender Experts** and then select **Sample notifications**.
+2. Select **Generate a sample notification**. A green status message appears, confirming that your sample notification is ready for review.
+3. Under **Recently generated Defender Experts Notification**, select a link from the list to view its corresponding generated sample notification. The most recent sample appears on the top of the list. Selecting a link redirects you to the **Incidents** page.
:::image type="content" source="../../media/mte/defenderexperts/sample-den-links-dexh.png" alt-text="Screenshot of Sample DEN links." lightbox="../../media/mte/defenderexperts/sample-den-links-dexh.png":::
security Microsoft Threat Actor Naming https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/intelligence/microsoft-threat-actor-naming.md
- tier2 search.appverid: met150 Previously updated : 04/18/2023 Last updated : 01/03/2024 # How Microsoft names threat actors
Last updated 04/18/2023
> [!IMPORTANT] > Learn about how [Volt Typhoon targets US critical infrastructure with living-off-the-land techniques](https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/#:~:text=Volt%20Typhoon%20has%20been%20active%20since%20mid-2021%20and,construction%2C%20maritime%2C%20government%2C%20information%20technology%2C%20and%20education%20sectors)
-Microsoft has shifted to a new naming taxonomy for threat actors aligned with the theme of weather. With the new taxonomy, we intend to bring better clarity to customers and other security researchers already confronted with an overwhelming amount of threat intelligence data and offer a more organized, articulate, and easy way to reference threat actors so that organizations can better prioritize and protect themselves.
+Microsoft shifted to a new naming taxonomy for threat actors aligned with the theme of weather. We intend to bring better clarity to customers and other security researchers with the nex taxonomy. We offer a more organized, articulate, and easy way to reference threat actors so that organizations can better prioritize and protect themselves and aid security researchers already confronted with an overwhelming amount of threat intelligence data.
Microsoft categorizes threat actors into five key groups:
-**Nation-state actors:** cyber operators acting on behalf of or directed by a nation/state-aligned program, irrespective of whether for espionage, financial gain, or retribution. Microsoft has observed that most nation state actors continue to focus operations and attacks on government agencies, intergovernmental organizations, non-governmental organizations, and think tanks for traditional espionage or surveillance objectives.
+**Nation-state actors:** cyber operators acting on behalf of or directed by a nation/state-aligned program, irrespective of whether for espionage, financial gain, or retribution. Microsoft observed that most nation state actors continue to focus operations and attacks on government agencies, intergovernmental organizations, nongovernmental organizations, and think tanks for traditional espionage or surveillance objectives.
-**Financially motivated actors:** cyber campaigns/groups directed by a criminal organization/person with motivations of financial gain and haven't been associated with high confidence to a known non-nation state or commercial entity. This category includes ransomware operators, business email compromise, phishing, and other groups with purely financial or extortion motivations.
+**Financially motivated actors:** cyber campaigns/groups directed by a criminal organization/person with motivations of financial gain and are not associated with high confidence to a known non-nation state or commercial entity. This category includes ransomware operators, business email compromise, phishing, and other groups with purely financial or extortion motivations.
-**Private sector offensive actors (PSOAs):** cyber activity led by commercial actors that are known/legitimate legal entities, that create and sell cyberweapons to customers who then select targets and operate the cyberweapons. These tools threaten many global human rights efforts, as they have been observed targeting and surveilling dissidents, human rights defenders, journalists, civil society advocates, and other private citizens.
+**Private sector offensive actors (PSOAs):** cyber activity led by commercial actors that are known/legitimate legal entities, that create and sell cyberweapons to customers who then select targets and operate the cyberweapons. These tools were observed targeting and surveilling dissidents, human rights defenders, journalists, civil society advocates, and other private citizens, threatening many global human rights efforts.
**Influence operations:** information campaigns communicated online or offline in a manipulative fashion to shift perceptions, behaviors, or decisions by target audiences to further a group or a nation's interests and objectives.
-**Groups in development:** a temporary designation given to an unknown, emerging, or developing threat activity that allows Microsoft to track it as a discrete set of information until we can reach high confidence about the origin or identity of the actor behind the operation. Once criteria are met, a group in development is converted to a named actor or merged into existing names.
+**Groups in development:** a temporary designation given to an unknown, emerging, or developing threat activity. This designation allows Microsoft to track a group as a discrete set of information until we can reach high confidence about the origin or identity of the actor behind the operation. Once criteria are met, a group in development is converted to a named actor or merged into existing names.
-In our new taxonomy, a weather event or *family name* represents one of the above categories. In the case of nation-state actors, we have assigned a family name to a country/region of origin tied to attribution, like Typhoon indicates origin or attribution to China. For other actors, the family name represents a motivation. For example, Tempest indicates financially motivated actors. Threat actors within the same weather family are given an adjective to distinguish actor groups with distinct tactics, techniques, and procedures (TTPs), infrastructure, objectives, or other identified patterns. For groups in development, where there is a newly discovered, unknown, emerging, or developing cluster of threat activity, we use a temporary designation of Storm and a four-digit number, allowing us to track it as a unique set of information until we can reach high confidence about the origin or identity of the actor behind the operation.
+In our new taxonomy, a weather event or *family name* represents one of the above categories. For nation-state actors, we have assigned a family name to a country/region of origin tied to attribution, like Typhoon indicates origin or attribution to China. For other actors, the family name represents a motivation. For example, Tempest indicates financially motivated actors.
-The table below shows how the new family names map to a sampling of the threat actors that we track.
+Threat actors within the same weather family are given an adjective to distinguish actor groups with distinct tactics, techniques, and procedures (TTPs), infrastructure, objectives, or other identified patterns. For groups in development, we use a temporary designation of Storm and a four-digit number where there is a newly discovered, unknown, emerging, or developing cluster of threat activity.
+
+The table shows how the new family names map to the threat actors that we track.
|Actor category|Type|Family name| ||::|::|
The table below shows how the new family names map to a sampling of the threat a
|Influence operations|Influence operations|Flood| |Groups in development|Groups in development|Storm|
-Use the following reference table below to understand how our previously publicly disclosed old threat actor names translate to our new taxonomy.
+Use the following reference table to understand how our previously publicly disclosed old threat actor names translate to our new taxonomy.
|Previous name|New name|Origin/Threat|Other names| ||::|::|::|
Read our announcement about the new taxonomy for more information: [https://aka.
## Putting intelligence into the hands of security professionals
-[Intel profiles in Microsoft Defender Threat Intelligence](../defender/defender-threat-intelligence.md) bring crucial threat actor insights directly into defenders' hands so that they can get the context they need as they prepare for and respond to threats.
