Updates from: 10/14/2022 03:27:48
Category Microsoft Docs article Related commit history on GitHub Change details
admin Yammer Device Usage Report Ww https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/activity-reports/yammer-device-usage-report-ww.md
The **Yammer device usage** report can be viewed for trends over the last 7 days
|Android phone <br/> |Indicates if the user has used Yammer on an Android phone. <br/>| |iphone <br/> | Indicates if the user has used Yammer on an iPhone. <br/> | |ipad <br/> |Indicates if the user has used Yammer on an iPad. <br/>|
-|other <br/> |Indicates if the user has used Yammer on another device, not listed previously. <br/>|
-|||
+|other <br/> |Indicates if the user has used Yammer on another client, not listed previously. This includes Yammer Embed, SharePoint Web Part, Viva Engage, and select Outlook emails. <br/>|
+|||
admin Admin Mobile App https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/admin-mobile-app.md
You must be an administrator in a Microsoft 365 organization to use the admin mo
[Google Play Store](https://play.google.com/store/apps/details?id=com.ms.office365admin&referrer=utm_source%3Ddocsaboutadminapp%26utm_campaign%25docsaboutadminapp).
+## Watch: Install and use the admin mobile app
+
+[!VIDEO https://www.microsoft.com/videoplayer/embed/05c1d439-9ec2-415f-9178-250f64dec64c]
+ ## Frequently asked questions Below are answers to frequently asked questions.
admin Adoption Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/adoption/adoption-score.md
We provide metrics, insights, and recommendations in two areas:
For each of the mentioned categories, we look at public research to identify some best practices and associated benefits in the form of organizational effectiveness. For example, Forrester research has shown that when people collaborate and share content in the cloud (instead of emailing attachments), they can save up to 100 minutes a week. Furthermore, we quantify the use of these best practices in your organization to help you see where you are on your digital transformation journey. -- **Technology experiences:** Your organization depends on reliable and well-performing technology, as well as the efficient use of Microsoft 365. [Endpoint analytics](https://aka.ms/endpointanalytics) helps you understand how your organization can be impacted by performance and health issues with your hardware and software. Microsoft 365 apps health helps you understand whether the devices in your organization are running Microsoft 365 apps on recommended channels.
+- **Technology experiences:** Your organization depends on reliable and well-performing technology, as well as the efficient use of Microsoft 365. [Endpoint analytics](https://aka.ms/endpointanalytics) helps you understand how your organization can be impacted by performance and health issues with your hardware and software. [Network connectivity](../../enterprise/microsoft-365-networking-overview.md) helps you understand Exchange, SharePoint, and Microsoft Teams performance on your network architecture. You can review and update network settings to improve connectivity. Microsoft 365 apps health helps you understand whether the devices in your organization are running Microsoft 365 apps on recommended channels.
-## Before you begin
+> [!NOTE]
+> All insights are calculated using data at the organizational level, not the individual level.
+
+## How to turn on Adoption Score
-See [What is Endpoint Analytics](/mem/analytics/overview) for an overview and prerequisite details. To learn more about Microsoft 365 network connectivity insights, read [the network connectivity overview](../../enterprise/microsoft-365-networking-overview.md).
+To enable Adoption Score:
-For people experiences data, you need a Microsoft 365 for business or Office 365 for enterprise subscription. For endpoint analytics data for your tenant, you need to add Microsoft Intune to your subscription. Intune helps protect your organization's data by managing devices and apps. Once you have Intune, you can turn on endpoint analytics within the Intune experience. To learn more about Microsoft Intune, see the [Microsoft Intune documentation](/mem/intune/).
+1. Login to the Microsoft 365 admin center as a Global Administrator and go to **Reports** > **Adoption Score**
+2. Select **Enable Adoption Score**. It can take up to 24 hours for insights to become available.
> [!NOTE]
-> A license to Workplace Analytics is not required to get the Adoption Score features.
+> Only an IT professional with the Global Administrator role can opt-in for Adoption Score.
+
+Visit [privacy controls for Adoption Score](privacy.md) to understand more about options to configure people experiences for your organization.
+
+## Adoption Score Prerequisites
+
+For people experiences data, you need a Microsoft 365 for business or Office 365 for enterprise subscription. For endpoint analytics data for your tenant, you need to add Microsoft Intune to your subscription. Intune helps protect your organization's data by managing devices and apps. Once you have Intune, you can turn on endpoint analytics within the Intune experience. To learn more about Microsoft Intune, see the [Microsoft Intune documentation](/mem/intune/).
+
+> [!NOTE]
+> A license to Viva Insights is not required to get the Adoption Score features.
Adoption Score is only available in the Microsoft 365 admin center and can only be accessed by IT professionals who have one of the following roles:
Adoption Score is only available in the Microsoft 365 admin center and can only
- Global Reader - Reports Reader - Usage Summary Reports Reader-
-> [!NOTE]
-> Only an IT professional with the Global Administrator role can sign up or opt in a tenant for Adoption Score.
+- User Experience Success Manager
The role-based access control model for Adoption Score helps organizations further digital transformation efforts with Microsoft 365 by providing the flexibility to assign roles to IT professionals within an organization.
You can access the experience from Microsoft 365 Admin home under **Reports** >
Your Adoption Score is based on the combined scores of your people and technology experiences categories. Each category is weighted equally, with a total of 100 points. The highest possible Adoption Score is 800.
-### Score categories
+### Score categories
- Communication (100 points) - Meetings (100 points)
admin Meetings New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/adoption/meetings-new.md
++
+ Title: "Microsoft Adoption Score - Meetings (New)"
+f1.keywords: NOCSH
++++
+audience: Admin
++
+ms.localizationpriority: medium
+
+- M365-subscription-management
+- scotvorg
+- highpri
+
+search.appverid: MET150
+description: "Details of new Meetings insights score - people experiences Adoption Score."
++
+# Meetings insights score ΓÇô People experiences (New)
+
+Adoption Score provides insights into your organization's digital transformation journey through its use of Microsoft 365 and the technology experiences that support it. Your organization's score reflects people and technology experience measurements and can be compared to benchmarks from organizations similar to yours. The meetings category is part of the people experiences measures. To learn more, check out the [Adoption Score overview](adoption-score.md) and read [Microsoft's Privacy Statement](https://privacy.microsoft.com/privacystatement).
+
+## Prerequisites
+
+To get started with Meetings insights, people in your organization need to be licensed for:
+
+- Microsoft Teams
+
+For more information, seeΓÇ»[assign licenses to users](../manage/assign-licenses-to-users.md).
+
+After people have been active in Teams at least once in the last 28 days, you will start to see the insights.
+
+## Why your organization's meetings score matters
+
+Meetings, where people explore ideas, plan, solve problems, and make decisions, are a fundamental pillar for organizational productivity. Research indicates that when people use online meeting tools effectively, they tend to save up to 104 minutes per week.
+
+## How we calculate the meetings score
+
+Microsoft Teams integrates with Outlook calendar and provides a host of capabilities to make your meetings more engaging and effective. We provide an overall score for Meetings and then sub scores for each of the best practices in the Set up, Meet up and Follow up sections.
+
+## Overall score
+
+The overall meeting score is calculated by averaging out the scores across the three phases i.e., Set up, Meet up and Follow up. We take into account the number of attendees and the duration of the meeting when tallying the final averaged scores.
+
+For each meeting:
+
+1. We compute the three sub-scores (Pre, During, Post), by averaging the features, for each meeting. For example, Set Up: 30, Meet up: 40, Follow up: 20
+1. We then compute the average of the three sub-scores for the meeting. From the above example, 30+40+20/3 = 30
+1. We compute the weight of each meeting based on the meeting duration and meeting size. The longer or bigger a meeting, the more impact it has in the final score.
+1. We then perform a weighted sum average on scores from all meetings of the tenant based on meeting weights to compute the final meeting score for the tenant.
++
+1. **Header**: Shows the score, out of 100, based on the average of Set Up, Meet Up and Follow Up phases for online meetings on Microsoft Teams held in the past 28 days.
+1. **Body**: Provides more information on how using online meeting tools effectively can make meetings more effective.
+1. **Visualization (current state)**: In this horizontal bar chart, the blue (colored) portion represents the score (out of 100) shown in the header.
+
+## Trend visualization of the score
+
+The following chart shows the trend-line of score over the selected period. Each data point on the line chart is an aggregate of activity for the last 28 days.
++
+## What makes up my score?
+
+We provide you with supporting data on each of the Set Up, Meet up and Follow Up phases. The score for each insight is calculated out of 100.
+
+## Set up
+
+This represents the phase that involves scheduling and sharing the details of the meeting and participants joining the meeting.
++
+- **Communication shared ahead of time**: This represents the score for Microsoft Teams meetings that had a Teams conversation meeting chat started before conducting the meeting. For this to be tracked, a user must go to the meeting chat with the participants and send a message to the participants, before the scheduled meeting time.
+- **Scheduled with at least 24 hours notice**: This represents the score for Microsoft Teams meetings that were scheduled at least 24 hours earlier than their start time.
+- **Invitation accepted at a high rate (>50%)**: This represents the score for Microsoft Teams meetings that had more than 50% of invited participants accept the meeting invite.
+- **Joined within 5 minutes of start time (>50%)**: This represents the score for Microsoft Teams meetings that had more than 50% of invited participants join the meeting within 5 minutes of the start time.
+
+## Meet up
+
+This represents the phase of when attendees are in the meeting.
++
+- **Used at least one interactive feature**: This represents the score for Microsoft Teams meetings that had attendees use at least one interactive feature. These interactive features include raising hand, sending a meeting chat message, or sending a reaction in the meeting. The score is calculated out of 100.
+- **Participated with audio or chat at a high rate (>33%)**: This represents the score for Microsoft Teams meetings that had more than 33% of the participants either speak in a meeting, send a meeting chat, or both. The score is calculated out of 100.
+- **Shared visual content**: This represents the score for Microsoft Teams meetings that had attendees share any visual content in the meeting by either turning on their video, sharing screen, or both. The score is calculated out of 100.
+
+## Follow up
++
+- **Created recording**: This represents the score for Microsoft Teams meetings that had the meeting recorded. The score is calculated out of 100.
+- **Sent out post-meeting communication**: This represents the score for Microsoft Teams meetings that had attendee(s) share any chat messages on the meeting chat thread after the conclusion of that meeting. The score is calculated out of 100.
+
+## How can I impact my score?
+
+This section helps understand two insights for the organization:
+
+1. **Most significant growth**: This section depicts the part of the score that had the highest growth in the past 28 days.
+1. **Biggest area for improvement**: This section depicts the part of the score that has the biggest room to improve and impact the org's Adoption Score in the future.
+
+## Dig deeper into meetings
+
+This section consists of three sub-sections:
+
+1. **Additional insights**: Here we provide additional insights which help organizations identify trends and user behaviors across meetings.
+1. **Interesting findings**: Here we provide some interesting facts about meetings being conducted in the organization.
+1. **Microsoft Research**: Here we reference Microsoft blogs and public research which provide recommended practices and their impacts to have effective meetings.
+
+> [!NOTE]
+> The 'Dig deeper into meetings' section does not contribute to the overall score of the Meetings Page in Adoption Score People Experiences, however some insights in this section may expand on a primary insight used to calculate a score.
+
+## Related content
+
+[Microsoft 365 apps health ΓÇô Technology experiences](apps-health.md) (article)\
+[Communication ΓÇô People experiences](communication.md) (article)\
+[Content collaboration ΓÇô People experiences](content-collaboration.md) (article)\
+[Mobility ΓÇô People experiences](mobility.md) (article)\
+[Privacy controls for Adoption Score](privacy.md) (article)\
+[Teamwork ΓÇô People experiences](teamwork.md) (article)
admin Privacy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/adoption/privacy.md
Your privacy is important to Microsoft. To learn how we protect your privacy, se
Within the people experiences area, metrics are available at the organizational level only. This area looks at how people use Microsoft 365 by looking at the categories of content collaboration, mobility, meetings, teamwork, and communication. We enable you with several levels of controls to help you meet your internal privacy policy needs. The controls give you: -- Flexible admin roles to control who can see the information in Adoption Score.-- The capability to opt out of the people experiences area.
+- Flexible admin roles to control who can see the information in Adoption Score
+- The capability to remove users and groups from people experience calculations
+- The capability to opt out of the people experiences area
## Flexible admin roles to control who can see the information in Adoption Score
To view the entire Adoption Score, you need be one of the following admin roles:
- Global Reader - Reports Reader - Usage Summary Reports Reader
+- User Experience Success Manager
-Assign the Reports Reader or the Usage Summary Reports Reader role to anyone who's responsible for change management and adoption, but not necessarily an IT administrator. This role gives them access to the complete Adoption Score experience in the Microsoft 365 admin Center.
+Global admin can assign the Reports Reader role, Usage Summary Reports Reader role, or User Experience Success Manager role to anyone who's responsible for change management and adoption, but not necessarily an IT administrator.
+
+Users with the Reports Reader role can view usage reporting data and the reports dashboard in Microsoft 365 admin center and the adoption context pack in Power BI. Users with Usage Summary Reports Reader role can see only tenant level aggregates and group level aggregates in Microsoft 365 Usage Analytics and Adoption Score. The User Experience Success Manager role includes the permissions of the Usage Summary Reports Reader role, and can get access to more Adoption-related information such as Message Center, Product Feedback, and Service Health. See [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference) to learn more about different roles.
+
+## Capability to choose specific users or certain groups
+
+You can choose the users and groups whose data will be used to determine your org's people experiences insights. Omitting some groups will affect the insights calculations. You have to be a Global admin to opt your organization out of the people experiences reports. It can take up to 24 hours for change to apply.
+
+To omit certain groups:
+
+1. In the admin center, go to **Settings** > **Org Settings** > **Adoption Score**.
+2. Select **Exclude specific users via group**.
+3. Choose one or multiple Admin Center AAD groups to omit.
+4. Select **Save changes**.
+ ## Capability to opt out of people experiences
-You can also opt out of the people experiences area of Adoption Score. If you opt out, no one from your organization will be able to view these metrics, and your organization will be removed from any calculations that involve communication, meetings, teamwork, content collaboration, and mobility. You have to be a Global admin to opt your organization out of the people experiences reports.
+You can also opt out of the people experiences area of Adoption Score. If you opt out, no one from your organization will be able to view these metrics, and your organization will be removed from any calculations that involve communication, meetings, teamwork, content collaboration, and mobility. You have to be a Global admin to opt your organization out of the people experiences reports. It can take up to 24 hours for change to apply. You can revert your change before the end of the day in UTC time to keep historical data.
To opt out: 1. In the admin center, go to **Settings** > **Org Settings** > **Adoption Score**.
-2. Select **No users (people experience insights wonΓÇÖt be calculated)**.
+2. Select **Don't calculate for any users**.
3. On the **Do you want to remove data from people experiences?** confirmation screen, select **Remove Data**. 4. Select **Save**.
admin Capabilities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/capabilities.md
The following option can block users from accessing their Microsoft 365 email if
||||| |Block video conferences on device<sup>1</sup>|Yes|No|No| |Block access to application store<sup>1</sup>|Yes|No|Yes|
-|Require password when accessing application store|No|Yes|Yes|
+|Require password when accessing application store|Yes|No|No|
<sup>1</sup>To function, these settings require supervised iOS devices.
admin Create Device Security Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/create-device-security-policies.md
When you apply a policy to user devices, the impact on each device varies somewh
|**Security Policy**|**Android**|**Samsung KNOX**|**iOS**|**Notes**| |:--|:--|:--|:--|:--| |Require encrypted backup|No|Yes|Yes|iOS encrypted backup required.|
-|Block cloud backup|Yes|Yes|Yes|Block Google backup on Android (grayed out), cloud backup on iOS.|
-|Block document synchronization|No|No|Yes|iOS: Block documents in the cloud.|
+|Block cloud backup|Yes|Yes|Yes|Block Google backup on Android (grayed out), cloud backup on supervised iOS.|
+|Block document synchronization|No|No|Yes|iOS: Block documents in the cloud on supervised iOS devices.|
|Block photo synchronization |No|No|Yes|iOS (native): Block Photo Stream.| |Block screen capture |No|Yes|Yes|Blocked when attempted.|
-|Block video conference |No|No|Yes|FaceTime blocked on iOS, not on Skype or others.|
+|Block video conference |No|No|Yes|FaceTime blocked on supervised iOS devices, not on Skype or others.|
|Block sending diagnostic data |No|Yes|Yes|Block sending Google crash report on Android.|
-|Block access to app store |No|Yes|Yes|App store icon missing on Android home page, disabled on Windows, missing on iOS.|
+|Block access to app store |No|Yes|Yes|App store icon missing on Android home page, disabled on Windows, and supervised iOS devices.|
|Require password for app store |No|No|Yes|iOS: Password required for iTunes purchases.| |Block connection to removable storage |No|Yes|N/A|Android: SD card is grayed out in settings, Windows notifies user, apps installed aren't available| |Block Bluetooth connection |See notes|See notes|Yes|We can't disable BlueTooth as a setting on Android. Instead, we disable all of the transactions that require BlueTooth: Advanced Audio Distribution, Audio/Video Remote Control, hands-free devices, headset, Phone Book Access, and Serial Port. A small toast message appears at the bottom of the page when any of these are used.|
admin Release Options In Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/release-options-in-office-365.md
description: "Learn how to set up the release option for new product and feature
# Set up the Standard or Targeted release options > [!IMPORTANT]
-> The Microsoft 365 updates described in this article apply to Microsoft 365, SharePoint Online, and Exchange Online. These release options are targeted, best effort ways to release changes to Microsoft 365 but cannot be guaranteed at all times or for all updates. They do not apply to Microsoft 365 Apps, Skype for Business, Microsoft Teams, and related services. For information about release options for Microsoft 365 Apps, see [Overview of update channels for Microsoft 365 Apps](/deployoffice/overview-update-channels).
+> The Microsoft 365 updates described in this article apply to OneDrive for Business, SharePoint Online, Office for the web, Microsoft 365 admin center and some components of Exchange Online. These release options are targeted, best effort ways to release changes to Microsoft 365 but cannot be guaranteed at all times or for all updates. They do not currently apply to services other than those listed previously. For information about release options for Microsoft 365 Apps, see [Overview of update channels for Microsoft 365 Apps](/deployoffice/overview-update-channels).
With Microsoft 365, you receive new product updates and features as they become available instead of doing costly updates every few years. You can manage how your organization receives these updates. For example, you can sign up for an early release so that your organization receives updates first. You can designate that only certain individuals receive the updates. Or, you can remain on the default release schedule and receive the updates later. This article explains the different release options and how you can use them for your organization. ## How it works - release validation
-Any new release is first tested and validated by the feature team, then by the entire Microsoft 365 feature team, followed by all of Microsoft. After internal testing and validation, the next step is a **Targeted release** (formerly known as First release) to customers who opt in. At each release ring, Microsoft collects feedback and further validates quality by monitoring key usage metrics. This series of progressive validation is in place to make sure the worldwide-release is as robust as possible. The releases are pictured in the following figure.
+Any new release is first tested and validated by the feature team, then by the entire Microsoft 365 feature team, followed by all of Microsoft. After internal testing and validation, the next step is a **Targeted release** (formerly known as First release) to customers who opt in. At each release ring, Microsoft collects feedback and further validates quality by monitoring key usage metrics. This series of progressive validation is in place to make sure the worldwide-release is as robust as possible. The releases are pictured in the following figure.
![Release validation rings for Microsoft 365.](../../media/73611ed3-2d8c-4e7b-8074-9f03b239f9ed.png)
For significant updates, customers are initially notified by the [Microsoft 365
This is the default option where you and your users receive the latest updates when they're released broadly to all customers.
-A good practice is to leave the majority of users in **Standard release** and IT Pros and power users in **Targeted release** to evaluate new features and prepare teams to support business users and executives.
+A good practice is to leave the majority of users in **Standard release** and IT Pros and power users in **Targeted release** to evaluate new features and prepare teams to support business users and executives.
> [!NOTE]
-> If you switch from targeted release back to standard release track, your users may lose access to features that haven't reached standard release yet.
+> If you switch from targeted release back to standard release track, your users may lose access to features that haven't reached standard release yet.
## Targeted release With this option, you and your users can be the first to see the latest updates and help shape the product by providing early feedback. You can choose to have individuals or the entire organization receive updates early. > [!IMPORTANT]
-> - Large or complex updates may take longer than others so that no users are adversely affected. There is no guarantee on the exact timeline of a release.
-> - Targeted release is not currently available for customers with either the Office 365 GCC plan or the Office 365 GCC High and DoD plan.
+> Large or complex updates may take longer than others so that no users are adversely affected. There is no guarantee on the exact timeline of a release. Targeted release is not currently available for customers with either the Office 365 GCC plan or the Office 365 GCC High and DoD plan.
### Targeted release for entire organization
-If you [Set up the release option in the admin center](#set-up-the-release-option-in-the-admin-center) for this option, all your users will get the Targeted release experience. For organizations with more than 300 users, we recommend using a test subscription for this option. For test subscription information, please reach out to your Microsoft contact.
+If you [Set up the release option in the admin center](#set-up-the-release-option-in-the-admin-center) for this option, all your users will get the Targeted release experience. For organizations with more than 300 users, we recommend using a test subscription for this option. For test subscription information, please reach out to your Microsoft contact.
### Targeted release for selected users
If you [Set up the release option in the admin center](#set-up-the-release-optio
Targeted release allows admins, change managers, or anyone else responsible for Microsoft 365 updates to prepare for the upcoming changes by letting them: - Test and validate new updates before they are released to all the users in the organization.
-
+ - Prepare user notification and documentation before updates are released worldwide.
-
+ - Prepare internal help-desk for upcoming changes.
-
+ - Go through compliance and security reviews.
-
+ - Use feature controls, where applicable, to control the release of updates to end users.
-
+ ## Set up the release option in the admin center You can change how your organization receives Microsoft 365 updates by following these steps. You have to be a global admin in Microsoft 365 to opt in. > [!IMPORTANT]
-> It can take up to 24 hours for the below changes to take effect in Microsoft 365. If you opt out of targeted release after enabling it, your users may lose access to features that haven't reached the scheduled release yet.
+> It can take up to 24 hours for the below changes to take effect in Microsoft 365. If you opt out of targeted release after enabling it, your users may lose access to features that haven't reached the scheduled release yet.
1. In the admin center, go to the **Settings** > **Org Setting**, and under the <a href="https://go.microsoft.com/fwlink/p/?linkid=2067339" target="_blank">**Organization profile** tab</a>, choose **Release preferences**.
-5. To disable targeted release, select **Standard release**, then select **Save changes**.
-
-6. To enable targeted release for all users in your organization, select **Targeted release for everyone**, then select **Save changes**.
+5. To disable targeted release, select **Standard release**, then select **Save changes**.
-7. To enable targeted release for some people in your organization, select **Targeted release for selected users**, then select **Save changes**.
+6. To enable targeted release for all users in your organization, select **Targeted release for everyone**, then select **Save changes**.
+7. To enable targeted release for some people in your organization, select **Targeted release for selected users**, then select **Save changes**.
+ 8. Choose **Select users** to add users one at a time, or **Upload users** to add them in bulk.
-
+ 9. When you're done adding users, select **Save changes**. ## Next steps
admin Set Password Expiration Policy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/set-password-expiration-policy.md
Follow the steps below if you want to set user passwords to expire after a speci
1. Type how often passwords should expire. Choose a number of days from 14 to 730. > [!IMPORTANT]
-> Password expiration notifications are no longer supported in Office web apps or the [admin center](https://portal.office.com).
+> Password expiration notifications are no longer supported in the Microsoft 365 admin center and the Office apps or Office web apps.
## Important things you need to know about the password expiration feature
admin Message Center Conformance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/message-center-conformance.md
+
+ Title: "Conformance metadata for Message Center posts"
+f1.keywords:
+- CSH
+++
+audience: Admin
++
+ms.localizationpriority: medium
++
+description: "Get an overview of conformance metadata for Message center posts"
++
+# Conformance metadata for Message Center posts
+
+> [!IMPORTANT]
+> This private document is only for Change Management: Conformance metadata users. Don't share this document beyond those who are directly involved in the pilot.
+
+When planning for new features or service deployments, you would like to understand and assess the changes for conformance to your industry, region and country. We've heard your feedback when there's insufficient conformance information about a new or changing feature, you have to conduct your own research about the feature or reach out to the Compliance Program with questions.
+
+In this pilot program, we want to proactively provide metadata for new and updated Microsoft 365 features and services. Our goal is to help you efficiently assess your compliance requirements and help you with adoption and change management decisions.
+
+For example, if for a feature the metadata has the following values, feature adoption decision should be quick.
+
+- Customer data is stored? **No**
+
+- Change to customer data storage? **No**
+
+- Changes to existing data flow? **No**
+
+- Feature integrates with third party services? **No**
+
+> [!NOTE]
+> The above list is slightly different from what you previously saw in the pilot conformance posts. We've updated the list based on feedback we've received from pilot customers.
+
+For features where the metadata is different from the list above, the Message center post may provide you with documentation.
+
+## Understanding conformance metadata
+
+|**Metadata name**|**Values**|**Definition and questions asked**|**Example: Yes**|**Example: No**|
+|||||
+|**Customer data is stored**|Yes/No|Does this change store or process any net new data (classified as customer or personal data) which wasn't previously stored or processed by the service/previous version of this feature?|Teams Meetings recordings capturing and collecting customer data and is now stored in.|Message Center Service monthly active users (MAU) feature shows the aggregated service monthly active users for a tenant ID which isn't classified as customer or personal data.|
+|**Change to customer data storage**|Yes/No|Does this change use a new or different service to store data|Teams Meetings Recordings capturing/collecting customer data/content and is now stored in.|Expanded reactions in Teams. Expanding message reactions in Teams to a larger set. The newer reactions being stored are customer data, however, there's no change in how data is stored or processed.|
+|**Changes to existing data flow**|Yes/No|Does this feature process data via a new or different processing pipeline? <br> Or <br> Is the feature just extending an existing processing pipeline to newer data or exposing data already exposed on one surface to another surface? (**Answer = No**).|When Bing for Business started using text from Word to send to Bing then bring data back to Word, the flow of data changed.|Productivity score being used on the Experience Insights page in admin center, the data is shown on a new surface, but storage and processing is the same. <br> Suggested Reply in Group Chats on Teams Desktop (an extension of 1:1 chats) doesn't have any net new data. It's an extension of the pipeline already set up for Suggested Reply in 1:1 chats.|
+|**Feature integrates with third party services**|Yes/No|Does this feature utilize a net new service or app (first party or third party) that customer data could potentially be stored or processed outside of Microsoft 365?|Bing for Business may receive customer content in the form of "search" data to present a user with potentially relevant information/content.|Message Center Service monthly active users (MAU) feature shows the service monthly active users using Usage Report Graph API which is within Microsoft 365 boundary.|
+|
+
+## Join the pilot program
+
+You can join by completing this [questionnaire](https://go.microsoft.com/fwlink/p/?linkid=2211581).
+
+When a Message center post is delivered, you'll receive an additional Message Center post that says: **Additional Conformance Information for MC######**. This post contains more conformance metadata. You can provide feedback directly on the extra post or you can email: MCSHDPMS@Microsoft.com. You can also send feedback on the [Teams channel](https://go.microsoft.com/fwlink/p/?linkid=2211676).
+
+> [!NOTE]
+> WeΓÇÖll start with features from Microsoft Teams, OneDrive for Business and SharePoint Online.
admin Password Policy Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/password-policy-recommendations.md
Good password practices fall into a few broad categories:
The primary goal of a more secure password system is password diversity. You want your password policy to contain lots of different and hard to guess passwords. Here are a few recommendations for keeping your organization as secure as possible. -- Maintain a fourteen-character minimum length requirement
+- Maintain a 14-character minimum length requirement
- Don't require character composition requirements. For example, \*&amp;(^%$
business Mam And Mdm https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business/ui/mam-and-mdm.md
description: "Learn the differences between mobile device management and mobile
# Difference between MDM and MAM
-Microsoft 365 Business Premium offers a number of ways for you to protect your business data. See [Overview of Microsoft 365 Business Premium](../../admin/admin-overview/what-is-microsoft-365.md) for more about the various protections that are automatically set up, and what you can set up yourself to further protect your business. You can also set up policies that protect your Windows 10 devices and the data in your mobile devices.
-[Set application protection settings for Windows 10 devices](../../business-premium/m365bp-protection-settings-for-windows-10-devices.md).
+Microsoft 365 Business Premium offers a number of ways for you to protect your business data. See [Overview of Microsoft 365 Business Premium](../../admin/admin-overview/what-is-microsoft-365.md) for more about the various protections that are automatically set up, and what you can set up yourself to further protect your business. You can also onboard devices to Microsoft Defender for Business to protect your Windows devices and the data in your mobile devices. For more information, see [Onboard enrolled devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb).
## Mobile device management or MDM
-Microsoft 365 Business Premium lets you set up policies that protect data on your Windows 10 devices. When a device is under mobile device management, you control the entire device, and can wipe data from it, and also reset it to factory settings. For more information, see [Set device protection settings for Windows 10 PCs](../../business-premium/m365bp-protection-settings-for-windows-10-devices.md).
+Microsoft 365 Business Premium lets you set up policies that protect data on your Windows 10 and 11 devices. When a device is under mobile device management, you control the entire device, and can wipe data from it, and also reset it to factory settings. For more information, see [Choose the device management solution that's right for you](/mem/intune/fundamentals/what-is-device-management#choose-the-device-management-solution-thats-right-for-you) and [Set up and secure managed devices](/microsoft-365/business-premium/m365bp-protect-devices).
## Mobile application management or MAM
-Mobile application management lets you control your business data in your users' personal devices, such as iPhones and Androids, and their personal Win 10 computers. You can use application management policies to prevent your users from copying business data from Office apps to their personal apps. You can also remove all data from the Office apps on their personal devices. For more information, see [Set app protection settings for Android or iOS devices](../../business-premium/m365bp-app-protection-settings-for-android-and-ios.md) and [Set application protection settings for Windows 10 devices](../../business-premium/m365bp-app-protection-settings-for-android-and-ios.md).
+Mobile application management lets you control your business data in your users' personal devices, such as iPhones and Androids, and their personal Windows computers. You can use application management policies to prevent your users from copying business data from Office apps to their personal apps. You can also remove all data from the Office apps on their personal devices. For more information, see [Choose the device management solution that's right for you](/mem/intune/fundamentals/what-is-device-management#choose-the-device-management-solution-thats-right-for-you) and [Set up and secure managed devices](/microsoft-365/business-premium/m365bp-protect-devices).
commerce View Your Bill Or Invoice https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/view-your-bill-or-invoice.md
Check out this video and others on our [YouTube channel](https://go.microsoft.co
::: moniker-end
-2. On the **Invoices** tab, select a date range from the drop-down list, and then choose the order that you want to view.
-3. On the summary page, you can see the items, quantity, price, discount, and total for all items in the invoice.
+2. On the **Invoices** tab, choose the invoice that you want to view. If you don't see an invoice, use the date filter and select **Past 3 months**, **Past 6 months**, or **Specify date range**.
+3. On the **Invoice summary** page, you see invoice details including the list of items, the price for each item, and the total cost for all items in the invoice.
4. To print or save a PDF copy of the invoice, select **Download PDF**. If you want to receive a copy of your billing statement in email, see [Manage billing notifications and invoice attachments](manage-billing-notifications.md).
commerce Allowselfservicepurchase Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/allowselfservicepurchase-powershell.md
search.appverid:
- MET150 description: "Learn how to use the AllowSelfServicePurchase PowerShell cmdlet to turn self-service purchase on or off." Previously updated : 4/7/2022 Last updated : 10/10/2022 # Use AllowSelfServicePurchase for the MSCommerce PowerShell module
The **MSCommerce** PowerShell module is now available on [PowerShell Gallery](ht
You can use the **MSCommerce** PowerShell module to: -- View the default state of the **AllowSelfServicePurchase** parameter value ΓÇö whether it's enabled or disabled-- View a list of applicable products and whether self-service purchase is enabled or disabled
+- View the default state of the **AllowSelfServicePurchase** parameter valueΓÇöwhether it's enabled, disabled, or allows trials without a payment method
+- View a list of applicable products and whether self-service purchase is enabled, disabled, or allows trials without a payment method
- View or modify the current setting for a specific product to either enable or disable it
+- View or modify the setting for trials without payment methods
## Requirements
To connect to the PowerShell module with your credentials, run the following com
Connect-MSCommerce ```
-This command connects the current PowerShell session to an Azure Active Directory tenant. The command prompts you for a username and password for the tenant you want to connect to. If multi-factor authentication is enabled for your credentials, you use the interactive option to log in.
+This command connects the current PowerShell session to an Azure Active Directory tenant. The command prompts you for a username and password for the tenant you want to connect to. If multi-factor authentication is enabled for your credentials, you use the interactive option to sign in.
## View details for AllowSelfServicePurchase
To view a list of all available self-service purchase products and the status of
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase ```
-The following table lists the available products and their **ProductId**.
-
-| Product | ProductId |
-|--|--|
-| Power Apps per user* | CFQ7TTC0LH2H |
-| Power Automate per user | CFQ7TTC0KP0N |
-| Power Automate RPA | CFQ7TTC0KXG6 |
-| Power BI Premium (standalone) | CFQ7TTC0KXG7 |
-| Power BI Pro | CFQ7TTC0L3PB |
-| Project Plan 1* | CFQ7TTC0HDB1 |
-| Project Plan 3* | CFQ7TTC0HDB0 |
-| Visio Plan 1* | CFQ7TTC0HD33 |
-| Visio Plan 2* | CFQ7TTC0HD32 |
-| Windows 365 Enterprise | CFQ7TTC0HHS9 |
-| Windows 365 Business | CFQ7TTC0J203 |
-| Windows 365 Business with Windows Hybrid Benefit | CFQ7TTC0HX99 |
-| Microsoft 365 F3 | CFQ7TTC0LH05 |
-| Dynamics 365 Marketing | CFQ7TTC0LH3N |
-| Dynamics 365 Marketing Attach | CFQ7TTC0LHWP |
-| Dynamics 365 Marketing Additional Application | CFQ7TTC0LHVK |
-| Dynamics 365 Marketing Additional Non-Prod Application | CFQ7TTC0LHWM |
-
-*These IDs have changed. If you previously blocked products using the old IDs, they are automatically blocked using the new IDs. No additional work is required.
+The following table lists the available products and their **ProductId**. It also indicates which products have a trial available and don't require a payment method. If applicable, all other trials require a payment method. For the products that have trial without payment method enabled, you can enable the trial, while keeping the ability to purchase the product disabled. For sample commands, see View or set the status for **AllowSelfServicePurchase**.
+
+| Product | ProductId | Is trial without payment method enabled? |
+|--|--|--|
+| Power Apps per user* | CFQ7TTC0LH2H | No |
+| Power Automate per user | CFQ7TTC0KP0N | No |
+| Power Automate RPA | CFQ7TTC0KXG6 | No |
+| Power BI Premium (standalone) | CFQ7TTC0KXG7 | No |
+| Power BI Pro | CFQ7TTC0L3PB | No |
+| Project Plan 1* | CFQ7TTC0HDB1 | Yes |
+| Project Plan 3* | CFQ7TTC0HDB0 | No |
+| Visio Plan 1* | CFQ7TTC0HD33 | No |
+| Visio Plan 2* | CFQ7TTC0HD32 | No |
+| Windows 365 Enterprise | CFQ7TTC0HHS9 | No |
+| Windows 365 Business | CFQ7TTC0J203 | No |
+| Windows 365 Business with Windows Hybrid Benefit | CFQ7TTC0HX99 | No |
+| Microsoft 365 F3 | CFQ7TTC0LH05 | No |
+| Dynamics 365 Marketing | CFQ7TTC0LH3N | No |
+| Dynamics 365 Marketing Attach | CFQ7TTC0LHWP | No |
+| Dynamics 365 Marketing Additional Application | CFQ7TTC0LHVK | No |
+| Dynamics 365 Marketing Additional Non-Prod Application | CFQ7TTC0LHWM | No |
+
+*These IDs have changed. If you previously blocked products using the old IDs, they're automatically blocked using the new IDs. No other work is required.
## View or set the status for AllowSelfServicePurchase
-After you view the list of products available for self-service purchase, you can view or modify the setting for a specific product.
+You can set the **Value** parameter for **AllowSelfServicePurchase** to allow or prevent users from making a self-service purchase. You can also use the **OnlyTrialsWithoutPaymentMethod** value to allow users to try products that have no payment required trials. Refer to the product list above to see which products have these trials enabled. Users can only buy the product after the trial is over if **AllowSelfServicePurchase** is enabled.
+
+> [!NOTE]
+> Changing the value for **AllowSelfServicePurchase** or **OnlyTrialsWithoutPaymentMethod** only impacts trials or purchases made for the specified product from that point forward. Existing trials or purchases for the specified product aren't affected.
+
+The following table describes the settings for the **Value** parameter.
+
+| **Setting** | **Impact** |
+|||
+| Enabled | Users can make self-service purchases and acquire trials for the product. |
+| OnlyTrialsWithoutPaymentMethod | Users can't make self-service purchases but can acquire free trials for products that don't require them to add a payment method. After the trial expires, a user can't buy the paid version of the product. |
+| Disabled | Users can't make self-service purchases or acquire trials for the product. |
To get the policy setting for a specific product, run the following command:
Get-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TT
To enable the policy setting for a specific product, run the following command: ```powershell
-Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0KP0N -Enabled $True
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0KP0N -Value "Enabled"
``` To disable the policy setting for a specific product, run the following command: ```powershell
-Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0KP0N -Enabled $False
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0KP0N -Value "Disabled"
+```
+
+To allow users to try a specific product without a payment method, run the following command:
+
+```powershell
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0KP0N -Value "OnlyTrialsWithoutPaymentMethod"
``` ## Example script to disable AllowSelfServicePurchase
The following example walks you through how to import the **MSCommerce** module,
Import-Module -Name MSCommerce Connect-MSCommerce #sign-in with your global or billing administrator account when prompted $product = Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase | where {$_.ProductName -match 'Power Automate per user'}
-Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product.ProductID -Enabled $false
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product.ProductID -Value "Disabled"
``` If there are multiple values for the product, you can run the command individually for each value as shown in the following example: ```powershell
-Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product[0].ProductID -Enabled $false
-Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product[1].ProductID -Enabled $false
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product[0].ProductID -Value "Disabled"
+Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $product[1].ProductID -Value "Disabled"
``` ## Troubleshooting
You see the following error message:
> HandleError : Failed to retrieve policy with PolicyId 'AllowSelfServicePurchase', ErrorMessage - The underlying connection was closed: An unexpected error occurred on a send.
-This may be due to an older version of Transport Layer Security (TLS). To connect this service you need to use TLS 1.2 or greater
+This may be due to an older version of Transport Layer Security (TLS). When you connect to this service, you must use TLS 1.2 or greater
### Solution Upgrade to TLS 1.2. The following syntax updates the ServicePointManager Security Protocol to allow TLS1.2: ```powershell
- [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
+[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
``` To learn more, see [How to enable TLS 1.2](/mem/configmgr/core/plan-design/security/enable-tls-1-2).
Uninstall-Module -Name MSCommerce
## Related content
-[Manage self-service purchases (Admin)](manage-self-service-purchases-admins.md) (article)
-
+[Manage self-service purchases (Admin)](manage-self-service-purchases-admins.md) (article)\
[Self-service purchase FAQ](self-service-purchase-faq.yml) (article)
compliance Apply Retention Labels Automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md
Title: "Automatically apply a retention label"
+ Title: "Automatically apply a retention label to Microsoft 365 items"
f1.keywords: - NOCSH
To consider when auto-applying retention labels to cloud attachments:
- The following items aren't supported as cloud attachments that can be retained: - SharePoint sites, pages, lists, forms, folders, document sets, and OneNote pages.