+[Intel profiles in Microsoft Defender Threat Intelligence](../defender/defender-threat-intelligence.md) bring crucial insights about threat actors. These insights enable security teams to get the context they need as they prepare for and respond to threats.
-Additionally, to further operationalize the threat intelligence you get from Microsoft, the Microsoft Defender Threat Intelligence Intel Profiles API provides the most up-to-date threat actor infrastructure visibility in the industry today, enabling threat intelligence and security operations (SecOps) teams to streamline their advanced threat hunting and analysis workflows. Learn more about this API in the documentation: [Use the threat intelligence APIs in Microsoft Graph (preview)](/graph/api/resources/security-threatintelligence-overview).
+Additionally, the Microsoft Defender Threat Intelligence Intel Profiles API provides the most up-to-date threat actor infrastructure visibility in the industry today. Updated information is crucial in enabling threat intelligence and security operations (SecOps) teams to streamline their advanced threat hunting and analysis workflows. Learn more about this API in the documentation: [Use the threat intelligence APIs in Microsoft Graph (preview)](/graph/api/resources/security-threatintelligence-overview).
## Resources
solutions B2b Extranet https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/b2b-extranet.md
- Title: "Create a B2B extranet with managed guests"--- Previously updated : 03/10/2020----- highpri-- Tier1-- SPO_Content-- M365-collaboration-- m365solution-3tiersprotection-- m365solution-securecollab-- m365initiative-externalcollab-
-recommendations: false
-description: "Learn how to create a B2B extranet site or team with managed guests from a partner organization."
--
-# Create a B2B extranet with managed guests
-
-You can use [Entitlement Management](/azure/active-directory/governance/entitlement-management-overview) to create a B2B extranet to collaborate with a partner organization that uses Microsoft Entra ID. This allows users to self-enroll in the extranet site or team and receive access via an approval workflow.
-
-With this method of sharing resources for collaboration, the partner organization can help maintain and approve the guests on their end, reducing the burden on your IT department and allowing those most familiar with the collaboration agreement to manage user access.
-
-This article walks through the steps to create a package of resources (in this case, a site or team) that you can share with a partner organization through a self-service access registration model.
-
-Before you begin, create the site or team that you want to share with the partner organization and enable it for guest sharing. See [Collaborate with guests in a site](collaborate-in-site.md) or [Collaborate with guests in a team](collaborate-as-team.md) for more information. We also recommend that you review [Create a secure guest sharing environment](create-secure-guest-sharing-environment.md) for information about security and compliance features that you can use to help maintain your governance policies when collaborating with guests.
-
-## License requirements
-
-Using this feature requires Microsoft Entra ID Governance licenses. To find the right license for your requirements, see [Compare generally available features of Microsoft Entra ID](https://www.microsoft.com/security/business/identity-access-management/azure-ad-pricing).
-
-Specialized clouds, such as Azure Germany and Azure China 21Vianet, aren't currently available for use.
-
-## Video demonstration
-
-This video demonstrates the procedures covered in this article.
-
-> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4wKUj?autoplay=false]
-
-## Connect the partner organization
-
-In order to invite guests from a partner organization, you need to add the partner's domain as a connected organization in Microsoft Entra ID.
-
-To add a connected organization
-1. In the [Microsoft Entra admin center](https://aad.portal.azure.com), select **Identity Governance**.
-2. Select **Connected organizations**.
-4. Select **Add connected organization**.
-5. Type a name and description for the organization, and then select **Next: Directory + domain**.
-6. Select **Add directory + domain**.
-7. Type the domain for the organization that you want to connect, and then select **Add**.
-8. Select **Connect**, and then Select **Next: Sponsors**.
-9. Add people from your organization or the organization that you're connecting to who you want to approve access for guests.
-10. Select **Next: Review + Create**.
-11. Review the settings that you've chosen and then select **Create**.
-
- ![Screenshot of the connected organizations page in Microsoft Entra.](../media/identity-governance-connected-organizations.png)
-
-## Choose the resources to share
-
-The first step in selecting resources to share with a partner organization is to create a catalog to contain them.
-
-To create a catalog
-1. In the [Microsoft Entra admin center](https://aad.portal.azure.com), select **Identity Governance**.
-2. Select **Catalogs**.
-3. Select **New catalog**.
-4. Type a name and description for the catalog and ensure that **Enabled** and **Enabled for external users** are both set to **Yes**.
-5. Select **Create**.
-
- ![Screenshot of the catalogs page in Microsoft Entra Admin Center.](../media/identity-governance-catalogs.png)
-
-Once the catalog has been created, you add the SharePoint site or team that you want to share with the partner organization.
-
-To add resources to a catalog
-1. In the Microsoft Entra Admin Center, select **Catalogs**, and then select the catalog where you want to add resources.
-2. Select **Resources** and then select **Add resources**.
-3. Select the teams or SharePoint sites that you want to include in your extranet, and then select **Add**.
-
- ![Screenshot of the catalog resources page in Microsoft Entra Admin Center.](../media/identity-governance-catalog-resource.png)
-
-Once you've defined the resources that you want to share, the next step is to create an access package, which defines the type of access that partner users are granted and the approval process for new partner users requesting access.
-
-To create an access package
-1. In the Microsoft Entra Admin Center, select **Catalogs**, and then select the catalog where you want to create an access package.
-2. Select **Access packages**, and then select **New access package**.
-3. Type a name and description for the access package, and then select **Next: Resource roles**.
-4. Choose the resources from the catalog that you want to use for your extranet.
-5. For each resource, in the **Role** column, choose the user role you want to grant to the guests who use the extranet.
-6. Select **Next: Requests**.
-7. Under **Users who can request access**, choose **For users not in your directory**.
-8. Ensure that the **Specific connected organizations** option is selected, and then select **Add directories**.
-9. Choose the connected organization that you add earlier, and then select **Select**
-10. Under **Approval**, choose **Yes** for **Require approval**.
-11. Under **First approver**, choose one of the sponsors that you added earlier or choose a specific user.
-12. CliSelectck **Add fallback** and select a fallback approver.
-13. Under **Enable**, choose **Yes**.
-14. Select **Next: Lifecycle**.
-15. Choose the expiration and access review settings that you want to use, and then select **Next: Review + Create**.
-16. Review your settings, and then select **Create**.
-
- ![Screenshot of the access packages screen in Microsoft Entra Admin Center.](../media/identity-governance-access-packages.png)
-
-If you're partnering with a large organization, you may want to hide the access package. If the package is hidden, then users in the partner organization won't see the package on their *My Access* portal. Instead, they must be sent a direct link to sign up for the package. Hiding the access package can reduce the number of inappropriate access requests and can also help keep available access packages organized in the partner organization's portal.
-
-To set an access package to hidden
-1. In the Microsoft Entra admin center, select **Access packages**, and then select your access package.
-2. On the **Overview** page, select **Edit**.
-3. Under **Properties**, choose **Yes** for **Hidden**, and then select **Save**.
-
- ![Screenshot of an edit access package properties screen.](../media/identity-governance-access-package-hidden.png)
-
-## Invite partner users
-
-If you set the access package to hidden, you need to send a direct link to the partner organization so that they can request access to your site or team.
-
-To find the access portal link
-1. In the Microsoft Entra Admin Center, select **Access packages**, and then select your access package.
-2. On the **Overview** page, select **Copy to clipboard** link for the **My Access portal link**.
-
- ![Screenshot of access package properties with access portal link.](../media/identity-governance-access-portal-link.png)
-
-Once you have copied the link, you can share it with your contact at the partner organization, and they can send it to the users on their collaboration team.
-
-## See Also
-
-[Create a secure guest sharing environment](create-secure-guest-sharing-environment.md)
solutions Best Practices Anonymous Sharing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/best-practices-anonymous-sharing.md
Title: "Best practices for unauthenticated sharing"
+ Title: Best practices for unauthenticated sharing
Previously updated : 03/10/2020 Last updated : 01/03/2024 audience: ITPro
- seo-marvel-apr2020 - admindeeplinkSPO
+ms.localizationpriority: medium
f1.keywords: NOCSH recommendations: false
-description: "In this article, you'll learn about the best practices for sharing files and folders with unauthenticated users."
+description: Learn about the best practices for sharing files and folders with unauthenticated users.
# Best practices for sharing files and folders with unauthenticated users
Usually, not all content in an organization is appropriate for unauthenticated s
> [!NOTE] > For unauthenticated sharing to work, you must enable it for your organization and for the individual site or team that you'll be using. See [Collaborating with people outside your organization](collaborate-with-people-outside-your-organization.md) for the scenario that you want to enable.
-## Set an expiration date for Anyone links
+## Set an expiration date for *Anyone* links
Files are often stored in sites, groups, and teams for long periods of time. Occasionally there are data retention policies that require files to be retained for years. If such files are shared with unauthenticated people, this could lead to unexpected access and changes to files in the future. To mitigate this possibility, you can configure an expiration time for *Anyone* links.
To set an expiration date for Anyone links across the organization
1. Open the SharePoint admin center, expand **Policies**, and then select <a href="https://go.microsoft.com/fwlink/?linkid=2185222" target="_blank">**Sharing**</a>. 1. Under **Choose expiration and permissions options for Anyone links**, select the **These links must expire within this many days** check box.</br> ![Screenshot of SharePoint organization-level Anyone link expiration settings.](../media/sharepoint-organization-anyone-link-expiration.png)
-1. Type a number of days in the box, and then click **Save**.
+1. Type a number of days in the box, and then select **Save**.
If you change the expiration time, existing links will keep their current expiration time if the new setting is longer, or be updated to the new setting if the new setting is shorter.
To set an expiration date for Anyone links on a specific site
1. Select the **These links must expire within this many days** option, and type a number of days in the box. 1. Select **Save**.
-Note that once an *Anyone* link expires, the file or folder can be re-shared with a new *Anyone* link.
+Note that once an *Anyone* link expires, the file or folder can be reshared with a new *Anyone* link.
You can set *Anyone* link expiration for a specific site by using [Set-SPOSite](/powershell/module/sharepoint-online/set-sposite).
Set-SPOSite -Identity https://contoso.sharepoint.com/sites/marketing -OverrideTe
## Set link permissions
-By default, *Anyone* links for a file allow people to edit the file, and *Anyone* links for a folder allow people to edit and view files, and upload new files to the folder. You can change these permissions for files and for folders independently to view-only.
+By default, *Anyone* links for a file allow people to edit the file, and *Anyone* links for a folder allow people to edit and view files, and upload new files to the folder. You can change these permissions for files and for folders, independently, to view-only.
If you want to allow unauthenticated sharing, but are concerned about unauthenticated people modifying your organization's content, consider setting the file and folder permissions to **View**. To set permissions for Anyone links across the organization 1. Open the SharePoint admin center, and select <a href="https://go.microsoft.com/fwlink/?linkid=2185222" target="_blank">**Sharing**</a>.
-1. Under **Advanced settings for "Anyone" links**, select the file and folder permissions that you want to use.</br>
+1. Under **Choose expiration and permissions options for Anyone links**, select the file and folder permissions that you want to use.</br>
![Screenshot of SharePoint organization-level Anyone link permissions settings.](../media/sharepoint-organization-anyone-link-permissions.png)
-With *Anyone* links set to **View**, users can still share files and folders with guests and give them edit permissions by using *Specific people* links. These links require people outside your organization to authenticate as guests, and you can track and audit guest activity on files and folders shared with these links.
+With *Anyone* links set to **View**, users can still share files and folders with guests and give them edit permissions by using *Specific people* links. *Specific people* links require people outside your organization to authenticate as guests, and you can track and audit guest activity on files and folders shared with these links.
-## Set default link type to only work for people in your organization
+## Set default link type to a link that only work for people in your organization
When *Anyone* sharing is enabled for your organization, the default sharing link is normally set to **Anyone**. While this can be convenient for users, it can increase the risk of unintentional unauthenticated sharing. If a user forgets to change the link type while sharing a sensitive document, they might accidentally create a sharing link that doesn't require authentication.
To set the default file and folder sharing link for a specific site:
## Prevent unauthenticated sharing of sensitive content
-You can use [Microsoft Purview Data Loss Prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself.
+You can use [Microsoft Purview Data Loss Prevention (DLP)](/purview/dlp-learn-about-dlp) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself.
To create a DLP rule:
-1. In the Microsoft Purview admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention).
-2. Click **Create policy**.
-3. Choose **Custom** and click **Next**.
-4. Type a name for the policy and click **Next**.
-5. On the **Locations to apply the policy** page turn off all settings except **SharePoint sites** and **OneDrive accounts**, and then click **Next**.
-6. On the **Define policy settings** page, click **Next**.
-7. On the **Customize advanced DLP rules** page, click **Create rule** and type a name for the rule.
-8. Under **Conditions**, click **Add condition**, and choose **Content contains**.
-9. Click **Add** and choose the type of information for which you want to prevent unauthenticated sharing.