- - Files shared by users who don't have access to those files.
+ - Files shared by users who don't have access to those files at the time of sharing.
- Files that are deleted or moved before the cloud attachment is sent. For example, a user copies and pastes a previously shared attachment from another message, without first confirming that the file is still available. Or, somebody forwards an old message when the file is now deleted. - Files that are shared by guests or users outside your organization. - Files in draft emails and messages that aren't sent.
compliance Archive 17A 4 Blackberry Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-blackberry-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the BlackBerry DataParser.
-2. On a regular basis, BlackBerry items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, BlackBerry items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The BlackBerry DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the BlackBerry DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a BlackBerry DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for BlackBerry data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **BlackBerry DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **BlackBerry DataParser**.
-2. On the **BlackBerry DataParser** product description page, click **Add connector**.
+2. On the **BlackBerry DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the BlackBerry DataParser connection wizard.
The BlackBerry DataParser connector will automatically map users to their Micros
After you create a BlackBerry DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the BlackBerry DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the BlackBerry DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud.
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud.
## Known issues
compliance Archive 17A 4 Bloomberg Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-bloomberg-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Bloomberg DataParser.
-2. On a regular basis, Bloomberg items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Bloomberg items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Bloomberg DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Bloomberg DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Bloomberg DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Bloomberg data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Bloomberg DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Bloomberg DataParser**.
-2. On the **Bloomberg DataParser** product description page, click **Add connector**.
+2. On the **Bloomberg DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Bloomberg DataParser connection wizard.
The Bloomberg DataParser connector will automatically map users to their Microso
After you create a Bloomberg DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Bloomberg DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Bloomberg DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Cisco Jabber Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-cisco-jabber-data.md
The following overview explains the process of using a data connector to archive
- The user who creates the Cisco Jabber DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Cisco Jabber DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Cisco Jabber data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Cisco Jabber DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Cisco Jabber DataParser**.
-2. On the **Cisco Jabber DataParser** product description page, click **Add connector**.
+2. On the **Cisco Jabber DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Cisco Jabber DataParser connection wizard.
The Cisco Jabber DataParser connector will automatically map users to their Micr
After you create a Cisco Jabber DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Cisco Jabber DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Cisco Jabber DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Factset Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-factset-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the FactSet DataParser.
-2. On a regular basis, FactSet items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, FactSet items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The FactSet DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the FactSet DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a FactSet DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for FactSet data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **FactSet DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **FactSet DataParser**.
-2. On the **FactSet DataParser** product description page, click **Add connector**.
+2. On the **FactSet DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the FactSet DataParser connection wizard.
The FactSet DataParser connector will automatically map users to their Microsoft
After you create a FactSet DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the FactSet DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the FactSet DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Fuze Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fuze-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Fuze DataParser.
-2. On a regular basis, Fuze items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Fuze items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Fuze DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Fuze DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Fuze DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Fuze data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Fuze DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Fuze DataParser**.
-2. On the **Fuze DataParser** product description page, click **Add connector**.
+2. On the **Fuze DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Fuze DataParser connection wizard.
The Fuze DataParser connector will automatically map users to their Microsoft 36
After you create a Fuze DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Fuze DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Fuze DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Fxconnect Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fxconnect-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the FX Connect DataParser.
-2. On a regular basis, FX Connect items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, FX Connect items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The FX Connect DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the FX Connect DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a FX Connect DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for FX Connect data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **FX Connect DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **FX Connect DataParser**.
-2. On the **FX Connect DataParser** product description page, click **Add connector**.
+2. On the **FX Connect DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the FX Connect DataParser connection wizard.
The FX Connect DataParser connector will automatically map users to their Micros
After you create a FX Connect DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the FX Connect DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the FX Connect DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Ice Im Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-ice-im-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the ICE DataParser.
-2. On a regular basis, ICE Connect Chat items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, ICE Connect Chat items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The ICE DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the ICE DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up an ICE DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for ICE Connect Chat data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **ICE DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **ICE DataParser**.
-2. On the **ICE DataParser** product description page, click **Add connector**.
+2. On the **ICE DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the ICE DataParser connection wizard.
The ICE DataParser connector will automatically map users to their Microsoft 365
After you create an ICE DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the ICE DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the ICE DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Investedge Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-investedge-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the InvestEdge DataParser.
-2. On a regular basis, InvestEdge items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, InvestEdge items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The InvestEdge DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the InvestEdge DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a InvestEdge DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for InvestEdge data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **InvestEdge DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **InvestEdge DataParser**.
-2. On the **InvestEdge DataParser** product description page, click **Add connector**.
+2. On the **InvestEdge DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the InvestEdge DataParser connection wizard.
The InvestEdge DataParser connector will automatically map users to their Micros
After you create a InvestEdge DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the InvestEdge DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the InvestEdge DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Liveperson Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-liveperson-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the the LivePerson Conversational Cloud DataParser.
-2. On a regular basis, LivePerson Conversational Cloud items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, LivePerson Conversational Cloud items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The LivePerson Conversational Cloud DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the LivePerson Conversational Cloud DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a LivePerson Conversational Cloud DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for LivePerson Conversational Cloud data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **LivePerson Conversational Cloud DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **LivePerson Conversational Cloud DataParser**.
-2. On the **LivePerson Conversational Cloud DataParser** product description page, click **Add connector**.
+2. On the **LivePerson Conversational Cloud DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the LivePerson Conversational Cloud DataParser connection wizard.
The LivePerson Conversational Cloud DataParser connector will automatically map
After you create a LivePerson Conversational Cloud DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the LivePerson Conversational Cloud DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the LivePerson Conversational Cloud DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Quip Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-quip-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Quip DataParser.
-2. On a regular basis, Quip items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Quip items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Quip DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Quip DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Quip DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Quip data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Quip DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Quip DataParser**.
-2. On the **Quip DataParser** product description page, click **Add connector**.
+2. On the **Quip DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Quip DataParser connection wizard.
The Quip DataParser connector will automatically map users to their Microsoft 36
After you create a Quip DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Quip DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Quip DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Refinitiv Messenger Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-refinitiv-messenger-data.md
The following overview explains the process of using a data connector to archive
- The user who creates the Refinitiv Eikon Messenger DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP-compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP-compliant.
## Step 1: Set up a Refinitiv Eikon Messenger DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Refinitiv Eikon Messenger data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Refinitiv Eikon Messenger DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Refinitiv Eikon Messenger DataParser**.
-2. On the **Refinitiv Eikon Messenger DataParser** product description page, click **Add connector**.
+2. On the **Refinitiv Eikon Messenger DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Refinitiv Eikon Messenger DataParser connection wizard.
The Refinitiv Eikon Messenger DataParser connector will automatically map users
After you create a Refinitiv Eikon Messenger DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Refinitiv Eikon Messenger DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Refinitiv Eikon Messenger DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Servicenow Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-servicenow-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the ServiceNow DataParser.
-2. On a regular basis, ServiceNow items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, ServiceNow items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The ServiceNow DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the ServiceNow DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a ServiceNow DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for ServiceNow data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **ServiceNow DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **ServiceNow DataParser**.
-2. On the **ServiceNow DataParser** product description page, click **Add connector**.
+2. On the **ServiceNow DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the ServiceNow DataParser connection wizard.
The ServiceNow DataParser connector will automatically map users to their Micros
After you create a ServiceNow DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the ServiceNow DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the ServiceNow DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Skype For Business Server Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-skype-for-business-server-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Skype for Business Server DataParser.
-2. On a regular basis, Skype for Business Server items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Skype for Business Server items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Skype for Business Server DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Skype for Business Server DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Skype for Business Server DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Skype for Business Server data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Skype for Business Server DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Skype for Business Server DataParser**.
-2. On the **Skype for Business Server DataParser** product description page, click **Add connector**.
+2. On the **Skype for Business Server DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Skype for Business Server DataParser connection wizard.
The Skype for Business Server DataParser connector will automatically map users
After you create a Skype for Business Server DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Skype for Business Server DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Skype for Business Server DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Slack Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-slack-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Slack DataParser.
-2. On a regular basis, Slack items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Slack items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Slack DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Slack DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Slack DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Slack data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Slack DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Slack DataParser**.
-2. On the **Slack DataParser** product description page, click **Add connector**.
+2. On the **Slack DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Slack DataParser connection wizard.
The Slack DataParser connector will automatically map users to their Microsoft 3
After you create a Slack DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Slack DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Slack DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Sql Database Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-sql-database-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the SQL DataParser.
-2. On a regular basis, SQL items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, SQL items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The SQL DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the SQL DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a SQL DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for SQL data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **SQL DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **SQL DataParser**.
-2. On the **SQL DataParser** product description page, click **Add connector**.
+2. On the **SQL DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the SQL DataParser connection wizard.
The SQL DataParser connector will automatically map users to their Microsoft 365
After you create a SQL DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the SQL DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the SQL DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Symphony Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-symphony-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Symphony DataParser.
-2. On a regular basis, Symphony items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Symphony items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Symphony DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Symphony DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Symphony DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Symphony data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Symphony DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Symphony DataParser**.
-2. On the **Symphony DataParser** product description page, click **Add connector**.
+2. On the **Symphony DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Symphony DataParser connection wizard.
The Symphony DataParser connector will automatically map users to their Microsof
After you create a Symphony DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Symphony DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Symphony DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Webex Teams Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-webex-teams-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Cisco Webex DataParser.
-2. On a regular basis, Cisco Webex items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Cisco Webex items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Cisco Webex DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Cisco Webex DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Cisco Webex DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Cisco Webex data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Cisco Webex DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Cisco Webex DataParser**.
-2. On the **Cisco Webex DataParser** product description page, click **Add connector**.
+2. On the **Cisco Webex DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Cisco Webex DataParser connection wizard.
The Cisco Webex DataParser connector will automatically map users to their Micro
After you create a Cisco Webex DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Cisco Webex DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Cisco Webex DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive 17A 4 Zoom Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-zoom-data.md
The following overview explains the process of using a data connector to archive
1. Your organization works with 17a-4 to set up and configure the Zoom DataParser.
-2. On a regular basis, Zoom items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
+2. Regularly, Zoom items are collected by the DataParser. The DataParser also converts the content of a message to an email message format.
3. The Zoom DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud.
The following overview explains the process of using a data connector to archive
- The user who creates the Zoom DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up a Zoom DataParser connector The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Zoom data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Zoom DataParser**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Zoom DataParser**.
-2. On the **Zoom DataParser** product description page, click **Add connector**.
+2. On the **Zoom DataParser** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your 17a-4 account and complete the steps in the Zoom DataParser connection wizard.
The Zoom DataParser connector will automatically map users to their Microsoft 36
After you create a Zoom DataParser connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Zoom DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Zoom DataParser connector that you created to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Android Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-android-archiver-data.md
Some of the implementation steps required to archive Android communication data
- The user who creates a Android Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create an Android Archiver connector The last step is to create an Android Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer Android communication to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** > **Android Archiver**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** > **Android Archiver**.
-2. On the **Android Archiver** product description page, click **Add connector**.
+2. On the **Android Archiver** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username. - **Password:** Your TeleMessage password.
-5. After the connector is created, close the pop-up window and click **Next**.
+5. After the connector is created, close the pop-up window and select **Next**.
-6. On the **User mapping** page, enable automatic user mapping and click **Next**. In case you need custom mapping upload a CSV file, and click **Next**.
+6. On the **User mapping** page, enable automatic user mapping and select **Next**. In case you need custom mapping upload a CSV file, and select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Att Network Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-att-network-archiver-data.md
Some of the implementation steps required to archive AT&T Network data are exter
- The user who creates a AT&T Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a AT&T Network connector After you've completed the prerequisites described in the previous section, you can create an AT&T Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** \ **AT&T Network**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** \ **AT&T Network**.
-2. On the **AT&T Network product** description page, click **Add connector**
+2. On the **AT&T Network product** description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the **Connectors** tab on the **Data connectors** page in the compliance center to see the progress of the import process for the new connector.
compliance Archive Bell Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bell-network-data.md
Some of the implementation steps required to archive Bell Network data are exter
- The user who creates a Bell Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a Bell Network connector The last step is to create a Bell Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS/ MMS messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click **Data connectors** > **Bell SMS/MMS Network Archiver**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then select **Data connectors** > **Bell SMS/MMS Network Archiver**.
-2. On the **Bell Network** product description page, click **Add connector**
+2. On the **Bell Network** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
The last step is to create a Bell Network connector in the compliance portal. Th
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the **Connectors** tab on the **Data connectors** page in the compliance center to see the progress of the import process for the new connector.
compliance Archive Bloomberg Message Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bloomberg-message-data.md
The steps in this section show you how to set up a Bloomberg Message connector u
The first step is to obtain a copy of the PGP and SSH public keys. You use these keys in Step 2 to configure the Bloomberg SFTP site to allow the connector (that you create in Step 3) to connect to the SFTP site and transfer the Bloomberg Message email data to Microsoft 365 mailboxes. You also obtain an IP address in this step, which you use when configuring the Bloomberg SFTP site.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Bloomberg Message**, click **View**.
+2. On the **Data connectors** page under **Bloomberg Message**, select **View**.
-3. On the **Bloomberg Message** product description page, click **Add connector**
+3. On the **Bloomberg Message** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH public keys provided by Microsoft**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH public keys provided by Microsoft**.
![Select the option to use public keys.](../media/BloombergMessagePublicKeysOption.png)
-6. Under step 1, click the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
+6. Under step 1, select the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
![Links to download public keys and IP address.](../media/BloombergMessagePublicKeyDownloadLinks.png)
The first step is to obtain a copy of the PGP and SSH public keys. You use these
- IP address: The Bloomberg SFTP site is configured to accept connection requests from this IP address. The same IP address is used by the Bloomberg Message connector to connect to the SFTP site and transfer Bloomberg Message data to Microsoft 365.
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
### Step 2: Configure the Bloomberg SFTP site
The next step is to use the PGP and SSH public keys and the IP address that you
The last step is to create a Bloomberg Message connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Bloomberg Message**, click **View**.
+2. On the **Data connectors** page under **Bloomberg Message**, select **View**.
-3. On the **Bloomberg Message** product description page, click **Add connector**
+3. On the **Bloomberg Message** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH public keys provided by Microsoft**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH public keys provided by Microsoft**.
-6. Under Step 3, enter the required information in the following boxes and then click **Validate connection**.
+6. Under Step 3, enter the required information in the following boxes and then select **Validate connection**.
- **Name:** The name for the connector. It must be unique in your organization.
The last step is to create a Bloomberg Message connector in the compliance porta
- **SFTP port:** The port number for the Bloomberg SFTP site. The connector uses this port to connect to the SFTP site.
-7. After the connection is successfully validated, click **Next**.
+7. After the connection is successfully validated, select **Next**.
8. On the **Define user** page, specify the users to import data for.
The last step is to create a Bloomberg Message connector in the compliance porta
> [!NOTE] > The connector imports message items to the mailbox of a specific user. A new folder named **BloombergMessage** is created in the specific user's mailbox and the items will be imported to it. The connector does by using the value of the *CorporateEmailAddress* property. Every chat message contains this property, and the property is populated with the email address of every participant of the chat message. In addition to automatic user mapping using the value of the *CorporateEmailAddress* property, you can also define custom mapping by uploading a CSV mapping file. The mapping file should contain the Bloomberg UUID and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every message item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's Bloomberg UUID, the connector will use the *CorporateEmailAddress* property of the chat item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *CorporateEmailAddress* property of the message item, the item won't be imported.
-10. Click **Next**, review your settings, and then click **Finish** to create the connector.
+10. Select **Next**, review your settings, and then select **Finish** to create the connector.
-11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Click the connector to display the flyout page, which contains information about the connector.
+11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Select the connector to display the flyout page, which contains information about the connector.
## Set up a connector using private keys
If your organization has used PGP and SSH private keys to set up a Bloomberg SFT
To obtain the IP address:
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Bloomberg Message**, click **View**.
+2. On the **Data connectors** page under **Bloomberg Message**, select **View**.
-3. On the **Bloomberg Message** product description page, click **Add connector**
+3. On the **Bloomberg Message** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
-6. Under step 1, click **Download IP address** to save a copy of the IP address file to your local computer.
+6. Under step 1, select **Download IP address** to save a copy of the IP address file to your local computer.
![Download the IP address.](../media/BloombergMessageConnectorIPAddress.png)
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
You need to work with Bloomberg customer support to configure your Bloomberg SFTP site to accept connection requests from this IP address. Contact [Bloomberg customer support](https://service.bloomberg.com/portal/sessions/new?utm_source=bloomberg-menu&utm_medium=csc) for assistance.
You need to work with Bloomberg customer support to configure your Bloomberg SFT
After your Bloomberg SFTP site is configured, the next step is to create a Bloomberg Message connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Bloomberg Message**, click **View**.
+2. On the **Data connectors** page under **Bloomberg Message**, select **View**.
-3. On the **Bloomberg Message** product description page, click **Add connector**
+3. On the **Bloomberg Message** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
![Select the option to use private keys.](../media/BloombergMessagePrivateKeysOption.png)
-6. Under Step 3, enter the required information in the following boxes and then click **Validate connection**.
+6. Under Step 3, enter the required information in the following boxes and then select **Validate connection**.
- **Name:** The name for the connector. It must be unique in your organization.
After your Bloomberg SFTP site is configured, the next step is to create a Bloom
- **SSH key passphrase:** The passphrase for the SSH private key.
-7. After the connection is successfully validated, click **Next**.
+7. After the connection is successfully validated, select **Next**.
8. On the **Define user** page, specify the users to import data for
After your Bloomberg SFTP site is configured, the next step is to create a Bloom
> [!NOTE] > The connector imports message items to the mailbox of a specific user. A new folder named **BloombergMessage** is created in the specific user's mailbox and the items will be imported to it. The connector does by using the value of the *CorporateEmailAddress* property. Every chat message contains this property, and the property is populated with the email address of every participant of the chat message. In addition to automatic user mapping using the value of the *CorporateEmailAddress* property, you can also define custom mapping by uploading a CSV mapping file. The mapping file should contain the Bloomberg UUID and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every message item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's Bloomberg UUID, the connector will use the *CorporateEmailAddress* property of the chat item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *CorporateEmailAddress* property of the message item, the item won't be imported.
-10. Click **Next**, review your settings, and then click **Finish** to create the connector.
+10. Select **Next**, review your settings, and then select **Finish** to create the connector.
-11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Click the connector to display the flyout page, which contains information about the connector.
+11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Select the connector to display the flyout page, which contains information about the connector.
## Known issues
compliance Archive Celltrust Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-celltrust-data.md
The following overview explains the process of using a connector to archive Cell
- The user who creates the CellTrust connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the CellTrust connector The first step is to access to the **Data Connectors** in the compliance portal and create a connector for CellTrust data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** \> **CellTrust**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** \> **CellTrust**.
-2. On the **CellTrust** product description page, click **Add connector**.
+2. On the **CellTrust** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** in the compliance portal
The second step is to configure the CellTrust connector on the Veritas Merge1 site. For information about how to configure the CellTrust connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20CellTrust%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector set up in the compliance portal, follow
1. On the **Map CellTrust users to Microsoft 365 users** page, enable automatic user mapping. The CellTrust items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the CellTrust connector After you create the CellTrust connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **CellTrust** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **CellTrust** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Ciscojabberonmssql Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonmssql-data.md
The following overview explains the process of using a connector to archive Cisc
- The user who creates the Cisco Jabber connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Cisco Jabber on MS SQL connector The first step is to access to the **Data Connectors** in the compliance portal and create a connector for Cisco Jabber on MS SQL data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/)and then click **Data connectors** > **Cisco Jabber on MS SQL**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/)and then select **Data connectors** > **Cisco Jabber on MS SQL**.
-2. On the **Cisco Jabber on MS SQL** product description page, click **Add connector**.
+2. On the **Cisco Jabber on MS SQL** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** in the compliance portal
The second step is to configure the Cisco Jabber on MS SQL connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on MS SQL connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20MS%20SQL%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector set up in the compliance portal, follow
1. On the **Map Cisco Jabber on MS SQL users to Microsoft 365 users** page, enable automatic user mapping. The Cisco Jabber on MS SQL items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Cisco Jabber connector After you create the Cisco Jabber on MS SQL connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Cisco Jabber on MS SQL** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Cisco Jabber on MS SQL** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Ciscojabberonoracle Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonoracle-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Cisco Jabber on Oracle connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Cisco Jabber on Oracle connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Jabber data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Cisco Jabber on Oracle**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Cisco Jabber on Oracle**.
-2. On the **Cisco Jabber on Oracle** product description page, click **Add connector**.
+2. On the **Cisco Jabber on Oracle** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Cisco Jabber on Oracle connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on Oracle connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20Oracle%20User%20Guide.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Cisco Jabber on Oracle users to Microsoft 365 users** page, enable automatic user mapping. The Cisco Jabber on Oracle items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Cisco Jabber on Oracle connector After you create the Cisco Jabber on Oracle connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Cisco Jabber on Oracle** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Cisco Jabber on Oracle** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Ciscojabberonpostgresql Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonpostgresql-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Cisco Jabber on PostgreSQL connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Cisco Jabber on PostgreSQL connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Jabber data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** &gt; **Cisco Jabber on PostgreSQL**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** &gt; **Cisco Jabber on PostgreSQL**.
-2. On the **Cisco Jabber on PostgreSQL** product description page, click **Add connector**.
+2. On the **Cisco Jabber on PostgreSQL** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Cisco Jabber on PostgreSQL connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on PostgreSQL connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20PostgreSQL%20User%20Guide.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Cisco Jabber on PostgreSQL users to Microsoft 365 users** page, enable automatic user mapping. The Cisco Jabber on PostgreSQL items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Cisco Jabber on PostgreSQL connector After you create the Cisco Jabber on PostgreSQL connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Cisco Jabber on PostgreSQL** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Cisco Jabber on PostgreSQL** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Data From Celltrustsl2 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-data-from-celltrustsl2.md
CellTrust's SL2 platform captures communication data from multiple sources. SL2
- The user who creates the CellTrust SL2 data connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the Microsoft Purview compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This CellTrust data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This CellTrust data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Create a CellTrust SL2 connector The first step is to create a data connector in the compliance portal.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** on the left navigation pane.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** on the left navigation pane.
-2. On the **Overview** tab, click **Filter** and select **By CellTrust**, and then apply the filter.
+2. On the **Overview** tab, select **Filter** and select **By CellTrust**, and then apply the filter.
![Configure filter to display CellTrust connectors.](../media/dataconnectorsFilter.png)
-3. Click **CellTrust SL2 (preview)**.
+3. Select **CellTrust SL2 (preview)**.
-4. On the **CellTrust SL2 (preview)** product description page, click **Add connector**.
+4. On the **CellTrust SL2 (preview)** product description page, select **Add connector**.
-5. On the **Terms of service** page, click **Accept**.
+5. On the **Terms of service** page, select **Accept**.
-6. Enter a unique name that identifies the connector and then click **Next**. The name you enter will identify the connector on the **Data connectors** page after you create it.
+6. Enter a unique name that identifies the connector and then select **Next**. The name you enter will identify the connector on the **Data connectors** page after you create it.
-7. On the **Sign in to your CellTrust account** page, click **Sign into CellTrust**. You'll be redirected to the **CellTrust Portal for Microsoft 365** in a new browser window.
+7. On the **Sign in to your CellTrust account** page, select **Sign into CellTrust**. You'll be redirected to the **CellTrust Portal for Microsoft 365** in a new browser window.
## Step 2: Select the domains or OUs to archive
The last step is to map users and complete the connector setup in the compliance
1. On the **User mapping** page, select **Enable automatic user mapping** if the email address for users is the same in both SL2 and Microsoft 365. Otherwise, you should manually user email addresses by uploading a CSV file that maps users' SL2 address to their Microsoft 365 address.
-2. Click **Next**, review your settings, and then click **Finish** to create the connector.
+2. Select **Next**, review your settings, and then select **Finish** to create the connector.
The new connector is added to the list on the **Data connectors** page.
compliance Archive Eml Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-eml-data.md
The following overview explains the process of using a connector to archive EML
- The user who creates the EML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up an EML Connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for EML data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **EML**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **EML**.
-2. On the **EML** product description page, click **Add connector**.
+2. On the **EML** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the EML connector on the Veritas Merge1 site. For information about configuring the EML connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20EML%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map external users to Microsoft 365 users** page, enable automatic user mapping. The EML source items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the EML items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the EML connector After you create the EML connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **EML** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **EML** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Enterprise Number Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-enterprise-number-data.md
Some of the implementation steps required to archive Enterprise Number Archiver
- The user who creates a Enterprise Number Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create an Enterprise Number Archiver connector After you've completed the prerequisites described in the previous section, you can create an Enterprise Number Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS, MMS, and voice call messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** \> **Enterprise Number Archiver**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** \> **Enterprise Number Archiver**.
-2. On the **Enterprise Number Archiver** product description page, click **Add connector**
+2. On the **Enterprise Number Archiver** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Fxconnect Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-fxconnect-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the FX Connect connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the FX Connect connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for FX Connect data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **FX Connect**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **FX Connect**.
-2. On the **FX Connect** product description page, click **Add connector**.
+2. On the **FX Connect** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the FX Connect connector on the Merge1 site. For information about how to configure the FX Connect connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20FX%20Connect%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map FX Connect users to Microsoft 365 users** page, enable automatic user mapping. The FX Connect items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the FX Connect connector After you create the FX Connect connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **FX Connect** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **FX Connect** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Icechat Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-icechat-data.md
The steps in this section show you how to set up an ICE Chat connector using the
The first step is to obtain a copy of the public keys for Pretty Good Privacy (PGP) and Secure Shell (SSH). You use these keys in Step 2 to configure the ICE Chat SFTP site to allow the connector (that you create in Step 3) to connect to the SFTP site and transfer the ICE Chat data to Microsoft 365 mailboxes. You will also obtain an IP address in this step, which you use when configuring the ICE Chat SFTP site.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **ICE Chat**, click **View**.
+2. On the **Data connectors** page under **ICE Chat**, select **View**.
-3. On the **ICE Chat** page, click **Add connector**.
+3. On the **ICE Chat** page, select **Add connector**.
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH public keys provided by Microsoft**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH public keys provided by Microsoft**.
![Select the option to use public keys.](../media/ICEChatPublicKeysOption.png)
-6. Under step 1, click the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
+6. Under step 1, select the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
![Links to download public keys and IP address.](../media/ICEChatPublicKeyDownloadLinks.png)
The first step is to obtain a copy of the public keys for Pretty Good Privacy (P
- IP address: The ICE Chat SFTP site is configured to accept a connection request only from this IP address, which is used by the ICE Chat connector that you create in Step 3.
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
### Step 2: Configure the ICE Chat SFTP site
The next step is to use the PGP and SSH public keys and the IP address that you
The last step is to create an ICE Chat connector in the compliance portal. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **ICE Chat**, click **View**.
+2. On the **Data connectors** page under **ICE Chat**, select **View**.
-3. On the **ICE Chat** page, click **Add connector**.
+3. On the **ICE Chat** page, select **Add connector**.
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH public keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH public keys**.
-6. Under Step 3, enter the required information in the following boxes and then click **Validate connection**.
+6. Under Step 3, enter the required information in the following boxes and then select **Validate connection**.
- **Firm code:** The ID for your organization, which is used as the username for the ICE Chat SFTP site.
The last step is to create an ICE Chat connector in the compliance portal. The c
- **SFTP port:** The port number for the ICE Chat SFTP site. The connector uses this port to connect to the SFTP site.
-7. After the connection is successfully validated, click **Next**.
+7. After the connection is successfully validated, select **Next**.
8. On the **Define user** page, specify the users to import data for.
The last step is to create an ICE Chat connector in the compliance portal. The c
> [!NOTE] > As previously explained, custom mapping file CSV file contains the ICE Chat imid and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every chat item, the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's ICE Chat imid, the connector will import the item to the mailboxes for the users specified in the *SenderEmail* and *RecipientEmail* properties of the chat item. If the connector doesn't find a valid Microsoft 365 user by either automatic or custom user mapping, the item won't be imported.
-10. Click **Next**, review your settings, and then click **Finish** to create the connector.
+10. Select **Next**, review your settings, and then select **Finish** to create the connector.
11. Go to the **Data connectors** page to see the progress of the import process for the new connector.
If your organization has used PGP and SSH private keys to set up an ICE Chat SFT
To obtain the IP address:
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **ICE Chat**, click **View**.
+2. On the **Data connectors** page under **ICE Chat**, select **View**.
-3. On the **ICE Chat** product description page, click **Add connector**
+3. On the **ICE Chat** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
![Select the option to use private keys.](../media/ICEChatPrivateKeysOption.png)
-6. Under step 1, click **Download IP address** to save a copy of the IP address file to your local computer.
+6. Under step 1, select **Download IP address** to save a copy of the IP address file to your local computer.
![Download the IP address.](../media/ICEChatConnectorIPAddress.png)
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
You need to work with ICE Chat customer support to configure your ICE Chat SFTP site to accept connection requests from this IP address.
You need to work with ICE Chat customer support to configure your ICE Chat SFTP
After your ICE Chat SFTP site is configured, the next step is to create an ICE Chat connector in the compliance portal. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your ICE Chat SFTP site.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **ICE Chat**, click **View**.
+2. On the **Data connectors** page under **ICE Chat**, select **View**.
-3. On the **ICE Chat** product description page, click **Add connector**
+3. On the **ICE Chat** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
-6. Under Step 3, enter the required information in the following boxes and then click **Validate connection**.
+6. Under Step 3, enter the required information in the following boxes and then select **Validate connection**.
- **Name:** The name for the connector. It must be unique in your organization.
After your ICE Chat SFTP site is configured, the next step is to create an ICE C
- **SSH key passphrase:** The passphrase for the SSH private key.
-7. After the connection is successfully validated, click **Next**.
+7. After the connection is successfully validated, select **Next**.
8. On the **Define user** page, specify the users to import data for.
After your ICE Chat SFTP site is configured, the next step is to create an ICE C
> [!NOTE] > As previously explained, custom mapping file CSV file contains the ICE Chat imid and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every chat item, the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's ICE Chat imid, the connector will import the item to the mailboxes for the users specified in the *SenderEmail* and *RecipientEmail* properties of the chat item. If the connector doesn't find a valid Microsoft 365 user by either automatic or custom user mapping, the item won't be imported.
-10. Click **Next**, review your settings, and then click **Finish** to create the connector.
+10. Select **Next**, review your settings, and then select **Finish** to create the connector.
-11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Click the connector to display the flyout page, which contains information about the connector.
+11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Select the connector to display the flyout page, which contains information about the connector.
compliance Archive Instant Bloomberg Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-instant-bloomberg-data.md
The steps in this section show you how to set up an Instant Bloomberg connector
The first step is to obtain a copy of the public keys for Pretty Good Privacy (PGP) and Secure Shell (SSH). You use these keys in Step 2 to configure the Bloomberg SFTP site to allow the connector (that you create in Step 3) to connect to the SFTP site and transfer the Instant Bloomberg chat data to Microsoft 365 mailboxes. You also obtain an IP address in this step, which you use when configuring the Bloomberg SFTP site.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Instant Bloomberg**, click **View**.
+2. On the **Data connectors** page under **Instant Bloomberg**, select **View**.
-3. On the **Instant Bloomberg** product description page, click **Add connector**
+3. On the **Instant Bloomberg** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH public keys provided by Microsoft**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH public keys provided by Microsoft**.
![Select the option to use public keys.](../media/InstantBloombergPublicKeysOption.png)
-6. Under step 1, click the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
+6. Under step 1, select the **Download SSH key**, **Download PGP key**, and **Download IP address** links to save a copy of each file to your local computer.
![Links to download public keys and IP address.](../media/InstantBloombergPublicKeyDownloadLinks.png)
The first step is to obtain a copy of the public keys for Pretty Good Privacy (P
- IP address: The Bloomberg SFTP site is configured to accept connection requests from this IP address. The same IP address is used by the Instant Bloomberg connector to connect to the SFTP site and transfer Instant Bloomberg data to Microsoft 365.
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 3 to create the connector.
### Step 2: Configure the Bloomberg SFTP site
The next step is to use the PGP and SSH public keys and the IP address that you
The last step is to create an Instant Bloomberg connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Instant Bloomberg**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Instant Bloomberg**.
-2. On the **Instant Bloomberg** product description page, click **Add connector**
+2. On the **Instant Bloomberg** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Add credentials for Bloomberg SFTP site** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Add credentials for Bloomberg SFTP site** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Firm code:** The ID for your organization that is used as the username for the Bloomberg SFTP site.
The last step is to create an Instant Bloomberg connector in the compliance port
> [!NOTE] > The connector imports the chat message items to the mailbox of a specific user. A new folder named **InstantBloomberg** is created in the specific user's mailbox and the items will be imported to it. The connector does by using the value of the *CorporateEmailAddress* property. Every chat message contains this property, and the property is populated with the email address of every participant of the chat message. In addition to automatic user mapping using the value of the *CorporateEmailAddress* property, you can also define custom mapping by uploading a CSV mapping file. The mapping file should contain the Bloomberg UUID and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every chat item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's Bloomberg UUID, the connector will use the *CorporateEmailAddress* property of the chat item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *CorporateEmailAddress* property of the chat item, the item won't be imported.
-7. Click **Next**, review your settings, and then click **Finish** to create the connector.
+7. Select **Next**, review your settings, and then select **Finish** to create the connector.
-8. Go to the **Data connectors** page to see the progress of the import process for the new connector. Click the connector to display the flyout page, which contains information about the connector.
+8. Go to the **Data connectors** page to see the progress of the import process for the new connector. Select the connector to display the flyout page, which contains information about the connector.
## Set up a connector using private keys
If your organization has used PGP and SSH private keys to set up a Bloomberg SFT
To obtain the IP address:
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Instant Bloomberg**, click **View**.
+2. On the **Data connectors** page under **Instant Bloomberg**, select **View**.
-3. On the **Instant Bloomberg** product description page, click **Add connector**
+3. On the **Instant Bloomberg** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
-6. Under step 1, click **Download IP address** to save a copy of the IP address file to your local computer.
+6. Under step 1, select **Download IP address** to save a copy of the IP address file to your local computer.
![Download the IP address.](../media/InstantBloombergConnectorIPAddress.png)
-7. Click **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
+7. Select **Cancel** to close the wizard. You come back to this wizard in Step 2 to create the connector.
You need to work with Bloomberg customer support to configure your Bloomberg SFTP site to accept connection requests from this IP address. Contact [Bloomberg customer support](https://service.bloomberg.com/portal/sessions/new?utm_source=bloomberg-menu&utm_medium=csc) for assistance.
You need to work with Bloomberg customer support to configure your Bloomberg SFT
After your Bloomberg SFTP site is configured, the next step is to create an Instant Bloomberg connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Instant Bloomberg**, click **View**.
+2. On the **Data connectors** page under **Instant Bloomberg**, select **View**.
-3. On the **Instant Bloomberg** product description page, click **Add connector**
+3. On the **Instant Bloomberg** product description page, select **Add connector**
-4. On the **Terms of service** page, click **Accept**.
+4. On the **Terms of service** page, select **Accept**.
-5. On the **Add credentials for content source** page, click **I want to use PGP and SSH private keys**.
+5. On the **Add credentials for content source** page, select **I want to use PGP and SSH private keys**.
![Select the option to use private keys.](../media/InstantBloombergPrivateKeysOption.png)
-6. Under Step 3, enter the required information in the following boxes and then click **Validate connection**.
+6. Under Step 3, enter the required information in the following boxes and then select **Validate connection**.
- **Name:** The name for the connector. It must be unique in your organization.
After your Bloomberg SFTP site is configured, the next step is to create an Inst
- **SSH key passphrase:** The passphrase for the SSH private key.
-7. After the connection is successfully validated, click **Next**.
+7. After the connection is successfully validated, select **Next**.
8. On the **Define user** page, select one of the following options to specify the users whose data you want to import.
After your Bloomberg SFTP site is configured, the next step is to create an Inst
> [!NOTE] > The connector imports the chat message items to the mailbox of a specific user. A new folder named **InstantBloomberg** is created in the specific user's mailbox and the items will be imported to it. The connector does by using the value of the *CorporateEmailAddress* property. Every chat message contains this property, and the property is populated with the email address of every participant of the chat message. In addition to automatic user mapping using the value of the *CorporateEmailAddress* property, you can also define custom mapping by uploading a CSV mapping file. The mapping file should contain the Bloomberg UUID and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every chat item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's Bloomberg UUID, the connector will use the *CorporateEmailAddress* property of the chat item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *CorporateEmailAddress* property of the chat item, the item won't be imported.
-10. Click **Next**, review your settings, and then click **Finish** to create the connector.
+10. Select **Next**, review your settings, and then select **Finish** to create the connector.
-11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Click the connector to display the flyout page, which contains information about the connector.
+11. Go to the **Data connectors** page to see the progress of the import process for the new connector. Select the connector to display the flyout page, which contains information about the connector.
compliance Archive Linkedin Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-linkedin-data.md
After the LinkedIn Company page data is stored in a mailbox, you can apply Micro
## Create a LinkedIn connector
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **LinkedIn Company pages**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **LinkedIn Company pages**.
-2. On the **LinkedIn company pages** product page, click **Add connector**.
+2. On the **LinkedIn company pages** product page, select **Add connector**.
3. On the **Terms of service** page, select **Accept**.
-4. On the **Sign in with LinkedIn** page, click **Sign in with LinkedIn**.
+4. On the **Sign in with LinkedIn** page, select **Sign in with LinkedIn**.
The LinkedIn sign-in page is displayed. ![LinkedIn sign-in page.](../media/LinkedInSigninPage.png)
-5. On the LinkedIn sign in page, enter the email address (or phone number) and password for the LinkedIn account associated with the company page that you want to archive, and then click **Sign in**.
+5. On the LinkedIn sign in page, enter the email address (or phone number) and password for the LinkedIn account associated with the company page that you want to archive, and then select **Sign in**.
A wizard page is displayed with a list of all LinkedIn Company Pages associated with the account that you signed in to. A connector can only be configured for one company page. If your organization has multiple LinkedIn Company Pages, you have to create a connector for each one. ![A page with a list of LinkedIn Company Pages is displayed.](../media/LinkedInSelectCompanyPage.png)
-6. Select the company page that you want to archive items from, and then click **Next**.
+6. Select the company page that you want to archive items from, and then select **Next**.
-7. On the **Choose storage location** page, click in the box, select the email address of a Microsoft 365 mailbox that the LinkedIn items will be imported to, and then click **Next**. Items are imported to the inbox folder in this mailbox. The mailbox used must have an Exchange Online Plan 1 or Plan 2 license.
+7. On the **Choose storage location** page, select in the box, select the email address of a Microsoft 365 mailbox that the LinkedIn items will be imported to, and then select **Next**. Items are imported to the inbox folder in this mailbox. The mailbox used must have an Exchange Online Plan 1 or Plan 2 license.
-8. Click **Next** to review the connector settings and then click **Finish** to complete the connector setup.
+8. Select **Next** to review the connector settings and then select **Finish** to complete the connector setup.
After you create the connector, you can go back to the **Data connectors** page to see the progress of the import process for the new connector (select **Refresh** if necessary to update the list of connectors). The value in the **Status** column is **Waiting to start**. It takes up to 24 hours for the initial import process to be started. After the first time the connector runs and imports the LinkedIn items, the connector will run once every 24 hours and import any new items that are created on the LinkedIn Company Page in the previous 24 hours.
compliance Archive Mssqldatabaseimporter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mssqldatabaseimporter-data.md
The following overview explains the process of using a connector to archive MS S
- The user who creates the MS SQL Database Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the MS SQL Database Importer connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for the MS SQL Database.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click **Data connectors** > **MS SQL Database Importer**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then select **Data connectors** > **MS SQL Database Importer**.
-2. On the **MS SQL Database Importer** product description page, click **Add new connector**.
+2. On the **MS SQL Database Importer** product description page, select **Add new connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the MS SQL Database Importer connector on the Merge1 site. For information about how to configure the MS SQL Database Importer, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20MS%20SQL%20Database%20Importer%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup, follow these steps:
1. On the **Map MS SQL Database Importer users to Microsoft 365 users** page, enable automatic user mapping. The MS SQL Database items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the MS SQL Database Importer connector After you create the MS SQL Database Importer connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **MS SQL Database** **Importer** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **MS SQL Database** **Importer** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive O2 Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-o2-network-data.md
Some of the implementation steps required to archive O2 Network data are externa
- The user who creates an O2 Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create an O2 Network connector After you've completed the prerequisites described in the previous section, you can create an O2 Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages and voice calls to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** \> **O2 Network**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** \> **O2 Network**.
-2. On the **O2 Network** product description page, click **Add connector**
+2. On the **O2 Network** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping and click **Next**. In case you need custom mapping upload a CSV file, and click **Next**.
+6. On the **User mapping** page, enable automatic user mapping and select **Next**. In case you need custom mapping upload a CSV file, and select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Pivot Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-pivot-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Pivot connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Pivot connector The first step is to access to the **Data Connectors** page in the Microsoft compliance center and create a connector for Pivot data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Pivot**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Pivot**.
-2. On the **Pivot** product description page, click **Add connector**.
+2. On the **Pivot** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector and then click **Next**.
+4. Enter a unique name that identifies the connector and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the Microsoft com
The second step is to configure the Pivot connector on the Merge1 site. For information about how to configure the Pivot connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Pivot%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the Microsoft 356 compliance ce
1. On the **Map Pivot users to Microsoft 365 users** page, enable automatic user mapping. The Pivot items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Pivot connector After you create the Pivot connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Pivot** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Pivot** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Redtailspeak Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-redtailspeak-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Redtail Speak Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Redtail Speak connector
compliance Archive Reutersdealing Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersdealing-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Reuters Dealing connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Reuters Dealing connector The first step is to access to the **Data Connectors** page in the Microsoft 365 and create a connector for Reuters Dealing data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Reuters Dealing**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Reuters Dealing**.
-2. On the **Reuters Dealing** product description page, click **Add connector**.
+2. On the **Reuters Dealing** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the Microsoft 365
The second step is to configure the Reuters Dealing connector on Veritas the Merge1 site. For information about configuring the Reuters Dealing connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20Dealing%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
Reuters Dealing items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Reuters Dealing connector After you create the Reuters Dealing connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Reuters Dealing** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Reuters Dealing** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Reuterseikon Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reuterseikon-data.md
The following overview explains the process of using a connector to archive Reut
- The user who creates the Reuters Eikon connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Reuters Eikon connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Reuters Eikon data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Reuters Eikon**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Reuters Eikon**.
-2. On the **Reuters Eikon** product description page, click **Add connector**.
+2. On the **Reuters Eikon** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Reuters Eikon connector on the Merge1 site. For information about how to configure the Reuters Eikon connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20Eikon%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map external users to Microsoft 365 users** page, enable automatic user mapping. The Reuters Eikon items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Reuters Eikon connector After you create the Reuters Eikon connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Reuters Eikon** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Reuters Eikon** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Reutersfx Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersfx-data.md
The following overview explains the process of using a connector to archive Reut
- The user who creates the Reuters FX connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Reuters FX connector The first step is to access to the **Data Connectors** page in the Microsoft 365 and create a connector for Reuters FX data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Reuters FX**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Reuters FX**.
-2. On the **Reuters FX** product description page, click **Add connector**.
+2. On the **Reuters FX** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the Microsoft 365
The second step is to configure the Reuters FX connector on the Veritas Merge1 site. For information about configuring the Reuters FX connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20FX%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
Reuters FX items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Reuters FX connector After you create the Reuters FX connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Reuters FX** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Reuters FX** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Ringcentral Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ringcentral-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the RingCentral connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the RingCentral connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for RingCentral data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **RingCentral**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **RingCentral**.
-2. On the **RingCentral** product description page, click **Add connector**.
+2. On the **RingCentral** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the RingCentral connector on the Veritas Merge1 site. For information about how to configure the RingCentral connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20RingCentral%20User%20Guide.pdf).
-After you click **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map RingCentral users to Microsoft 365 users** page, enable automatic user mapping. The RingCentral items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the RingCentral connector After you create the RingCentral connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **RingCentral** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **RingCentral** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Rogers Network Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-rogers-network-archiver-data.md
The following overview explains the process of using a connector to archive Roge
- The user who creates a Rogers Network Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a Rogers Network Archiver connector After you've completed the prerequisites described in the previous section, you can create the Rogers Network Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer Rogers SMS/MMS data to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Rogers Network Archiver**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Rogers Network Archiver**.
-2. On the **Rogers Network Archiver** product description page, click **Add connector**.
+2. On the **Rogers Network Archiver** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Salesforcechatter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-salesforcechatter-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Salesforce Chatter connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Salesforce Chatter connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Chatter data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Salesforce Chatter**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Salesforce Chatter**.
-2. On the **Salesforce Chatter** product description page, click **Add connector**.
+2. On the **Salesforce Chatter** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Salesforce Chatter connector on the Veritas Merge1 site. For information about how to configure the Salesforce Chatter connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20SalesForce%20Chatter%20User%20Guide%20.pdf).
-After you click **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Salesforce Chatter users to Microsoft 365 users** page, enable automatic user mapping. The Salesforce Chatter items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Salesforce Chatter connector After you create the Salesforce Chatter connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. click the **Connectors** tab and then click the **Salesforce Chatter** connector to display the flyout page, which contains the properties and information about the connector.
+2. select the **Connectors** tab and then select the **Salesforce Chatter** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains data that's been imported to the Microsoft cloud.
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains data that's been imported to the Microsoft cloud.
## Known issues
compliance Archive Servicenow Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-servicenow-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the ServiceNow connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the ServiceNow connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for ServiceNow data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **ServiceNow**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **ServiceNow**.
-2. On the **ServiceNow** product description page, click **Add connector**.
+2. On the **ServiceNow** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the ServiceNow connector on the Veritas Merge1 site. For information about how to configure the ServiceNow connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20ServiceNow%20User%20Guide%20.pdf).
-After you click **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map ServiceNow users to Microsoft 365 users** page, enable automatic user mapping. The ServiceNow items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the ServiceNow connector After you create the ServiceNow connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **ServiceNow** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **ServiceNow** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Signal Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-signal-archiver-data.md
The following overview explains the process of using a connector to archive Sign
- The user who creates a Signal Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a Signal Archiver connector After you've completed the prerequisites described in the previous section, you can create the Signal Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfers Signal communications data to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Signal Archiver**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Signal Archiver**.
-2. On the **Signal Archiver** product description page, click **Add connector.**
+2. On the **Signal Archiver** product description page, select **Add connector.**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Skypeforbusiness Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-skypeforbusiness-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Skype for Business connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Skype for Business connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Skype for Business data.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** > **Skype for Business**.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** > **Skype for Business**.
-2. On the **Skype for Business** product description page, click **Add connector**.
+2. On the **Skype for Business** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Skype for Business connector on the Veritas Merge1 site. For information about how to configure the Skype for Business connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Skype%20for%20Business%20%20User%20Guide.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Skype for Business users to Microsoft 365 users** page, enable automatic user mapping. The Skype for Business items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Skype for Business connector After you create the Skype for Business connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Skype for Business** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Skype for Business** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Slack Data Microsoft https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data-microsoft.md
The following overview explains the process of using a Microsoft data connector
## Step 1: Create a Slack eDiscovery connector
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** on the left navigation pane.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** on the left navigation pane.
-2. On the **Overview** tab, click **Filter** and select **By Microsoft**, and then apply the filter.
+2. On the **Overview** tab, select **Filter** and select **By Microsoft**, and then apply the filter.
-3. Click **Slack eDiscovery (preview)**.
+3. Select **Slack eDiscovery (preview)**.
-4. On the **Slack eDiscovery (preview)** product description page, click **Add connector**.
+4. On the **Slack eDiscovery (preview)** product description page, select **Add connector**.
-5. On the **Terms of service** wizard page, click **Accept**.
+5. On the **Terms of service** wizard page, select **Accept**.
-6. Enter a unique name that identifies the connector and then click **Next**. The name you enter will identify the connector on the **Data connectors** page after you create it.
+6. Enter a unique name that identifies the connector and then select **Next**. The name you enter will identify the connector on the **Data connectors** page after you create it.
## Step 2: Sign into your Slack organization
-1. On the **Sign into Slack** wizard page, click **Sign into Slack** to sign into your organization's Slack workspace.
+1. On the **Sign into Slack** wizard page, select **Sign into Slack** to sign into your organization's Slack workspace.
-2. On the Slack **Sign into your workspace** page, type the name of the workspace that you want to archive data from, and then click **Continue**.
+2. On the Slack **Sign into your workspace** page, type the name of the workspace that you want to archive data from, and then select **Continue**.
A page is displayed with the name of your Slack workspace and a prompt to sign in.
-3. Click the link in the string **Org Owners can also sign in here**.
+3. Select the link in the string **Org Owners can also sign in here**.
-4. On the workspace sign-in page, enter the email address and password for your organization's Slack enterprise account, and then click **Sign in**.
+4. On the workspace sign-in page, enter the email address and password for your organization's Slack enterprise account, and then select **Sign in**.
After you successfully sign in, a page is displayed that requests permission to access your Slack organization by the connector app.
-5. Click **Allow** to allow the app to administer your organization.
+5. Select **Allow** to allow the app to administer your organization.
- After you click **Allow**, the Slack page closes and the **Map Slack eDiscovery users to Microsoft 365 users** page in the connector wizard is displayed.
+ After you select **Allow**, the Slack page closes and the **Map Slack eDiscovery users to Microsoft 365 users** page in the connector wizard is displayed.
## Step 3: Specify the users to import data for
Select one of the following options to specify which users whose Slack eDiscover
- **Automatic user mapping**. Select this option to automatically map Slack user names to Microsoft 365 mailboxes. The connector does by using the value of the *Email* property, which every Slack message or item contains. This property is populated with an email address of every participant of the message. If the connector can associate the email addresses with corresponding Microsoft 365 users, the item is imported to the Microsoft 365 mailbox of those users. To use this option, you must have SSO configured for your Slack organization.
- - **Custom user mapping**. You also have the option to use custom user mapping instead of (or in addition to) automatic user mapping. With this option, you have to create and then upload a CSV file that maps users' Slack member ID to their Microsoft 365 email address. To do this, click **Download CSV mapping template**, populate the CSV file with the Slack member ID and Microsoft 365 email address for all users in your organization, then select and upload the CSV file to the wizard. Be sure not to change the column headings in the CSV file. Here's an example of the CSV mapping file:
+ - **Custom user mapping**. You also have the option to use custom user mapping instead of (or in addition to) automatic user mapping. With this option, you have to create and then upload a CSV file that maps users' Slack member ID to their Microsoft 365 email address. To do this, select **Download CSV mapping template**, populate the CSV file with the Slack member ID and Microsoft 365 email address for all users in your organization, then select and upload the CSV file to the wizard. Be sure not to change the column headings in the CSV file. Here's an example of the CSV mapping file:
|**ExternalUserId** | **O365UserMailbox** | |:-|:--|
Select one of the following options to specify which users whose Slack eDiscover
||| > [!TIP]
- > Member IDs for users can be obtained by clicking the ... More button in a user's profile and then selecting **Copy member ID**. Alternatively, you can use the Slack [users.list API method](https://api.slack.com/methods/users.list) to obtain the IDs for all members of a Slack team.
+ > Member IDs for users can be obtained by selecting the ... More button in a user's profile and then selecting **Copy member ID**. Alternatively, you can use the Slack [users.list API method](https://api.slack.com/methods/users.list) to obtain the IDs for all members of a Slack team.
If you enable automatic user mapping and provide a custom mapping file, the connector will first look at the custom mapping file to map the Slack user to a Microsoft 365 mailbox. If the connector doesn't find a valid Microsoft 365 user that corresponds to the Slack user, the connector will use the *Email* property of the Slack item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *Email* property of the message item, the item won't be imported.
Select one of the following options to specify which users whose Slack eDiscover
In addition to Slack messages, you can also specify other types of Slack content to import to Microsoft 365.
-3. After you configure the data types to import, click **Next**, review the connector settings, and then click **Finish** to create the connector.
+3. After you configure the data types to import, select **Next**, review the connector settings, and then select **Finish** to create the connector.
## Step 5: Monitor the Slack eDiscovery connector After you create the Slack eDiscovery connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Slack eDiscovery** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Slack eDiscovery** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Slack Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Slack eDiscovery connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Slack eDiscovery connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Slack data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Slack eDiscovery**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Slack eDiscovery**.
-2. On the **Slack eDiscovery** product description page, click **Add connector**.
+2. On the **Slack eDiscovery** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Slack eDiscovery connector on the Merge1 site. For more information about how to configure the Slack eDiscovery connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Slack%20eDiscovery%20User%20Guide.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
After you click **Save & Finish**, the **User mapping** page in the connector wi
Slack eDiscovery items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Slack eDiscovery connector After you create the Slack eDiscovery connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Slack eDiscovery** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Slack eDiscovery** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Symphony Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-symphony-data.md
The following overview explains the process of using a data connector to archive
- The user who creates the Symphony connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Symphony connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Symphony data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Symphony**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Symphony**.
-2. On the **Symphony** product description page, click **Add connector**.
+2. On the **Symphony** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Symphony connector on the Merge1 site. For information about configuring the Symphony connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Symphony%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map external users to Microsoft 365 users** page, enable automatic user mapping. The Symphony items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Symphony connector After you create the Symphony connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Symphony** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Symphony** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Telegram Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telegram-archiver-data.md
The following overview explains the process of using a connector to archive Tele
- The user who creates a Telegram Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a Telegram Archiver connector After you've completed the prerequisites described in the previous section, you can create the Telegram Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfers Telegram communications data to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > T**elegram Archiver**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > T**elegram Archiver**.
-2. On the **Telegram Archiver** product description page, click **Add connector**.
+2. On the **Telegram Archiver** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then click **Next**.
+6. On the **User mapping** page, enable automatic user mapping. To enable custom mapping, upload a CSV file that contains the user mapping information, and then select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Telus Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telus-network-data.md
Some of the implementation steps required to archive TELUS Network data are exte
- The user who creates a TELUS Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a TELUS Network connector After you've completed the prerequisites described in the previous section, you can create TELUS Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **TELUS Network**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **TELUS Network**.
-2. On the **TELUS Network** product description page, click **Add connector**
+2. On the **TELUS Network** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping and click **Next**. In case you need custom mapping upload a CSV file, and click **Next**.
+6. On the **User mapping** page, enable automatic user mapping and select **Next**. In case you need custom mapping upload a CSV file, and select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Text Delimited Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-text-delimited-data.md
The following overview explains the process of using a connector to archive text
- The user who creates the text-delimited connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the text-delimited connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for text-delimited data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Text-Delimited**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Text-Delimited**.
-2. On the **text-delimited** product description page, click **Add connector**.
+2. On the **text-delimited** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the text-delimited connector on the Merge1 site. For information about configuring the text-delimited connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20text-delimited%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map external users to Microsoft 365 users** page, enable automatic user mapping. The Text- Delimited source items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the text-delimited connector After you create the Text- Delimited connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Text- Delimited** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Text- Delimited** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Twitter Data With Sample Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-twitter-data-with-sample-connector.md
To deploy the source code for the Twitter connector app:
1. Go to [this GitHub site](https://github.com/microsoft/m365-sample-twitter-connector-csharp-aspnet).
-2. Click **Deploy to Azure**.
+2. Select **Deploy to Azure**.
For step-by-step instructions, see [Deploy the connector web service from GitHub to your Azure account](deploy-twitter-connector.md#step-2-deploy-the-connector-web-service-from-github-to-your-azure-account).
compliance Archive Veritas Twitter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-veritas-twitter-data.md
The following overview explains the process of using a connector to archive Twit
- The user who creates the YouTube connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Twitter connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Twitter data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **Twitter**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **Twitter**.
-2. On the **Twitter** product description page, click **Add connector**.
+2. On the **Twitter** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Twitter connector on the Veritas Merge1 site. For information about how to configure the Twitter connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Twitter%20User%20Guide.pdf).
-After you click **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Twitter users to Microsoft 365 users** page, enable automatic user mapping. The Twitter items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Twitter connector After you create the Twitter connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Twitter** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Twitter** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Verizon Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-verizon-network-data.md
Some of the implementation steps required to archive Verizon Network data are ex
- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a Verizon Network connector After you've completed the prerequisites described in the previous section, you can create Verizon Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click **Data connectors** > **Verizon Network**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then select **Data connectors** > **Verizon Network**.
-2. On the **Verizon Network** product description page, click **Add connector**
+2. On the **Verizon Network** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping and click **Next**. In case you need custom mapping upload a CSV file, and click **Next**.
+6. On the **User mapping** page, enable automatic user mapping and select **Next**. In case you need custom mapping upload a CSV file, and select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Webexteams Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webexteams-data.md
The following overview explains the process of using a connector to archive Webe
- The user who creates the Webex Teams connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Webex Teams connector The first step is to gain access to the **Data Connectors** and set up the [Webex Teams](https://globanet.com/webex-teams/) connector.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Webex Teams**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Webex Teams**.
-2. On the **Webex Teams** product description page, click **Add connector**.
+2. On the **Webex Teams** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to gain access to the **Data Connectors** and set up the [Webe
The second step is to configure the Webex Teams connector on the Merge1 site. For information about how to configure the Webex Teams connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Webex%20Teams%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Webex Teams users to Microsoft 365 users** page, enable automatic user mapping. The Webex Teams items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Webex Teams connector After you create the Webex Teams connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Webex Teams** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Webex Teams** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Webpagecapture Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webpagecapture-data.md
The following overview explains the process of using a connector to archive webp
- The user who creates the Webpage Capture connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Webpage Capture connector The first step is to access to the **Data Connectors** and create a connector for Web Page source data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Webpage Capture**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Webpage Capture**.
-2. On the **Webpage Capture** product description page, click **Add connector**.
+2. On the **Webpage Capture** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** and create a connector fo
The second step is to configure the Webpage Capture connector on the Veritas Merge1 site. For information about how to configure the Webpage Capture connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Web%20Page%20Capture%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map Webpage Capture users to Microsoft 365 users** page, enable automatic user mapping. The Webpage Capture items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Webpage Capture connector After you create the Webpage Capture connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Webpage Capture** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Webpage Capture** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Wechat Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-wechat-data.md
The following overview explains the process of using a connector to archive WeCh
- The user who creates a WeChat Archiver connector in the compliance portal must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a WeChat Archiver connector Follow the steps in this section to create a WeChat Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer WeChat communications data to the corresponding user mailboxes in Microsoft 365.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **WeChat Archiver**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **WeChat Archiver**.
-2. On the **WeChat Archiver** product description page, click **Add connector**
+2. On the **WeChat Archiver** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username**: Your TeleMessage user name.
Follow the steps in this section to create a WeChat Archiver connector in the co
6. On the **User mapping** page, enable automatic user mapping. You can also upload a custom user mapping CSV file.
-7. Click **Next**, review your settings, and then click **Finish** to create the connector.
+7. Select **Next**, review your settings, and then select **Finish** to create the connector.
8. Go to the **Connectors** tab on **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Whatsapp Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-whatsapp-data.md
Some of the implementation steps required to archive WhatsApp communication data
- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Create a WhatsApp Archiver connector After you've completed the prerequisites described in the previous section, you can create the WhatsApp connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer the WhatsApp data to the corresponding user mailbox boxes in Microsoft 365.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **WhatsApp Archiver**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **WhatsApp Archiver**.
-2. On the **WhatsApp Archiver** product description page, click **Add connector**
+2. On the **WhatsApp Archiver** product description page, select **Add connector**
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then click **Next**.
+4. On the **Login to TeleMessage** page, under Step 3, enter the required information in the following boxes and then select **Next**.
- **Username:** Your TeleMessage username.
After you've completed the prerequisites described in the previous section, you
5. After the connector is created, you can close the pop-up window and go to the next page.
-6. On the **User mapping** page, enable automatic user mapping and click **Next**. In case you need custom mapping upload a CSV file, and click **Next**.
+6. On the **User mapping** page, enable automatic user mapping and select **Next**. In case you need custom mapping upload a CSV file, and select **Next**.
-7. Review your settings, and then click **Finish** to create the connector.
+7. Review your settings, and then select **Finish** to create the connector.
8. Go to the Connectors tab in **Data connectors** page to see the progress of the import process for the new connector.
compliance Archive Workplacefromfacebook Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-workplacefromfacebook-data.md
The following overview explains the process of using a connector to archive Work
- The user who creates the Workplace from Facebook connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Workplace from Facebook connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for Workplace data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Workplace from Facebook**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Workplace from Facebook**.
-2. On the **Workplace from Facebook** product description page, click **Add connector**.
+2. On the **Workplace from Facebook** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Workplace from Facebook connector on the Merge1 site. For information about how to configure the Workplace from Facebook connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Workplace%20from%20Facebook%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map external users to Microsoft 365 users** page, enable automatic user mapping. The Workplace items include a property called *Email* that contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Workplace from Facebook connector After you create the Workplace from Facebook connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Workplace from Facebook** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Workplace from Facebook** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Xip Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xip-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the XIP connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the XIP connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for the XIP source data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** \> **XIP**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** \> **XIP**.
-2. On the **XIP** product description page, click **Add new connector**.
+2. On the **XIP** product description page, select **Add new connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the XIP connector on the Merge1 site. For information about how to configure the XIP connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20XIP%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup, follow these steps:
1. On the **Map XIP users to Microsoft 365 users** page, enable automatic user mapping. The XIP source items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the XIP connector After you create the XIP connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **XIP** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **XIP** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Xslt Xml Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xslt-xml-data.md
The following overview explains the process of using a connector to archive XSLT
- The user who creates the XSLT/XML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up an XSLT/XML connector The first step is to access to the **Data Connectors** in the compliance portal and create a connector for XSLT/XML data.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **XSLT/XML**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **XSLT/XML**.
-2. On the **XSLT/XML** product description page, click **Add new connector**.
+2. On the **XSLT/XML** product description page, select **Add new connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** in the compliance portal
The second step is to configure the XSLT/XML connector on the Merge1 site. For information about how to configure the XSLT/XML connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20XSLT-XML%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
After you click **Save & Finish**, the **User mapping** page in the connector wi
2. On the **Map XSLT/XML users to Microsoft 365 users** page, enable automatic user mapping. The XSLT/XML items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-3. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+3. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the XSLT/XML connector After you create the XSLT/XML connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **XSLT/XML** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **XSLT/XML** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Yieldbroker Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-yieldbroker-data.md
The following overview explains the process of using a connector to archive the
- The user who creates the Yieldbroker connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Yieldbroker connector The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for the Yieldbroker.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** &gt; **Yieldbroker**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** &gt; **Yieldbroker**.
-2. On the **Yieldbroker** product description page, click **Add new connector**.
+2. On the **Yieldbroker** product description page, select **Add new connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the Yieldbroker connector on the Merge1 site. For information about how to configure the Yieldbroker, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Yieldbroker%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup, follow these steps:
1. On the **Map Yieldbroker users to Microsoft 365 users** page, enable automatic user mapping. The Yieldbroker items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox.
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Yieldbroker connector After you create the Yieldbroker connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Yieldbroker** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Yieldbroker** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Youtube Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-youtube-data.md
The following overview explains the process of using a connector to archive the
The first step is to access to the **Data Connectors** page in the compliance portal and create a connector for YouTube data.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** > **YouTube**.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** > **YouTube**.
-2. On the **YouTube** product description page, click **Add connector**.
+2. On the **YouTube** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access to the **Data Connectors** page in the compliance po
The second step is to configure the YouTube connector on the Veritas Merge1 site. For information about how to configure the YouTube connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20YouTube%20User%20Guide.pdf).
-After you click **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish,** the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
To map users and complete the connector setup in the compliance portal, follow t
1. On the **Map YouTube users to Microsoft 365 users** page, enable automatic user mapping. The YouTube items include a property called *Email*, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox.
-2. Click **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and then go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the YouTube connector After you create the YouTube connector, you can view the connector status in the compliance portal.
-1. Go to <https://compliance.microsoft.com/> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com/> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **YouTube** connector to display the flyout page, which contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **YouTube** connector to display the flyout page, which contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Archive Zoommeetings Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-zoommeetings-data.md
The following overview explains the process of using a connector to archive Zoom
- The user who creates the Zoom Meetings connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
+- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant.
## Step 1: Set up the Zoom Meetings connector The first step is to access the **Data Connectors** in the compliance portal and create a Zoom Meetings connector.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click **Data connectors** > **Zoom Meetings**.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then select **Data connectors** > **Zoom Meetings**.
-2. On the **Zoom Meetings** product description page, click **Add connector**.
+2. On the **Zoom Meetings** product description page, select **Add connector**.
-3. On the **Terms of service** page, click **Accept**.
+3. On the **Terms of service** page, select **Accept**.
-4. Enter a unique name that identifies the connector, and then click **Next**.
+4. Enter a unique name that identifies the connector, and then select **Next**.
5. Sign in to your Merge1 account to configure the connector.
The first step is to access the **Data Connectors** in the compliance portal and
The second step is to configure the Zoom Meetings connector on the Merge1 site. For more information about how to configure the Zoom Meetings connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Zoom%20Meetings%20User%20Guide%20.pdf).
-After you click **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
+After you select **Save & Finish**, the **User mapping** page in the connector wizard in the compliance portal is displayed.
## Step 3: Map users and complete the connector setup
After you click **Save & Finish**, the **User mapping** page in the connector wi
Zoom Meetings items include a property called *Email* that contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox
-2. Click **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
+2. Select **Next**, review your settings, and go to the **Data connectors** page to see the progress of the import process for the new connector.
## Step 4: Monitor the Zoom Meetings connector After you create the Zoom Meetings connector, you can view the connector status in the compliance portal.
-1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click **Data connectors** in the left nav.
+1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the **Zoom Meetings** connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the **Zoom Meetings** connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Connector status with source**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
+3. Under **Connector status with source**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about the data that's been imported to the Microsoft cloud. For more information, see [View admin logs for data connectors](data-connector-admin-logs.md).
## Known issues
compliance Communication Compliance Case Study https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-case-study.md
search.appverid:
# Case study - Contoso quickly configures an inappropriate text policy for Microsoft Teams, Exchange, and Yammer communications
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ [Microsoft Purview Communication Compliance](/microsoft-365/compliance/communication-compliance) helps minimize communication risks by helping you detect, capture, and act on messages with inappropriate text in your organization. inappropriate text may include profanity, threats, harassment, and inappropriate images. Pre-defined and custom [policies](/microsoft-365/compliance/communication-compliance-policies) allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can [investigate alerts](/microsoft-365/compliance/communication-compliance-investigate-remediate#investigate-alerts) for email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate [remediation actions](/microsoft-365/compliance/communication-compliance-investigate-remediate#remediate-alerts) to make sure they're compliant with your organization's message standards. The Contoso Corporation is a fictional organization that needs to quickly configure a policy to detect inappropriate text. They have been using Microsoft 365 primarily for email, Microsoft Teams, and Yammer support for their users but have new requirements to enforce company policy around workplace harassment. Contoso IT administrators and compliance specialists have a basic understanding of the fundamentals of working with Microsoft 365 and are looking for end-to-end guidance for how to quickly get started with communication compliance.
Contoso IT administrators take the following steps to verify the licensing suppo
### Permissions for communication compliance
-There are five role groups used to configure permissions to manage communication compliance features. To make **Communication compliance** available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, Contoso administrators are assigned the *Communication Compliance Admin* role.
+There are five role groups used to configure permissions to manage communication compliance features. To make **Communication compliance** available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, Contoso administrators are assigned the *Communication Compliance Admins* role.
Contoso decides to use the *Communication Compliance* role group assign all the communication compliance administrators, analysts, investigators, and viewers to the group. This role group configuration makes it easier for Contoso to get started quickly and best fits their compliance management requirements. |**Role**|**Role permissions**| |:--|:--| | **Communication Compliance** | Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This role group configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that don't need separate permissions defined for separate groups of users. |
-| **Communication Compliance Admin** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. |
-| **Communication Compliance Analyst** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
-| **Communication Compliance Investigator** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
-| **Communication Compliance Viewer** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
+| **Communication Compliance Admins** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. |
+| **Communication Compliance Analysts** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
+| **Communication Compliance Investigators** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
+| **Communication Compliance Viewers** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
1. Contoso IT administrators sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com/permissions) permissions page using credentials for a global administrator account and select the link to view and manage roles in Microsoft 365. 2. In the Microsoft Purview compliance portal, they go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">**Permissions**</a> and select the link to view and manage roles in Office 365.
compliance Communication Compliance Channels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-channels.md
search.appverid:
# Detect channel signals with communication compliance
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ With communication compliance policies, you can choose to scan messages in one or more of the following communication platforms as a group or as standalone sources. Original messages captured across these platforms are retained in the original platform location in accordance with your organization's [retention and hold policies](/microsoft-365/compliance/information-governance). Copies of messages used by communication compliance policies for analysis and investigation are retained for as long as policy is in place, even if users leave your organization and their mailboxes are deleted. When a communication policy is deleted, copies of messages associated with the policy are also deleted. [!INCLUDE [purview-preview](../includes/purview-preview.md)]
compliance Communication Compliance Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md
search.appverid:
# Get started with communication compliance
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ Use communication compliance policies to identify user communications for examination by internal or external reviewers. For more information about how communication compliance policies can help you detect communications in your organization, see [communication compliance policies](/microsoft-365/compliance/communication-compliance-policies). If you'd like to review how Contoso quickly configured a communication compliance policy to detect inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications, check out this [case study](/microsoft-365/compliance/communication-compliance-case-study). [!INCLUDE [purview-preview](../includes/purview-preview.md)]
There are six role groups used to configure initial permissions to manage commun
- Microsoft Purview compliance portal [*Organization Management*](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - Microsoft Purview compliance portal [*Compliance Administrator*](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - *Communication Compliance* role group-- *Communication Compliance Admin* role group
+- *Communication Compliance Admins* role group
-Members of the following roles have the same solution permissions included with the *Communication Compliance Admin* role group:
+Members of the following roles have the same solution permissions included with the *Communication Compliance Admins* role group:
- Azure Active Directory *Global Administrator* - Azure Active Directory *Compliance Administrator*
Members of the following roles have the same solution permissions included with
- Microsoft Purview compliance portal *Compliance Administrator* > [!IMPORTANT]
-> Make sure you always have at least one user in the *Communication Compliance* or *Communication Compliance Admin* role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization.
+> Make sure you always have at least one user in the *Communication Compliance* or *Communication Compliance Admins* role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization.
Depending on how you wish to manage communication compliance policies and alerts, you'll need to assign users to specific role groups to manage different sets of communication compliance features. You have the option to assign users with different compliance responsibilities to specific role groups to manage different areas of communication compliance features. Or you may decide to assign all user accounts for designated administrators, analysts, investigators, and viewers to the *Communication Compliance* role group. Use a single role group or multiple role groups to best fit your compliance management requirements.
Choose from these solution role group options when configuring and managing comm
| Role | Role permissions | |:--|:--| | **Communication Compliance** | Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that don't need separate permissions defined for separate groups of users. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online.|
-| **Communication Compliance Admin** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online.|
-| **Communication Compliance Analyst** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
-| **Communication Compliance Investigator** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
-| **Communication Compliance Viewer** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
+| **Communication Compliance Admins** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online.|
+| **Communication Compliance Analysts** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
+| **Communication Compliance Investigators** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
+| **Communication Compliance Viewers** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
### Option 1: Assign all compliance users to the Communication Compliance role group
compliance Communication Compliance Investigate Remediate https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-investigate-remediate.md
search.appverid:
# Investigate and remediate communication compliance alerts
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ After you've configured your [communication compliance policies](/microsoft-365/compliance/communication-compliance-policies), you'll start to receive alerts in the [Microsoft Purview compliance portal](https://compliance.microsoft.com) for message issues that match your policy conditions. To view and act on alerts, users must have the following permissions: - Be assigned to the *Communication Compliance Analysts* or the *Communication Compliance Investigators* role group
After reviewing the message basics, it's time to open a message to examine the d
- **Attachments**: This option allows you to examine Modern attachments that match policy conditions. Modern attachments content is extracted as text and is viewable on the Pending alerts dashboard for a policy. For more information, see the [Communication compliance feature reference](/microsoft-365/compliance/communication-compliance-channels). - **Source**: This view is the standard message view commonly seen in most web-based messaging platforms. The header information is formatted in the normal style and the message body supports imbedded graphic files and word-wrapped text. If [optical character recognition (OCR)](/microsoft-365/compliance/communication-compliance-policies#optical-character-recognition-ocr) is enabled for the policy, images containing printed or handwritten text that match policy conditional are viewed as a child item for the associated message in this view.-- **Plain text**: Text view that displays a line-numbered text-only view of the message and includes keyword highlighting in messages and attachments for sensitive info type terms, terms identified by built-in classifiers assigned to a policy, or for terms included in a dedicated keyword dictionary assigned to a policy. Keyword highlighting can help direct you to the area of interest in long messages and attachments. In some cases, highlighted text might be only in attachments for messages matching policy conditions. Embedded files aren't displayed and the line numbering in this view is helpful for referencing pertinent details among multiple reviewers.
+- **Plain text**: Text view that displays a line-numbered text-only view of the message and includes keyword highlighting in messages and attachments for sensitive info type terms, terms identified by built-in classifiers assigned to a policy, or for terms included in a dedicated keyword dictionary assigned to a policy. Keyword highlighting, which is currently available for English language only, can help direct you to the area of interest in long messages and attachments. In some cases, highlighted text might be only in attachments for messages matching policy conditions. Embedded files aren't displayed and the line numbering in this view is helpful for referencing pertinent details among multiple reviewers.
- **Conversation (preview)**: Available for Microsoft Teams chat messages, this view displays up to five messages before and after an alert message to help reviewers view the activity in the conversational context. This context helps reviewers to quickly evaluate messages and make more informed message resolution decisions. Real-time message additions to conversations are displayed, including all inline images, emojis, and stickers available in Teams. Image or text file attachments to messages aren't displayed. Notifications are automatically displayed for messages that have been edited or for messages that have been deleted from the conversation window. When a message is resolved, the associated conversational messages aren't retained with the resolved message. Conversation messages are available for up to 60 days after the alert message is identified. - **User history**: User history view displays all other alerts generated by any communication compliance policy for the user sending the message. - **Pattern detected notification**: Many harassing and bullying actions over time and involve reoccurring instances of the same behavior by a user. The *Pattern detected* notification is displayed in the alert details and raises attention to the alert. Detection of patterns is on a per-policy basis and evaluates behavior over the last 30 days when at least two messages are sent to the same recipient by a sender. Investigators and reviewers can use this notification to identify repeated behavior to evaluate the alert as appropriate.
When messages are resolved, they're removed from the **Pending** tab view and di
To unresolve messages, complete the following steps:
-1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for a user assigned to the *Communication Compliance Analyst* or *Communication Compliance Investigator* role groups in your Microsoft 365 organization.
+1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for a user assigned to the *Communication Compliance Analysts* or *Communication Compliance Investigators* role groups in your Microsoft 365 organization.
2. In the Microsoft Purview compliance portal, go to **Communication compliance**. 3. Select the **Policies** tab and then select a policy that contains the resolved alert message, double-click to open the **Policy** page. 4. On the **Policy** page, select the **Resolved** tab.
compliance Communication Compliance Plan https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-plan.md
search.appverid:
# Plan for communication compliance
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ Before getting started with [communication compliance](/microsoft-365/compliance/communication-compliance) in your organization, there are important planning activities and considerations that should be reviewed by your information technology and compliance management teams. Thoroughly understanding and planning for deployment in the following areas will help ensure that your implementation and use of communication compliance features goes smoothly and is aligned with the best practices for the solution. For more information and an overview of the planning process to address compliance and risky activities in your organization, see [Starting an insider risk management program](https://download.microsoft.com/download/b/2/0/b208282a-2482-4986-ba07-15a9b9286df0/pwc-starting-an-insider-risk-management-program-with-pwc-and-microsoft.pdf).
There are six role groups used to configure initial permissions to manage commun
- Microsoft Purview compliance portal [*Organization Management*](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - Microsoft Purview compliance portal [*Compliance Administrator*](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - *Communication Compliance* role group-- *Communication Compliance Admin* role group
+- *Communication Compliance Admins* role group
-Members of the following roles have the same solution permissions included with the *Communication Compliance Admin* role group:
+Members of the following roles have the same solution permissions included with the *Communication Compliance Admins* role group:
- Azure Active Directory *Global Administrator* - Azure Active Directory *Compliance Administrator*
Members of the following roles have the same solution permissions included with
- Microsoft Purview compliance portal *Compliance Administrator* > [!IMPORTANT]
-> Make sure you always have at least one user in the *Communication Compliance* or *Communication Compliance Admin* role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization.
+> Make sure you always have at least one user in the *Communication Compliance* or *Communication Compliance Admins* role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization.
Depending on how you wish to manage communication compliance policies and alerts, you'll need to assign users to specific role groups to manage different sets of communication compliance features. You have the option to assign users with different compliance responsibilities to specific role groups to manage different areas of communication compliance features. Or you may decide to assign all user accounts for designated administrators, analysts, investigators, and viewers to the *Communication Compliance* role group. Use a single role group or multiple role groups to best fit your compliance management requirements.
Choose from these solution role group options when configuring and managing comm
|**Role**|**Role permissions**| |:--|:--| | **Communication Compliance** | Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that don't need separate permissions defined for separate groups of users. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online. |
-| **Communication Compliance Admin** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online. |
-| **Communication Compliance Analyst** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
-| **Communication Compliance Investigator** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
-| **Communication Compliance Viewer** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
+| **Communication Compliance Admins** | Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online. |
+| **Communication Compliance Analysts** | Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. |
+| **Communication Compliance Investigators** | Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. |
+| **Communication Compliance Viewers** | Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. |
### Supervised users
Before you start using communication compliance, you must determine who needs th
### Reviewers
-When you create a communication compliance policy, you must determine who reviews the messages of the supervised users. In the policy, user email addresses identify individuals or groups of people to review supervised communications. All reviewers must have mailboxes hosted on Exchange Online, must be assigned to either the *Communication Compliance Analyst* or *Communication Compliance Investigator* role groups, and must be assigned in the policy they need to investigate. When reviewers are added to a policy, they automatically receive an email message that notifies them of the assignment to the policy and provides links to information about the review process.
+When you create a communication compliance policy, you must determine who reviews the messages of the supervised users. In the policy, user email addresses identify individuals or groups of people to review supervised communications. All reviewers must have mailboxes hosted on Exchange Online, must be assigned to either the *Communication Compliance Analysts* or *Communication Compliance Investigators* role groups, and must be assigned in the policy they need to investigate. When reviewers are added to a policy, they automatically receive an email message that notifies them of the assignment to the policy and provides links to information about the review process.