-10. Under **Actions** click **Add an action** and choose **Restrict access or encrypt the content in Microsoft 365 locations**.
-11. Select the **Restrict access or encrypt the content in Microsoft 365 locations** check box and then choose the **Only people who were given access to the content through the "Anyone with the link" options** option.
+1. In the [Microsoft Purview admin center](https://compliance.microsoft.com/), expand **Data loss prevention**, and select **Policies**.
+1. Select **Create policy**.
+1. Choose **Custom**, select **Custom policy,** and then select **Next**.
+1. Type a name for the policy and select **Next**.
+1. On the **Assign admin units** page, select **Next**.
+1. On the **Locations to apply the policy** page turn off all settings except **SharePoint sites** and **OneDrive accounts**, and then select **Next**.
+1. On the **Define policy settings** page, select **Next**.
+1. On the **Customize advanced DLP rules** page, select **Create rule** and type a name for the rule.
+1. Under **Conditions**, select **Add condition**, and choose **Content contains**.
+1. Select **Add** and choose the type of information for which you want to prevent unauthenticated sharing.
+1. Under **Actions** select **Add an action** and choose **Restrict access or encrypt the content in Microsoft 365 locations**.
+1. Choose the **Block only people who were given access to the content through the "Anyone with the link" options** option.
![Screenshot of DLP rule action options.](../media/limit-accidental-exposure-dlp-anyone-links.png)
-12. Click **Save** and then click **Next**.
-13. Choose your test options and click **Next**.
-14. Click **Submit**, and then click **Done**.
+1. Select **Save** and then select **Next**.
+1. Choose your test options and select **Next**.
+1. Select **Submit**, and then select **Done**.
## Protect against malicious files
-When you allow anonymous users to upload files, you're at an increased risk of someone uploading a malicious file. In organizations with Microsoft Defender for Office 365 Plan 1 or Plan 2 licenses (for example, in Microsoft 365 E5 or as an add-on), you can use the *Safe Attachments* feature to detonate uploaded files in a sandboxed virtual environment, and quarantine files that are found to be unsafe.
+When you allow anonymous users to upload files, you're at an increased risk of someone uploading a malicious file. You can use the *Safe Attachments* feature to check email attachments in a virtual environment before they're delivered to recipients and quarantine files that are found to be unsafe. For more information, see [Safe Attachments in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-attachments-about).
-For instructions, see [Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](../security/office-365-security/safe-attachments-for-spo-odfb-teams-configure.md).
-
-If you have Microsoft 365 A5 or E5 Security licenses, you can also turn on (and use) the *Safe Documents* feature. For more information, see [Safe Documents in Microsoft 365 A5 or E5 Security](../security/office-365-security/safe-documents-in-e5-plus-security-about.md).
+You can also use the *Safe Documents* feature to scan opened Office documents in [Protected View](https://support.microsoft.com/office/d6f09ac7-e6b9-4495-8e43-2bbcdbcb6653) or [Application Guard for Office](https://support.microsoft.com/topic/9e0fb9c2-ffad-43bf-8ba3-78f785fdba46). For more information, see [Safe Documents in Microsoft 365 A5 or E5 Security](../security/office-365-security/safe-documents-in-e5-plus-security-about.md).
## Add copyright information to your files
-If you use sensitivity labels in the Microsoft Purview admin center, you can configure your labels to add a watermark or a header or footer automatically to your organization's Office documents. In this way, you can make sure that shared files contain copyright or other ownership information.
+If you use sensitivity labels in the Microsoft Purview admin center, you can configure *content marking* in your labels to add a watermark or a header or footer automatically to your organization's Office documents. In this way, you can make sure that shared files contain copyright or other ownership information.
To add a footer to a labeled file 1. Open the [Microsoft Purview admin center](https://compliance.microsoft.com).
-2. In the left navigation, under **Solutions**, click **Information protection**.
-3. Click the label that you want to have add a footer, and then click **Edit label**.
-4. Click **Next** to reach the **Content marking** tab, and then turn **On** content marking.
-5. Select the check box for the type of text you want to add, and then click **Customize text**.
-6. Type the text that you want added to your documents, select the text options that you want, and then click **Save**.</br>
+1. In the left navigation, under **Solutions**, expand **Information protection** and select **Labels**.
+1. Select the label where you want to add content marking, and then select **Edit label**.
+1. Select **Next** to reach the **Choose protection settings for labeled items** page, and then select **Apply content marking**. Select **Next**
+1. On the **Content marking** page, set **Content marking** to **On**.
+1. Select the check box for the type of text you want to add, and then select **Customize text**.
+1. Type the text that you want added to your documents, select the text options that you want, and then select **Save**.</br>
![Screenshot of the content marking settings for a sensitivity label.](../media/content-marking-for-anonymous-sharing.png)
-7. Click **Next** to reach the end of the wizard, and then click **Save label**.
+1. Select **Next** to reach the end of the wizard, and then select **Save label**.
+1. Select **Done**.
With content marking enabled for the label, the text you specified will be added to Office documents when a user applies that label.