### Groups for supervised users and reviewers
Protecting the privacy of users that have policy matches is important and can he
For users with a communication compliance match, you can choose one of the following settings in **Communication compliance settings**: -- **Show anonymized versions of usernames**: User names are anonymized to prevent users in *Communication Compliance Analyst* role group from seeing who is associated with policy alerts. Users in the *Communication Compliance Investigator* role group will always see user names, not the anonymized versions. For example, a user 'Grace Taylor' would appear with a randomized pseudonym such as 'AnonIS8-988' in all areas of the communication compliance experience. Choosing this setting anonymizes all users with current and past policy matches and applies to all policies. User profile information in the communication compliance alert details won't be available when this option is chosen. However, user names are displayed when adding new users to existing policies or when assigning users to new policies. If you choose to turn off this setting, user names are displayed for all users that have current or past policy matches.
+- **Show anonymized versions of usernames**: User names are anonymized to prevent users in *Communication Compliance Analysts* role group from seeing who is associated with policy alerts. Users in the *Communication Compliance Investigators* role group will always see user names, not the anonymized versions. For example, a user 'Grace Taylor' would appear with a randomized pseudonym such as 'AnonIS8-988' in all areas of the communication compliance experience. Choosing this setting anonymizes all users with current and past policy matches and applies to all policies. User profile information in the communication compliance alert details won't be available when this option is chosen. However, user names are displayed when adding new users to existing policies or when assigning users to new policies. If you choose to turn off this setting, user names are displayed for all users that have current or past policy matches.
- **Do not show anonymized versions of usernames**: User names are displayed for all current and past policy matches for communication compliance alerts. User profile information (the name, title, alias, and organization or department) is displayed for the user for all communication compliance alerts. ## Plan for policies
compliance Communication Compliance Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-policies.md
search.appverid:
# Create and manage communication compliance policies
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ [!INCLUDE [purview-preview](../includes/purview-preview.md)] ## Policies
search.appverid:
> [!IMPORTANT] > Using PowerShell to create and manage communication compliance policies is not supported. To create and manage these policies, you must use the policy management controls in the [communication compliance solution](https://compliance.microsoft.com/supervisoryreview).
-You create communication compliance policies for Microsoft 365 organizations in the Microsoft Purview compliance portal. Communication compliance policies define which communications and users are subject to review in your organization, define which custom conditions the communications must meet, and specify who should do reviews. Users assigned the *Communication Compliance Admin* role can set up policies, and anyone who has this role assigned can access the **Communication compliance** page and global settings in the Microsoft Purview compliance portal. If needed, you can export the history of modifications to a policy to a .csv (comma-separated values) file that also includes the status of alerts pending review, escalated items, and resolved items. Policies can't be renamed and can be deleted when no longer needed.
+You create communication compliance policies for Microsoft 365 organizations in the Microsoft Purview compliance portal. Communication compliance policies define which communications and users are subject to review in your organization, define which custom conditions the communications must meet, and specify who should do reviews. Users assigned the *Communication Compliance Admins* role can set up policies, and anyone who has this role assigned can access the **Communication compliance** page and global settings in the Microsoft Purview compliance portal. If needed, you can export the history of modifications to a policy to a .csv (comma-separated values) file that also includes the status of alerts pending review, escalated items, and resolved items. Policies can't be renamed and can be deleted when no longer needed.
## Policy templates
The *Report a concern* option is enabled by default and can be controlled via Te
>[!IMPORTANT] >If you're using PowerShell to turn on or turn off the **End user reporting** option in the Teams Admin Center, you must use [Microsoft Teams cmdlets module version 4.2.0](/MicrosoftTeams/teams-powershell-release-notes) or later.
+## Policy for insider risk management integration (preview)
+
+When users experience employment stressors, they may become disgruntled. This feeling may lead to uncharacteristic or malicious behavior by some users that could surface as potentially inappropriate behavior on your organization's messaging systems. Communication compliance can provide disgruntlement signals detected in applicable messages to [insider risk management](/microsoft-365/compliance/insider-risk-management) disgruntlement policies by using a dedicated [Detect inappropriate text](#policy-templates) policy. This policy is automatically created (if selected as an option) during configuration of a [Data leaks by disgruntled employees](/microsoft-365/compliance/insider-risk-management-policies#data-leaks-by-disgruntled-users-preview) or [Security policy violations by disgruntled employees](/microsoft-365/compliance/insider-risk-management-policies#security-policy-violations-by-disgruntled-users-preview) policy in insider risk management.
+
+When configured for an insider risk management disgruntlement policy, a dedicated policy named *Disgruntlement in messages - (date created)* is created in communication compliance and automatically includes all organization users in the policy. This policy starts detecting disgruntlement behavior in messages by using the built-in [Threat, Harassment, and Discrimination classifiers](#classifiers) and automatically sends these signals to insider risk management. If needed, this policy can be edited to update the scope of included users and the policy conditions and classifiers.
+
+Users that send 5 or more messages classified as disgruntled within 24 hours are automatically brought in-scope for insider risk management policies that include this option. Once in-scope, the insider risk management detect risky activities configured in the policy and generate alerts as applicable. It may take up to 48 hours from the time disgruntlement messages are sent until the time a user is brought in-scope in an insider risk management policy. If an alert is generated for a risky activity detected by the insider risk management policy, the triggering event for the alert is identified as being sourced from the communication compliance disgruntlement activity.
+
+All users assigned to the [Insider Risk Management Investigators](/microsoft-365/compliance/insider-risk-management-plan#plan-for-the-review-and-investigation-workflow) role group are automatically assigned as reviewers in the dedicated communication compliance policy. If inside risk management investigators need to review the associated disgruntlement alert directly on the communication compliance alerts page (linked from the insider risk management alert details), they must be manually added to the *Communication Compliance Investigators* role group.
+
+Before integrating communication compliance with insider risk management, you should also consider the following guidance when detecting messages containing potentially inappropriate text:
+
+- **For organizations without an existing *Detect inappropriate text* policy**. The new *Disgruntlement in messages - (date created)* policy will be automatically created by the insider risk management policy wizard. In most cases, no further actions are needed.
+- **For organizations with an existing *Detect inappropriate text* policy**. The new *Disgruntlement in messages - (date created)* policy will be automatically created by the insider risk management policy wizard. Although you'll have two communication compliance policies for potentially inappropriate text in messages, investigators will not see duplicate alerts for the same activity. Insider risk management investigators will only see alerts for the dedicated integration policy and communication compliance investigators will only see the alerts for the existing policy. If needed, you can edit the dedicated policy to change the in-scope users or individual policy conditions as applicable.
+ ## Pause a policy
-After you've created a communication compliance policy, the policy may be temporarily paused if needed. Pausing a policy may be used for testing or troubleshooting policy matches, or for optimizing policy conditions. Instead of deleting a policy in these circumstances, pausing a policy also preserves existing policy alerts and messages for ongoing investigations and reviews. Pausing a policy prevents inspection and alert generation for all user message conditions defined in the policy for the time the policy is paused. To pause or restart a policy, users must be a member of the *Communication Compliance Admin* role group.
+After you've created a communication compliance policy, the policy may be temporarily paused if needed. Pausing a policy may be used for testing or troubleshooting policy matches, or for optimizing policy conditions. Instead of deleting a policy in these circumstances, pausing a policy also preserves existing policy alerts and messages for ongoing investigations and reviews. Pausing a policy prevents inspection and alert generation for all user message conditions defined in the policy for the time the policy is paused. To pause or restart a policy, users must be a member of the *Communication Compliance Admins* role group.
To pause a policy, navigate to the **Policy** page, select a policy, and then select **Pause policy** from the actions toolbar. On the **Pause policy** pane, confirm you'd like to pause the policy by selecting **Pause**. In some cases, it may take up to 24 hours for a policy to be paused. Once the policy is paused, alerts for messages matching the policy aren't created. However, messages associated with alerts that were created prior to pausing the policy remain available for investigation, review, and remediation.
For organizations with existing communication compliance policies, there may be
- **Detect and review inappropriate messages for different groups of users**: Some organizations may prefer to create multiple policies with the same configuration but include different in-scope users and different reviewers for each policy. - **Similar policies with small changes**: For policies with complex configurations or conditions, it may save time to create a new policy from a similar policy.
-To copy a policy, users must be a member of the *Communication Compliance* or *Communication Compliance Admin* role groups. After a new policy is created from an existing policy, it may take up to 24 hours to view messages that match the new policy configuration.
+To copy a policy, users must be a member of the *Communication Compliance* or *Communication Compliance Admins* role groups. After a new policy is created from an existing policy, it may take up to 24 hours to view messages that match the new policy configuration.
To copy a policy and create a new policy, complete the following steps:
To identify an older policy, review *Last policy scan* column on the **Policy**
## Storage limit notification (preview)
-Each communication compliance policy has a storage limit size of 100 GB or 1 million messages, whichever is reached first. As the policy approaches these limits, notification emails are automatically sent to users assigned to the *Communication Compliance* or *Communication Compliance Admin* role groups. Notifications messages are sent when the storage size or message count reach 80, 90, and 95 percent of the limit. When the policy limit is reached, the policy is automatically deactivated, and the policy stops processing messages for alerts.
+Each communication compliance policy has a storage limit size of 100 GB or 1 million messages, whichever is reached first. As the policy approaches these limits, notification emails are automatically sent to users assigned to the *Communication Compliance* or *Communication Compliance Admins* role groups. Notifications messages are sent when the storage size or message count reach 80, 90, and 95 percent of the limit. When the policy limit is reached, the policy is automatically deactivated, and the policy stops processing messages for alerts.
>[!IMPORTANT] >If a policy is deactivated due to reaching the storage and message limits, be sure to evaluate how to manage the deactivated policy. If you delete the policy, all messages, associated attachments, and message alerts will be permanently deleted. If you need to maintain these items for future use, do not delete the deactivated policy.
The following table explains more about each condition.
|:--|:--| | **Content matches any of these classifiers** | Apply to the policy when any classifiers are included or excluded in a message. Some classifiers are pre-defined in your organization, and custom classifiers must be configured separately before they're available for this condition. Only one classifier can be defined as a condition in a policy. For more information about configuring classifiers, see [Learn about trainable classifiers (preview)](/microsoft-365/compliance/classifier-learn-about). | | **Content contains any of these sensitive info types** | Apply to the policy when any sensitive information types are included or excluded in a message. Some classifiers are pre-defined in your tenant, and custom classifiers can be configured separately or as part of the condition assignment process. Each sensitive information type you choose is applied separately and only one of these sensitive information types must apply for the policy to apply to the message. For more information about custom sensitive information types, see [Learn about sensitive information types](/microsoft-365/compliance/sensitive-information-type-learn-about). |
-| **Message is received from any of these domains** <br><br> **Message is not received from any of these domains** | Apply the policy to include or exclude specific domains or email addresses in received messages. Enter each domain or email address and separate multiple domains or email addresses with a comma. Each domain or email address entered is applied separately, only one domain or email address must apply for the policy to apply to the message. <br><br> If you want to scan all email from a specific domain, but want to exclude messages that don't need review (newsletters, announcements, and so on), you must configure a **Message is not received from any of these domains** condition that excludes the email address (example "newsletter@contoso.com"). |
+| **Message is received from any of these domains** <br><br> **Message is not received from any of these domains** | Apply the policy to include or exclude specific domains in received messages. Enter each domain and separate multiple domains with a comma. Each domain entered is applied separately, only one domain must apply for the policy to apply to the message. If you want to use **Message is received from any of these domains** to look for messages from specific emails address you need to combine this with another condition like **Message contains any of these words** or **Content matches any of these classifiers** or you might get unexpected results. <br><br> If you want to scan all email from a specific domain, but want to exclude messages that don't need review (newsletters, announcements, and so on), you must configure a **Message is not received from any of these domains** condition that excludes the email address (example newsletter@contoso.com). |
| **Message is sent to any of these domains** <br><br> **Message is not sent to any of these domains** | Apply the policy to include or exclude specific domains in sent messages. Enter each domain and separate multiple domains with a comma. Each domain is applied separately, only one domain must apply for the policy to apply to the message. <br><br> If you want to exclude all emails sent to two specific domains, you'd configure the **Message is not sent to any of these domains** condition with the two domains (example 'contoso.com,wingtiptoys.com'). | | **Message is classified with any of these labels** <br><br> **Message is not classified with any of these labels** | To apply the policy when certain retention labels are included or excluded in a message. Retention labels must be configured separately and configured labels are chosen as part of this condition. Each label you choose is applied separately (only one of these labels must apply for the policy to apply to the message). For more information about retention labels, see [Learn about retention policies and retention labels](/microsoft-365/compliance/retention).| | **Message contains any of these words** <br><br> **Message contains none of these words** | To apply the policy when certain words or phrases are included or excluded in a message, enter each word separated with a comma. For phrases of two words or more, use quotation marks around the phrase. Each word or phrase you enter is applied separately (only one word must apply for the policy to apply to the message). For more information about entering words or phrases, see the next section [Matching words and phrases to emails or attachments](#matching-words-and-phrases-to-emails-or-attachments).|
compliance Communication Compliance Reports Audits https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-reports-audits.md
search.appverid:
# Use communication compliance reports and audits
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ [!INCLUDE [purview-preview](../includes/purview-preview.md)] ## Reports
In some instances, you must provide information to regulatory or compliance audi
> [!IMPORTANT] > Auditing must be enabled for your organization before communication compliance events will be recorded. To enable auditing, see [Enable the audit log](/microsoft-365/compliance/communication-compliance-configure#step-2-required-enable-the-audit-log). When activities trigger events that are captured in the Microsoft 365 Audit log, it may take up to 48 hours before these events can be viewed in communication compliance policies.
-To view communication compliance policy update activities, select the **Export policy updates** control on the main page for any policy. You must be assigned the *Global Admin* or *Communication Compliance Admin* roles to export update activities. This action generates an audit file in the .csv format that contains the following information:
+To view communication compliance policy update activities, select the **Export policy updates** control on the main page for any policy. You must be assigned the *Global Admin* or *Communication Compliance Admins* roles to export update activities. This action generates an audit file in the .csv format that contains the following information:
|Field|Details| |||
To view communication compliance policy update activities, select the **Export p
| **Operations** | The update operations performed on the policy. | | **AuditData** | This field is the main data source for all policy update activities. All update activities are recorded and separated by comma delimiters. |
-To view communication compliance review activities for a policy, select the **Export review activities** control on the **Overview** page for a specific policy. You must be assigned the *Global Admin* or *Communication Compliance Admin* roles to export review activities. This action generates an audit file in the .csv format that contains the following information:
+To view communication compliance review activities for a policy, select the **Export review activities** control on the **Overview** page for a specific policy. You must be assigned the *Global Admin* or *Communication Compliance Admins* roles to export review activities. This action generates an audit file in the .csv format that contains the following information:
|Field|Details| |||
compliance Communication Compliance Siem https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-siem.md
search.appverid:
# Use communication compliance with SIEM solutions
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ [Communication compliance](/microsoft-365/compliance/communication-compliance) is an insider risk solution in Microsoft Purview that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Security information and event management (SIEM) solutions such as [Microsoft Sentinel](https://azure.microsoft.com/services/azure-sentinel) or [Splunk](https://www.splunk.com/) are commonly used to aggregate and track threats within an organization. A common need for organizations is to integrate communication compliance alerts and these SIEM solutions. With this integration, organizations can view communication compliance alerts in their SIEM solution and then remediate alerts within the communication compliance workflow and user experience. For example, an employee sends an offensive message to another employee and that message is detected by a communication compliance policy for inappropriate content. These events are tracked in Microsoft 365 Audit (also known as "unified audit log") by the communication compliance solution and imported into the SIEM solution. An alert is then triggered in the SIEM solution for the organization from events included in Microsoft 365 Audit that are associated with communication compliance alerts. Investigators are notified of the alert in the SIEM solutions and then they investigate and remediate the alert in the communication compliance solution.
compliance Communication Compliance Solution Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-solution-overview.md
# Communication compliance
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. Microsoft Purview Communication Compliance helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization. [!INCLUDE [purview-preview](../includes/purview-preview.md)]
compliance Communication Compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance.md
search.appverid:
# Learn about communication compliance
+>[!IMPORTANT]
+>Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance violations (for example SEC or FINRA), such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to ensure user-level privacy.
+ Microsoft Purview Communication Compliance is an insider risk solution that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate actions to make sure they're compliant with your organization's message standards. Communication compliance policies in Microsoft 365 help you overcome many modern challenges associated with compliance and internal and external communications, including:
Communication compliance policies scan and capture messages across several commu
To learn more about messaging channel support in communication compliance policies, see [Detect channel signals with communication compliance](/microsoft-365/compliance/communication-compliance-channels).
+## Integration with insider risk management (preview)
+
+Communication compliance can provide disgruntlement signals detected in messages to insider risk management disgruntlement policies. Using a dedicated [Detect inappropriate text](/microsoft-365/compliance/communication-compliance-policies#policy-templates) policy in communication compliance, you can choose to add this policy to a [Data leaks by disgruntled employees](/microsoft-365/compliance/insider-risk-management-policies#data-leaks-by-disgruntled-users-preview) or [Security policy violations by disgruntled employees](/microsoft-365/compliance/insider-risk-management-policies#security-policy-violations-by-disgruntled-users-preview) policy in insider risk management. Disgruntlement detected in messages by the communication compliance policy act as a triggering event to bring users into scope for the insider risk management policies.
+
+To learn more about integration with insider risk management, see [Create and manage communication compliance policies](/microsoft-365/compliance/communication-compliance-policies#integration-with-insider-risk-management-preview).
+To learn more about insider risk management, see [Learn about insider risk management](/microsoft-365/compliance/insider-risk-management).
+ ## Get started with recommended actions (preview) Whether you're setting up communication compliance for the first time or getting started with creating new policies, the new [recommended actions](/microsoft-365/compliance/communication-compliance-configure#recommended-actions-preview) experience can help you get the most out of communication compliance capabilities. Recommended actions include setting up permissions, creating distribution groups, creating a policy, and more
In this workflow step, you identify your compliance requirements and configure a
You can choose from the following policy templates in the Microsoft Purview compliance portal: -- **Monitor for inappropriate text**: Use this template to quickly create a policy that uses built-in classifiers to automatically detect text in messages that may be considered inappropriate, abusive, or offensive.-- **Monitor for inappropriate images**: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that contains adult and racy images that may be considered as inappropriate in your organization.
+- **Detect inappropriate text**: Use this template to quickly create a policy that uses built-in classifiers to automatically detect text in messages that may be considered inappropriate, abusive, or offensive.
+- **Detect inappropriate images**: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that contains adult and racy images that may be considered as inappropriate in your organization.
- **Monitor for sensitive information**: Use this template to quickly create a policy to scan communications containing defined sensitive information types or keywords to help make sure that important data isn't shared with people that shouldn't have access. - **Monitor for financial regulatory compliance**: Use this template to quickly create a policy to scan communications for references to standard financial terms associated with regulatory standards. - **Monitor for conflict of interest**: Use this template to quickly create a policy to detect communications between two groups or two users to help avoid conflicts of interest.
compliance Dlp Configure Endpoint Settings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-configure-endpoint-settings.md
You can use this logic to construct your exclusion paths for Windows 10 devices:
- Valid file path that ends with `\`, which means only files directly under folder. <br/>For example: `C:\Temp\` -- Valid file path that ends with `\*`, which means only files under subfolders. Files directly under the folder are not excluded. <br/>For example: `C:\Temp\*`
+- Valid file path that ends with `\*`, which means only files under subfolders. Files directly under the folder aren't excluded. <br/>For example: `C:\Temp\*`
- Valid file path that ends without `\` or `\*`, which means all files directly under folder and all subfolders. <br/>For example: `C:\Temp`
Similar to Windows 10 devices you can add your own exclusions for macOS devices.
- Wildcard values are supported. So a path definition can contain a `*` in the middle of the path or at the end of the path. For example: `/Users/*/Library/Application Support/Microsoft/Teams/*`
-##### Recommended file path exclusions (preview)
+##### Recommended file path exclusions (preview)
For performance reasons, Endpoint DLP includes a list of recommended file path exclusions for macOS devices. These exclusions are turned on by default. You can disable them if you want by toggling the **Include recommended file path exclusions for Mac** toggle. The list includes:
When **Access by restricted apps** is selected in a policy and a user uses an ap
#### File activities for apps in restricted app groups
-Restricted app groups are collections of apps that you create in DLP settings and then add to a rule in a policy. When you add a restricted app group to a policy you can take the actions defined in this table.
+Restricted app groups are collections of apps that you create in DLP settings and then add to a rule in a policy. When you add a restricted app group to a policy, you can take the actions defined in this table.
|Restricted App group option |What it allows you to do | |||
The configurations of **Restricted app activities** and **File activities for al
Here's an example:
-If Notepad.exe is added to **Restricted appss** and **File activities for all apps** is configured to **Apply restrictions to specific activity** and both are configure like this:
+If Notepad.exe is added to **Restricted apps** and **File activities for all apps** is configured to **Apply restrictions to specific activity** and both are configured like this:
|Setting in policy |App name |User activity |DLP action to take | |||||
User A opens a DLP protected file using Notepad. DLP allows the access and audit
##### File activities for all apps only
-If an app is not in **File activities for apps in restricted app groups** or is not in the **Restricted app activities** list or is in the **Restricted app activities** list with an action of `Audit only`, or 'Block with override`, any restrictions defined in the **File activities for all apps** are applied in the same rule.
+If an app isn't in **File activities for apps in restricted app groups** or isn't in the **Restricted app activities** list or is in the **Restricted app activities** list with an action of `Audit only`, or 'Block with override`, any restrictions defined in the **File activities for all apps** are applied in the same rule.
#### macOS devices
Restrict sensitive files that match your policies from being shared with unrestr
#### Unallowed browsers
-For Windows devices you add browsers, identified by their executable names, that will be blocked from accessing files that match the conditions of an enforced a DLP policy where the upload to cloud services restriction is set to block or block override. When these browsers are blocked from accessing a file, the end users will see a toast notification asking them to open the file through Microsoft Edge.
+For Windows devices, you add browsers, identified by their executable names, that will be blocked from accessing files that match the conditions of an enforced a DLP policy where the upload to cloud services restriction is set to block or block override. When these browsers are blocked from accessing a file, the end users will see a toast notification asking them to open the file through Microsoft Edge.
For macOS devices, you must add the full file path. To find the full path of Mac apps:
For macOS devices, you must add the full file path. To find the full path of Mac
You can control whether sensitive files protected by your policies can be uploaded to specific service domains from Microsoft Edge.
-If the list mode is set to **Block**, then user will not be able to upload sensitive items to those domains. When an upload action is blocked because an item matches a DLP policy, DLP will either generate a warning or block the upload of the sensitive item.
+If the list mode is set to **Block**, then user won't be able to upload sensitive items to those domains. When an upload action is blocked because an item matches a DLP policy, DLP will either generate a warning or block the upload of the sensitive item.
If the list mode is set to **Allow**, then users will be able to upload sensitive items ***only*** to those domains, and upload access to all other domains isn't allowed.
For example:
| Input | URL matching behavior | |||
-| **CONTOSO.COM** |**Matches the specified domain name, and any subsite**: <p>*://contoso.com<p>*://contoso.com/ <p>*://contoso.com/anysubsite1 <p>*://contoso.com/anysubsite1/anysubsite2 (etc) <p>**Does not match sub-domains or unspecified domains**: <p>*://anysubdomain.contoso.com <p>*://anysubdomain.contoso.com.AU |
-| ***.CONTOSO.COM** |**Matches the specified domain name, any subdomain, and any site**: <p>*://contoso.com <p>*://contoso.com/anysubsite <p>*://contoso.com/anysubsite1/anysubsite2 <p>*://anysubdomain.contoso.com/ <p>*://anysubdomain.contoso.com/anysubsite/ <p>*://anysubdomain1.anysubdomain2.contoso.com/anysubsite/ <p>*://anysubdomain1.anysubdomain2.contoso.com/anysubsite1/anysubsite2 (etc) <p>**Does not match unspecified domains** <p>*://anysubdomain.contoso.com.AU/ |
+| **CONTOSO.COM** |**Matches the specified domain name, and any subsite**: <p>*://contoso.com<p>*://contoso.com/ <p>*://contoso.com/anysubsite1 <p>*://contoso.com/anysubsite1/anysubsite2 (etc.) <p>**Does not match sub-domains or unspecified domains**: <p>*://anysubdomain.contoso.com <p>*://anysubdomain.contoso.com.AU |
+| ***.CONTOSO.COM** |**Matches the specified domain name, any subdomain, and any site**: <p>*://contoso.com <p>*://contoso.com/anysubsite <p>*://contoso.com/anysubsite1/anysubsite2 <p>*://anysubdomain.contoso.com/ <p>*://anysubdomain.contoso.com/anysubsite/ <p>*://anysubdomain1.anysubdomain2.contoso.com/anysubsite/ <p>*://anysubdomain1.anysubdomain2.contoso.com/anysubsite1/anysubsite2 (etc.) <p>**Does not match unspecified domains** <p>*://anysubdomain.contoso.com.AU/ |
| **`www.contoso.com`** |**Matches the specified domain name**: <p>`www.contoso.com` <p>**Does not match unspecified domains or subdomains** <p>*://anysubdomain.contoso.com/, in this case, you have to put the FQDN domain name itself `www.contoso.com`| #### Sensitive service domains
When you list a website in Sensitive services domains you can audit, block with
- print from a website - copy data from a website - save a website as local files
+- upload a sensitive file to an excluded website (this is configured in the policy)
-Each website must be listed in a website group and the user must be accessing the website through Microsoft Edge. Sensitive service domains is used in conjunction with a DLP policy for Devices. See, [Scenario 6 Monitor or restrict user activities on sensitive service domains](endpoint-dlp-using.md#scenario-6-monitor-or-restrict-user-activities-on-sensitive-service-domains) for more information.
+For the print, copy data and save actions, each website must be listed in a website group and the user must be accessing the website through Microsoft Edge. For the upload action, the user can be using Microsoft Edge or Google Chrome with the Purview extension. Sensitive service domains is used in conjunction with a DLP policy for Devices. You can also define website groups that you want to assign policy actions to that are different from the global website group actions. See, [Scenario 6 Monitor or restrict user activities on sensitive service domains](endpoint-dlp-using.md#scenario-6-monitor-or-restrict-user-activities-on-sensitive-service-domains) for more information.
### Additional settings for endpoint DLP
By default, when devices are onboarded, activity for Office, PDF, and CSV files
File activity will always be audited for onboarded devices, regardless of whether they're included in an active policy.
+> [!IMPORTANT]
+> Before you can use [Printer groups (preview)](#printer-groups-preview), [Removable storage device groups](#removable-storage-device-groups-preview), [Network share groups](#network-share-groups-preview), and [VPN settings](#vpn-settings-preview) you must register [here](https://forms.office.com/r/GNVTFvxuZv).
+
+### Printer groups (preview)
+
+Use this setting to define groups of printers that you want to assign policy actions to that are different from the global printing actions. For example, say you want your DLP policy to block printing of contracts to all printers, except for printers that are in the legal department.
+
+This feature is available for devices running any of the following Windows versions :
+
+- Windows 10 and later (20H2, 21H1, 21H2)
+- Win 11 21H2, 22H2
+- Windows Server 2022
+
+You define a printer by these parameters:
+
+- Friendly printer name - Get the Friendly printer name value from the printer device property details in device manager.
+- USB product ID - Get the Device Instance path value from the printer device property details in device manager. Convert it to Product ID and Vendor ID format, see [Standard USB identifiers](/windows-hardware/drivers/install/standard-usb-identifiers).
+- USB vendor ID - Get the Device Instance path value from the printer device property details in device manager. Convert it to Product ID and Vendor ID format, see [Standard USB identifiers](/windows-hardware/drivers/install/standard-usb-identifiers).
+- IP range
+- Print to file - For example Microsoft Print to PDF or Microsoft XPS Document Writer.
+- Universal print deployed on a printer - See, [Set up Universal Print](/universal-print/fundamentals/universal-print-getting-started.md) for more information on universal printers
+- Corporate printer - is a print queue shared through on-premises Windows print server in your domain. Its path might look like \\print-server\contoso.com\legal_printer_001
+- Print to local
+
+You assign each printer in the group a **Display name**. The name only appears in the Purview console. So, continuing with the example, you would create a printer group named **Legal printers** and add individual printers (with an alias) by their friendly name, like `legal_printer_001`, `legal_printer_002` and `legal_color_printer`.
+
+You can multi-select the parameters to help you unambiguously identify a specific printer.
+
+You can assign these policy actions to the group in a DLP policy:
+
+- Allow (audit with no user notifications or alerts)
+- Audit only (you can add notifications and alerts)
+- Block with override (blocks the action, but the user can override)
+- Block (blocks no matter what)
+
+#### Create a Printer group
+
+1. Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > **Data loss prevention** > **Endpoint DLP settings** > **Printer groups**.
+1. Select **Create printer group**.
+1. Give the group a name.
+1. Select **Add printer**.
+1. Give the printer an **Alias that will only appear here.
+1. Select the parameters and provide the values to unambiguously identify the specific printer.
+1. Select **Add**.
+1. Add other printers as needed.
+1. Select **Close**.
+
+The most common use case is to use printers groups as an allowlist as in the above example for allowing the printing of contracts only to printers that are in the legal department. After you define a printer group here, it's available to be used in your policies that are scoped to **Devices**. See, [Scenario 7 Authorization groups](endpoint-dlp-using.md#scenario-7-authorization-groups-preview) for more information on configuring policy actions to use authorization groups.
+
+### Removable storage device groups (preview)
+
+Use this setting to define groups of removable storage devices, like USB thumb drives, that you want to assign policy actions to that are different from the global printing actions. For example, say you want your DLP policy to block copying of items with engineering specifications to all removeable storage devices, except for USB connected hard drives that are used to back up data and are then sent offsite.
+
+This feature is available for devices running any of the following Windows versions :
+
+- Windows 10 and later (20H2, 21H1, 21H2)
+- Win 11 21H2, 22H2
+- Windows 10 RS5 (KB 5006744) and Windows Server 2022
+
+You can define removeable storage devices by these parameters:
+
+- Storage device friendly name - Get the Friendly name value from the storage device property details in device manager.
+- USB product ID - Get the Device Instance path value from the printer device property details in device manager. Convert it to Product ID and Vendor ID format, see [Standard USB identifiers](/windows-hardware/drivers/install/standard-usb-identifiers).
+- USB vendor ID - Get the Device Instance path value from the printer device property details in device manager. Convert it to Product ID and Vendor ID format, see [Standard USB identifiers](/windows-hardware/drivers/install/standard-usb-identifiers).
+- Serial number ID - Get the serial number ID value from the storage device property details in device manager.
+- Device ID - Get the device ID value from the storage device property details in device manager.
+- Instance path ID - Get the device ID value from the storage device property details in device manager.
+- Hardware ID - Get the hardware ID value from the storage device property details in device manager.
+
+You assign each removable storage device in the group an **Alias**. The alias is a name that only appears in the Purview console. So, continuing with the example, you would create a removable storage device group named **Backup** and add individual devices (with an alias) by their friendly name, like `backup_drive_001`, and `backup_drive_002`.
+
+You can multi-select the parameters and the printer group will include all devices that satisfy those parameters.
+
+You can assign these policy actions to the group in a DLP policy:
+
+- Allow (audit with no user notifications or alerts)
+- Audit only (you can add notifications and alerts)
+- Block with override (blocks the action, but the user can override)
+- Block (blocks no matter what)
+
+#### Create a Removable storage device group
+
+1. Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > **Data loss prevention** > **Endpoint DLP settings** > **Removable storage device groups**.
+1. Select **Create removable storage device group**.
+1. Provide a **Group name**.
+1. Select **Add removable storage device**.
+1. Provide an **Alias**.
+1. Select the parameters and provide the values to unambiguously identify the specific device.
+1. Select **Add**.
+1. Add other devices to the group as needed.
+1. Select **Close**.
+
+The most common use case is to use removable storage devices groups as an allowlist as in the above example for allowing the copying of files only to devices that are in the **Backup** group. After you define a removable storage device group here, it's available to be used in your policies that are scoped to **Devices**. See, [Scenario 7 Authorization groups](endpoint-dlp-using.md#scenario-7-authorization-groups-preview) for more information on configuring policy actions to use authorization groups. While scenario 7 uses printer authorization groups as an example, the principles are identical. The only thing that changes are the names of the groups and the actions you select.
+
+### Network share groups (preview)
+
+Use this setting to define groups of network share paths that you want to assign policy actions to that are different from the global network share path actions. For example, say you want your DLP policy to block when users attempt to save or copy protected files to network shares except the network shares in this group.
++
+This feature is available for devices running any of the following Windows versions:
+
+- Windows 10 and later (20H2, 21H1, 21H2)
+- Win 11 21H2, 22H2
+- Windows 10 RS5 (KB 5006744) and Windows Server 2022
++
+You include network share paths by defining the prefix that they all start with. For example:
+
+- '\\Library' will match:
+ - \Library folder and all its subfolders.
+
+- You can use Wildcards, for example '\\Users\*\Desktop' will match:
+ - '\\USers\user1\Desktop'
+ - '\\USers\user1\user2\Desktop'
+ - '\\Users\*\Desktop'
+
+- You can use Environmental variables, for example:
+ - %AppData%\app123
+
+You can assign these policy actions to the group in a DLP policy:
+
+- Allow (audit with no user notifications or alerts)
+- Audit only (you can add notifications and alerts)
+- Block with override (blocks the action, but the user can override)
+- Block (blocks no matter what)
+
+#### Create a Network Share group
+
+1. Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > **Data loss prevention** > **Endpoint DLP settings** > **Network share groups**.
+1.Select **Create network share group**.
+1. Provide a **Group name**.
+1. Add the file path to the share.
+1. Select **Add**.
+1. Add other share paths to the group as needed.
+1. Select **Close**.
++
+The most common use case is to use network share group as an allowlist as in the above example for allowing users to save or copy protected files only to the network shares that are defined in the group. After you define a networks share group here, it's available to be used in your policies that are scoped to **Devices**. See, [Scenario 7 Authorization groups](endpoint-dlp-using.md#scenario-7-authorization-groups-preview) for more information on configuring policy actions to use authorization groups.
+
+### VPN settings (preview)
+
+Use the VPN list to control only those actions that are being carried out over that VPN.
+
+This feature is available for devices running any of these versions of Windows:
+
+- Windows 10 and later (20H2, 21H1, 21H2)
+- Windows 11 21H2, 22H2
+- Windows 10 RS5 (KB 5006744)
+
+When you list a VPN in **VPN Settings** you can assign these policy actions to them:
+
+- Allow (audit with no user notifications or alerts)
+- Audit only (you can add notifications and alerts)
+- Block with override (blocks the action, but the user can override)
+- Block (blocks no matter what)
+
+These actions can be applied individually or collectively to these user activities:
+
+- Copy to clipboard
+- Copy to a USB removable device
+- Copy to a network share
+- Print
+- Copy or move using unallowed Bluetooth app
+- Copy or move using RDP
+
+When configuring a DLP policy to restrict activity on devices, you can control what happens to each activity performed when users are connected to your organization within any of the VPNs listed.
+
+You define VPN by these parameters **Server address** or **Network address**.
+
+#### Get the Server address or Network address
+
+1. On a DLP monitored Windows device, open a **Windows PowerShell** window as an administrator.
+1. Run this cmdlet
+
+```powershell-interactive
+Get-VpnConnection
+```
+3. Running this cmdlet returns multiple fields and values.
+1. Find the **ServerAddress** field and record that value. You'll use this when you create a VPN entry in the VPN list.
+1. Find the **Name** field and record that value. The **Name** field maps to the **Network address** field when you create a VPN entry in the VPN list.
+
+#### Add a VPN
+
+1. Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > **Data loss prevention** > **Endpoint DLP settings** > **VPN settings**.
+1. Select **Add or edit VPN addresses**.
+1. Provide either the **Server address** or **Network address** from running Get-VpnConnection.
+1. Select **Save**.
+1. Close the item.
+
+> [!IMPORTANT]
+> When you use the VPN list in defining the actions of a policy, you will also see **Corporate network** as an option. **Corporate network** connections are are all connections to your organizations resources.These connections can include VPNs.
+
+See, [Scenario 8 Network exceptions](endpoint-dlp-using.md#scenario-8-network-exceptions-preview)for more information on configuring policy actions to use network exceptions.
+ ## See also - [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md)
compliance Endpoint Dlp Using https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/endpoint-dlp-using.md
These scenarios require that you already have devices onboarded and reporting in
## Scenario 4: Avoid looping DLP notifications from cloud synchronization apps with auto-quarantine (preview)
-#[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-
-## Before you begin
+## Before you begin scenario 4
In this scenario, synchronizing files with the **Highly Confidential** sensitivity label to OneDrive is blocked. This is a complex scenario with multiple components and procedures. You will need:
There are three procedures.
## Scenario 5: Restrict unintentional sharing to unallowed cloud apps and services
-With Endpoint DLP and Microisoft Edge Web browser, you can restrict unintentional sharing of sensitive items to unallowed cloud apps and services. Edge understands when an item is restricted by an Endpoint DLP policy and enforces access restrictions.
+With Endpoint DLP and Microsoft Edge Web browser, you can restrict unintentional sharing of sensitive items to unallowed cloud apps and services. Edge understands when an item is restricted by an Endpoint DLP policy and enforces access restrictions.
When you select **Devices** as a location in a properly configured DLP policy and use the Microsoft Edge browser, the unallowed browsers that you've defined in these settings will be prevented from accessing the sensitive items that match your DLP policy controls. Instead, users will be redirected to use Microsoft Edge which, with its understanding of DLP imposed restrictions, can block or restrict activities when the conditions in the DLP policy are met.
Here are some examples:
1. Select **Save**. 1. Select **Policies**. 1. Create and scope a policy that is applied only to **Devices**. See, [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) for more information on how to create a policy.
-1. Create a rule that uses the **the user accessed a sensitive site from Edge**, and the action **Audit or restrict activities when users access sensitive sites in Microsoft Edge browser on Windows devices**.
-1. In the action select **Add or remove Sensitive site groups**.
+1. Create a rule that uses the **The user accessed a sensitive site from Edge**, and the action **Audit or restrict activities on devices**.
+1. In **Service domain and browser activities** select **Upload to a restricted cloud service domain or access from an unallowed browser** and set the action to **Audit only**. This sets the overall action for all the site groups.
1. Select the **Sensitive site groups** you want. 1. Select **Add**.
+1. OPTIONAL: If you want to create an exception (usually an allowlist) to the overall action for one or more site groups, select **Configure sensitive service domain exceptions**, add the site group you want the exception for, configure the desired action and **Save** the configuration.
1. Select the user activities you want to monitor or restrict and the actions you DLP to take in response to those activities. 1. Finish configuring the rule and policy and apply it.
+## Scenario 7 Authorization groups (preview)
+
+> [!IMPORTANT]
+> Before you can use **Printer groups**, **Removable storage device groups**, **Network share groups**, and **Network exceptions/VPN** you must register [here](https://forms.office.com/r/GNVTFvxuZv).
+
+These scenarios require that you already have devices onboarded and reporting into Activity explorer. If you haven't onboarded devices yet, see [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md).
+
+Authorization groups are mostly used as allow lists. You assigned policy actions to the group that are different than the global policy actions. In this scenario, we'll go through defining a printer group and then configuring a policy with block actions for all print activities except for the printers in the group. These procedures are essentially the same for **Removeable storage device groups**, and **Network share groups**.
+
+In this scenario, we'll define a group of printers that the legal department uses for printing contracts. Printing contracts to any other printers is blocked.
+
+### Create and use printer groups
+
+1. In the Microsoft Purview compliance portal open **Data loss prevention** > **Endpoint DLP settings** > **Printer groups**.
+1. Select **Create printer group** and give the group a name. In this scenarion, we'll use `Legal printers`.