-## See Also
+## Related articles
-[Overview of sensitivity labels](/microsoft-365/compliance/sensitivity-labels)
+[Learn about sensitivity labels](/purview/sensitivity-labels)
-[Limit accidental exposure to files when sharing with guests](share-limit-accidental-exposure.md)
+[Limit accidental exposure to files when sharing with people outside your organization](share-limit-accidental-exposure.md)
-[Create a secure guest sharing environment](create-secure-guest-sharing-environment.md)
+[Create a more secure guest sharing environment](create-secure-guest-sharing-environment.md)
solutions Data Privacy Protection Assess https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/data-privacy-protection-assess.md
f1.keywords: - NOCSH Previously updated : 06/14/2023 Last updated : 01/03/2024 audience: ITPro
When you begin your data privacy journey, you'll want to first understand what t
|Action|Description|Get details| |:|:-|:| |Use Priva to understand your organization's personal data.| Priva evaluates your organization's Microsoft 365 environment to determine the types and amounts of sensitive information types and where they're stored. It then gives you insights and key analytics to help you understand the privacy issues and associated risks in your organization.<br><br>To get started with Priva, check to make sure your users are appropriately licensed and have the roles they need. It's also a good idea to confirm that the [Microsoft 365 audit log is enabled](/privacy/priva/priva-setup#enable-the-microsoft-365-audit-log).<br><br> We recommend making some initial settings before you start. Visit Priva settings to turn [anonymization](/privacy/priva/priva-settings#anonymization) **On** for greater protection while reviewing sensitive data, and turn [user notification emails](/privacy/priva/priva-settings#user-notification-emails) **Off** while you're getting familiar with Privacy Risk Management policies. You can turn both on later.| [Learn more about Priva](/privacy/priva/priva-overview) <br><br> [Check Priva licensing guidance](/privacy/priva/priva-setup)<br><br>[Set user permissions for Priva](/privacy/priva/priva-permissions)<br><br>[Check Priva settings](/privacy/priva/priva-settings)<br><br>[Find and visualize personal data in your organization](/privacy/priva/priva-data-profile)|
-|Visit Compliance Manager to assess your compliance posture.| The next step is knowing which data protection regulations apply to your organization so you know what your obligations are.<p><p>Keeping up with new and updated laws and regulations can be a full-time job in itself, and many organizations struggle with manual processes for monitoring, updating, and reporting on their state of compliance. Compliance Manager helps manage the complexities of implementing controls through built-in control mapping, versioning, and continuous control assessments. This automation and continuous monitoring helps you to stay current with regulations and certifications, and eases reporting to auditors. <p><p>Use Compliance Manager to quickly assess your current environment and get an initial compliance score based on the Microsoft data protection baseline assessment. From there, you can create assessments that cover your multicloud environment and keep you on track with the regulations that are most relevant to your organization. | [Learn more about Compliance Manager](../compliance/compliance-manager.md)<br><br>[Start a premium assessments trial](../compliance/compliance-manager-setup.md#start-a-premium-assessments-trial)<br><br>[Learn about multicloud support](../compliance/compliance-manager-multicloud.md)|
+|Visit Compliance Manager to assess your compliance posture.| The next step is knowing which data protection regulations apply to your organization so you know what your obligations are.<p><p>Keeping up with new and updated laws and regulations can be a full-time job in itself, and many organizations struggle with manual processes for monitoring, updating, and reporting on their state of compliance. Compliance Manager helps manage the complexities of implementing controls through built-in control mapping, versioning, and continuous control assessments. This automation and continuous monitoring helps you to stay current with regulations and certifications, and eases reporting to auditors. <p><p>Use Compliance Manager to quickly assess your current environment and get an initial compliance score based on the Microsoft data protection baseline assessment. From there, you can create assessments that cover your multicloud environment and keep you on track with the regulations that are most relevant to your organization. | [Learn more about Compliance Manager](/purview/compliance-manager)<br><br>[Start a premium assessments trial](/purview/compliance-easy-trials-compliance-manager-assessments)<br><br>[Learn about multicloud support in Compliance Manager](/purview/compliance-manager-multicloud)|
## Optimizing your initial setup Within 48-72 hours of starting Microsoft Priva, you'll start to see insights around personal data display for your organization. On the Priva overview page, you'll see insights on the amount of personal data that exists in your organization, where it lives, and how it moves. These insights are dynamically updated as new data comes in. Over time, you can better understand how personal data evolves in your Microsoft 365 environment so you can more quickly spot issues, identify and assess risks, and take action to fix issues. Learn more about [understanding the data presented on the overview page](/privacy/priva/priva-data-profile#explore-the-overview-page).
- ΓÇïSelect **Data profile** underneath **Privacy risk management** on the left navigation of the Purview compliance portal. On this page, you can explore and document all the personal data types detected across repositories. Based on this information, you can decide if all the data types you're concerned about are successfully detected. If you find something missing, you can [create custom sensitive information types (SITs)](../compliance/create-a-custom-sensitive-information-type.md) and come back to the data profile page in the next 24-48 hours.
+ ΓÇïSelect **Data profile** underneath **Privacy risk management** on the left navigation of the Purview compliance portal. On this page, you can explore and document all the personal data types detected across repositories. Based on this information, you can decide if all the data types you're concerned about are successfully detected. If you find something missing, you can [create custom sensitive information types (SITs)](/purview/create-a-custom-sensitive-information-type) and come back to the data profile page in the next 24-48 hours.
There are three data handling policies in Priva Privacy Risk Management: data overexposure, data transfers, and data minimization. You can [learn more about the policy types here](/privacy/priva/risk-management), and we'll discuss them further in step 2 of this solution. A default version of each policy type is set up and running when you start using Priva. You'll see them listed with the word **Default** in their names on your **Policies** page.
solutions Data Privacy Protection Protect Govern https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/data-privacy-protection-protect-govern.md
f1.keywords: - NOCSH Previously updated : 08/01/2023 Last updated : 01/03/2024 audience: ITPro
When you know what personal data you have, where it is, and your regulatory requ
|Action|Description|Get details| |:|:-|:|
-|Identify sensitive information types so you know what needs protection.| Identifying and categorizing sensitive items managed by your organization is the first step in the Information Protection discipline. <p><p>Microsoft Purview provides three ways of identifying items so that they can be categorized a) manually by users, b) automated pattern recognition, like sensitive information types, and c) machine learning.<p><p>Sensitive information types (SIT) are pattern-based classifiers. They detect sensitive information like social security, credit card, or bank account numbers to identify sensitive items.| [Learn more about sensitive information types](../compliance/sensitive-information-type-learn-about.md)<br><br> [View the full list of sensitive information types](../compliance/sensitive-information-type-entity-definitions.md)|
-|Categorize and label your content so you can apply features to protect it.| Categorizing and labeling content so it can be protected and handled properly is the starting place for the information protection discipline. Microsoft 365 has three ways to classify content.| [Learn more about trainable classifiers](../compliance/classifier-learn-about.md)|
-|Apply sensitivity labels to protect data, even if it roams.| When youΓÇÖve identified your sensitive data, youΓÇÖll want to protect it. ThatΓÇÖs often challenging when people collaborate with others both inside and outside the organization. That data can roam everywhere, across devices, apps, and services. And when it roams, you want it to do so in a secure, protected way that meets your organization's business and compliance policies. <p><p>Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered.| [Learn more about sensitivity labels](../compliance/sensitivity-labels.md)|