+1. Select **Add printer** and provide a name. You can define printers by:
+ 1. Friendly printer name
+ 1. USB product ID
+ 1. USB vendor ID
+ 1. IP range
+ 1. Print to file
+ 1. Universal print deployed on a printer
+ 1. Corporate printer
+ 1. Print to local
+1. Select **Close**.
+
+### Configure policy printing actions
+
+1. Open the **Policies** tab.
+
+1. Select **Create policy** and select the custom policy template.
+1. Scope the location to only **Devices**.
+
+1. Create a rule where:
+ 1. **Content contains** = **Trainable classifiers**, **Legal Affairs**
+ 1. **Actions** = **Audit or restrict activities on devices**
+ 1. Then pick **File activities on all apps**
+ 1. The select **Apply restrictions to specific activity**
+ 1. Select **Print** = **Block**
+1. Select **Choose different print restrictions**
+1. Under **Printer group restrictions**, select **Add group** and select **Legal printers**.
+1. Set **Action** = **Allow**.
+ > [!TIP]
+ > The **Allow** action wil record and audit event to the audit log, but not generate an alert or notification.
+10. Save.
+11. Accept the default **I'd like to test it out first** value and choose **Show policy tips while in test mode**. Choose **Next**.
+
+12. Review your settings and choose **Submit**.
+
+13. The new DLP policy will appear in the policy list.
+
+## Scenario 8 Network exceptions (preview)
+
+> [!IMPORTANT]
+> Before you can use **Printer groups**, **Removable storage device groups**, **Network share groups**, and **Network exceptions/VPN** you must register [here](https://forms.office.com/r/GNVTFvxuZv).
+
+These scenarios require that you already have devices onboarded and reporting into Activity explorer. If you haven't onboarded devices yet, see [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md).
+
+In this scenario, we'll define a list of VPNs that hybrid workers use for accessing organization resources.
+### Create and use a Network exception
+
+Network exceptions enables you to configure Allow, Audit only, Block with override, and Block actions to the file activities based on the network that users are accessing the file from. You can select from the [VPN settings](dlp-configure-endpoint-settings.md#vpn-settings-preview) list you defined and **Corporate network** option. The actions can be applied individually or collectively to these user activities:
+
+- Copy to clipboard
+- Copy to a USB removable device
+- Copy to a network share
+- Print
+- Copy or move using unallowed Bluetooth app
+- Copy or move using RDP
+
+#### Get the Server address or Network address
+
+1. On a DLP monitored Windows device, open a **Windows PowerShell** window as an administrator.
+1. Run this cmdlet
+
+```powershell-interactive
+Get-VpnConnection
+```
+
+3. Running this cmdlet returns multiple fields and values.
+1. Find the **ServerAddress** field and record that value. You'll use this when you create a VPN entry in the VPN list.
+1. Find the **Name** field and record that value. The **Name** field maps to the **Network address** field when you create a VPN entry in the VPN list.
+
+#### Add a VPN
+
+1. Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > **Data loss prevention** > **Endpoint DLP settings** > **VPN settings**.
+1. Select **Add or edit VPN addresses**.
+1. Provide either the **Server address** or **Network address** from running Get-VpnConnection.
+1. Select **Save**.
+1. Close the item.
+
+#### Configure policy actions
+
+1. Open the **Policies** tab.
+
+1. Select **Create policy** and select the custom policy template.
+1. Scope the location to only **Devices**.
+
+1. Create a rule where:
+ 1. **Content contains** = **Trainable classifiers**, **Legal Affairs**
+ 1. **Actions** = **Audit or restrict activities on devices**
+ 1. Then pick **File activities on all apps**
+ 1. The select **Apply restrictions to specific activity**
+ 1. Select the actions that you want to configure **Network exceptions** for.
+1. Select **Copy to clipboard** and the **Audit only** action
+1. Select **Choose different copy to clipboard restrictions**.
+1. Select **VPN** and set the action to **Block with override**.
+
+> [!IMPORTANT]
+> When you want to control the activities of a user when they're connected through a VPN *you must* select the VPN and make the VPN the top priority in the **Network exceptions** configuration. Otherwise, if the **Corporate network** option is selected, then that action defined for the **Corporate network** entry will be enforced.
+
+> [!CAUTION]
+> The **Apply to all activities** option will copy the network exceptions that are defined here and apply them to all the other configured specific activities, like **Print**, and **Copy to a network share**. ***This will overwrite the network exceptions on the other activities The last saved configuration wins.***
+
+8. Save.
+1. Accept the default **I'd like to test it out first** value and choose **Show policy tips while in test mode**. Choose **Next**.
+
+1. Review your settings and choose **Submit**.
+
+1. The new DLP policy will appear in the policy list.
+
+
## See also - [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md)
compliance File Plan Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/file-plan-manager.md
All columns except the label **Name** can be displayed or hidden by selecting th
- Yes - Yes(Regulatory) -- **Is unlocked by default**ΓÇöcurrently rolling outΓÇöidentifies if the item marked as a record is unlocked when the label is applied. Valid values:
+- **Is unlocked by default** identifies if the item marked as a record is unlocked when the label is applied. Valid values:
- No - Yes -- **Relabel to**ΓÇöcurrently rolling outΓÇöidentifies if the label is configured to apply another label at the end of the retention period. Valid values:
+- **Relabel to** identifies if the label is configured to apply another label at the end of the retention period. Valid values:
- Blank or the selected label name - **Retention duration** identifies the retention period. Valid values:
compliance Get Started With Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-sensitivity-labels.md
description: "Prescriptive steps for admins, licensing requirements, and common
For information about what sensitivity labels are and how they can help you protect your organization's data, see [Learn about sensitivity labels](sensitivity-labels.md).
-If you have [Azure Information Protection](/azure/information-protection/what-is-information-protection) and are still using Azure Information Protection labels that were managed from the Azure portal, you must migrate these labels to the [unified labeling platform](/azure/information-protection/faqs#how-can-i-determine-if-my-tenant-is-on-the-unified-labeling-platform). For Windows computers, you can then [choose which labeling client to use](/azure/information-protection/rms-client/use-client#choose-which-labeling-client-to-use-for-windows-computers) for your published sensitivity labels.
+If you have [Azure Information Protection](/azure/information-protection/what-is-information-protection) and are still using Azure Information Protection labels that were managed from the Azure portal, you must migrate these labels to the [unified labeling platform](/azure/information-protection/faqs#how-can-i-determine-if-my-tenant-is-on-the-unified-labeling-platform). We then recommend you disable the AIP add-in for Office apps, to benefit from the newer, built-in labeling experience. For more information, see [Migrate the Azure Information Protection (AIP) add-in to built-in labeling for Office apps](sensitivity-labels-aip.md).
When you're ready to start protecting your organization's data by using sensitivity labels:
compliance Import Epic Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-epic-data.md
The following table lists the fields that are required to enable insider risk ma
The next step is to create an Epic connector in the compliance portal. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** in the left nav.
-2. On the **Data connectors** page under **Epic connector**, click **View**.
+2. On the **Data connectors** page under **Epic connector**, select **View**.
-3. On the **Epic connector** page, click **Add connector**.
+3. On the **Epic connector** page, select **Add connector**.
-4. On the **Setup the connection** page, do the following and then click **Next**:
+4. On the **Setup the connection** page, do the following and then select **Next**:
1. Type or paste the Azure AD application ID for the Azure app that you created in Step 2. 2. Type a name for the Epic connector.
-5. On the **Review** page, review your settings and then click **Finish** to create the connector.
+5. On the **Review** page, review your settings and then select **Finish** to create the connector.
A status page is displayed that confirms the connector was created. This page contains two important things that you need to complete the next step to run the sample script to upload your Epic EHR audit records data.
The next step is to create an Epic connector in the compliance portal. After you
2. **Reference schema.** Refer to the schema to understand which fields from your Epic system are accepted by connector. This will help you create a file with all the required Epic database fields.
- 3. **Link to sample script.** Click the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
+ 3. **Link to sample script.** Select the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
-6. Click **Done**.
+6. Select **Done**.
The new connector is displayed in the list on the **Connectors** tab.
-7. Click the Epic connector that you just created to display the flyout page, which contains properties and other information about the connector.
+7. Select the Epic connector that you just created to display the flyout page, which contains properties and other information about the connector.
If you haven't already done so, you can copy the values for the **Azure App ID** and **Connector job ID**. You'll need these to run the script in the next step. You can also download the script from the flyout page (or download it using the link in the next step.)
-You can also click **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
+You can also select **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
## Step 4: Run the sample script to upload your Epic EHR audit records
The last step in setting up an Epic connector is to run a sample script that wil
1. Go to window that you left open from the previous step to access the GitHub site with the sample script. Alternatively, open the bookmarked site or use the URL that you copied. You can also access the script [here](https://github.com/microsoft/m365-compliance-connector-sample-scripts/blob/main/sample_script.ps1).
-2. Click the **Raw** button to display the script in text view.
+2. Select the **Raw** button to display the script in text view.
3. Copy all the lines in the sample script and then save them to a text file.
If the upload is successful, the script displays the **Upload Successful** messa
After you create the Epic connector and push your EHR audit records, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Epic connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Epic connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Last import**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the text file to the Microsoft cloud.
+3. Under **Last import**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the text file to the Microsoft cloud.
Epic connector log file displays number rows from text file that were uploaded
To make sure the latest audit records from your Epic EHR system are available to
You can use the Task Scheduler app in Windows to automatically run the script every day.
-1. On your local computer, click the Windows **Start** button and then type **Task Scheduler**.
+1. On your local computer, select the Windows **Start** button and then type **Task Scheduler**.
-2. Click the **Task Scheduler** app to open it.
+2. Select the **Task Scheduler** app to open it.
-3. In the **Actions** section, click **Create Task**.
+3. In the **Actions** section, select **Create Task**.
4. On the **General** tab, type a descriptive name for the scheduled task; for example, **Epic connector script**. You can also add an optional description.
You can use the Task Scheduler app in Windows to automatically run the script ev
2. Make sure that the **Run with the highest privileges** checkbox is selected.
-6. Select the **Triggers** tab, click **New**, and then do the following things:
+6. Select the **Triggers** tab, select **New**, and then do the following things:
1. Under **Settings**, select the **Daily** option, and then choose a date and time to run the script for the first time. The script will run every day at the same specified time. 2. Under **Advanced settings**, make sure the **Enabled** checkbox is selected.
- 3. Click **Ok**.
+ 3. Select **Ok**.
-7. Select the **Actions** tab, click **New**, and then do the following things:
+7. Select the **Actions** tab, select **New**, and then do the following things:
![Action settings to create a new scheduled task for the epic connector script.](../media/EpicConnectorScheduleTask1.png) 1. In the **Action** dropdown list, make sure that **Start a program** is selected.
- 2. In the **Program/script** box, click **Browse**, and go to the following location and select it so the path is displayed in the box: C:.0.exe.
+ 2. In the **Program/script** box, select **Browse**, and go to the following location and select it so the path is displayed in the box: C:.0.exe.
3. In the **Add arguments (optional)** box, paste the same script command that you ran in Step 4. For example, `.\EpicConnector.ps1 -tenantId "d5723623-11cf-4e2e-b5a5-01d1506273g9" -appId "c12823b7-b55a-4989-faba-02de41bb97c3" -appSecret "MNubVGbcQDkGCnn" -jobId "e081f4f4-3831-48d6-7bb3-fcfab1581458" -filePath "C:\Epic\audit\records.txt"` 4. In the **Start in (optional)** box, paste the folder location of the script that you ran in Step 4. For example, C:\Epic\audit.
- 5. Click **Ok** to save the settings for the new action.
+ 5. Select **Ok** to save the settings for the new action.
-8. In the **Create Task** window, click **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
+8. In the **Create Task** window, select **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
The new task is displayed in the Task Scheduler Library. ![The new task for the healthcare connector script is displayed in the Task Scheduler Library.](../media/EpicConnectorTaskSchedulerLibrary.png)
- The last time the script ran and the next time it's scheduled to run is displayed. You can double-click the task to edit it.
+ The last time the script ran and the next time it's scheduled to run is displayed. You can double-select the task to edit it.
You can also verify the last time the script ran on the flyout page of the corresponding Epic connector in the compliance center.
compliance Import Healthcare Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-healthcare-data.md
The following table lists the fields that are required to enable insider risk ma
The next step is to create a Healthcare connector in the compliance portal. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script.
-1. Go to <https://compliance.microsoft.com> and then click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and then select **Data connectors** in the left nav.
-2. On the **Overview** tab, click **Healthcare (preview)**.
+2. On the **Overview** tab, select **Healthcare (preview)**.
-3. On the **Healthcare (preview)** page, click **Add connector**.
+3. On the **Healthcare (preview)** page, select **Add connector**.
4. Accept the terms of service.
-5. On the **Authentication credentials** page, do the following and then click **Next**:
+5. On the **Authentication credentials** page, do the following and then select **Next**:
1. Type or paste the Azure AD application ID for the Azure app that you created in Step 1. 2. Type a name for the healthcare connector.
-6. On the **File mapping method** page, select one of the following options and then click **Next**.
+6. On the **File mapping method** page, select one of the following options and then select **Next**.
- - **Upload a sample file**. If you select this option, click **Upload sample file** to upload the file that you prepared in Step 2. This option allows you to quickly select column names in your text file from a drop-down list to map the columns to the required schema for the healthcare connector.
+ - **Upload a sample file**. If you select this option, select **Upload sample file** to upload the file that you prepared in Step 2. This option allows you to quickly select column names in your text file from a drop-down list to map the columns to the required schema for the healthcare connector.
Or
The next step is to create a Healthcare connector in the compliance portal. Afte
- For each field, type the column name from the file that you prepared in Step 2 that corresponds to the field for the healthcare connector.
-8. On the **Review** page, review your settings and then click **Finish** to create the connector.
+8. On the **Review** page, review your settings and then select **Finish** to create the connector.
A status page is displayed that confirms the connector was created. This page contains two important things that you need to complete the next step to run the sample script to upload your healthcare EHR auditing data. - **Job ID.** You'll need this job ID to run the script in the next step. You can copy it from this page or from the connector flyout page.
- - **Link to sample script.** Click the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
+ - **Link to sample script.** Select the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
-9. Click **Done**.
+9. Select **Done**.
The new connector is displayed in the list on the **Connectors** tab.
-10. Click the Healthcare connector that you just created to display the flyout page, which contains properties and other information about the connector.
+10. Select the Healthcare connector that you just created to display the flyout page, which contains properties and other information about the connector.
If you haven't already done so, you can copy the values for the **Azure App ID** and **Connector job ID**. You'll need these to run the script in the next step. You can also download the script from the flyout page (or download it using the link in the next step.)
-You can also click **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
+You can also select **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
## Step 4: Run the sample script to upload your healthcare EHR auditing data
The last step in setting up a Healthcare connector is to run a sample script tha
1. Go to window that you left open from the previous step to access the GitHub site with the sample script. Alternatively, open the bookmarked site or use the URL that you copied. You can also access the script [here](https://github.com/microsoft/m365-compliance-connector-sample-scripts/blob/main/sample_script.ps1).
-2. Click the **Raw** button to display the script in text view.
+2. Select the **Raw** button to display the script in text view.
3. Copy all the lines in the sample script and then save them to a text file.
If the upload is successful, the script displays the **Upload Successful** messa
After you create the Healthcare connector and push your EHR auditing data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran.
-1. Go to <https://compliance.microsoft.com> and click **Data connectors** in the left nav.
+1. Go to <https://compliance.microsoft.com> and select **Data connectors** in the left nav.
-2. Click the **Connectors** tab and then select the Healthcare connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the Healthcare connector to display the flyout page. This page contains the properties and information about the connector.
-3. Under **Last import**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the text file to the Microsoft cloud.
+3. Under **Last import**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the text file to the Microsoft cloud.
The `RecordsSaved` field indicates the number of rows in the text file that uploaded. For example, if the text file contains four rows, then the value of the `RecordsSaved` fields is 4, if the script successfully uploaded all the rows in the text file.
To make sure the latest auditing data from your healthcare EHR system are availa
You can use the Task Scheduler app in Windows to automatically run the script every day.
-1. On your local computer, click the Windows **Start** button and then type **Task Scheduler**.
+1. On your local computer, select the Windows **Start** button and then type **Task Scheduler**.
-2. Click the **Task Scheduler** app to open it.
+2. Select the **Task Scheduler** app to open it.
-3. In the **Actions** section, click **Create Task**.
+3. In the **Actions** section, select **Create Task**.
4. On the **General** tab, type a descriptive name for the scheduled task; for example, **Healthcare connector script**. You can also add an optional description.
You can use the Task Scheduler app in Windows to automatically run the script ev
2. Make sure that the **Run with the highest privileges** checkbox is selected.
-6. Select the **Triggers** tab, click **New**, and then do the following things:
+6. Select the **Triggers** tab, select **New**, and then do the following things:
1. Under **Settings**, select the **Daily** option, and then choose a date and time to run the script for the first time. The script will run every day at the same specified time. 2. Under **Advanced settings**, make sure the **Enabled** checkbox is selected.
- 3. Click **Ok**.
+ 3. Select **Ok**.
-7. Select the **Actions** tab, click **New**, and then do the following things:
+7. Select the **Actions** tab, select **New**, and then do the following things:
![Action settings to create a new scheduled task for the healthcare connector script.](../media/GenericHealthCareConnectorScheduleTask1.png) 1. In the **Action** dropdown list, make sure that **Start a program** is selected.
- 2. In the **Program/script** box, click **Browse**, and go to the following location and select it so the path is displayed in the box: C:.0.exe.
+ 2. In the **Program/script** box, select **Browse**, and go to the following location and select it so the path is displayed in the box: C:.0.exe.
3. In the **Add arguments (optional)** box, paste the same script command that you ran in Step 4. For example, `.\HealthcareConnector.ps1 -tenantId "d5723623-11cf-4e2e-b5a5-01d1506273g9" -appId "c12823b7-b55a-4989-faba-02de41bb97c3" -appSecret "MNubVGbcQDkGCnn" -jobId "e081f4f4-3831-48d6-7bb3-fcfab1581458" -filePath "C:\Healthcare\audit\records.txt"` 4. In the **Start in (optional)** box, paste the folder location of the script that you ran in Step 4. For example, C:\Healthcare\audit.
- 5. Click **Ok** to save the settings for the new action.
+ 5. Select **Ok** to save the settings for the new action.
-8. In the **Create Task** window, click **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
+8. In the **Create Task** window, select **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
The new task is displayed in the Task Scheduler Library. ![The new task for the healthcare connector script is displayed in the Task Scheduler Library.](../media/HealthcareConnectorTaskSchedulerLibrary.png)
- The last time the script ran and the next time it's scheduled to run is displayed. You can double-click the task to edit it.
+ The last time the script ran and the next time it's scheduled to run is displayed. You can double-select the task to edit it.
You can also verify the last time the script ran on the flyout page of the corresponding Healthcare connector in the compliance center.
compliance Import Hr Data US Government https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data-US-government.md
The next step is to create an HR connector in the compliance portal. After you r
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors** page</a>.
-2. On the **Data connectors** page under **HR**, click **View**.
+2. On the **Data connectors** page under **HR**, select **View**.
-3. On the **HR** page, click **Add connector**.
+3. On the **HR** page, select **Add connector**.
-4. On the **Authentication credentials** page, do the following and then click **Next**:
+4. On the **Authentication credentials** page, do the following and then select **Next**:
1. Type or paste the Azure AD application ID for the Azure app that you created in Step 1.
The next step is to create an HR connector in the compliance portal. After you r
![Column heading names match the ones in the CSV file.](../media/HRConnectorWizard3.png)
-6. On the **Review** page, review your settings and then click **Finish** to create the connector.
+6. On the **Review** page, review your settings and then select **Finish** to create the connector.
A status page is displayed that confirms the connector was created. This page contains two important things that you need to complete the next step to run the sample script to upload your HR data.
The next step is to create an HR connector in the compliance portal. After you r
1. **Job ID.** You'll need this job ID to run the script in the next step. You can copy it from this page or from the connector flyout page.
- 1. **Link to sample script.** Click the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again in Step 4. This link is also available on the connector flyout page.
+ 1. **Link to sample script.** Select the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again in Step 4. This link is also available on the connector flyout page.
-7. Click **Done**.
+7. Select **Done**.
The new connector is displayed in the list on the **Connectors** tab.
-8. Click the HR connector that you just created to display the flyout page, which contains properties and other information about the connector.
+8. Select the HR connector that you just created to display the flyout page, which contains properties and other information about the connector.
![Flyout page for new HR connector.](../media/HRConnectorWizard7.png) If you haven't already done so, you can copy the values for the **Azure App ID** and **Connector job ID**. You'll need these to run the script in the next step. You can also download the script from the flyout page (or download it using the link in the next step.)
- You can also click **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
+ You can also select **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
## Step 4: Run the sample script to upload your HR data
The last step in setting up an HR connector is to run a sample script that will
1. Go to window that you left open from the previous step to access the GitHub site with the sample script. Alternatively, open the bookmarked site or use the URL that you copied.
-2. Click the **Raw** button to display the script in text view.
+2. Select the **Raw** button to display the script in text view.
3. Copy all the lines in the sample script and then save them to a text file.
After you create the HR connector and run the script to upload your HR data, you
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors**</a>.
-2. Click the **Connectors** tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
![HR connector flyout page with properties and status.](../media/HRConnectorFlyout1.png)
-3. Under **Progress**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the CSV file to the Microsoft cloud.
+3. Under **Progress**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the CSV file to the Microsoft cloud.
![HR connector log file displays number rows from CSV file that were uploaded.](../media/HRConnectorLogFile.png)
To make sure the latest HR data from your organization is available to tools lik
You can use the Task Scheduler app in Windows to automatically run the script every day.
-1. On your local computer, click the Windows **Start** button and then type **Task Scheduler**.
+1. On your local computer, select the Windows **Start** button and then type **Task Scheduler**.
-2. Click the **Task Scheduler** app to open it.
+2. Select the **Task Scheduler** app to open it.
-3. In the **Actions** section, click **Create Task**.
+3. In the **Actions** section, select **Create Task**.
4. On the **General** tab, type a descriptive name for the scheduled task; for example, **HR Connector Script**. You can also add an optional description.
You can use the Task Scheduler app in Windows to automatically run the script ev
1. Make sure that the **Run with the highest privileges** checkbox is selected.
-6. Select the **Triggers** tab, click **New**, and then do the following things:
+6. Select the **Triggers** tab, select **New**, and then do the following things:
1. Under **Settings**, select the **Daily** option, and then choose a date and time to run the script for the first time. The script will run every day at the same specified time. 1. Under **Advanced settings**, make sure the **Enabled** checkbox is selected.
- 1. Click **Ok**.
+ 1. Select **Ok**.
-7. Select the **Actions** tab, click **New**, and then do the following things:
+7. Select the **Actions** tab, select **New**, and then do the following things:
![Action settings to create a new scheduled task for the HR connector script.](../media/HRConnectorScheduleTask1.png) 1. In the **Action** dropdown list, make sure that **Start a program** is selected.
- 1. In the **Program/script** box, click **Browse**, and go to the following location and select it so the path is displayed in the box: `C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe`.
+ 1. In the **Program/script** box, select **Browse**, and go to the following location and select it so the path is displayed in the box: `C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe`.
1. In the **Add arguments (optional)** box, paste the same script command that you ran in Step 4. For example, `.\HRConnector.ps1 -tenantId "d5723623-11cf-4e2e-b5a5-01d1506273g9" -appId "c12823b7-b55a-4989-faba-02de41bb97c3" -appSecret "MNubVGbcQDkGCnn" -jobId "e081f4f4-3831-48d6-7bb3-fcfab1581458" -csvFilePath "C:\Users\contosoadmin\Desktop\Data\employee_termination_data.csv"` 1. In the **Start in (optional)** box, paste the folder location of the script that you ran in Step 4. For example, `C:\Users\contosoadmin\Desktop\Scripts`.
- 1. Click **Ok** to save the settings for the new action.
+ 1. Select **Ok** to save the settings for the new action.
-8. In the **Create Task** window, click **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
+8. In the **Create Task** window, select **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
The new task is displayed in the Task Scheduler Library. ![The new task is displayed in the Task Scheduler Library.](../media/HRConnectorTaskSchedulerLibrary.png)
- The last time the script ran and the next time it's scheduled to run is displayed. You can double-click the task to edit it.
+ The last time the script ran and the next time it's scheduled to run is displayed. You can double-select the task to edit it.
You can also verify the last time the script ran on the flyout page of the corresponding HR connector in the compliance center.
compliance Import Hr Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data.md
You can set up a data connector in the Microsoft Purview compliance portal to im
Setting up a connector for HR data that insider risk management policies can use to generate risk indicators consists of creating a CSV file that contains that contains the HR data, creating an app in Azure Active Directory that's used for authentication, creating an HR data connector in the compliance portal, and then running a script (on a scheduled basis) that ingests the HR data in CSV files to the Microsoft cloud so it's available to the insider risk management solution. > [!IMPORTANT]
-> A new version of the HR connector is now available for public preview. To create a new HR connector or to import data for the [new employee profile scenario](#csv-file-for-employee-profile-data-preview) for the healthcare policy scenario for insider risk management, go to the **Data connectors** page in the compliance portal, select the **Connectors** tab, and then click **Add a connector > HR (preview)** to start the set up. Existing HR connectors will continue to work without any disruption.
+> A new version of the HR connector is now available for public preview. To create a new HR connector or to import data for the [new employee profile scenario](#csv-file-for-employee-profile-data-preview) for the healthcare policy scenario for insider risk management, go to the **Data connectors** page in the compliance portal, select the **Connectors** tab, and then select **Add a connector > HR (preview)** to start the set up. Existing HR connectors will continue to work without any disruption.
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
Setting up a connector for HR data that insider risk management policies can use
- Determine which HR scenarios and data to import to Microsoft 365. This will help you determine how many CSV files and HR connectors you'll need to create, and how to generate and structure the CSV files. The HR data that you import is determined by the insider risk management policies that you want to implement. For more information, see Step 1. -- Determine how to retrieve or export the data from your organization's HR system (and on a regular basis) and add it to the CSV files that you create in Step 1. The script that you run in Step 4 will upload the HR data in the CSV files to the Microsoft cloud.
+- Determine how to retrieve or export the data from your organization's HR system (and regularly) and add it to the CSV files that you create in Step 1. The script that you run in Step 4 will upload the HR data in the CSV files to the Microsoft cloud.
- The user who creates the HR connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the **Data connectors** page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). - The sample script that you run in Step 4 will upload your HR data to the Microsoft cloud so that it can be used by the insider risk management solution. This sample script isn't supported under any Microsoft standard support program or service. The sample script is provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample script and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. -- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. For step-by-step instructions for setting up an HR connector in a GCC environment, see [Set up a connector to import HR data in US Government](import-hr-data-US-government.md).
+- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore aren't covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. For step-by-step instructions for setting up an HR connector in a GCC environment, see [Set up a connector to import HR data in US Government](import-hr-data-US-government.md).
## Step 1: Prepare a CSV file with your HR data
The following table describes each column in the CSV file for performance review
### CSV file for employee profile data (preview) > [!NOTE]
-> The capability to create an HR connector for employee profile data is in public preview. To create an HR connector that supports employee profile data, go to the **Data connectors** page in the compliance portal, select the **Connectors** tab, and then click **Add a connector** > **HR (preview)**. Follow the steps to create a connector in [Step 3: Create the HR connector](#step-3-create-the-hr-connector).
+> The capability to create an HR connector for employee profile data is in public preview. To create an HR connector that supports employee profile data, go to the **Data connectors** page in the compliance portal, select the **Connectors** tab, and then select **Add a connector** > **HR (preview)**. Follow the steps to create a connector in [Step 3: Create the HR connector](#step-3-create-the-hr-connector).
Here's an example of a CSV file for the data for the employee profile data.
Performance improvement plan,pillarp@contoso.com,,,2019-04-23T15:18:02.4675041+0
### Adding the HRScenario column to a CSV file that contains a single data type
-Based on your organization's HR systems and how you will export HR data to CSV file, you might have to create multiple CSV files that contain a single HR data type. In this case, you can still create a single HR connector to import data from different CSV files. To do this, you'll just have to add an HRScenario column to the CSV file and specify the HR data type. Then you can run the script for each CSV file, but use the same job ID for the connector. See [Step 4](#step-4-run-the-sample-script-to-upload-your-hr-data).
+Based on your organization's HR systems and how you'll export HR data to CSV file, you might have to create multiple CSV files that contain a single HR data type. In this case, you can still create a single HR connector to import data from different CSV files. To do this, you'll just have to add an HRScenario column to the CSV file and specify the HR data type. Then you can run the script for each CSV file, but use the same job ID for the connector. See [Step 4](#step-4-run-the-sample-script-to-upload-your-hr-data).
## Step 2: Create an app in Azure Active Directory The next step is to create and register a new app in Azure Active Directory (Azure AD). The app will correspond to the HR connector that you create in Step 3. Creating this app will allow Azure AD to authenticate the HR connector when it runs and attempts to access your organization. This app will also be used to authenticate the script that you run in Step 4 to upload your HR data to the Microsoft cloud. During the creation of this Azure AD app, be sure to save the following information. These values will be used in Step 3 and Step 4. -- Azure AD application ID (also called the *app Id* or *client Id*)
+- Azure AD application ID (also called the *app ID* or *client ID*)
- Azure AD application secret (also called the *client secret*) -- Tenant Id (also called the *directory Id*)
+- Tenant ID (also called the *directory Id*)
For step-by-step instructions for creating an app in Azure AD, see [Register an application with the Microsoft identity platform](/azure/active-directory/develop/quickstart-register-app).
After you complete this step, be sure to copy the job ID that's generated when y
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors**</a>.
-2. On the **Data connectors** page, click **HR (preview)**.
+2. On the **Data connectors** page, select **HR (preview)**.
-3. On the **HR (preview)** page, click **Add connector**.
+3. On the **HR (preview)** page, select **Add connector**.
-4. On the **Setup the connection** page, do the following and then click **Next**:
+4. On the **Setup the connection** page, do the following and then select **Next**:
1. Type or paste the Azure AD application ID for the Azure app that you created in Step 2. 2. Type a name for the HR connector.
-5. On the HR scenarios page, select one or more HR scenarios that you want to import data for and then click **Next**.
+5. On the HR scenarios page, select one or more HR scenarios that you want to import data for and then select **Next**.
![Select one or more HR scenarios.](../media/HRConnectorScenarios.png)
-6. On the file mapping method page, select a file type if necessary, and then select one of the following options and then click **Next**.
+6. On the file mapping method page, select a file type if necessary, and then select one of the following options and then select **Next**.
- - **Upload a sample file**. If you select this option, click **Upload sample file** to upload the CSV file that you prepared in Step 1. This option allows you to quickly select column names in your CSV file from a drop-down list to map them to the data types for the HR scenarios that you previously selected.
+ - **Upload a sample file**. If you select this option, select **Upload sample file** to upload the CSV file that you prepared in Step 1. This option allows you to quickly select column names in your CSV file from a drop-down list to map them to the data types for the HR scenarios that you previously selected.
OR
After you complete this step, be sure to copy the job ID that's generated when y
7. On the File mapping details page, do one of the following, depending on whether you uploaded a sample CSV file and whether you're configuring the connector for a single HR scenario or for multiple scenarios. If you uploaded a sample file, you don't have to type the column names. You pick them from a dropdown list.
- - If you selected a single HR scenario in the previous step, then type the column header names (also called *parameters*) from the CSV file that you created in Step 1 in each of the appropriate boxes. The column names that you type are not case-sensitive, but be sure to include spaces if the column names in your CSV file include spaces. As previously explained, the names you type in these boxes must match the parameter names in your CSV file. For example, the following screenshot shows the parameter names from the sample CSV file for the employee resignation HR scenario shown in Step 1.
+ - If you selected a single HR scenario in the previous step, then type the column header names (also called *parameters*) from the CSV file that you created in Step 1 in each of the appropriate boxes. The column names that you type aren't case-sensitive, but be sure to include spaces if the column names in your CSV file include spaces. As previously explained, the names you type in these boxes must match the parameter names in your CSV file. For example, the following screenshot shows the parameter names from the sample CSV file for the employee resignation HR scenario shown in Step 1.
- If you selected multiple data types in step above, then you need to enter identifier column name that will identify the HR data type in your CSV file. After entering the identifier column name, type the value that identifies this HR data type, and type the column header names for selected data types from the CSV file(s) that you created in Step 1 in each of the appropriate boxes for each selected data type. As previously explained, the names that you type in these boxes must match the column names in your CSV file.
-8. On the **Review** page, review your settings and then click **Finish** to create the connector.
+8. On the **Review** page, review your settings and then select **Finish** to create the connector.
A status page is displayed that confirms the connector was created. This page contains two important things that you need to complete the next step to run the sample script to upload your HR data.
After you complete this step, be sure to copy the job ID that's generated when y
1. **Job ID.** You'll need this job ID to run the script in the next step. You can copy it from this page or from the connector flyout page.
- 2. **Link to sample script.** Click the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
+ 2. **Link to sample script.** Select the **here** link to go to the GitHub site to access the sample script (the link opens a new window). Keep this window open so that you can copy the script in Step 4. Alternatively, you can bookmark the destination or copy the URL so you can access it again when you run the script. This link is also available on the connector flyout page.
-9. Click **Done**.
+9. Select **Done**.
The new connector is displayed in the list on the **Connectors** tab.
-10. Click the HR connector that you just created to display the flyout page, which contains properties and other information about the connector.
+10. Select the HR connector that you just created to display the flyout page, which contains properties and other information about the connector.
![Flyout page for new HR connector.](../media/HRConnectorWizard7.png) If you haven't already done so, you can copy the values for the **Azure App ID** and **Connector job ID**. You'll need these to run the script in the next step. You can also download the script from the flyout page (or download it using the link in the next step.)
-You can also click **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
+You can also select **Edit** to change the Azure App ID or the column header names that you defined on the **File mapping** page.
## Step 4: Run the sample script to upload your HR data
The last step in setting up an HR connector is to run a sample script that will
1. Go to window that you left open from the previous step to access the GitHub site with the sample script. Alternatively, open the bookmarked site or use the URL that you copied. You can also access the script [here](https://github.com/microsoft/m365-compliance-connector-sample-scripts/blob/main/sample_script.ps1).
-2. Click the **Raw** button to display the script in text view.
+2. Select the **Raw** button to display the script in text view.
3. Copy all the lines in the sample script and then save them to a text file.
The last step in setting up an HR connector is to run a sample script that will
| Parameter | Description | |:--|:--|:--|
- |`tenantId`|This is the Id for your Microsoft 365 organization that you obtained in Step 2. You can also obtain the tenant Id for your organization on the **Overview** blade in the Azure AD admin center. This is used to identify your organization.|
- |`appId` |This is the Azure AD application Id for the app that you created in Azure AD in Step 2. This is used by Azure AD for authentication when the script attempts to access your Microsoft 365 organization. |
+ |`tenantId`|This is the ID for your Microsoft 365 organization that you obtained in Step 2. You can also obtain the tenant ID for your organization on the **Overview** blade in the Azure AD admin center. This is used to identify your organization.|
+ |`appId` |This is the Azure AD application ID for the app that you created in Azure AD in Step 2. This is used by Azure AD for authentication when the script attempts to access your Microsoft 365 organization. |
|`appSecret`|This is the Azure AD application secret for the app that you created in Azure AD in Step 2. This also used for authentication.| |`jobId`|This is the job ID for the HR connector that you created in Step 3. This is used to associate the HR data that is uploaded to the Microsoft cloud with the HR connector.| |`filePath`|This is the file path for the file (stored on the same system as the script) that you created in Step 1. Try to avoid spaces in the file path; otherwise use single quotation marks.|
The last step in setting up an HR connector is to run a sample script that will
## Step 5: Monitor the HR connector
-After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran.
+After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically regularly, you can also view the current status after the last time the script ran.
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors**</a>.
-2. Click the **Connectors** tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
![HR connector flyout page with properties and status.](../media/HRConnectorFlyout1.png)
-3. Under **Progress**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the CSV file to the Microsoft cloud.
+3. Under **Progress**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the CSV file to the Microsoft cloud.
![HR connector log file displays number rows from CSV file that were uploaded.](../media/HRConnectorLogFile.png)
To make sure the latest HR data from your organization is available to tools lik
You can use the Task Scheduler app in Windows to automatically run the script every day.
-1. On your local computer, click the Windows **Start** button and then type **Task Scheduler**.
+1. On your local computer, select the Windows **Start** button and then type **Task Scheduler**.
-2. Click the **Task Scheduler** app to open it.
+2. Select the **Task Scheduler** app to open it.
-3. In the **Actions** section, click **Create Task**.
+3. In the **Actions** section, select **Create Task**.
4. On the **General** tab, type a descriptive name for the scheduled task; for example, **HR Connector Script**. You can also add an optional description.
You can use the Task Scheduler app in Windows to automatically run the script ev
1. Make sure that the **Run with the highest privileges** checkbox is selected.
-6. Select the **Triggers** tab, click **New**, and then do the following things:
+6. Select the **Triggers** tab, select **New**, and then do the following things:
1. Under **Settings**, select the **Daily** option, and then choose a date and time to run the script for the first time. The script will run every day at the same specified time. 1. Under **Advanced settings**, make sure the **Enabled** checkbox is selected.
- 1. Click **Ok**.
+ 1. Select **Ok**.
-7. Select the **Actions** tab, click **New**, and then do the following things:
+7. Select the **Actions** tab, select **New**, and then do the following things:
![Action settings to create a new scheduled task for the HR connector script.](../media/HRConnectorScheduleTask1.png) 1. In the **Action** dropdown list, make sure that **Start a program** is selected.
- 1. In the **Program/script** box, click **Browse**, and go to the following location and select it so the path is displayed in the box: `C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe`.
+ 1. In the **Program/script** box, select **Browse**, and go to the following location and select it so the path is displayed in the box: `C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe`.
1. In the **Add arguments (optional)** box, paste the same script command that you ran in Step 4. For example, `.\HRConnector.ps1 -tenantId "d5723623-11cf-4e2e-b5a5-01d1506273g9" -appId "c12823b7-b55a-4989-faba-02de41bb97c3" -appSecret "MNubVGbcQDkGCnn" -jobId "e081f4f4-3831-48d6-7bb3-fcfab1581458" -filePath "C:\Users\contosoadmin\Desktop\Data\employee_termination_data.csv"` 1. In the **Start in (optional)** box, paste the folder location of the script that you ran in Step 4. For example, `C:\Users\contosoadmin\Desktop\Scripts`.
- 1. Click **Ok** to save the settings for the new action.
+ 1. Select **Ok** to save the settings for the new action.
-8. In the **Create Task** window, click **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
+8. In the **Create Task** window, select **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
The new task is displayed in the Task Scheduler Library. ![The new task is displayed in the Task Scheduler Library.](../media/HRConnectorTaskSchedulerLibrary.png)
- The last time the script ran and the next time it's scheduled to run is displayed. You can double-click the task to edit it.
+ The last time the script ran and the next time it's scheduled to run is displayed. You can double-select the task to edit it.
You can also verify the last time the script ran on the flyout page of the corresponding HR connector in the compliance center.
+## (Optional) Step 7: Upload data using Power Automate templates
+
+You can upload HR data using Power Automate templates and define triggers. For example, you can configure a Power Automate template to trigger when new HR connector files are available in SharePoint or OneDrive locations. You can also streamline this process by storing confidential information like Azure AD application secret (created in **Step 2**) in Azure Key Vault and using it with Power Automate for authentication.
+
+Complete the following steps to automatically upload HR data when new files become available on OneDrive for Business:
+
+1. Download the *ImportHRDataforIRM.zip* package from the [GitHub site](https://github.com/microsoft/m365-compliance-connector-sample-scripts/blob/main/ImportHRDataforIRM.zip).