-|Use data loss prevention policies to prevent the sharing of personal data.| Organizations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect sensitive information and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn't have it. This practice is called data loss prevention (DLP).<p><p>Using Microsoft Purview Data Loss Prevention, you implement data loss prevention by defining and applying DLP policies to identify, monitor, and automatically protect sensitive items across Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive; Office applications such as Word, Excel, and PowerPoint; Windows 10, Windows 11, and macOS (the current version and the previous two versions of macOS) endpoints; non-Microsoft cloud apps; and on-premises file shares and on-premises SharePoint.<p><p>This DLP solution detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analyzed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that, DLP also uses machine learning algorithms and other methods to detect content that matches your DLP policies.| [Learn more about data loss prevention](../compliance/dlp-learn-about-dlp.md)|
-|Govern your Microsoft 365 data for compliance or regulatory requirements| Information governance controls can be employed in your environment to help address data privacy compliance needs, including a number that are specific to General Data Protection Regulation (GDPR), HIPAA-HITECH (the United States health care privacy act), California Consumer Protection Act (CCPA), and the Brazil Data Protection Act (LGPD). Microsoft Purview Data Lifecycle Management and Microsoft Purview Records Management provide these controls in the form of retention policies, retention labels, and records management capabilities. | [Learn how to deploy a data governance solution with Microsoft Purview](../compliance/data-governance-solution.md)|
+|Identify sensitive information types so you know what needs protection.| Identifying and categorizing sensitive items managed by your organization is the first step in the Information Protection discipline. <p><p>Microsoft Purview provides three ways of identifying items so that they can be categorized a) manually by users, b) automated pattern recognition, like sensitive information types, and c) machine learning.<p><p>Sensitive information types (SIT) are pattern-based classifiers. They detect sensitive information like social security, credit card, or bank account numbers to identify sensitive items.| [Learn more about sensitive information types](/purview/sensitive-information-type-learn-about)<br><br> [View the full list of sensitive information types](/purview/sensitive-information-type-entity-definitions)|
+|Categorize and label your content so you can apply features to protect it.| Categorizing and labeling content so it can be protected and handled properly is the starting place for the information protection discipline. Microsoft 365 has three ways to classify content.| [Learn more about trainable classifiers](/purview/classifier-learn-about)|
+|Apply sensitivity labels to protect data, even if it roams.| When youΓÇÖve identified your sensitive data, youΓÇÖll want to protect it. ThatΓÇÖs often challenging when people collaborate with others both inside and outside the organization. That data can roam everywhere, across devices, apps, and services. And when it roams, you want it to do so in a secure, protected way that meets your organization's business and compliance policies. <p><p>Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered.| [Learn more about sensitivity labels](/purview/sensitivity-labels)|
+|Use data loss prevention policies to prevent the sharing of personal data.| Organizations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect sensitive information and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn't have it. This practice is called data loss prevention (DLP).<p><p>Using Microsoft Purview Data Loss Prevention, you implement data loss prevention by defining and applying DLP policies to identify, monitor, and automatically protect sensitive items across Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive; Office applications such as Word, Excel, and PowerPoint; Windows 10, Windows 11, and macOS (the current version and the previous two versions of macOS) endpoints; non-Microsoft cloud apps; and on-premises file shares and on-premises SharePoint.<p><p>This DLP solution detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analyzed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that, DLP also uses machine learning algorithms and other methods to detect content that matches your DLP policies.| [Learn more about data loss prevention](/purview/dlp-learn-about-dlp)|
+|Govern your Microsoft 365 data for compliance or regulatory requirements| Information governance controls can be employed in your environment to help address data privacy compliance needs, including a number that are specific to General Data Protection Regulation (GDPR), HIPAA-HITECH (the United States health care privacy act), California Consumer Protection Act (CCPA), and the Brazil Data Protection Act (LGPD). Microsoft Purview Data Lifecycle Management and Microsoft Purview Records Management provide these controls in the form of retention policies, retention labels, and records management capabilities. | [Learn how to deploy a data governance solution with Microsoft Purview](/purview/data-governance-solution)|
|Set up secure storage of personal data in Microsoft Teams.| If you plan to store highly sensitive personal data in Teams, you can configure a private team and use a sensitivity label that's specifically configured to secure access to the team and files within it.| [Learn more about configuring a team with security isolation](secure-teams-security-isolation.md)| |Empower users to spot potential risks and fix issues.| Create data handling policies in Priva Privacy Risk Management so that your users can immediately identify risks in the data they create and manage.<p><p>Notification emails alert users when they transfer items with personal data within our outside of the organization, make content too broadly accessible, or hold onto personal data for too long. The notifications prompt users to take immediate remediation steps to secure personal data, and contain links to your organization's preferred privacy training.| [Learn more about Privacy Risk Management](/privacy/priva/risk-management)<br><br>[Create a policy to prevent data transfers, overexposure, or hoarding](/privacy/priva/risk-management-policies)<br><br>[Set up notifications for users to fix issues with content they handle](/privacy/priva/risk-management-notifications)| |Use records management for high-value items that must be managed for business, legal, or regulatory record-keeping requirements.| A records management system is a solution for organizations to manage regulatory, legal, and business-critical records.<p><p>Microsoft Purview Records Management helps an organization manage their legal obligations, provides the ability to demonstrate compliance with regulations, and increases efficiency with regular disposition of items that are no longer required to be retained, no longer of value, or no longer required for business purposes.| [Learn more about records management](/purview/records-management)| ## Setting up your strategy for success
-Identifying sensitive information types (SITs), categorizing and labeling your content, and deploying data loss prevention (DLP) policies are key steps in an [information protection strategy](../compliance/information-protection-solution.md). The links in the table above take you to detailed guidance for carrying out these essential tasks.
+Identifying sensitive information types (SITs), categorizing and labeling your content, and deploying data loss prevention (DLP) policies are key steps in an [information protection strategy](/purview/information-protection-solution). The links in the table above take you to detailed guidance for carrying out these essential tasks.
Protecting data is also the responsibility of every user in your organization who views, creates, and handles personal data in the course of the job duties. Each user must know and abide by your organization's internal and regulatory responsibilities to protect personal data wherever it exists in your organization. To that end, Priva helps you empower your users to know their responsibilities, to be informed when they're handling data in risky ways, and take immediate action to minimize privacy risks to the organization.
The three data handling policies available in Priva Privacy Risk Management help
We recommend deploying policies in a phased approach so you can get to know how they behave and optimize them to suit your needs. For the first phase, we recommend creating one custom policy to serve as a basis of understanding. Let's use the example of creating a [data overexposure policy](/privacy/priva/risk-management-policy-data-overexposure), which identifies content items containing personal data that may be too broadly accessible by other people. You can find [detailed policy creation instructions starting here](/privacy/priva/risk-management-policy-data-overexposure#custom-setup-guided-policy-creation-process). -- When you get to the **Choose data to monitor** step of the policy creation wizard, we recommend selecting the **Individual sensitive information types** option and choosing the SITs that are most relevant to your organization. For example, if you're a financial services company with customers in Europe, you'll likely want to include the EU debit card number as one of your SITs. [Find the list of SIT definitions here](../compliance/sensitive-information-type-entity-definitions.md).
+- When you get to the **Choose data to monitor** step of the policy creation wizard, we recommend selecting the **Individual sensitive information types** option and choosing the SITs that are most relevant to your organization. For example, if you're a financial services company with customers in Europe, you'll likely want to include the EU debit card number as one of your SITs. [Find the list of SIT definitions here](/purview/sensitive-information-type-entity-definitions).
- At the **Choose users and groups covered by this policy** step, we recommend selecting **Specific users or groups** and choosing a small inner circle of users in scope for this policy. - At the **Choose conditions for the policy** step, we recommend selecting only **External** so that you're tracking data you might consider more at risk while keeping the total amount of data you'll have to monitor at more manageable levels. -- At the **Specify alerts and thresholds** step, we recommend turning alerts **On** so that when admins see alerts when policy matches are detected, they can gauge whether the severity and frequency meet their needs. Note that policies don't work retrospectively, so if you decide to keep alerts off at first and later turn them on, you wouldn't see any alerts for matches that occurred prior to turning on alerts.
+- At the **Specify alerts and thresholds** step, we recommend turning alerts **On** and selecting the [frequency option](/privacy/priva/risk-management-policies#alert-frequency-and-thresholds) of **Alert when one of the conditions below is met**. Turning on alerts will help admins gauge whether the severity and frequency of alerts meet their needs. Note that policies don't work retrospectively, so if you decide to keep alerts off at first and later turn them on, you wouldn't see any alerts for matches that occurred prior to turning on alerts.
- At the **Decide policy mode** state, we recommend [keeping the policy in test mode](/privacy/priva/risk-management-policies#testing-a-policy) and monitoring its performance for at least five days. This allows you to see what kind of matches the policy conditions are picking up, how the alerts will fire.
solutions Data Privacy Protection Regulations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/data-privacy-protection-regulations.md
f1.keywords: - NOCSH Previously updated : 02/06/2023 Last updated : 01/03/2024 audience: ITPro
Welcome to **Step 3** of managing data privacy and data protection with Microsof
![The steps to manage data privacy and data protection with Microsoft Priva and Microsoft Purview](../media/data-privacy-protection/manage-data-privacy-protection-steps-three.png)
-Research shows that there are over 250 daily updates to global regulations[*](#reference). Microsoft Purview Compliance Manager helps you keep up with the evolving compliance and risk landscape by providing continuous control assessments and regulatory updates. Choose from a library of 350+ templates that correspond to national, regional, and industry-specific requirements on the collection and use of data. Modify the templates for your needs, or create your own custom template for assessments that meet your unique needs. Explore the links below for detailed guidance on managing your organization's compliance activities with Compliance Manager.
+Research shows that there are over 250 daily updates to global regulations[*](#reference). [Microsoft Purview Compliance Manager](/purview/compliance-manager) helps you keep up with the evolving compliance and risk landscape by providing continuous control assessments and regulatory updates. Choose from a library of 350+ templates that correspond to national, regional, and industry-specific requirements on the collection and use of data. Modify the templates for your needs, or create your own custom template for assessments that meet your unique needs. Explore the links below for detailed guidance on managing your organization's compliance activities with Compliance Manager.
## Actions to take |Action|Description|Get details| |:|:-|:|
-|Monitor progress and improve your compliance score. | Make sure you've set up assessments in Compliance Manger to help you stay on top of new and evolving data privacy regulations and laws that apply to your organization.| [Build and manage assessments in Compliance Manager](../compliance/compliance-manager-assessments.md)<br><br>[Raise your score by completing improvement actions](../compliance/compliance-manager-improvement-actions.md) |
-|Automatically test improvement actions. | To realize the full benefits of continuous control assessment, make sure your settings are configured to enable automatic testing of all eligible improvement actions.| [Set your testing source for automated testing](../compliance/compliance-manager-setup.md#testing-source-for-automated-testing)|
-|Set alerts for changes in Compliance Manager. | Compliance Manager can alert you to changes as soon as they happen so that you can stay on track with your compliance goals. Set up alerts for improvement action changes such as a score increase or decrease, an implementation or test status change, a reassignment, or the addition or removal of evidence.| [Create alert policies](../compliance/compliance-manager-alert-policies.md)|
-|Facilitate the work of assessors and auditors. | Make sure that individuals who oversee compliance activities in the organization have the right roles and can access evidence files and reporting. Compliance Manager allows scoped access to individual assessment for specific users. <br><br>You can upload evidence files to improvement actions that document your implementation and testing work. Assign improvement actions to users serving as assessors so they can determine a pass or fail status.<br><br>Provide reporting on your assessments to compliance stakeholders, auditors, and regulators. Exported reports contain details about control implementation status, test date, and test results.| [Grant user access to individual assessments](../compliance/compliance-manager-assessments.md#grant-user-access-to-individual-assessments)<br><br>[Store evidence documentation](../compliance/compliance-manager-improvement-actions.md#storing-evidence)<br><br>[Assign improvement actions to assessors](../compliance/compliance-manager-improvement-actions.md#assign-improvement-action-to-assessor-for-completion)<br><br>[Export an assessment report](../compliance/compliance-manager-assessments.md#export-an-assessment-report)|
+|Monitor progress and improve your compliance score. | Make sure you've set up assessments in Compliance Manger to help you stay on top of new and evolving data privacy regulations and laws that apply to your organization.| [Build and manage assessments in Compliance Manager](/purview/compliance-manager-assessments)<br><br>[Learn how to assess your compliance posture across your multicloud environment](/purview/compliance-manager-multicloud)<br><br>[Raise your compliance score by completing improvement actions](/purview/compliance-manager-improvement-actions) |
+|Automatically test improvement actions. | To realize the full benefits of continuous control assessment, make sure your settings are configured to enable automatic testing of all eligible improvement actions.| [Set your testing source for automated testing](/purview/compliance-manager-setup#testing-source-for-automated-testing)|
+|Set alerts for changes in Compliance Manager. | Compliance Manager can alert you to changes as soon as they happen so that you can stay on track with your compliance goals. Set up alerts for improvement action changes such as a score increase or decrease, an implementation or test status change, a reassignment, or the addition or removal of evidence.| [Create alert policies](/purview/compliance-manager-alert-policies)|