+2. In [Power Automate](https://make.preview.powerautomate.com), navigate to **My flows**.
+3. Select **Import** and upload the *ImportHRDataforIRM.zip* package.
+4. After the package gets uploaded, update the content (name & OneDrive for Business connection), and select **Import**.
+
+ ![Power Automate flow import.](../media/hr-connector-pa-import-flow.png)
+
+5. Select **Open flow** and update the parameters. The following table describes the parameters to use in this Power Automate Flow and their required values. The information you obtained in the previous steps is used in the values for these parameters.
+
+ |**Parameter**|**Description**|
+ |:|:--|
+ | App ID | This is the Azure AD application ID for the app that you created in Azure AD in **Step 2**. This is used by Azure AD for authentication when the script attempts to access your Microsoft 365 organization. |
+ | App Secret | This is the Azure AD application secret for the app that you created in Azure AD in **Step 2**. This used for authentication. |
+ | File location | This is the OneDrive for Business location where Power Automate monitors for 'new file created' activities to trigger this flow.|
+ | Job ID | Identifier for the HR connector created in **Step 3**. This is used to associate the HR data uploaded to the Microsoft cloud with the HR connector. |
+ | Tenant ID | Identifier for your Microsoft 365 organization obtained in **Step 2**. You can also obtain the tenant ID for your organization on the **Overview** blade in the Azure AD admin center. This is used to identify your organization. |
+ | URI | Verify that the value for this parameter is *https://webhook.ingestion.office.com/api/signals* |
+
+ ![Power Automate flow.](../media/hr-connector-pa-flow.png)
+
+6. Select **Save**.
+7. Navigate to **Flow overview** and select **Turn on**.
+
+ ![Turn on the Power Automate flow.](../media/hr-connector-pa-turn-on.png)
+
+8. Test the flow manually by uploading a new file to your OneDrive for Business folder and verify that it ran successfully. This may take a few minutes after the upload before the flow is triggered.
+
+ ![Power Automate flow test.](../media/hr-connector-pa-test.png)
+
+9. You can now monitor the HR connector as described in **Step 5**.
+
+If needed, you can update the flow to create triggers based on file availability and modification events on SharePoint and other data sources supported by Power Automate Flows.
+ ## Existing HR connectors
-On December 13, 2021, we released the employee profile data scenario for HR connectors. If you created an HR connector before this date, we will migrate the existing instances or your organization's HR connectors so your HR data continues to be imported to the Microsoft cloud. You don't have to do anything to maintain this functionality. You can keep using these connectors without disruption.
+On December 13, 2021, we released the employee profile data scenario for HR connectors. If you created an HR connector before this date, we'll migrate the existing instances or your organization's HR connectors so your HR data continues to be imported to the Microsoft cloud. You don't have to do anything to maintain this functionality. You can keep using these connectors without disruption.
If you want to implement the employee profile data scenario, you create a new HR connector and configure it as required. After you create a new HR connector, run the script using the job ID of the new connector and CSV files with [employee profile data](#csv-file-for-employee-profile-data-preview) previously described in this article.
compliance Import Physical Badging Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-physical-badging-data.md
The next step is to create a physical badging connector in the compliance portal
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors**</a>.
-2. On the **Data connectors** page under **Physical badging**, click **View**.
+2. On the **Data connectors** page under **Physical badging**, select **View**.
-3. On the **Physical badging** page, click **Add connector**.
+3. On the **Physical badging** page, select **Add connector**.
-4. On the **Authentication credentials** page, do the following and then click **Next**:
+4. On the **Authentication credentials** page, do the following and then select **Next**:
1. Type or paste the Azure AD application ID for the Azure app that you created in Step 1.
The next step is to create a physical badging connector in the compliance portal
3. Type a unique name for the physical badging connector.
-5. On the **Review** page, review your settings and then click **Finish** to create the connector.
+5. On the **Review** page, review your settings and then select **Finish** to create the connector.
6. A status page is displayed that confirms the connector was created. This page also contains the job ID. You can copy job ID from this page or from the flyout page for the connector. You need this job ID when running the script. The status page also contains a link to the script. Refer to this script to understand how to post the JSON file to the API endpoint.
-7. Click **Done**.
+7. Select **Done**.
The new connector is displayed in the list on the **Connectors** tab.
-8. Click the physical badging connector that you just created to display the flyout page, which contains properties and other information about the connector.
+8. Select the physical badging connector that you just created to display the flyout page, which contains properties and other information about the connector.
## Step 4: Run the script to POST your JSON file containing physical badging data
After you run the script, the JSON file containing the physical badging data is
1. Go to [this GitHub site](https://github.com/microsoft/m365-physical-badging-connector-sample-scripts/blob/master/push_physical_badging_records.ps1) to access the sample script.
-2. Click the **Raw** button to display the script in text view
+2. Select the **Raw** button to display the script in text view
3. Copy all the lines in the sample script and then save them to a text file.
After you create the physical badging connector and push your physical badging d
1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">**Data connectors**</a>.
-2. Click the **Connectors** tab and then select the physical badging connector to display the flyout page. This page contains the properties and information about the connector.
+2. Select the **Connectors** tab and then select the physical badging connector to display the flyout page. This page contains the properties and information about the connector.
![Status flyout page for physical badging connector.](..\media\PhysicalBadgingStatusFlyout.png)
-3. Under **Last import**, click the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the JSON file to the Microsoft cloud.
+3. Under **Last import**, select the **Download log** link to open (or save) the status log for the connector. This log contains information about each time the script runs and uploads the data from the JSON file to the Microsoft cloud.
![Physical badging connector log file displays number of objects from the JSON file that were uploaded.](..\media\PhysicalBadgingConnectorLogFile.png)
To make sure the latest physical badging data from your organization is availabl
You can use the Task Scheduler app in Windows to automatically run the script every day.
-1. On your local computer, click the Windows **Start** button and then type **Task Scheduler**.
+1. On your local computer, select the Windows **Start** button and then type **Task Scheduler**.
-2. Click the **Task Scheduler** app to open it.
+2. Select the **Task Scheduler** app to open it.
-3. In the **Actions** section, click **Create Task**.
+3. In the **Actions** section, select **Create Task**.
4. On the **General** tab, type a descriptive name for the scheduled task; for example, **physical badging connector Script**. You can also add an optional description.
You can use the Task Scheduler app in Windows to automatically run the script ev
2. Make sure that the **Run with the highest privileges** checkbox is selected.
-6. Select the **Triggers** tab, click **New**, and then do the following things:
+6. Select the **Triggers** tab, select **New**, and then do the following things:
1. Under **Settings**, select the **Daily** option, and then choose a date and time to run the script for the first time. The script will run every day at the same specified time. 2. Under **Advanced settings**, make sure the **Enabled** checkbox is selected.
- 3. Click **Ok**.
+ 3. Select **Ok**.
-7. Select the **Actions** tab, click **New**, and then do the following things:
+7. Select the **Actions** tab, select **New**, and then do the following things:
![Action settings to create a new scheduled task for the physical badging connector script.](..\media\SchedulePhysicalBadgingScript1.png) 1. In the **Action** dropdown list, make sure that **Start a program** is selected.
- 2. In the **Program/script** box, click **Browse**, and go to the following location and select it so the path is displayed in the box: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe.
+ 2. In the **Program/script** box, select **Browse**, and go to the following location and select it so the path is displayed in the box: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe.
3. In the **Add arguments (optional)** box, paste the same script command that you ran in Step 4. For example, .\PhysicalBadging.ps1-tenantId "d5723623-11cf-4e2e-b5a5-01d1506273g9" -appId "c12823b7-b55a-4989-faba-02de41bb97c3" -appSecret "MNubVGbcQDkGCnn" -jobId "e081f4f4-3831-48d6-7bb3-fcfab1581458" -jsonFilePath "C:\Users\contosoadmin\Desktop\Data\physical_badging_data.json" 4. In the **Start in (optional)** box, paste the folder location of the script that you ran in Step 4. For example, C:\Users\contosoadmin\Desktop\Scripts.
- 5. Click **Ok** to save the settings for the new action.
+ 5. Select **Ok** to save the settings for the new action.
-8. In the **Create Task** window, click **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
+8. In the **Create Task** window, select **Ok** to save the scheduled task. You might be prompted to enter your user account credentials.
The new task is displayed in the Task Scheduler Library. ![The new task is displayed in the Task Scheduler Library.](..\media\SchedulePhysicalBadgingScript2.png)
-The last time the script ran and the next time it's scheduled to run is displayed. You can double-click the task to edit it.
+The last time the script ran and the next time it's scheduled to run is displayed. You can double-select the task to edit it.
You can also verify the last time the script ran on the flyout page of the corresponding physical badging connector in the compliance center.
compliance Insider Risk Management Activities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-activities.md
# Investigate insider risk management activities
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Investigating risky user activities is an important first step in minimizing insider risks for your organization. These risks may be activities that generate alerts from insider risk management policies, or risks from activities that are detected by policies but don't immediately create an insider risk management alert for users. You can investigate these types of activities by using the **User activity reports (preview)** or with the **Alert dashboard**. [!INCLUDE [purview-preview](../includes/purview-preview.md)]
Use the following sections and tabs on the Alert detail page for more informatio
This section contains general information about the user and alert. This information is available for context while reviewing detailed information about the detected activity included in the alert for the user: - **Activity that generated this alert**: Displays the top risk activity and policy match during the activity evaluation period that led to the alert being generated.-- **Triggering event**: Displays the most recent triggering event that prompted the policy to start assigning risk scores to the user's activity.
+- **Triggering event**: Displays the most recent triggering event that prompted the policy to start assigning risk scores to the user's activity. If you've configured [integration with communication compliance](/microsoft-365/compliance/communication-compliance-policies#integration-with-insider-risk-management-preview) for *Data leaks by disgruntled users* or *Security policy violations by disgruntled users* policies, the triggering event for these alerts will be scoped to communication compliance activity.
- **User profile**: Displays general information about the user assigned to the alert. If anonymization is enabled, the username, email address, alias, and organization fields are anonymized. - **User alert history**: Displays a list of alerts for the user for the last 30 days. Includes a link to view the complete alert history for the user.
+Alerts generated from policies scoped to only activities that include [priority content](/microsoft-365/compliance/insider-risk-management-policies#prioritize-content-in-policies) include the *Only activity with priority content was scored for this alert* notification in this section.
+ ### All risk factors This tab opens the summary of risk factors for the user's alert activity. Risk factors can help you determine how risky this user's activity is during your review. The risk factors include summaries for:
The **User activity** chart is one of the most powerful tools for internal risk
- **Risk category**: Filter activities by the following risk categories: *Activities with risk scores > 15 (unless in a sequence)* and *Sequence activities*. - **Activity Type**: Filter activities by the following types: *Access*, *Deletion*, *Collection*, *Exfiltration*, *Infiltration*, *Obfuscation*, and *Security*. - **Sort by**: List the timeline activities by *Date occurred* or *Risk score*.
-4. **Risk sequence**: The chronological order of risky activities is an important aspect of risk investigation and identifying these related activities is an important part of evaluating overall risk for your organization. Alert activities that are related are displayed with connecting lines to highlight that these activities are associated with a larger risk area. This view of activities can help investigators literally 'connect the dots' for risk activities that could have been viewed as isolated or one-off events. Select any bubble in the sequence to display details for all the associated risk activities. Details include:
+4. **Risk sequence**: The chronological order of risky activities is an important aspect of risk investigation and identifying these related activities is an important part of evaluating overall risk for your organization. Alert activities that are related are displayed with connecting lines to highlight that these activities are associated with a larger risk area. Sequences are also identified in this view by an icon positioned above the sequence activities relative to the risk score for the sequence. Hover over the icon to see the date and time of the risky activity associated with this sequence. This view of activities can help investigators literally 'connect the dots' for risk activities that could have been viewed as isolated or one-off events. Select the icon or any bubble in the sequence to display details for all the associated risk activities. Details include:
- **Name** of the sequence. - **Date** or **Date range** of the sequence.
Becoming overwhelmed with the number of alerts produced by your insider risk man
- **Adjust your insider risk policies**: Selecting and configuring the correct insider risk policy is the most basic method to address the type and volume of alerts. Starting with the appropriate [policy template](insider-risk-management-policies.md#policy-templates) helps focus the types of risk activities and alerts you'll see. Other factors that may impact alert volume are the size of the in-scope user and groups and the content and [channels that are prioritized](insider-risk-management-policies.md#prioritize-content-in-policies). Consider adjusting policies to refine these areas to what is most important for your organization. - **Modify your insider risk settings**: Insider risk settings include a wide variety of configuration options that can impact the volume and types of alerts you'll receive. These include settings for [policy indicators](insider-risk-management-settings.md#indicators), [indicator thresholds](insider-risk-management-settings.md#indicator-level-settings-preview), and [policy timeframes](insider-risk-management-settings.md#policy-timeframes). Consider configuring [intelligent detections](insider-risk-management-settings.md#intelligent-detections) options to exclude specific file types, define minimum thresholds before activity alerts are reported by your policies, and changing the alert volume configuration to a lower setting.
+- **Enable inline alert customization (preview)**: Enabling [inline alert customization](/microsoft-365/compliance/insider-risk-management-settings#inline-alert-customization-preview) allows analysts and investigators to quickly edit policies when reviewing alerts. They can update thresholds for activity detection with Microsoft recommendations, configure custom thresholds, or choose to ignore the type of activity that created the alert. If this is not enabled, then only users assigned to the *Insider Risk Management* role group can use inline alert customization.
- **Bulk deletion of alerts where applicable**: It may help save triage time for your analysts and investigators to immediately [dismiss multiple alerts](insider-risk-management-activities.md#dismiss-multiple-alerts-preview) at once. You can select up to 400 alerts to dismiss at one time. ### Not familiar with the alert triage process
compliance Insider Risk Management Audit Log https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-audit-log.md
# Insider risk management audit log
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ The insider risk management audit log enables you to stay informed on the actions that were taken on insider risk management features. This log allows independent review of the actions taken by users assigned to one or more insider risk management role groups. The insider risk management audit log is automatically enabled in your organization and cannot be disabled. ![Insider risk management audit log.](../media/insider-risk-audit-log.png)
compliance Insider Risk Management Browser Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-browser-support.md
# Learn about and configure insider risk management browser signal detection
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Web browsers are often used by users to access both sensitive and non-sensitive files within an organization. Insider risk management allows your organization to detect and act on browser exfiltration signals for all non-executable files viewed in [Microsoft Edge](https://www.microsoft.com/edge) and [Google Chrome](https://www.google.com/chrome) browsers. With these signals, analysts and investigators can quickly act when any of the following activities are performed by in-scope policy users when using these browsers: - Files copied to personal cloud storage
compliance Insider Risk Management Cases https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-cases.md
# Insider risk management cases
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Cases are the heart of insider risk management and allow you to deeply investigate and act on issues generated by risk indicators defined in your policies. Cases are manually created from alerts in situations where further action is needed to address a compliance-related issue for a user. Each case is scoped to a single user and multiple alerts for the user can be added to an existing case or to a new case. After investigating the details of a case, you can take action by:
compliance Insider Risk Management Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-configure.md
# Get started with insider risk management
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Use insider risk management policies to identify risky activities and management tools to act on risk alerts in your organization. Complete the following steps to set up prerequisites and configure an insider risk management policy. > [!IMPORTANT]
Insider risk management policies include assigned users and define which types o
4. Select **Next** to continue. 5. On the **Name and description** page, complete the following fields:
- - **Name (required)**: Enter a friendly name for the policy. This name canΓÇÖt be changed after the policy is created.
+ - **Name (required)**: Enter a friendly name for the policy. This name can't be changed after the policy is created.
- **Description (optional)**: Enter a description for the policy. 6. Select **Next** to continue.
Insider risk management policies include assigned users and define which types o
8. Select **Next** to continue. 9. On the **Content to prioritize** page, you can assign (if needed) the sources to prioritize, which increases the chance of generating a high severity alert for these sources. Select one of the following choices:
- - **I want to specify SharePoint sites, sensitivity labels, sensitive information types and/or file extensions as priority content**. Selecting this option will enable detail pages in the wizard to configure these channels.
- - **I don't want to specify priority content right now (you'll be able to do this after the policy is created)**. Selecting this option will skip the channel detail pages in the wizard.
+ - **I want to prioritize content**. Selecting this option will enable you to prioritize *SharePoint sites*, *Sensitivity labels*, *Sensitive info types*, and *File extensions* content types. If you choose this option, you must select at least one priority content type.
+ - **I don't want to specify priority content right now**. Selecting this option will skip the priority content detail pages in the wizard.
10. Select **Next** to continue.
-11. If you've selected **I want to specify SharePoint sites, sensitivity labels, sensitive information types and/or file extensions as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels* and *file extensions*. Use these detail pages to define the SharePoint, sensitive info types, sensitivity labels, and file extensions to prioritize in the policy.
+11. If you've selected **I want to prioritize content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels*, *file extensions*, and *Scoring*. Use these detail pages to define the SharePoint, sensitive info types, sensitivity labels, and file extensions to prioritize in the policy. The *Scoring* detail page allows you to scope the policy to only assign risk scores and generate alerts for specified activities that include priority content.
- **SharePoint sites**: Select **Add SharePoint site** and select the SharePoint sites you have access to and want to prioritize. For example, *"group1@contoso.sharepoint.com/sites/group1"*. - **Sensitive info type**: Select **Add sensitive info type** and select the sensitivity types you want to prioritize. For example, *"U.S. Bank Account Number"* and *"Credit Card Number"*. - **Sensitivity labels**: Select **Add sensitivity label** and select the labels you want to prioritize. For example, *"Confidential"* and *"Secret"*.
- - File extensions: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.
+ - **File extensions**: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.
+ - **Scoring**: Decide whether to assign risk scores to all activities detected by this policy or only for activities that include priority content. Choose **Get alerts for all activity** or **Get alerts only for activity that includes priority content**.
> [!NOTE] > Users configuring the policy and selecting priority SharePoint sites can select SharePoint sites that they have permission to access. If SharePoint sites aren't available for selection in the policy by the current user, another user with the required permissions can select the sites for the policy later or the current user should be given access to the required sites. 12. Select **Next** to continue.
-13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers** for this policy page for custom-triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
+13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers for this policy** page for custom-triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
> [!IMPORTANT]
- > If you're unable to select a listed indicator, it's because they aren't enabled for your organization. To make them available to select and assign to the policy, enable the indicators in **Insider risk management** > **Settings** > **Policy indicators**.
+ > If you're unable to select a listed indicator or sequence, it's because they aren't currently enabled for your organization. To make them available to select and assign to the policy, select the **Turn on indicators** prompt.
If you've selected other policy templates, custom triggering events aren't supported. The built-in policy triggering events apply and you'll continue to Step 23 without defining policy attributes.
-14. Select **Next** to continue.
-15. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
-16. Select **Next** to continue.
-17. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts. You can use the recommended thresholds, custom thresholds, or thresholds based on anomalous activities (for certain indicators) above the daily norm for users.
-18. Select **Next** to continue.
-19. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
+14. If you've selected the *Data leaks by disgruntled users* or *Security policy violations by disgruntled users* templates, you'll see options on the **Triggers for this policy** page for integration with communication compliance and HR data connector events. You have the choice to assign risk scores when users send messages that contain potentially threatening, harassing, or discriminatory language or to bring users into the the policy scope after disgruntlement events are reported in your HR system. If you select the **Disgruntlement triggers from communication compliance (preview)** option, you can accept the default communication compliance policy (automatically created), choose a previously created policy scope for this trigger, or create another scoped policy. If you select **HR data connector events**, you must configure a HR data connector for your organization.
+15. Select **Next** to continue.
+16. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
+17. Select **Next** to continue.
+18. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts. You can use the recommended thresholds, custom thresholds, or thresholds based on anomalous activities (for certain indicators) above the daily norm for users.
+19. Select **Next** to continue.
+20. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
> [!IMPORTANT] > If indicators on this page can't be selected, you'll need to select the indicators you want to enable for all policies. You can use the **Turn on indicators** button in the wizard or select indicators on the **Insider risk management** > **Settings** > **Policy indicators** page.
Insider risk management policies include assigned users and define which types o
If you've selected a *Data theft* or *Data leaks* policy template, select one or more **Sequence detection** methods and a **Cumulative exfiltration detection** method to apply to the policy. If you've selected the *Risky browser usage* policy template, select one or more of the **Browsing indicators**.
-20. Select **Next** to continue.
-21. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
-22. Select **Next** to continue.
-23. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
+21. Select **Next** to continue.
+22. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
+23. Select **Next** to continue.
+24. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
## Next steps
compliance Insider Risk Management Content Explorer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-content-explorer.md
# Insider risk management Content explorer
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ The insider risk management **Content explorer** allows users assigned the *Insider Risk Management Investigators* role to examine the context and details of content associated with activity in alerts. The case data in Content explorer is refreshed daily to include new activity. For all alerts that are confirmed to a case, copies of data and message files are archived as a snapshot in time of the items, while maintaining the original files and messages in the storage sources. If needed, case data files may be exported as a portable document file (PDF) or in the original file format. For new cases, it usually takes about an hour for content to populate in Content explorer. For cases with large amounts of content, it may take longer to create a snapshot. If content is still loading in Content explorer, you will see a progress indicator that displays the completion percentage.
compliance Insider Risk Management Notices https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-notices.md
# Insider risk management notice templates
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Insider risk management notice templates allow you to automatically send email messages to users when a case is created for activities that have generated a policy match and confirmed alert. For most alerts that generate cases, user actions are the result of mistakes or inadvertent activities without ill intent. Notices serve as simple reminders to users to be more careful, to provide links to information for refresher training, or to corporate policy resources. Notices can be an important part of your internal compliance training program and can help create a documented audit trail for users with recurring risk activities. Create notice templates if you want to send users an email reminder notice for policy matches as part of the case resolution process. Notices can only be sent to the user email address associated with the specific case being reviewed. When selecting a notice template to apply to a policy match, you can choose to accept the field values defined in the template or overwrite the fields as needed
compliance Insider Risk Management Plan https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-plan.md
# Plan for insider risk management
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Before getting started with [insider risk management](insider-risk-management.md) in your organization, there are important planning activities and considerations that should be reviewed by your information technology and compliance management teams. Thoroughly understanding and planning for deployment in the following areas will help ensure that your implementation and use of insider risk management features goes smoothly and is aligned with the best practices for the solution. For more information and an overview of the planning process to address risky activities in your organization, see [Starting an insider risk management program](https://download.microsoft.com/download/b/2/0/b208282a-2482-4986-ba07-15a9b9286df0/pwc-starting-an-insider-risk-management-program-with-pwc-and-microsoft.pdf).
compliance Insider Risk Management Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-policies.md
As with the **General data leaks template**, you can choose a DLP policy to trig
### Data leaks by disgruntled users (preview)
-When users experience employment stressors, they may become disgruntled, which may increase the chances of insider risk activity. This template starts scoring security and compliance related user activity when an indicator associated with disgruntlement is identified. Examples include system signals performance improvement notifications, poor performance reviews, or changes to job level status. Data leaks for disgruntled users may include downloading files from SharePoint Online and copying data to personal cloud messaging and storage services near employment stressor events.
+When users experience employment stressors, they may become disgruntled, which may increase the chances of insider risk activity. This template starts scoring user activity when an indicator associated with disgruntlement is identified. Examples may include performance improvement notifications, poor performance reviews, changes to job level status, or email and other messages that may signal disgruntlement. Data leaks for disgruntled users may include downloading files from SharePoint Online and copying data to personal cloud messaging and storage services near employment stressor events.
-When using this template, you must also configure a Microsoft 365 HR connector to periodically import performance improvement notifications, poor performance review status, or job level change information for users in your organization. See the [Import data with the HR connector](import-hr-data.md) article for step-by-step guidance to configure the Microsoft 365 HR connector for your organization.
+When using this template, you must either configure a HR connector, select the option to [integrate communication compliance disgruntlement signals](/microsoft-365/compliance/communication-compliance-policies#policy-for-insider-risk-management-integration-preview) from user messages, or choose both. The HR connector enables the periodic import of performance improvement notifications, poor performance review statuses, or job level change information for users in your organization. Communication compliance disgruntlement integration imports signals for user messages that may contain potentially threatening, harassing, or discriminatory text content. Associated alerts generated in Communication Compliance do not need to be triaged, remediated, or changed in status to be integrated with the insider risk management policy.
+
+To configure a HR connector, see the [Import data with the HR connector](import-hr-data.md) article. To configure integration with communication compliance, you'll select this option in the wizard when you configure the policy.
### General security policy violations (preview)
You'll need to have Microsoft Defender for Endpoint configured in your organizat
### Security policy violations by disgruntled users (preview)
-Users that experience employment stressors may be at a higher risk for inadvertent or malicious security policy violations. These stressors may include the user being placed on a performance improvement plan, poor performance review status, or being demoted from their current position. This policy template starts risk scoring based on these indicators and activities associated with these events for these users.
+Users that experience employment stressors may be at a higher risk for inadvertent or malicious security policy violations. These stressors may result in behaviors that result in the user being placed on a performance improvement plan, a poor performance review status, being demoted from their current position, or the user sending email and other messages that may signal disgruntlement. This policy template starts risk scoring based on these indicators and activities associated with these events for these users.
-When using this template, you must also configure a Microsoft HR connector to periodically import system signals related to performance improvement notifications, poor performance review status, or job level change information for users in your organization. See the [Import data with the HR connector](import-hr-data.md) article for step-by-step guidance to configure the Microsoft HR connector for your organization.
+When using this template, you must configure a HR connector, or select the option to [integrate communication compliance disgruntlement signals](/microsoft-365/compliance/communication-compliance-policies#policy-for-insider-risk-management-integration-preview) from user messages, or both. The HR connector enables the periodic import of performance improvement notifications, poor performance review statuses, or job level change information for users in your organization. Communication compliance disgruntlement integration imports signals for user messages that may contain potentially threatening, harassing, or discriminatory text content. Associated alerts generated in Communication Compliance do not need to be triaged, remediated, or changed in status to be integrated with the insider risk management policy. To configure a HR connector, see the [Import data with the HR connector](import-hr-data.md) article. To configure integration with communication compliance, you'll select this option in wizard when you configure the policy.
You'll also need to have Microsoft Defender for Endpoint configured in your organization and enable Defender for Endpoint for insider risk management integration in the Defender Security Center to import security violation alerts. For more information on configuring Defender for Endpoint for insider risk management integration, see [Configure advanced features in Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/advanced-features#share-endpoint-alerts-with-microsoft-compliance-center).
The following table lists the triggering events and prerequisites for policies c
| **Data theft by departing users** | Resignation or termination date indicator from HR connector or Azure Active Directory account deletion | (optional) Microsoft 365 HR connector configured for termination and resignation date indicators | | **General data leaks** | Data leak policy activity that creates a *High severity* alert or built-in exfiltration event triggers | DLP policy configured for *High severity* alerts <br><br> OR <br><br> Customized triggering indicators | | **Data leaks by priority users** | Data leak policy activity that creates a *High severity* alert or built-in exfiltration event triggers | DLP policy configured for *High severity* alerts <br><br> OR <br><br> Customized triggering indicators <br><br> Priority user groups configured in insider risk settings |
-| **Data leaks by disgruntled users** | Performance improvement, poor performance, or job level change indicators from HR connector | Microsoft HR connector configured for disgruntlement indicators |
+| **Data leaks by disgruntled users** | - Performance improvement, poor performance, or job level change indicators from HR connector. <br> - Messages containing potentially threatening, harassing, or discriminatory language | Microsoft 365 HR connector configured for disgruntlement indicators <br><br> AND/OR <br><br> Communication Compliance integration and dedicated disgruntlement policy |
| **General security policy violations** | Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint | Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured | | **General patient data misuse** | Defense evasion of security controls from EMR systems <br><br> User and patient address matching indicators from HR systems | Healthcare access indicators selected in policy or insider risk settings <br><br> Microsoft 365 HR connector configured for address matching <br><br> Microsoft Healthcare or Epic connector configured | | **General risky browser usage** | User browsing activity related to security that matches at least one selected *Browsing indicator* | See the complete list of prerequisites in the [browser signal detection article](/microsoft-365/compliance/insider-risk-management-browser-support) | | **Security policy violations by departing users** | Resignation or termination date indicators from HR connector or Azure Active Directory account deletion | (optional) Microsoft 365 HR connector configured for termination and resignation date indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured | | **Security policy violations by priority users** | Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint | Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured <br><br> Priority user groups configured in insider risk settings |
-| **Security policy violations by disgruntled user** | Performance improvement, poor performance, or job level change indicators from HR connector | Microsoft 365 HR connector configured for disgruntlement indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured |
+| **Security policy violations by disgruntled user** | - Performance improvement, poor performance, or job level change indicators from HR connector. <br> - Messages containing potentially threatening, harassing, or discriminatory language | Microsoft 365 HR connector configured for disgruntlement indicators <br><br> AND/OR <br><br> Communication Compliance integration and dedicated disgruntlement policy <br><br> AND <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured |
## Prioritize content in policies
-Insider risk management policies support specifying a higher priority for content depending on where it's stored, the type of content, or how it's classified. Specifying content as a priority increases the risk score for any associated activity, which in turn increases the chance of generating a high severity alert. However, some activities won't generate an alert at all unless the related content contains built-in or custom sensitive info types or was specified as a priority in the policy.
+Insider risk management policies support specifying a higher priority for content depending on where it's stored, the type of content, or how it's classified. You can also choose whether to assign risk scores to all activities detected by a policy or only activities that include priority content. Specifying content as a priority increases the risk score for any associated activity, which in turn increases the chance of generating a high severity alert. However, some activities won't generate an alert at all unless the related content contains built-in or custom sensitive info types or was specified as a priority in the policy.
For example, your organization has a dedicated SharePoint site for a highly confidential project. Data leaks for information in this SharePoint site could compromise the project and would have a significant impact on its success. By prioritizing this SharePoint site in a Data leaks policy, risk scores for qualifying activities are automatically increased. This prioritization increases the likelihood that these activities generate an insider risk alert and raises the severity level for the alert.
+Additionally, you can choose to focus this policy for SharePoint site activity that only includes priority content for this project. Risk scores will be assigned and alerts will be generated only when specified activities include priority content. Activities without priority content won't be scored, but you'll still be able to review them if an alert is generated.
+
+>[!NOTE]
+>If you configure a policy to generate alerts only for activity that includes priority content, no changes are applied to risk score boosters.
+ When you create an insider risk management policy in the policy wizard, you can choose from the following priorities: - **SharePoint sites**: Any activity associated with all file types in defined SharePoint sites is assigned a higher risk score. Users configuring the policy and selecting priority SharePoint sites can select SharePoint sites that they have permission to access. If SharePoint sites aren't available for selection in the policy by the current user, another user with the required permissions can select the sites for the policy later, or the current user should be given access to the required sites.
When you create an insider risk management policy in the policy wizard, you can
## Sequence detection (preview)
-Risky activities may not occur as isolated events. These risks are frequently part of a larger sequence of events. A sequence is a group of two or more user activities performed one after the other that might suggest an elevated risk. Identifying these related activities is an important part of evaluating overall risk. When sequence detection is enabled for data theft or data leaks policies, insights from sequence information activities are displayed on the **User activity** tab within an insider risk management case. The following policy templates support sequence detection:
+Risky activities may not occur as isolated events. These risks are frequently part of a larger sequence of events. A sequence is a group of two or more user activities performed one after the other that might suggest an elevated risk. Identifying these related activities is an important part of evaluating overall risk. When sequence detection is selected for data theft or data leaks policies, insights from sequence information activities are displayed on the **User activity** tab within an insider risk management case. The following policy templates support sequence detection:
- Data theft by departing users - General data leaks - Data leaks by priority users - Data leaks by disgruntled users
-These insider risk management policies can use specific indicators and the order that they occur to detect each step in a sequence of risk. File names are used when mapping activities across a sequence. These risks are organized into four main categories of activity:
+These insider risk management policies can use specific indicators and the order that they occur to detect each step in a sequence of risk. For policies created from the *General data leaks* and *Data leaks by priority user* templates, you can also select which sequences trigger the policy. File names are used when mapping activities across a sequence. These risks are organized into four main categories of activity:
- **Collection**: These category signals focus on download activities by in-scope policy users. Some example activities in this category would be downloading files from SharePoint sites or moving files into a compressed folder. - **Exfiltration**: These category signals focus on sharing or extraction activities to internal and external sources by in-scope policy users. An example activity in this category would be sending emails with attachments from your organization to external recipients.
These insider risk management policies can use specific indicators and the order
- **Clean-up**: These category signals focus on deletion activities by in-scope policy users. An example activity in this category would be deleting files from a device. > [!NOTE]
-> Sequence detection uses indicators that are enabled in the global settings for insider risk management and indicators that are selected in a policy. If appropriate indicators are not selected, sequence detection will not work.
+> Sequence detection uses indicators that are enabled in the global settings for insider risk management. If appropriate indicators are not selected, you'll be able to turn on these indicators in the sequence detection step in the policy wizard.
You can customize individual threshold settings for each sequence detection type when configured in the policy. These threshold settings adjust alerts based on the volume of files associated with the sequence.
Complete the following steps to create a new policy using the policy wizard:
8. Select **Next** to continue. 9. On the **Content to prioritize** page, you can assign (if needed) the sources to prioritize, which increases the chance of generating a high severity alert for these sources. Select one of the following choices:
- - **I want to specify SharePoint sites, sensitivity labels, and/or sensitive information types as priority content**. Selecting this option will enable detail pages in the wizard to configure these channels.
- - **I don't want to specify priority content right now (you'll be able to do this after the policy is created)**. Selecting this option will skip the channel detail pages in the wizard.
+ - **I want to prioritize content**. Selecting this option will enable you to prioritize *SharePoint sites*, *Sensitivity labels*, *Sensitive info types*, and *File extensions* content types. If you choose this option, you must select at least one priority content type.
+ - **I don't want to specify priority content right now**. Selecting this option will skip the priority content detail pages in the wizard.
10. Select **Next** to continue.
-11. If you've selected **I want to specify SharePoint sites, sensitivity labels, sensitive information types, and/or file extensions as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels* and *file extensions*. Use these detail pages to define the SharePoint, sensitive info types, and sensitivity labels to prioritize in the policy.
+11. If you've selected **I want to prioritize content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels*, *file extensions*, and *Scoring*. Use these detail pages to define the SharePoint, sensitive info types, sensitivity labels, and file extensions to prioritize in the policy. The *Scoring* detail page allows you to scope the policy to only assign risk scores to priority content.
- **SharePoint sites**: Select **Add SharePoint site** and select the SharePoint sites you have access to and want to prioritize. For example, *"group1@contoso.sharepoint.com/sites/group1"*. - **Sensitive info type**: Select **Add sensitive info type** and select the sensitivity types you want to prioritize. For example, *"U.S. Bank Account Number"* and *"Credit Card Number"*. - **Sensitivity labels**: Select **Add sensitivity label** and select the labels you want to prioritize. For example, *"Confidential"* and *"Secret"*. - **File extensions**: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.
+ - **Scoring**: Decide whether to assign risk scores to all activities detected by this policy or only for activities that include priority content. Choose **Get alerts for all activity** or **Get alerts only for activity that includes priority content**.
>[!NOTE] >Users configuring the policy and selecting priority SharePoint sites can select SharePoint sites that they have permission to access. If SharePoint sites aren't available for selection in the policy by the current user, another user with the required permissions can select the sites for the policy later or the current user should be given access to the required sites. 12. Select **Next** to continue.
-13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers** for this policy page for custom triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
+13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers for this policy** page for custom triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
>[!IMPORTANT] >If you're unable to select a listed indicator, it's because they aren't enabled for your organization. To make them available to select and assign to the policy, enable the indicators in **Insider risk management** > **Settings** > **Policy indicators**. If you've selected other policy templates, custom triggering events aren't supported. The built-in policy triggering events apply and you'll continue to Step 23 without defining policy attributes.
-14. Select **Next** to continue.
-15. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
-16. Select **Next** to continue.
-17. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts.
-18. Select **Next** to continue.
-19. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
+14. If you've selected the *Data leaks by disgruntled users* or *Security policy violations by disgruntled users* templates, you'll see options on the **Triggers for this policy** page for integration with communication compliance and HR data connector events. You have the choice to assign risk scores when users send messages that contain potentially threatening, harassing, or discriminatory language or to bring users into the the policy scope after disgruntlement events are reported in your HR system. If you select the **Disgruntlement triggers from communication compliance (preview)** option, you can accept the default communication compliance policy (automatically created), choose a previously created policy scope for this trigger, or create another scoped policy. If you select **HR data connector events**, you must configure a HR data connector for your organization.
+15. Select **Next** to continue.
+16. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
+17. Select **Next** to continue.
+18. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts.
+19. Select **Next** to continue.
+20. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
> [!IMPORTANT] > If indicators on this page can't be selected, you'll need to select the indicators you want to enable for all policies. You can use the **Turn on indicators** button in the wizard or select indicators on the **Insider risk management** > **Settings** > **Policy indicators** page.
Complete the following steps to create a new policy using the policy wizard:
If you've selected a *Data theft* or *Data leaks* policy template, select one or more **Sequence detection** methods and a **Cumulative exfiltration detection** method to apply to the policy. If you've selected the *General risky browser usage* policy template, select one or more of the **Browsing indicators**.
-20. Select **Next** to continue.
-21. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
-22. Select **Next** to continue.
-23. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
+21. Select **Next** to continue.
+22. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
+23. Select **Next** to continue.
+24. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
## Update a policy
Complete the following steps to manage an existing policy:
8. Select **Next** to continue. 9. On the **Content to prioritize** page, you can assign (if needed) the sources to prioritize, which increases the chance of generating a high severity alert for these sources. Select one of the following choices:
- - **I want to specify SharePoint sites, sensitivity labels, sensitive information types, and/or file extensions as priority content**. Selecting this option will enable detail pages in the wizard to configure these channels.
- - **I don't want to specify priority content right now (you'll be able to do this after the policy is created)**. Selecting this option will skip the channel detail pages in the wizard.
+ - **I want to prioritize content**. Selecting this option will enable you to prioritize *SharePoint sites*, *Sensitivity labels*, *Sensitive info types*, and *File extensions* content types. If you choose this option, you must select at least one priority content type.
+ - **I don't want to specify priority content right now**. Selecting this option will skip the priority content detail pages in the wizard.
10. Select **Next** to continue.
-11. If you've selected **I want to specify SharePoint sites, sensitivity labels, and/or sensitive information types as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, and *sensitivity labels*. Use these detail pages to define the SharePoint, sensitive info types, and sensitivity labels to prioritize in the policy.
+11. If you've selected **I want to prioritize content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels*, *file extensions*, and *Scoring*. Use these detail pages to define the SharePoint, sensitive info types, sensitivity labels, and file extensions to prioritize in the policy. The *Scoring* detail page allows you to scope the policy to only assign risk scores to priority content.
- **SharePoint sites**: Select **Add SharePoint site** and select the SharePoint sites you have access to and want to prioritize. For example, *"group1@contoso.sharepoint.com/sites/group1"*. - **Sensitive info type**: Select **Add sensitive info type** and select the sensitivity types you want to prioritize. For example, *"U.S. Bank Account Number"* and *"Credit Card Number"*. - **Sensitivity labels**: Select **Add sensitivity label** and select the labels you want to prioritize. For example, *"Confidential"* and *"Secret"*. - **File extensions**: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.
+ - **Scoring**: Decide whether to assign risk scores to all activities detected by this policy or only for activities that include priority content. Choose **Get alerts for all activity** or **Get alerts only for activity that includes priority content**.