+|Facilitate the work of assessors and auditors. | Make sure that individuals who oversee compliance activities in the organization have the right roles and can access evidence files and reporting. Compliance Manager allows scoped access to individual assessment for specific users. <br><br>You can upload evidence files to improvement actions that document your implementation and testing work. Assign improvement actions to users serving as assessors so they can determine a pass or fail status.<br><br>Provide reporting on your assessments to compliance stakeholders, auditors, and regulators. Exported reports contain details about control implementation status, test date, and test results.| [Grant user access to individual assessments](/purview/compliance-manager-assessments#grant-user-access-to-individual-assessments)<br><br>[Store evidence](/purview/compliance-manager-improvement-actions#storing-evidence)<br><br>[Assign improvement actions to assessors](/purview/compliance-manager-improvement-actions#assign-improvement-action-to-assessor-for-completion)<br><br>[Export an assessment report](/purview/compliance-manager-assessments#export-an-assessment-report)|
## Next step
solutions Data Privacy Protection Respond Requests https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/data-privacy-protection-respond-requests.md
f1.keywords: - NOCSH Previously updated : 02/06/2023 Last updated : 01/03/2024 audience: ITPro
Features in both Purview and Priva can help you monitor, investigate, and respon
|Action|Description|Get details| |:|:-|:|
-|Set up alerts for potential incidents.| You can set up alerts to help you respond quickly to an array of privacy incidents, whether they come through Priva, auditing, or other alert policies.| [Priva policy alerts](/privacy/priv)|
+|Set up alerts for potential incidents.| You can set up alerts to help you respond quickly to an array of privacy incidents, whether they come through Priva, auditing, or other alert policies.| [Priva policy alerts](/privacy/priva/risk-management-alerts)<br><br>[Unified auditing](/purview/audit-new-search)<br><br>[Mailbox auditing](/purview/audit-mailboxes)<br><br>[Microsoft Purview Audit (Premium)](/purview/audit-premium)<br><br>[Alert policies](/purview/alert-policies)|
|Manage subject rights requests at scale.| Several privacy regulations around the world grant individualsΓÇöor data subjectsΓÇöthe right to make requests to review or manage the personal data that companies have collected about them. These subject rights requests are also referred to as data subject requests (DSRs), data subject access requests (DSARs), or consumer rights requests.<p><p>For companies that store large amounts of information, finding the relevant data can be a formidable task. Fulfilling the requests, for most organizations, is a highly manual and time consuming process.<p><p>Microsoft Priva Subject Rights Requests is designed to help alleviate the complexity and length of time involved in responding to data subject inquires. This solution provides automation, insights, and workflows to help organizations fulfill requests more confidently and efficiently.| [Learn more about Subject Rights Requests](/privacy/priva/subject-rights-requests)|
-|Use insider risk management as an investigative tool.| Microsoft Purview Insider Risk Management is a compliance solution that helps you minimize internal risk by enabling you detect, investigate, and act on malicious and inadvertent activities in your organization.<p><p>Insider risk policies allow you to define the types of risks to identify and detect in your organization. You can act on cases and escalate cases to Microsoft eDiscovery (Premium) if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards.| [Learn more about insider risk management](../compliance/insider-risk-management.md)|
+|Use insider risk management as an investigative tool.| Microsoft Purview Insider Risk Management is a compliance solution that helps you minimize internal risk by enabling you detect, investigate, and act on malicious and inadvertent activities in your organization.<p><p>Insider risk policies allow you to define the types of risks to identify and detect in your organization. You can act on cases and escalate cases to Microsoft eDiscovery (Premium) if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards.| [Learn more about insider risk management](/purview/insider-risk-management)|
## Building your monitoring and response strategy
solutions Data Privacy Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/data-privacy-protection.md
f1.keywords: - NOCSH Previously updated : 02/06/2023 Last updated : 01/03/2024 audience: ITPro
Data privacy and data protection go hand in hand. You can't have data privacy wi
## How Microsoft Priva and Microsoft Purview work together
-Microsoft Purview and Microsoft Priva provide a unified platform to help you comply with data privacy regulations. The complementary features in Purview risk and compliance solutions and Priva privacy management solutions help you assess the personal data within your organization, and provide automation and scalability to help reduce the complexity in adequately safeguarding the data.
+[Microsoft Priva](/privacy/priva/priva-overview) and [Microsoft Purview](/purview/purview) provide a unified platform to help you comply with data privacy regulations. The complementary features in [Purview risk and compliance solutions](/purview/purview-compliance) and [Priva privacy management solutions](/privacy/priva/risk-management) help you assess the personal data within your organization, and provide automation and scalability to help reduce the complexity in adequately safeguarding the data.
![How Microsoft Purview and Microsoft Priva work together](../media/data-privacy-protection/purview-priva-together.png) ## How to use this guide
-Use the guidance in these articles to help you assess risks and take appropriate action to protect personal data in your Microsoft 365 environment. This guide comprises four overarching steps to help you understand how and when to use the appropriate Microsoft solution for meeting your organization's data privacy obligations.
+Use the guidance in these articles to help you assess risks and take appropriate action to protect personal data in your organization's environment. This guide comprises four overarching steps to help you understand how and when to use the appropriate Microsoft solution for meeting your organization's data privacy obligations.
The steps in this solution are:
The steps in this solution are:
## Resources
+- [Microsoft Priva](/privacy/priva/priva-overview)
+- [Microsoft Purview](/purview/purview)
- [Microsoft Privacy](/privacy)-- [Microsoft Purview risk and compliance solutions](../compliance/purview-compliance.md) - [Microsoft compliance offerings](/compliance/regulatory/offering-home) - [Data privacy thought paper: From privacy vulnerability to privacy resilience](https://aka.ms/dataprivacyresearch) - [Priva Privacy Risk Management eBook](https://aka.ms/privaPRMeBook)
solutions Microsoft 365 Limit Sharing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/microsoft-365-limit-sharing.md
Title: "Limit sharing in Microsoft 365"
Previously updated : 12/13/2020 Last updated : 12/15/2023 audience: ITPro
syntex Archive Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/archive/archive-overview.md
Administrators should notify the site owners and end users before a site is arch
- As a part of the preview, tenants with more than 50,000 sites might face issues while trying to enumerate archived sites on the **Archived sites** page. Applicable enhancements are scheduled to roll out in the future. In this scenario, PowerShell can be used to more efficiently archive sites and manage archived content. -- Currently, end user search results won't show any archived content. Columns such as Archived Date and Archived By aren't currently available, but are planned and will be rolled out when available.
+- Currently, archived content exported via eDiscovery doesn't require site reactivation for exporting, but will require it before general release.
+
+- Currently, end user search results won't show any archived content.
+
+- Columns such as Archived Date and Archived By aren't currently available but are planned and will be rolled out when available.
- For multi-geo tenants, while data residency requirements are honored, site moves aren't supported. Archived sites will need to be reactivated prior to any move.