>[!NOTE] >Users configuring the policy and selecting priority SharePoint sites can select SharePoint sites that they have permission to access. If SharePoint sites aren't available for selection in the policy by the current user, another user with the required permissions can select the sites for the policy later or the current user should be given access to the required sites. 12. Select **Next** to continue.
-13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers** for this policy page for custom triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
+13. If you've selected the *General data leaks* or *Data leaks by priority users* templates, you'll see options on the **Triggers for this policy** page for custom triggering events and policy indicators. You have the choice to select a DLP policy or indicators for triggering events that bring users assigned to the policy in-scope for activity scoring. If you select the **User matches a data loss prevention (DLP) policy triggering event** option, you must select a DLP policy from the DLP policy dropdown list to enable triggering indicators for the DLP Policy for this insider risk management policy. If you select the **User performs an exfiltration activity triggering event** option, you must select one or more of the listed indicators for the policy triggering event.
>[!IMPORTANT] >If you're unable to select a listed indicator, it's because they aren't enabled for your organization. To make them available to select and assign to the policy, enable the indicators in **Insider risk management** > **Settings** > **Policy indicators**. If you've selected other policy templates, custom triggering events aren't supported. The built-in policy triggering events apply and you'll continue to Step 23 without defining policy attributes.
-14. Select **Next** to continue.
-15. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
-16. Select **Next** to continue.
-17. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts.
-18. Select **Next** to continue.
-19. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
+14. If you've selected the *Data leaks by disgruntled users* or *Security policy violations by disgruntled users* templates, you'll see options on the **Triggers for this policy** page for [integration with communication compliance](/microsoft-365/compliance/communication-compliance-policies#policy-for-insider-risk-management-integration-preview) and HR data connector events. You have the choice to assign risk scores when users send messages that contain potentially threatening, harassing, or discriminatory language or to bring users into the the policy scope after disgruntlement events are reported in your HR system. If you select the **Disgruntlement triggers from communication compliance (preview)** option, you can accept the default communication compliance policy (automatically created), choose a previously created policy scope for this trigger, or create another scoped policy. If you select **HR data connector events**, you must configure a HR data connector for your organization.
+15. Select **Next** to continue.
+16. If you've selected the *General data leaks* or *Data leaks by priority users* templates and have selected the **User performs an exfiltration activity and associated indicators**, you can choose custom or default thresholds for the indicator triggering events that you've selected. Choose either the **Use default thresholds (Recommended)** or **Use custom thresholds for the triggering events**.
+17. Select **Next** to continue.
+18. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts.
+19. Select **Next** to continue.
+20. On the **Policy indicators** page, you'll see the [indicators](insider-risk-management-settings.md#indicators) that you've defined as available on the **Insider risk settings** > **Indicators** page. Select the indicators you want to apply to the policy.
> [!IMPORTANT] > If indicators on this page can't be selected, you'll need to select the indicators you want to enable for all policies. You can use the **Turn on indicators** button in the wizard or select indicators on the **Insider risk management** > **Settings** > **Policy indicators** page.
Complete the following steps to manage an existing policy:
If you've selected at least one *Office* or *Device* indicator, select the **Risk score boosters** as appropriate. Risk score boosters are only applicable for selected indicators. If you've selected a *Data theft* or *Data leaks* policy template, select one or more **Sequence detection** methods and a **Cumulative exfiltration detection** method to apply to the policy.
-20. Select **Next** to continue.
-21. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
-22. Select **Next** to continue.
-23. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
+21. Select **Next** to continue.
+22. On the **Decide whether to use default or custom indicator thresholds** page, choose custom or default thresholds for the policy indicators that you've selected. Choose either the **Use default thresholds for all indicators** or **Specify custom thresholds** for the selected policy indicators. If you've selected Specify custom thresholds, choose the appropriate level to generate the desired level of activity alerts for each policy indicator.
+23. Select **Next** to continue.
+24. On the **Review** page, review the settings you've chosen for the policy and any suggestions or warnings for your selections. Select **Edit** to change any of the policy values or select **Submit** to create and activate the policy.
## Copy a policy
compliance Insider Risk Management Settings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-settings.md
# Get started with insider risk management settings
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Insider risk management settings apply to all insider risk management policies, regardless of the template you choose when creating a policy. Settings are configured using the **Insider risk settings** control located at the top of all insider risk management pages. These settings control policy components for the following areas: - [Privacy](#privacy)
Signals are collected and alerts are triggered by policies when users perform ac
- **Global settings indicators**: Indicators enabled in global settings for insider risk management define both the indicators available for configuration in policies and the types of user activity signals collected by insider risk management. For example, if a user copies data to personal cloud storage services or portable storage devices and these indicators are selected only in global settings, this activity will be available for review in the Activity explorer. However, since this activity wasn't defined in an insider risk management policy, the activity won't be assigned a risk score or generate an alert. - **Policy indicators**: Indicators included in insider risk management policies are used to determine a risk score for an in-scope user. Policy indicators are enabled from indicators defined in global settings and are only activated after a triggering event occurs for a user. Some examples of policy indicators are when a user copies data to personal cloud storage services or portable storage devices, if a user account is removed from Azure Active Directory, or if a user shares internal files and folders with unauthorized external parties.
-Certain policy indicators may also be used for customizing triggering events for specific policy templates. When configured in the policy wizard for the *General data leaks* or *Data leaks by priority users* templates, these indicators allow you more flexibility and customization for your policies and when users are in-scope for a policy. Additionally, you can define individual activity thresholds for these triggering indicators for more fine-grained control in a policy.
+Certain policy indicators and sequences may also be used for customizing triggering events for specific policy templates. When configured in the policy wizard for the *General data leaks* or *Data leaks by priority users* templates, these indicators or sequences allow you more flexibility and customization for your policies and when users are in-scope for a policy. Additionally, you can define individual activity thresholds for these triggering indicators for more fine-grained control in a policy.
Policy indicators are segmented into the following areas. You can choose the indicators to activate and customize indicator event limits for each indicator level when creating an insider risk policy:
If you prefer to disable admin and analytics notifications, complete the followi
- **Send an email notification when Analytics is turned off** 4. Select **Save** to configure and exit.+
+## Inline alert customization (preview)
+
+Inline alert customization allows you to quickly tune an insider risk management policy directly from the **Alert dashboard** while reviewing the alert. Alerts are generated when an activity meets the thresholds configured in the related policy. To reduce the number of alerts you get from this activity, you can change the activity's thresholds or remove the activity from the policy altogether.
+
+You can enable inline alert customization to allow users assigned to the *Insider Risk Management Analysts* and *Insider Risk Management Investigators* role groups to edit policy thresholds and to disable specific indicators. If inline alert customization isn't enabled, only users assigned to the *Insider Risk Management Admin* or *Insider Risk Management* role groups can edit these policy conditions. Inline alert customization is supported for alerts regardless of the current alert status, allowing analysts and investigators to update policies for *Dismissed* and *Resolved* alerts if needed.
+
+Complete the following steps to enable inline alert customization:
+
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management** > **Insider risk settings**.
+2. Select the **Inline alert customization (preview)** page.
+3. Enable inline alert customization for insider risk management.
+4. Select **Save** to configure and exit.
+
+> [!NOTE]
+> Enabling inline alert customization will take approximately one hour before being available in new and existing policy alerts.
+
+When enabled, analysts and investigators can select **Reduce alerts for this activity** for an alert on the **Alert dashboard** and can view details about the activity and indicators associated with the alert. Additionally, the current policy thresholds are displayed for the number of events used to create low, medium, and high severity alerts. If **Reduce alerts for this activity** is selected and a previous policy edit has been made that changes the threshold or has removed the associated indicator, you'll see a notification message detailing previous changes to the policy.
+
+Analysts and investigators can choose from the following options on the **Reduce alerts for this activity** pane to quickly edit the policy that created the alert:
+
+- **Reduce alerts using Microsoft's recommended thresholds**: We'll automatically increase the thresholds in the policy for you. You'll be able to review the new recommended threshold settings before changing the policy.
+- **Reduce alerts by choosing your own thresholds**: You can manually increase the thresholds for this type of activity for the current and future alerts. You'll be able to review the current threshold settings and configure the new threshold settings before changing the policy.
+- **Stop getting alerts for this activity**: This removes this indicator from the policy and this activity will no longer be detected by the policy. This applies to all indicators, regardless of if the indicator is threshold-based.
+
+After choosing an option, analysts and investigators can choose two options to update the policy:
+
+- **Save and dismiss alert**: Saves the changes to the policy and updates the alert status to *Resolved*.
+- **Save only**: Saves the changes to the policy, but the alert status remains the same.
compliance Insider Risk Management Solution Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-solution-overview.md
# Insider risk management
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Increasingly, employees have more access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent. Microsoft Purview Insider Risk Management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators. After identifying the risks, you can take action to mitigate these risks.
compliance Insider Risk Management Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-users.md
# Insider risk management Users dashboard
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ The **Users dashboard** is an important tool in the insider risk management workflow and helps investigators and analysts have a more complete understanding of risk activities. This dashboard offers views and management features to meet administrative needs between the creating insider risk management policies and managing insider risk management cases. After users are added to insider risk management policies, background processes are automatically evaluating user activities for [triggering indicators](insider-risk-management-settings.md#indicators). After triggering indicators are present, user activities are assigned risk scores. Some of these activities may result in an insider risk alert, but some activities may not meet a minimum risk score level and an insider risk alert won't be created. The **Users dashboard** allows you to view users with these types of indicators and risk scores, as well users that have active insider risk alerts.
compliance Insider Risk Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management.md
# Learn about insider risk management
+>[!IMPORTANT]
+>Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider risk management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
+ Microsoft Purview Insider Risk Management is a compliance solution that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft eDiscovery (Premium) if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards. For more information and an overview of the planning process to address risky activities in your organization, see [Starting an insider risk management program](https://download.microsoft.com/download/b/2/0/b208282a-2482-4986-ba07-15a9b9286df0/pwc-starting-an-insider-risk-management-program-with-pwc-and-microsoft.pdf).
For organizations in the healthcare industry, recent studies have found a very h
### Actions and behaviors by disgruntled users (preview)
-Employment stresses events can impact user behavior in several ways that relate to insider risks. These stressors may be a poor performance review, a position demotion, or the user being placement on a performance review plan. Though most users don't respond maliciously to these events, the stress of these actions may result in some users to behave in ways they may not normally consider during normal circumstances. To help identify these types of risky activities, the following insider risk management policy templates use the Microsoft 365 HR connector and starts scoring risk indicators relating to behaviors that may occur near employment stressor events:
+Employment stressor events can impact user behavior in several ways that relate to insider risks. These stressors may be a poor performance review, a position demotion, or the user being placement on a performance review plan. Stressors may also result in potentially inappropriate behavior such as users sending potentially threatening, harassing, or discriminatory language in email and other messages. Though most users don't respond maliciously to these events, the stress of these actions may result in some users to behave in ways they may not normally consider during normal circumstances. To help identify these types of risky activities, the following insider risk management policy templates can use the HR connector and/or integration with a [dedicated communication compliance policy](/microsoft-365/compliance/communication-compliance-policies#integration-with-insider-risk-management-preview) to bring users into scope for insider risk management policies and start scoring risk indicators relating to behaviors that may occur near employment stressor events:
- [Data leaks by disgruntled users (preview)](insider-risk-management-policies.md#data-leaks-by-disgruntled-users-preview) - [Security policy violations by disgruntled users (preview)](insider-risk-management-policies.md#security-policy-violations-by-disgruntled-users-preview)
compliance Limits For Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-for-content-search.md
The following table describes the indexing limits that might result in an email
## Jobs limits
-> [!NOTE]
-> eDiscovery (Premium) jobs are counted toward the eDiscovery (Standard) limits. For example, if you have 50 jobs running in eDiscovery (Premium) you will be unable to start jobs in eDiscovery (Standard). eDiscovery (Standard) jobs do not count toward eDiscovery (Premium) limits.
- |Description|Limit| ||| |Maximum number of concurrent jobs in your organization.|50|
compliance Office 365 Encryption In Microsoft Dynamics 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-encryption-in-microsoft-dynamics-365.md
Microsoft uses encryption technology to protect customer data in Dynamics 365 wh
Dynamics 365 uses standard Microsoft SQL Server cell level encryption for a set of default entity attributes that contain sensitive information, such as user names and email passwords. This feature can help organizations meet the compliance requirements associated with FIPS 140-2. Field-level data encryption is especially important in scenarios that leverage the [Microsoft Dynamics CRM Email Router](/previous-versions/dynamicscrm-2016/administering-dynamics-365/hh699800(v=crm.8)), which must store user names and passwords to enable integration between a Dynamics 365 instance and an email service.
-All instances of Dynamics 365 use [Microsoft SQL Server Transparent Data Encryption](/sql/relational-databases/security/encryption/transparent-data-encryption) (TDE) to perform real-time encryption of data when written to disk (at rest). TDE encrypts SQL Server, Azure SQL Database, and Azure SQL Data Warehouse data files. By default, Microsoft stores and manages the database encryption keys for your instances of Dynamics 365. (The keys that are used by Dynamics 365 for Financials are generated by the .NET Framework Data Protection API.)
-The manage keys feature in the Dynamics 365 Administration Center gives administrators the ability to self-manage the database encryption keys that are associated with instances of Dynamics 365. (Self-managed database encryption keys are only available in the January 2017 update for Microsoft Dynamics 365 and may not be made available for later versions. For more information, see [Manage the encryption keys for your Dynamics 365 (online) instance](/dynamics365/customer-engagement/admin/manage-encryption-keys-instance).) The key management feature supports both PFX and BYOK encryption key files, such as those stored in an HSM. (For more information about generating and transferring an HSM-protected key over the Internet, see [How to generate and transfer HSM-protected keys for Azure Key Vault](/azure/key-vault/key-vault-hsm-protected-keys).)
+All instances of Dynamics 365 use [Microsoft SQL Server Transparent Data Encryption](/sql/relational-databases/security/encryption/transparent-data-encryption) (TDE) to perform real-time encryption of data when written to disk (at rest). TDE encrypts SQL Server, Azure SQL Database, and Azure SQL Data Warehouse data files. By default, Microsoft stores and manages the database encryption keys for your instances of Dynamics 365. (The keys that are used by Dynamics 365 for Financials are generated by the .NET Framework Data Protection API.)
+
+The manage keys feature in the Power Platform Administration Center gives administrators the ability to self-manage the database encryption keys that are associated with instances of Dynamics 365. See [Manage the encryption keys for your Dynamics 365 (online) instance](/dynamics365/customer-engagement/admin/manage-encryption-keys-instance). The key management feature supports both PFX and BYOK encryption key files, such as those stored in an HSM. (For more information about generating and transferring an HSM-protected key over the Internet, see [How to generate and transfer HSM-protected keys for Azure Key Vault](/azure/key-vault/key-vault-hsm-protected-keys).)
To use the upload encryption key option, you need both the public and private encryption key.
compliance Retention Policies Sharepoint https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-sharepoint.md
For retention policies and auto-apply label policies: SharePoint sites must be i
To store content that needs to be retained, SharePoint and OneDrive create a Preservation Hold library if one doesn't exist for the site. The Preservation Hold library isn't designed to be used interactively but instead, automatically stores files when this is needed for compliance reasons. It works in the following way:
-When a user changes or deletes an item that's subject to retention, a check is made whether the content has been changed since the retention settings were applied. If this is the first change since the retention settings were applied, the content is copied to the Preservation Hold library, which allows the user to change or delete the original content.
+When a user changes an item that's subject to retention from a retention policy or a retention label that marks items as a record, or deletes any item subject to retention, the original content is copied to the Preservation Hold library. This behavior lets the user to change or delete the content in their app, while keeping a copy of the original for compliance reasons.
A timer job periodically runs on the Preservation Hold library. For content that has been in the Preservation Hold library for more than 30 days, this job compares the content to all queries used by the retention settings for that content. Content that is older than their configured retention period is then deleted from the Preservation Hold library, and from the original location if it is still there. This timer job runs every seven days, which means that together with the minimal 30 days, it can take up to 37 days for content to be deleted from the Preservation Hold library.
Users also see an error message if they try to delete a labeled item in any of t
- The retention label marks items as a [regulatory record](records-management.md#compare-restrictions-for-what-actions-are-allowed-or-blocked), which always prevents the item from being edited or deleted.
-After retention settings are assigned to content in a OneDrive account or SharePoint site, the paths the content takes depend on whether the retention settings are to retain and delete, to retain only, or delete only.
+After retention settings are assigned to content in a OneDrive account or SharePoint site, the paths the content takes depend on whether the retention settings are to retain and delete, to retain only, or delete only. In the explanations that follow, modified content is moved to the Preservation Hold library for retention policies, and retention labels that mark items as records (and the content is unlocked). Items that are modified with retention labels that don't mark items as records don't create copies in the Preservation Hold library, but do when items are deleted.
When the retention settings are to retain and delete:
compliance Retention Settings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-settings.md
The **Exchange public folders** location applies retention settings to all publi
When you configure an auto-apply policy that uses sensitive information types and select the **Exchange email** location: -- Microsoft 365 group mailboxes are included.--- All mailboxes are automatically included, even if you configure an adaptive scope to identify specific mailboxes. If you've chosen a static policy scope, you won't be able to specify recipients to include or exclude.
+- See the important callout for [Auto-apply labels to content with specific types of sensitive information](apply-retention-labels-automatically.md#auto-apply-labels-to-content-with-specific-types-of-sensitive-information).
### Configuration information for SharePoint sites and OneDrive accounts
Before you configure retention, first familiarize yourself with capacity and sto
#### Relabeling at the end of the retention period
-> [!NOTE]
-> This option is in preview and subject to change.
- When you configure a retention label to automatically apply a different retention label at the end of the retention period, the item is then subject to the retention settings of the newly selected retention label. This option lets you automatically change the retention settings for the item. You can change the replacement label after you've created and saved the primary retention label. For items that already have the primary retention label applied and within the configured retention period, the change of replacement label will synchronize to these items. As with other label changes, allow up to 7 days for this synchronization period.
compliance Sensitive Information Type Entity Definitions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-entity-definitions.md
This article is a list of all sensitive information type (SIT) entity definition
> - High confidence: 85 - [ABA routing number](sit-defn-aba-routing.md)
+- [All credentials](sit-defn-all-creds.md)
- [All full names](sit-defn-all-full-names.md) - [All medical terms and conditions](sit-defn-all-medical-terms-conditions.md) - [All Physical Addresses](sit-defn-all-physical-addresses.md)-- [Amazon S3 Client Secret Access Key (preview)](sit-defn-amazon-s3-client-secret-access-key.md)
+- [Amazon S3 Client Secret Access Key](sit-defn-amazon-s3-client-secret-access-key.md)
- [Argentina national identity (DNI) number](sit-defn-argentina-national-identity-numbers.md) - [Argentina Unique Tax Identification Key (CUIT/CUIL)](sit-defn-argentina-unique-tax-identification-key.md)-- [ASP.NET machine Key (preview)](sit-defn-asp-net-machine-key.md)
+- [ASP.NET machine Key](sit-defn-asp-net-machine-key.md)
- [Australia bank account number](sit-defn-australia-bank-account-number.md) - [Australia business number](sit-defn-australia-business-number.md) - [Australia company number](sit-defn-australia-business-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Austria social security number](sit-defn-austria-social-security-number.md) - [Austria tax identification number](sit-defn-austria-tax-identification-number.md) - [Austria value added tax](sit-defn-austria-value-added-tax.md)-- [Azure AD client access token (preview)](sit-defn-azure-ad-client-access-token.md) -- [Azure AD client secret (preview)](sit-defn-azure-ad-client-secret.md)-- [Azure AD User Credentials (preview)](sit-defn-azure-ad-user-credentials.md)-- [Azure App Service deployment password (preview)](sit-defn-azure-app-service-deployment-password.md)-- [Azure Batch shared access key (preview)](sit-defn-azure-batch-shared-access-key.md)-- [Azure Bot Framework secret key (preview)](sit-defn-azure-bot-framework-secret-key.md)-- [Azure Bot service app secret (preview)](sit-defn-azure-bot-service-app-secret.md)-- [Azure Cognitive Search API key (preview)](sit-defn-azure-cognitive-search-api-key.md)-- [Azure Cognitive Service key (preview)](sit-defn-azure-cognitive-service-key.md)-- [Azure Container Registry access key (preview)](sit-defn-azure-container-registry-access-key.md)-- [Azure COSMOS DB account access key (preview)](sit-defn-azure-cosmos-db-account-access-key.md) -- [Azure Databricks personal access token (preview)](sit-defn-azure-databricks-personal-access-token.md)-- [Azure DevOps app secret (preview)](sit-defn-azure-devops-app-secret.md)-- [Azure DevOps personal access token (preview)](sit-defn-azure-devops-personal-access-token.md)
+- [Azure AD client access token](sit-defn-azure-ad-client-access-token.md)
+- [Azure AD client secret](sit-defn-azure-ad-client-secret.md)
+- [Azure AD User Credentials](sit-defn-azure-ad-user-credentials.md)
+- [Azure App Service deployment password](sit-defn-azure-app-service-deployment-password.md)
+- [Azure Batch shared access key](sit-defn-azure-batch-shared-access-key.md)
+- [Azure Bot Framework secret key](sit-defn-azure-bot-framework-secret-key.md)
+- [Azure Bot service app secret](sit-defn-azure-bot-service-app-secret.md)
+- [Azure Cognitive Search API key](sit-defn-azure-cognitive-search-api-key.md)
+- [Azure Cognitive Service key](sit-defn-azure-cognitive-service-key.md)
+- [Azure Container Registry access key](sit-defn-azure-container-registry-access-key.md)
+- [Azure COSMOS DB account access key](sit-defn-azure-cosmos-db-account-access-key.md)
+- [Azure Databricks personal access token](sit-defn-azure-databricks-personal-access-token.md)
+- [Azure DevOps app secret](sit-defn-azure-devops-app-secret.md)
+- [Azure DevOps personal access token](sit-defn-azure-devops-personal-access-token.md)
- [Azure DocumentDB auth key](sit-defn-azure-document-db-auth-key.md)-- [Azure EventGrid access key (preview)](sit-defn-azure-eventgrid-access-key.md) -- [Azure Function Master / API key (preview)](sit-defn-azure-function-master-api-key.md)
+- [Azure EventGrid access key](sit-defn-azure-eventgrid-access-key.md)
+- [Azure Function Master / API key](sit-defn-azure-function-master-api-key.md)
- [Azure IAAS database connection string and Azure SQL connection string](sit-defn-azure-iaas-database-connection-string-azure-sql-connection-string.md) - [Azure IoT connection string](sit-defn-azure-iot-connection-string.md)-- [Azure IoT shared access key (preview)](sit-defn-azure-iot-shared-access-key.md)-- [Azure Logic app shared access signature (preview)](sit-defn-azure-logic-app-shared-access-signature.md) -- [Azure Machine Learning web service API key (preview)](sit-defn-azure-machine-learning-web-service-api-key.md) -- [Azure Maps subscription key (preview)](sit-defn-azure-maps-subscription-key.md)
+- [Azure IoT shared access key](sit-defn-azure-iot-shared-access-key.md)
+- [Azure Logic app shared access signature](sit-defn-azure-logic-app-shared-access-signature.md)
+- [Azure Machine Learning web service API key](sit-defn-azure-machine-learning-web-service-api-key.md)
+- [Azure Maps subscription key](sit-defn-azure-maps-subscription-key.md)
- [Azure publish setting password](sit-defn-azure-publish-setting-password.md) - [Azure Redis cache connection string](sit-defn-azure-redis-cache-connection-string.md)-- [Azure Redis cache connection string password (preview)](sit-defn-azure-redis-cache-connection-string-password.md)
+- [Azure Redis cache connection string password](sit-defn-azure-redis-cache-connection-string-password.md)
- [Azure SAS](sit-defn-azure-sas.md) - [Azure service bus connection string](sit-defn-azure-service-bus-connection-string.md)-- [Azure service bus shared access signature (preview)](sit-defn-azure-service-bus-shared-access-signature.md) -- [Azure Shared Access key / Web Hook token (preview)](sit-defn-azure-shared-access-key-web-hook-token.md) -- [Azure SignalR access key (preview)](sit-defn-azure-signalr-access-key.md)-- [Azure SQL connection string (preview)](sit-defn-azure-sql-connection-string.md)-- [Azure storage account access key (preview)](sit-defn-azure-storage-account-access-key.md)
+- [Azure service bus shared access signature](sit-defn-azure-service-bus-shared-access-signature.md)
+- [Azure Shared Access key / Web Hook token](sit-defn-azure-shared-access-key-web-hook-token.md)
+- [Azure SignalR access key](sit-defn-azure-signalr-access-key.md)
+- [Azure SQL connection string](sit-defn-azure-sql-connection-string.md)
+- [Azure storage account access key](sit-defn-azure-storage-account-access-key.md)
- [Azure storage account key](sit-defn-azure-storage-account-key.md) - [Azure Storage account key (generic)](sit-defn-azure-storage-account-key-generic.md)-- [Azure Storage account shared access signature (preview)](sit-defn-azure-storage-account-shared-access-signature.md)-- [Azure Storage account shared access signature for high risk resources (preview)](sit-defn-azure-storage-account-shared-access-signature-high-risk-resources.md)-- [Azure subscription management certificate (preview)](sit-defn-azure-subscription-management-certificate.md)
+- [Azure Storage account shared access signature](sit-defn-azure-storage-account-shared-access-signature.md)
+- [Azure Storage account shared access signature for high risk resources](sit-defn-azure-storage-account-shared-access-signature-high-risk-resources.md)
+- [Azure subscription management certificate](sit-defn-azure-subscription-management-certificate.md)
- [Belgium driver's license number](sit-defn-belgium-drivers-license-number.md) - [Belgium national number](sit-defn-belgium-national-number.md) - [Belgium passport number](sit-defn-belgium-passport-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Canada social insurance number](sit-defn-canada-social-insurance-number.md) - [Chile identity card number](sit-defn-chile-identity-card-number.md) - [China resident identity card (PRC) number](sit-defn-china-resident-identity-card-number.md)-- [Client secret / API key (preview)](sit-defn-client-secret-api-key.md)
+- [Client secret / API key](sit-defn-client-secret-api-key.md)
- [Credit card number](sit-defn-credit-card-number.md) - [Croatia driver's license number](sit-defn-croatia-drivers-license-number.md) - [Croatia identity card number](sit-defn-croatia-identity-card-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [France social security number (INSEE)](sit-defn-france-social-security-number.md) - [France tax identification number](sit-defn-france-tax-identification-number.md) - [France value added tax number](sit-defn-france-value-added-tax-number.md)-- [General password (preview)](sit-defn-general-password.md)-- [General Symmetric key (preview)](sit-defn-general-symmetric-key.md)
+- [General password](sit-defn-general-password.md)
+- [General Symmetric key](sit-defn-general-symmetric-key.md)
- [Generic medication names](sit-defn-generic-medication-names.md) - [Germany driver's license number](sit-defn-germany-drivers-license-number.md) - [Germany identity card number](sit-defn-germany-identity-card-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Germany physical addresses](sit-defn-germany-physical-addresses.md) - [Germany tax identification number](sit-defn-germany-tax-identification-number.md) - [Germany value added tax number](sit-defn-germany-value-added-tax-number.md)-- [GitHub Personal Access Token (preview)](sit-defn-github-personal-access-token.md) -- [Google API key (preview)](sit-defn-google-api-key.md)
+- [GitHub Personal Access Token](sit-defn-github-personal-access-token.md)
+- [Google API key](sit-defn-google-api-key.md)
- [Greece driver's license number](sit-defn-greece-drivers-license-number.md) - [Greece national ID card](sit-defn-greece-national-id-card.md) - [Greece passport number](sit-defn-greece-passport-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Greece Social Security Number (AMKA)](sit-defn-greece-social-security-number.md) - [Greece tax identification number](sit-defn-greece-tax-identification-number.md) - [Hong Kong identity card (HKID) number](sit-defn-hong-kong-identity-card-number.md)-- [Http authorization header (preview)](sit-defn-http-authorization-header.md)
+- [Http authorization header](sit-defn-http-authorization-header.md)
- [Hungary driver's license number](sit-defn-hungary-drivers-license-number.md) - [Hungary passport number](sit-defn-hungary-passport-number.md) - [Hungary personal identification number](sit-defn-hungary-personal-identification-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Medical specialities](sit-defn-medical-specialities.md) - [Medicare Beneficiary Identifier (MBI) card](sit-defn-medicare-beneficiary-Identifier-card.md) - [Mexico Unique Population Registry Code (CURP)](sit-defn-mexico-unique-population-registry-code.md)-- [Microsoft Bing maps key (preview)](sit-defn-microsoft-bing-maps-key.md)
+- [Microsoft Bing maps key](sit-defn-microsoft-bing-maps-key.md)
- [Netherlands citizen's service (BSN) number](sit-defn-netherlands-citizens-service-number.md) - [Netherlands driver's license number](sit-defn-netherlands-drivers-license-number.md) - [Netherlands passport number](sit-defn-netherlands-passport-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [Russia passport number international](sit-defn-russia-passport-number-international.md) - [Saudi Arabia National ID](sit-defn-saudi-arabia-national-id.md) - [Singapore national registration identity card (NRIC) number](sit-defn-singapore-national-registration-identity-card-number.md)-- [Slack access token (preview)](sit-defn-slack-access-token.md)
+- [Slack access token](sit-defn-slack-access-token.md)
- [Slovakia driver's license number](sit-defn-slovakia-drivers-license-number.md) - [Slovakia passport number](sit-defn-slovakia-passport-number.md) - [Slovakia personal number](sit-defn-slovakia-personal-number.md)
This article is a list of all sensitive information type (SIT) entity definition
- [U.S./U.K. passport number](sit-defn-us-uk-passport-number.md) - [Ukraine passport domestic](sit-defn-ukraine-passport-domestic.md) - [Ukraine passport international](sit-defn-ukraine-passport-international.md)-- [User login credentials (preview)](sit-defn-user-login-credentials.md)-- [X.509 certificate private key (preview)](sit-defn-x-509-certificate-private-key.md)
+- [User login credentials](sit-defn-user-login-credentials.md)
+- [X.509 certificate private key](sit-defn-x-509-certificate-private-key.md)
compliance Sensitivity Labels Aip https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-aip.md
Title: "Choose Microsoft Purview Information Protection built-in labeling for Office apps over the Azure Information Protection (AIP) add-in"
+ Title: "Migrate the Azure Information Protection (AIP) add-in to Microsoft Purview Information Protection built-in labeling for Office apps"
f1.keywords: - CSH
search.appverid: - MOE150 - MET150
-description: When you use the Azure Information Protection (AIP) unified labeling client, understand the advantages of using built-in labeling for Office apps rather than the AIP add-in.
+description: For Office 365 apps, understand the migration of the Azure Information Protection (AIP) add-in to built-in labeling to protect sensitive data.
-# Why choose built-in labeling over the AIP add-in for Office apps
+# Migrate the Azure Information Protection (AIP) add-in to built-in labeling for Office apps
>*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
-When you use [sensitivity labels](sensitivity-labels.md) in Microsoft 365 Apps on Windows computers, you have a choice of using labeling that's built into Office apps, or an add-in from the [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2).
+When you use [sensitivity labels](sensitivity-labels.md) in Microsoft 365 Apps on Windows computers, we recommend you use you labeling that's built into Office apps, even if you have the [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2) installed. Moving forward, the AIP add-in will be disabled by default in the latest versions of Office apps.
-Built-in labeling forms the cornerstone of a [Microsoft Purview information protection deployment](information-protection-solution.md) because this labeling technology extends across platforms (Windows, macOS, iOS, Android, and web), as well as across Microsoft apps and services, and beyond. Built-in labeling is also designed to work with other Microsoft Purview capabilities, such as data classification and Microsoft Purview data loss prevention (DLP).
+To prepare for this change, use this article to understand the benefits of using built-in labeling, which main features have parity, and how to control the migration from the AIP add-in to the newer labeling experience.
-Because built-in labels don't use an Office Add-in, they benefit from more stability and better performance. They also support the latest Microsoft Purview features, such as advanced classifiers.
+
+## Built-in labeling vs. the AIP client
+
+Built-in labeling forms the cornerstone of a [Microsoft Purview Information Protection deployment](information-protection-solution.md) because this labeling technology extends across platforms (Windows, macOS, iOS, Android, and web), as well as across Microsoft apps and services, and beyond. Built-in labeling is also designed to work with other Microsoft Purview capabilities, such as data classification and Microsoft Purview Data Loss Prevention (DLP).
+
+Because built-in labels don't use an Office add-in, they benefit from more stability and better performance. They also support the latest Microsoft Purview features, such as advanced classifiers.
-By default, built-in labeling is turned off in Office for Windows apps when the AIP client is installed. You can change this default behavior by using the instructions in the following section, [How to disable the AIP add-in to use built-in labeling for Office apps](#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps).
+Up until recently, built-in labeling was turned off by default in Office for Windows apps when the AIP client was installed. This default will no longer be the case for newer versions of Office. You can control the default behavior by using the instructions in the following section, [How to disable the AIP add-in to use built-in labeling for Office apps](#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps). For example, disable the add-in for initial testing on a couple of computers, and then move onto a pilot for a few users. When you're ready, migrate all users to the newer labeling experience.
When you keep the AIP client installed but disabled in Office apps, the other capabilities of the AIP client remain supported:
For more information about these capabilities that extend labeling beyond Office
Independently from labeling, you can continue to use the [AIPService](/powershell/module/aipservice) PowerShell module for tenant-level management of the encryption service. For example, configure super user access when you need to remove encryption for data recovery, track and revoke documents that have been opened by the AIP client, and configure the use license validity period for offline access. For more information, see [Administering protection from Azure Information Protection by using PowerShell](/azure/information-protection/administer-powershell).
+> [!NOTE]
+> Built-in labels require a subscription edition of Office apps. If you have standalone editions of Office, sometimes called "Office Perpetual", upgrade to Microsoft 365 Apps for Enterprise to benefit from the latest labeling capabilities.
-## Decide whether to use built-in labeling for Office apps or the AIP add-in
+## Benefits of using built-in labeling for Office apps vs. the AIP add-in
-Now that the AIP client is in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613), we don't recommend you use the AIP add-in for Office apps for the following reasons:
+The AIP client is in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613) and we don't recommend you use the AIP add-in for Office apps for the following reasons:
- No new labeling features will be supported. - Add-ins are less stable because they can conflict with other add-ins that can result in Office apps hanging, crashing, or automatically disabling the add-in.-- As an add-in, it runs more slowly, and can be disabled by users to bypass labeling requirements.
+- As an add-in, it runs [more slowly](/deployoffice/fieldnotes/performance-recommendations#office-add-ins), and can be disabled by users to bypass labeling requirements.
- Any bug fixes will require reinstalling the Azure Information Protection client. - The labeling experience for users is slightly different from built-in labels that users have on their other devices (macOS, iOS, Android), and when they use Office for the web. This difference can increase costs for training and support.-- There are already new Office labeling features released that are [only supported by built-in labeling](#features-supported-only-by-built-in-labeling-for-office-apps), and the list is growing all the time.
+- There are new Office labeling features released that are [only supported by built-in labeling](#features-supported-only-by-built-in-labeling-for-office-apps), and the list is growing all the time.
-Use the AIP add-in for your Windows Office apps only if you've already deployed it to users and you need time to migrate them to built-in labeling. Or, users need a feature that isn't supported by built-in labeling. Use the [feature parity information](#feature-parity-for-built-in-labeling-and-the-aip-add-in-for-office-apps) on this page to help you identify these features.
+Use the AIP add-in for your Windows Office apps only if you've already deployed it to users and you need time to migrate them to built-in labeling. Or, if there's a key feature that users need that isn't yet available for their Office update channel.
## Features supported only by built-in labeling for Office apps
Some features are only supported by built-in labeling for Office apps, and won't
- Access to intelligent classification services that include [trainable classifiers](classifier-learn-about.md), [exact data match (EDM)](sit-learn-about-exact-data-match-based-sits.md), and [named entities](named-entities-learn.md) - Detection of sensitive information as users type - In Word, users can review and remove the identified sensitive content-- [Sensitivity bar](sensitivity-labels-office-apps.md#sensitivity-bar) is integrated into existing user workflows
+- [Sensitivity bar](sensitivity-labels-office-apps.md#sensitivity-bar) that is integrated into existing user workflows
- [PDF support](sensitivity-labels-office-apps.md#pdf-support) - For labels that let users assign permissions, different permissions (Read or Change) can be granted to users or groups - Encrypt-Only for emails-- Visibility of labels on the status bar (Will be replaced with the sensitivity bar on the window title.) - Support for account switching - Users can't disable labeling
-Example showing how users can review and optionally remove identified sensitive content in Word:
-
-![Credit card numbers identified to users as sensitivity content with an option to remove.](../media/detect-sensitive-content.png)
-
-Example showing how sensitivity labels are integrated into user workflows:
+Watch a short demo to see some of these features in action:
-![Example showing sensitivity label name and description in the Save this file dialog box.](../media/sensitivity-label-in-save-dialog.png)
+> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE58yhH]
To keep informed when new labeling capabilities become available for built-in labeling, see [What's new in Microsoft Purview](whats-new.md) and the **Sensitivity labels** sections. ## How to disable the AIP add-in to use built-in labeling for Office apps
-When you've installed the AIP client to extend labeling beyond Office apps but want to prevent the client's add-in from loading in Office apps, use the Group Policy setting **List of managed add-ins** as documented in [No Add-ins loaded due to group policy settings for Office 2013 and Office 2016 programs](https://support.microsoft.com/help/2733070/no-add-ins-loaded-due-to-group-policy-settings-for-office-2013-and-off).
+For the latest Office apps, the AIP add-in is disabled by default, so there's nothing for you to configure:
+
+- **Build 16.0.15716.0+**: Currently in [Beta Channel](https://office.com/insider)
+- **Current Channel** and **Monthly Enterprise Channel**: Version 2211+ (not yet released)
+- **Semi-Annual Channel**: Version 2301+ (not yet released)
+
+If you have one of these versions, and need to use the AIP add-in rather than built-in labeling, you have to [configure a new setting to override the default](#how-to-configure-newer-versions-of-office-to-enable-the-aip-add-in).
+
+> [!IMPORTANT]
+> If youΓÇÖve previously used the AIP add-in as the default labeling client in Office apps and use Office versions listed in this section, the AIP add-in is automatically disabled and replaced by built-in labeling.
+
+To disable the AIP add-in for older versions, see the next section.
+
+Remember, when the AIP add-in is disabled, you can still use the AIP client to extend labeling beyond Office apps.
+
+### How to configure older versions of Office to disable the AIP add-in
+
+For Office apps older than the versions listed in the previous section, to prevent the AIP add-in from loading in Office apps, use the Group Policy setting **List of managed add-ins** as documented in [No Add-ins loaded due to group policy settings for Office 2013 and Office 2016 programs](https://support.microsoft.com/help/2733070/no-add-ins-loaded-due-to-group-policy-settings-for-office-2013-and-off).
For your Windows Office apps that support built-in labeling, use the configuration for Microsoft Word 2016, Excel 2016, PowerPoint 2016, and Outlook 2016, specify the following programmatic identifiers (ProgID) for the AIP client, and set the option to **0: The add-in is always disabled (blocked)**
Alternatively, you can interactively disable or remove the **Microsoft Azure Inf
Whichever method you choose, the changes take effect when Office apps restart.
-If after making these changes the **Sensitivity** button doesn't display on the Office ribbon, check whether sensitivity labeling has been [turned off](sensitivity-labels-office-apps.md#if-you-need-to-turn-off-built-in-labeling-in-office-apps-on-windows). Although this isn't the default configuration, an administrator might have explicitly set this configuration by using Group Policy or by directly editing the registry.
+If after making these changes the **Sensitivity** button doesn't display on the Office ribbon, check whether sensitivity labeling has been [turned off](sensitivity-labels-office-apps.md#if-you-need-to-turn-off-built-in-labeling-in-office-apps-on-windows) with the **Use the Sensitivity feature in Office to apply and view sensitivity labels** setting. Although this isn't the default configuration for Office apps, an administrator might have explicitly set this configuration by using Group Policy or by directly editing the registry.
-> [!NOTE]
-> Built-in labels require a subscription edition of Office apps. If you have standalone editions of Office, sometimes called "Office Perpetual", we recommend you upgrade to Microsoft 365 Apps for Enterprise to benefit from the [latest labeling capabilities](sensitivity-labels-office-apps.md#support-for-sensitivity-label-capabilities-in-apps).
+### How to configure newer versions of Office to enable the AIP add-in
-Remember, when you use this method to disable the AIP add-in, you can still use the AIP client to extend labeling beyond Office apps.
+> [!CAUTION]
+> If you've previously set the value of **Use the Sensitivity feature in Office to apply and view sensitivity labels** to **0** (or used the equivalent registry key of **UseOfficeForLabelling**ΓÇï) to disable built-in labeling because you wanted to use the AIP add-in: Going forward, if you don't configure the new setting that's described in this section, you won't be able to use sensitivity labeling with either the AIP add-in or built-in labeling.
-## Feature parity for built-in labeling and the AIP add-in for Office apps
+In the [newer versions of Office](#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps), the AIP add-in is disabled by default. To enable it, you must configure a new Office setting under **User Configuration/Administrative Templates/Microsoft Office 2016/Security Settings**:
+
+- **Use the Azure Information Protection add-in for sensitivity labeling**. Set the value to **1**.
+
+Deploy this setting by using Group Policy, or by using the [Office cloud policy service](/DeployOffice/overview-office-cloud-policy-service).
+
+Additional Office settings you might need to configure:
+
+1. The security setting **Use the Sensitivity feature in Office to apply and view sensitivity labels**, must be **0**, or not configured.
-Many of the labeling features supported by the AIP add-in are now supported by built-in labeling. For a more detailed list of capabilities, minimum versions that might be needed, and configuration information, see [Manage sensitivity labels in Office apps](sensitivity-labels-office-apps.md).
+2. If the list of managed add-ins block the AIP add-in, as described in the previous section, you'll need to either remove these entries for the AIP add-in, or set their value to **1: The add-in is always enabled.**
+## Feature parity for built-in labeling and the AIP add-in for Office apps
+
+Many of the labeling features supported by the AIP add-in are now supported by built-in labeling. For a more detailed list of available capabilities, minimum versions that might be needed, and configuration information, see [Manage sensitivity labels in Office apps](sensitivity-labels-office-apps.md). To support a specific feature, you might need to change your [Office update channel](/deployoffice/overview-update-channels).
+
More features are planned and in development. If there's a specific feature that you're interested in, check the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=Microsoft%20Information%20Protection&searchterms=label) and consider joining the [Microsoft Information Protection in Office Private Preview](https://aka.ms/MIP/PreviewRing).
-Use the following information to help you identify if you're using a feature from the AIP add-in that isn't yet supported by built-in labeling:
+Use the following information to help you identify if the features you use with the AIP add-in is currently available with built-in labeling. Features that aren't yet available but in planning or deployment might delay your final migration for users, but you can begin testing the other features now to expedite a later migration.
|AIP add-in feature or capability|Built-in labeling | |:-|:-:| |**Category: General** || |Central reporting and auditing|![Supported.](../medi#auditing-labeling-activities) | |Government Cloud|![Supported.](../media/yes-icon.png)|
-|Admin can disable labeling <br> - All apps| ![Supported.](../medi#if-you-need-to-turn-off-built-in-labeling-in-office-apps-on-windows)|
-|Admin can disable labeling <br> - Per app| In planning or development|
+|Admin can disable labeling for all apps| ![Supported.](../medi#if-you-need-to-turn-off-built-in-labeling-in-office-apps-on-windows)|
|**Category: User Experience** || |Labeling button on the ribbon|![Supported.](../media/yes-icon.png)| |Multilanguage support for label names and tooltips| ![Supported.](../medi#example-configuration-to-configure-a-sensitivity-label-for-different-languages) |
-|Visibility of labels on a toolbar| ![Supported.](../medi#sensitivity-bar) |
-|Label colors| ![Supported.](../medi#label-colors) |
+|Visibility of labels on a toolbar| [In preview](sensitivity-labels-office-apps.md#sensitivity-bar) |
+|Label colors| [In preview](sensitivity-labels-office-apps.md#label-colors) |
|**Category: Labeling actions** || |Manual labeling | ![Supported.](../media/yes-icon.png) <br>[Learn more](https://support.microsoft.com/office/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9) | |Mandatory labeling | ![Supported.](../medi#what-label-policies-can-do)|
Use the following information to help you identify if you're using a feature fro
|User-defined permissions <br> - Do Not Forward for Outlook <br> - User and group custom permissions for Word, Excel, PowerPoint| ![Supported.](../medi#let-users-assign-permissions)| |User-defined permissions <br> - Organization-wide custom permissions by specifying domains for Word, Excel, PowerPoint | [In preview](encryption-sensitivity-labels.md#support-for-organization-wide-custom-permissions) | |Co-authoring and AutoSave | ![Supported.](../medi) |
-|Double key encryption | In planning or development |
-|Document revocation for users | Under review |
| | |
+Remember to use the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=Microsoft%20Information%20Protection&searchterms=label) to identify and track new features in development.
+ ### Support for PowerShell advanced settings
-The AIP client supports many customizations by using [PowerShell advanced settings](/azure/information-protection/rms-client/clientv2-admin-guide-customizations#configuring-advanced-settings-for-the-client-via-powershell). Some of these advanced settings are now supported by built-in labeling, as documented in [New-Label](/powershell/module/exchange/new-label) or [Set-Label](/powershell/module/exchange/set-label), and [New-LabelPolicy](/powershell/module/exchange/new-labelpolicy) or [Set-LabelPolicy](/powershell/module/exchange/set-labelpolicy).
+The AIP client supports many customizations by using [PowerShell advanced settings](/azure/information-protection/rms-client/clientv2-admin-guide-customizations#configuring-advanced-settings-for-the-client-via-powershell). For the advanced settings applicable to Office apps that are also supported by built-in labeling, see the list in [New-Label](/powershell/module/exchange/new-label) or [Set-Label](/powershell/module/exchange/set-label), and [New-LabelPolicy](/powershell/module/exchange/new-labelpolicy) or [Set-LabelPolicy](/powershell/module/exchange/set-labelpolicy).
-However, you might find you don't need to use PowerShell to configure the supported settings because they're included in the standard configuration from the Microsoft Purview compliance portal. For example, the ability to turn off mandatory labeling for Outlook and set a different default label.
+However, you might find you don't need to use PowerShell to configure the supported settings because they're included in the standard configuration from the Microsoft Purview compliance portal. For example, UI configuration to choose label colors, and turn off mandatory labeling for Outlook.
-The following configurations from the AIP add-in aren't yet supported by built-in labeling include:
+The following configurations from the AIP add-in that aren't yet supported by built-in labeling include:
- [Label inheritance from email attachments](/azure/information-protection/rms-client/clientv2-admin-guide-customizations#for-email-messages-with-attachments-apply-a-label-that-matches-the-highest-classification-of-those-attachments) - [S/MIME for Outlook](/azure/information-protection/rms-client/clientv2-admin-guide-customizations#configure-a-label-to-apply-smime-protection-in-outlook)
The following configurations from the AIP add-in aren't yet supported by built-i
## Features not planned to be supported by built-in labeling for Office apps
-Although new capabilities for built-in labeling are being added all the time, the AIP Office Add-in supports the following capabilities that aren't planned to be available in future releases for built-in labeling:
+Although new capabilities for built-in labeling are being added all the time, the AIP Office add-in supports the following capabilities that aren't planned to be available in future releases for built-in labeling:
- Application of labels to Microsoft Office 97-2003 formats, such as .doc files - Local usage logging to the Windows event log - Permanently disconnected computers - Standalone editions of Office (sometimes called "Office Perpetual") rather than subscription-based
-## Next steps
+## Migration planning for the AIP add-in for Office apps
+
+To smoothly transition to using built-in labeling for Office apps, use the information on this page to prepare a migration plan that includes the following tasks:
+
+- Identify the features that you currently use, and test them with built-in labeling to ensure you understand the configuration and user experience.
+
+- Identify any new features that you want to use, and decide whether to include them in the migration or at a later stage.
+
+- Make sure all dependencies are in place, such as Microsoft 365 Apps for Enterprise is deployed with the correct update channel and the AIP add-in disabled, and the correct [licenses are assigned to users](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-information-protection-sensitivity-labeling).
-For instructions to create and configure these labeling capabilities, see [Create and configure sensitivity labels and their policies](create-sensitivity-labels.md).
+- Update any internal documentation and training, and prepare your help desk and users for change.
-> [!TIP]
-> If you already have sensitivity labels in the Microsoft Purview compliance portal, you won't be eligible for the automatic creation of default labels. However, you might still find it useful to reference their configuration: [Default sensitivity labels](mip-easy-trials.md#default-sensitivity-labels).
+To help you with your migration journey, we recommend the [migration guidance and playbook from Microsoft Purview Customer Experience Engineering (CxE)](https://microsoft.github.io/ComplianceCxE/playbooks/AIP2MIPPlaybook).
compliance Sensitivity Labels Coauthoring https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-coauthoring.md
Make sure you understand the following prerequisites before you turn on this fea
- **Azure Information Protection unified labeling client and scanner:** - Minimum version [2.12.62.0](/information-protection/rms-client/unifiedlabelingclient-version-release-history#version-212620) that you can install from the [Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=53018) - For Office apps, requires minimum versions listed for Microsoft 365 Apps for enterprise
+ - Additionally, you're not using [Double Key Encryption](double-key-encryption.md) in the same tenant
- **OneDrive sync app for Windows or macOS:** - Minimum version of 19.002.0121.0008
Before you enable the tenant setting for co-authoring for files encrypted with s
Specific to Excel: Metadata for a sensitivity label that doesn't apply encryption can be deleted from a file if somebody edits and saves that file by using a version of Excel that doesn't support the metadata changes for sensitivity labels. -- Co-authoring and AutoSave aren't supported and don't work for labeled and encrypted Office documents that use any of the following [configurations for encryption](encryption-sensitivity-labels.md#configure-encryption-settings):
+- Co-authoring and AutoSave aren't supported and don't work for labeled and encrypted Office documents that use either of the following [configurations for encryption](encryption-sensitivity-labels.md#configure-encryption-settings):
- **Let users assign permissions when they apply the label** and the checkbox **In Word, PowerPoint, and Excel, prompt users to specify permissions** is selected. This configuration is sometimes referred to as "user-defined permissions". - **User access to content expires** is set to a value other than **Never**.
- - **Double Key Encryption** is selected.
- For labels with any of these encryption configurations, the labels display in Office apps. However, when users select these labels and nobody else is editing the document, they're warned that co-authoring and AutoSave won't be available. If somebody else is editing the document, users see a message that the labels can't be applied.
+ For labels with either of these encryption configurations, the labels display in Office apps. However, when users select these labels and nobody else is editing the document, they're warned that co-authoring and AutoSave won't be available. If somebody else is editing the document, users see a message that the labels can't be applied.
- If you use the Azure Information Protection unified labeling client: Check the documentation for this labeling client for [more requirements or limitations](/azure/information-protection/known-issues#known-issues-for-co-authoring). > [!NOTE]
compliance Sensitivity Labels Office Apps https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md
Use the information in this article to help you successfully manage sensitivity
To use sensitivity labels that are built into Office desktop apps for Windows and Mac, you must use a subscription edition of Office. This labeling client doesn't support standalone editions of Office, sometimes called "Office Perpetual".
-If you can't upgrade to Microsoft 365 Apps for enterprise for the subscription versions of Office, for Windows computers only, you can use the [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2). However, this client is now in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613) and we don't recommend you use the AIP add-in for Office apps unless you have to. For more information, see [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md).
+The [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2) is now in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613). If you currently use this client for labeling in Office apps, we recommend you move to built-in labeling. For more information, see [Migrate the Azure Information Protection (AIP) add-in to built-in labeling for Office apps](sensitivity-labels-aip.md).
## Support for sensitivity label capabilities in apps
-The following tables list the minimum Office version that introduced specific capabilities for sensitivity labels that are built in to Office apps. Or, if the label capability is in public preview or under review for a future release. Use the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=Microsoft%20Information%20Protection&searchterms=label) for details about new capabilities that are planned for future releases.
+The following tables list the minimum Office version that introduced specific capabilities for sensitivity labels that are built in to Office apps. Or, if the label capability is in public preview or under review for a future release:
+
+- Table: [Sensitivity label capabilities in Word, Excel, and PowerPoint](#sensitivity-label-capabilities-in-word-excel-and-powerpoint)
+- Table: [Sensitivity label capabilities in Outlook](#sensitivity-label-capabilities-in-outlook)
+
+Use the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=Microsoft%20Information%20Protection&searchterms=label) for details about new capabilities that are planned for future releases.
New versions of Office apps are made available at different times for different update channels. For Windows, you'll get the new capabilities earlier when you are on the Current Channel or Monthly Enterprise Channel, rather than Semi-Annual Enterprise Channel. The minimum version numbers can also be different from one update channel to the next. For more information, see [Overview of update channels for Microsoft 365 Apps](/deployoffice/overview-update-channels) and [Update history for Microsoft 365 Apps](/officeupdates/update-history-microsoft365-apps-by-date).
-New capabilities that are in private preview are not included in the table but you might be able to join these previews by nominating your organization for the [Microsoft Information Protection private preview program](https://aka.ms/mip-preview).
+New capabilities that are in private preview are not included in the tables but you might be able to join these previews by nominating your organization for the [Microsoft Information Protection private preview program](https://aka.ms/mip-preview).
Office for iOS and Office for Android: Sensitivity labels are built into the [Office app](https://www.microsoft.com/en-us/microsoft-365/blog/2020/02/19/new-office-app-android-ios-available/).
The numbers listed are the minimum Office application versions required for each
|Capability |Windows |Mac |iOS |Android |Web | |--|-:|-|-|--|-|
+|[AIP add-in disabled by default](sensitivity-labels-aip.md#how-to-configure-newer-versions-of-office-to-enable-the-aip-add-in)| Preview: Rolling out to [Beta Channel](https://office.com/insider) | Not relevant | Not relevant | Not relevant| Not relevant |
|[Manually apply, change, or remove label](https://support.microsoft.com/en-us/office/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9)| Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 2.21+ | 16.0.11231+ | [Yes - opt-in](sensitivity-labels-sharepoint-onedrive-files.md) | |[Multi-language support](create-sensitivity-labels.md#additional-label-settings-with-security--compliance-powershell)| Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 2.21+ | 16.0.11231+ | Under review | |[Apply a default label](sensitivity-labels.md#what-label-policies-can-do) to new documents | Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 2.21+ | 16.0.11231+ | [Yes - opt-in](sensitivity-labels-sharepoint-onedrive-files.md) |
The numbers listed are the minimum Office application versions required for each
|Capability |Outlook for Windows |Outlook for Mac |Outlook on iOS |Outlook on Android |Outlook on the web | |--|-:|-||-|-|
+|[AIP add-in disabled by default](sensitivity-labels-aip.md#how-to-configure-newer-versions-of-office-to-enable-the-aip-add-in)| Preview: Rolling out to [Beta Channel](https://office.com/insider) | Not relevant | Not relevant | Not relevant| Not relevant |
|[Manually apply, change, or remove label](https://support.microsoft.com/en-us/office/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9)| Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes | |[Multi-language support](create-sensitivity-labels.md#additional-label-settings-with-security--compliance-powershell)| Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes | |[Apply a default label](sensitivity-labels.md#what-label-policies-can-do) | Current Channel: 1910+ <br /><br> Monthly Enterprise Channel: 1910+ <br /><br> Semi-Annual Enterprise Channel: 2002+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes |
Requires the [new Outlook for Mac](https://support.microsoft.com/office/the-new-
## Office built-in labeling client and the Azure Information Protection client
-If users have the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2) installed on their Windows computers, by default, built-in labels are turned off in [Windows Office apps that support them](#labeling-client-for-desktop-apps). Because built-in labels don't use an Office add-in, as used by the AIP client, they have the benefit of more stability and better performance. They also support the latest features, such as advanced classifiers.
+If users have the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2) installed on their Windows computers, built-in labels are the new default for the latest Windows Office apps that [support labeling](#labeling-client-for-desktop-apps). Because built-in labels don't use an Office add-in, as used by the AIP client, they have the benefit of more stability and better performance. They also support the latest features, such as advanced classifiers.
> [!NOTE]
-> If you're not seeing the labeling features you expect on Windows computers, despite confirming the minimum supported versions for your Office update channel, it might be because you need to [disable the AIP add-in](sensitivity-labels-aip.md#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps).
+> If you're not seeing the labeling features you expect on Windows computers, despite confirming the minimum supported versions for your Office update channel, it might be because you need to [disable the AIP add-in](sensitivity-labels-aip.md#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps) for older versions of Office.
-To learn more about labeling support with the AIP client, and how to disable this client just in Office apps, see [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md).
+To learn more about labeling support with the AIP client, and how to disable this client just in Office apps, see [Migrate the Azure Information Protection (AIP) add-in to built-in labeling for Office apps](sensitivity-labels-aip.md).
## If you need to turn off built-in labeling in Office apps on Windows
Because this setting is specific to Windows Office apps, it has no impact on oth
## Office file types supported
-Office apps that have built-in labeling for Word, Excel, and PowerPoint files support the Open XML format (such as .docx and .xlsx) but not the Microsoft Office 97-2003 format (such as .doc and .xls), Open Document Format (such as .odt and .ods), or other formats. When a file type is not supported for built-in labeling, the **Sensitivity** button is not available in the Office app.
+Generally, Office apps that have built-in labeling for Word, Excel, and PowerPoint files support the Open XML format (such as .docx and .xlsx) but not the Microsoft Office 97-2003 format (such as .doc and .xls), Open Document Format (such as .odt and .ods), or other formats. When a file type is not supported for built-in labeling, the **Sensitivity** button is not available in the Office app.
+
+For specific file types supported for SharePoint and OneDrive when these services are enabled for sensitivity labels, see [Enable sensitivity labels for Office files in SharePoint and OneDrive](sensitivity-labels-sharepoint-onedrive-files.md#supported-file-types).
The Azure Information Protection unified labeling client supports both the Open XML format and the Microsoft Office 97-2003 format. For more information, see [File types supported by the Azure Information Protection unified labeling client](/azure/information-protection/rms-client/clientv2-admin-guide-file-types) from that client's admin guide.
As part of this high visibility, these labels also support colors. For more info
Newly created labels don't have a color by default. If your labels were [migrated from Azure Information Protection](/azure/information-protection/configure-policy-migrate-labels) or you configured label colors for the Azure Information Protection unified labeling client, these label colors are now displayed in apps that support them.
-Use the Microsoft Purview compliance portal to select one of 10 standard colors for sensitivity labels. This configuration is on the first page of the label configuration after the label name and description.
+Use the Microsoft Purview compliance portal to select one of 10 standard colors for sensitivity labels. The **Label color** configuration is on the first page of the label configuration after the label name and description.
You can't select colors for sublabels because they automatically inherit the label color from their parent label.
-If the label is configured for a different color from one of the 10 colors, you see a **Custom color** option selected and the standard color options aren't available:
-
-![Sensitivity label color configuration when the label has a custom color.](../media/label-custom-color-configuration.png)
+If a label is configured for a different color from one of the 10 default colors, you see a **Use previously assigned customer color** checkbox selected, and the standard color options aren't available. You can change the custom color to one of the standard colors by first clearing the checkbox, and then you can select one of the standard colors.
-You can change the custom color to one of the standard colors by first removing the custom color selection, and then selecting one of the standard colors. But you can't use the compliance portal to configure a different custom color. Instead, use PowerShell, as described in the next section.
+You can't use the compliance portal to configure a different custom color. Instead, use PowerShell, as described in the next section.
#### Configuring custom colors by using PowerShell
-You can use the [Security & Compliance Center PowerShell](/powershell/exchange/scc-powershell) advanced setting **color** to set a color for a sensitivity label. This configuration supports colors that you can't configure in the Microsoft Purview compliance portal.
+You can use the [Security & Compliance PowerShell](/powershell/exchange/scc-powershell) advanced setting **color** to set a color for a sensitivity label. This configuration supports colors that you can't configure in the Microsoft Purview compliance portal.
To specify your choice of color, use a hex triplet code for the red, green, and blue (RGB) components of the color. For example, #40e0d0 is the RGB hex value for turquoise.
compliance Sensitivity Labels Sharepoint Onedrive Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files.md
These new capabilities work with [sensitivity labels](sensitivity-labels.md) onl
Use the OneDrive sync app version 19.002.0121.0008 or later on Windows, and version 19.002.0107.0008 or later on Mac. Both these versions were released January 28, 2019, and are currently released to all rings. For more information, see the [OneDrive release notes](https://support.office.com/article/845dcf18-f921-435e-bf28-4e24b95e5fc0). After you enable sensitivity labels for Office files in SharePoint and OneDrive, users who run an older version of the sync app are prompted to update it.
+## Supported file types
+
+After you've enabled sensitivity labels for SharePoint and OneDrive, the following file types are supported for sensitivity labeling scenarios.
+
+Applying a sensitivity label in Office on the web or in SharePoint:
+
+- **Word**: .docx, .docm
+- **Excel**: .xlsx, .xlsm, .xlsb
+- **PowerPoint**: .pptx, .ppsx
+
+Uploading a labeled document, and then extracting and displaying that sensitivity label:
+
+- **Word**: doc, .docx, .docm, .dot, .dotx, .dotm
+- **Excel**: .xls, .xlt, .xla, .xlc, .xlm, .xlw, .xlsx, .xltx, .xlsm, .xltm, .xlam, .xlsb
+- **PowerPoint**: .ppt, .pot, .pps, .ppa, .pptx, .ppsx, .ppsxm, .potx, .ppam, .pptm, .potm, .ppsm
+ ## Limitations - SharePoint and OneDrive can't process some files that are labeled and encrypted from Office desktop apps when these files contain PowerQuery data, data stored by custom add-ins, or custom XML parts such as Cover Page Properties, content type schemas, custom Document Information Panel, and Custom XSN. This limitation also applies to files that include a [bibliography](https://support.microsoft.com/en-us/office/create-a-bibliography-citations-and-references-17686589-4824-4940-9c69-342c289fa2a5), and to files that have a [Document ID](https://support.microsoft.com/office/enable-and-configure-unique-document-ids-ea7fee86-bd6f-4cc8-9365-8086e794c984) added when they are uploaded.
compliance Sensitivity Labels Teams Groups Sites https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-teams-groups-sites.md
In addition to using [sensitivity labels](sensitivity-labels.md) to protect docu
- External user access - External sharing from SharePoint sites - Access from unmanaged devices-- Authentication contexts (in preview)
+- Authentication contexts
- Default sharing link for a SharePoint site (PowerShell-only configuration)-- In preview: Site sharing settings (PowerShell-only configuration)
+- Site sharing settings (PowerShell-only configuration)
> [!IMPORTANT] > The settings for unmanaged devices and authentication contexts work in conjunction with Azure Active Directory Conditional Access. You must configure this dependent feature if you want to use a sensitivity label for these settings. Additional information is included in the instructions that follow.
After sensitivity labels are enabled for containers as described in the previous
For additional configuration information, see [More information about the dependencies for the unmanaged devices option](#more-information-about-the-dependencies-for-the-unmanaged-devices-option) at the end of this section.
- - **Choose an existing authentication context**: Currently in preview, this option lets you enforce more stringent access conditions when users access SharePoint sites that have this label applied. These conditions are enforced when you select an existing authentication context that has been created and published for your organization's Conditional Access deployment. If users don't meet the configured conditions or if they use apps that don't support authentication contexts, they are denied access.
+ - **Choose an existing authentication context**: This option lets you enforce more stringent access conditions when users access SharePoint sites that have this label applied. These conditions are enforced when you select an existing authentication context that has been created and published for your organization's Conditional Access deployment. If users don't meet the configured conditions or if they use apps that don't support authentication contexts, they are denied access.
For additional configuration information, see [More information about the dependencies for the authentication context option](#more-information-about-the-dependencies-for-the-authentication-context-option) at the end of this section.
Not all apps support authentication contexts. If a user with an unsupported app
- iOS: Rolling out in 12.30 - Android: Not yet supported
-Known limitations for this preview:
+Known limitations:
- For the OneDrive sync app, supported for OneDrive only and not for other sites.
For more information and instructions, see [Use sensitivity labels to configure
### Configure site sharing permissions by using PowerShell advanced settings
-> [!NOTE]
-> This label setting is currently in preview.
- Another PowerShell advanced setting that you can configure for the sensitivity label to be applied to a SharePoint site is **MembersCanShare**. This setting is the equivalent configuration that you can set from the SharePoint admin center > **Site permissions** > **Site Sharing** > **Change how members can share** > **Sharing permissions**. The three options are listed with the equivalent values for the PowerShell advanced setting **MembersCanShare**:
compliance Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels.md
Similarly for users in the legal department, who are assigned the third policy w
## Sensitivity labels and Azure Information Protection
-The sensitivity labels that are built into Microsoft 365 Apps on Windows, macOS, iOS, and Android look and behave very similarly across these devices to provide users with a consistent labeling experience. However, on Windows computers, you can also use the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2). This client is now in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613).
+The sensitivity labels that are built into Microsoft 365 Apps on Windows, macOS, iOS, and Android look and behave very similarly across these devices to provide users with a consistent labeling experience. However, on Windows computers, you can also use the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2). This client is now in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613) and when installed, is no longer the default labeling client for the latest Office apps.
-If you're using the AIP client, see [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md) to understand and manage your labeling choices for Windows computers.
+If you're using the AIP client for labeling in Office apps, we recommend you move to built-in labeling. For more information, see [Migrate the Azure Information Protection (AIP) add-in to built-in labeling for Office apps](sensitivity-labels-aip.md).
### Azure Information Protection labels
compliance Sit Defn All Creds https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-all-creds.md
+
+ Title: "All credentials entity definition"
+f1.keywords:
+- CSH
+++ Last updated :
+audience: Admin
+search.appverid: MET150
+
+f1_keywords:
+- 'ms.o365.cc.UnifiedDLPRuleContainsSensitiveInformation'
+
+ms.localizationpriority: medium
+
+- tier3
+- purview-compliance
+hideEdit: true
+feedback_system: None
+recommendations: false
+description: "All credentials sensitive information type entity definition."
++
+# All credential sensitive information types
+
+All credentials is a bundled entity sensitive information type (SIT). It detects credentials from all supported services and environments, which include Amazon, Azure, GitHub, Google, Microsoft general, Slack and more.
++
+## Format
+
+Various
+
+## Pattern
+
+Various
+
+## Checksum
+
+No
+
+## Description
+
+The All credentials SIT is a bundled SIT that scans for individual credential types. This includes checksum evaluated values and keyword/pattern combinations. The All credential entity scans for any of the underlying credential information type checksums and/or patterns are detected in a document.
+
+## Contains
+
+This bundled entity SIT contains these individual SITs:
+
+- [Amazon S3 Client Secret Access Key](sit-defn-amazon-s3-client-secret-access-key.md)
+- [ASP.NET Machine Key](sit-defn-asp-net-machine-key.md)
+- [Azure AD Client Access Token](sit-defn-azure-ad-client-access-token.md)
+- [Azure AD Client Secret](sit-defn-azure-ad-client-secret.md)
+- [Azure AD User Credentials](sit-defn-azure-ad-user-credentials.md)
+- [Azure App Service Deployment Password](sit-defn-azure-app-service-deployment-password.md)
+- [Azure Batch Shared Access Key](sit-defn-azure-batch-shared-access-key.md)
+- [Azure Bot Framework Secret Key](sit-defn-azure-bot-framework-secret-key.md)
+- [Azure Bot Service App Secret](sit-defn-azure-bot-service-app-secret.md)
+- [Azure Cognitive Search API Key](sit-defn-azure-cognitive-search-api-key.md)
+- [Azure Cognitive Service Key](sit-defn-azure-cognitive-service-key.md)
+- [Azure Container Registry Access Key](sit-defn-azure-container-registry-access-key.md)
+- [Azure COSMOS DB Account Access Key](sit-defn-azure-cosmos-db-account-access-key.md)
+- [Azure Databricks Personal Access Token](sit-defn-azure-databricks-personal-access-token.md)
+- [Azure DevOps App Secret](sit-defn-azure-devops-app-secret.md)
+- [Azure DevOps Personal Access Token](sit-defn-azure-devops-personal-access-token.md)
+- [Azure EventGrid Access Key](sit-defn-azure-eventgrid-access-key.md)
+- [Azure Function Master / API Key](sit-defn-azure-function-master-api-key.md)
+- [Azure IoT Shared Access Key](sit-defn-azure-iot-shared-access-key.md)
+- [Azure Logic App Shared Access Signature](sit-defn-azure-logic-app-shared-access-signature.md)
+- [Azure Machine Learning Web Service API Key](sit-defn-azure-machine-learning-web-service-api-key.md)
+- [Azure Maps Subscription Key](sit-defn-azure-maps-subscription-key.md)
+- [Azure Redis Cache Connection String Password](sit-defn-azure-redis-cache-connection-string-password.md)
+- [Azure Service Bus Shared Access Signature](sit-defn-azure-service-bus-shared-access-signature.md)
+- [Azure Shared Access Key / Web Hook Token](sit-defn-azure-shared-access-key-web-hook-token.md)
+- [Azure SignalR Access Key](sit-defn-azure-signalr-access-key.md)
+- [Azure SQL Connection String](sit-defn-azure-sql-connection-string.md)
+- [Azure Storage Account Access Key](sit-defn-azure-storage-account-access-key.md)
+- [Azure Storage Account Shared Access Signature](sit-defn-azure-storage-account-shared-access-signature.md)
+- [Azure Storage Account Shared Access Signature for High Risk Resources](sit-defn-azure-storage-account-shared-access-signature-high-risk-resources.md)
+- [Azure Subscription Management Certificate](sit-defn-azure-subscription-management-certificate.md)
+- [Client Secret / API Key](sit-defn-client-secret-api-key.md)
+- [General Password](sit-defn-general-password.md)
+- [General Symmetric Key](sit-defn-general-symmetric-key.md)
+- [GitHub Personal Access Token](sit-defn-github-personal-access-token.md)
+- [Google API key](sit-defn-google-api-key.md)
+- [Http Authorization Header](sit-defn-http-authorization-header.md)
+- [Microsoft Bing Maps Key](sit-defn-google-api-key.md)
+- [Slack Access Token](sit-defn-slack-access-token.md)
+- [User Login Credentials](sit-defn-user-login-credentials.md)
+- [X.509 Certificate Private Key](sit-defn-x-509-certificate-private-key.md)
+
+## Supported languages
+
+- English
+- Bulgarian
+- Chinese
+- Croatian
+- Czech
+- Danish
+- Estonian
+- Finnish
+- French
+- German
+- Hungarian
+- Icelandic
+- Irish
+- Italian
+- Japanese
+- Latvian
+- Lithuanian
+- Maltese
+- Dutch
+- Norwegian
+- Polish
+- Portuguese
+- Romanian
+- Slovak
+- Slovenian
+- Spanish
+- Swedish
+- Turkish
compliance Sit Defn Amazon S3 Client Secret Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-amazon-s3-client-secret-access-key.md
Title: "Amazon S3 client secret access key entity definition (preview)"
+ Title: "Amazon S3 client secret access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Amazon S3 client secret access key sensitive information type entity definition."
-# Amazon S3 client secret access key (preview)
+# Amazon S3 client secret access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 40 characters consisting of letters, digits, and special characters.
A combination of 40 characters consisting of:
for example:
+`abcdefghijklmnopqrst0123456789/+ABCDEFGH;`
+
+## Credential example
+ `AWS Secret: abcdefghijklmnopqrst0123456789/+ABCDEFGH;` ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access [Amazon Web Services.](/toolkit-for-eclipse/v1/user-guide/setup-credentials.html)
compliance Sit Defn Asp Net Machine Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-asp-net-machine-key.md
Title: "ASP.NET machine key entity definition (preview)"
+ Title: "ASP.NET machine key entity definition"
f1.keywords: - CSH
recommendations: false
description: "ASP.NET machine key sensitive information type entity definition."
-# ASP.NET machine key (preview)
+# ASP.NET machine key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
Symmetric keys in XML configuration.
Various symmetric key formats in XML, for example:
<machineKey decryptionKey="******** </br> <machineKey validationKey="******** ```
+## Credential example
+
+`<machineKey validationKey="ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" decryptionKey="ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789"`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition
compliance Sit Defn Azure Ad Client Access Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-ad-client-access-token.md
Title: "Azure AD client access token entity definition (preview)"
+ Title: "Azure AD client access token entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure AD client access token sensitive information type entity definition."
-# Azure AD client access token (preview)
+# Azure AD client access token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 10,000 characters consisting of letters, digits, and special characters.
A combination of up to 1,000 characters consisting
for example:
-`eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ing0Nzh4eU9wbHNNMUg3TlhrN1N4MTd4MXVwYyIsImtpZCI6Ing0Nzh4`
+`eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ing0Nzh4eU9wbHNNMUg3TlhrN1N4MTd4MX...`
++
+## Credential example
+`Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ing0Nzh4eU9wbHNNMUg3TlhrN1N4MTd4MX...`
+
+> [!IMPORTANT]
+> This example has been truncated. ItΓÇÖs not a detectable example of this SIT.
## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's contains claims that one can use in [Azure Active Directory B2C](/azure/active-directory-b2c/active-directory-b2c-access-tokens) (Azure AD B2C) to identify the granted permissions to Azure resources.
compliance Sit Defn Azure Ad Client Secret https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-ad-client-secret.md
Title: "Azure AD client secret entity definition (preview)"
+ Title: "Azure AD client secret entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure AD client secret sensitive information type entity definition."
-# Azure AD client secret (preview)
+# Azure AD client secret
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 40 characters consisting of letters, digits, and special characters.
for example:
`abc7Q~defghijklmnopqrs0t123456789-_.~`
+## Credential example
+
+`"AppId=01234567-abcd-abcd-abcd-abcdef012345;AppSecret=abc7Q~defghijklmnopqrstuvwxyz-_.~0123"`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to secure [Azure Active Directory service principals](/azure/active-directory/fundamentals/service-accounts-principal).
compliance Sit Defn Azure Ad User Credentials https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-ad-user-credentials.md
Title: "Azure AD user credentials entity definition (preview)"
+ Title: "Azure AD user credentials entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure AD user credentials sensitive information type entity definition."
-# Azure AD user credentials (preview)
+# Azure AD user credentials
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A paired username and password related to *.onmicrosoft.com domain.
Various password formats in XML, for example:
```
+## Credential example
+
+`username=user@tenant.onmicrosoft.com;password=ZYXWVU$1;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used as individual user passwords to authenticate against [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-users-reset-password-azure-portal). It uses several primary resources: -- Patterns of Plain-text username and password for Azure AD tenant.
+- Patterns of Plain-text username and password for Azure AD tenants.
- Patterns of Password context in code. - Patterns of Password context in XML. - Patterns of CredentialName, CredentialFeatures, AccountIdentityName, AccountIdentityValue, ResourceType, ResourceName.
compliance Sit Defn Azure App Service Deployment Password https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-app-service-deployment-password.md
Title: "Azure App Service Deployment Password entity definition (preview)"
+ Title: "Azure App Service Deployment Password entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure App Service Deployment Password sensitive information type entity definition."
-# Azure App Service deployment password (preview)
+# Azure App Service deployment password
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 60 characters consisting of letters, digits, and special characters.
for example:
+## Credential example
+
+`userPWD=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOPQRSTUV;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to secure [Azure App Service deployment](/azure/app-service/deploy-configure-credentials) from a local computer.
compliance Sit Defn Azure Batch Shared Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-batch-shared-access-key.md
Title: "Azure Batch Shared Access Key entity definition (preview)"
+ Title: "Azure Batch Shared Access Key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Batch Shared Access Key sensitive information type entity definition."
-# Azure Batch Shared Access Key (preview)
+# Azure Batch Shared Access Key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 43 characters consisting of letters, digits, and special characters ending in an equals (=) sign that isn't part of the pattern.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+## Credential example
+
+`Account=account.batch.azure.net;AccountKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access [Azure Batch accounts.](/azure/batch/security-best-practices)
compliance Sit Defn Azure Bot Framework Secret Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-bot-framework-secret-key.md
Title: "Azure Bot Framework secret key entity definition (preview)"
+ Title: "Azure Bot Framework secret key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Bot Framework secret key sensitive information type entity definition."
-# Azure Bot Framework secret key (preview)
+# Azure Bot Framework secret key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 55 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijk.lmn.opq.rstuvwxyz0123456789-_ABCDEFGHIJKLMNOPQRSTUV`
+## Credential example
+
+`host: webchat.botframework.com/?s=abcdefghijklmnopqrstuvwxyz.0123456789_ABCDEabcdefghijkl&`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to connect to [WebChat channels from Azure Bot services.](/azure/bot-service/bot-service-channel-connect-webchat?view=azure-bot-service-4.0)
compliance Sit Defn Azure Bot Service App Secret https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-bot-service-app-secret.md
Title: "Azure Bot service app secret entity definition (preview)"
+ Title: "Azure Bot service app secret entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Bot service app secret sensitive information type entity definition."
-# Azure Bot service app secret (preview)
+# Azure Bot service app secret
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 40 characters consisting of letters, digits, and special characters.
for example:
`abc7Q~defghijklmnopqrs0t123456789-_.~`
+## Credential example
+
+`"account.azurewebsites.net/api/messages;AppId=01234567-abcd-abcd-abcd-abcdef012345;AppSecret="abcdeFGHIJ0K1234567%;[@"`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to establish secure communication between an [Azure Bot, WebChat channels and client applications](/azure/bot-service/bot-builder-concept-authentication-types?view=azure-bot-service-4.0).
compliance Sit Defn Azure Cognitive Search Api Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-cognitive-search-api-key.md
Title: "Azure Cognitive search API key entity definition (preview)"
+ Title: "Azure Cognitive search API key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Cognitive search API key sensitive information type entity definition."
-# Azure Cognitive Search API key (preview)
+# Azure Cognitive Search API key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 32 characters consisting of letters and digits.
for example:
`abcdef0123456789abcdef0123456789`
+## Credential example
+
+`host: account.search.windows.net; apikey: abcdef0123456789abcdef0123456789;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate inbound requests to [Azure Cognitive Search APIs.](/azure/search/search-security-api-keys)
compliance Sit Defn Azure Cognitive Service Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-cognitive-service-key.md
Title: "Azure Cognitive Service key entity definition (preview)"
+ Title: "Azure Cognitive Service key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Cognitive Service key sensitive information type entity definition."
-# Azure Cognitive Service key (preview)
+# Azure Cognitive Service key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 32 characters consisting of letters and digits.
for example:
`abcdef0123456789abcdef0123456789`
+## Credential example
+
+`cognitiveservices.azure.com...apikey= abcdef0123456789abcdef0123456789;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate requests to [Azure Cognitive Services.](/azure/search/search-security-api-keys)
compliance Sit Defn Azure Container Registry Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-container-registry-access-key.md
Title: "Azure Container Registry access key entity definition (preview)"
+ Title: "Azure Container Registry access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Container Registry access key sensitive information type entity definition."
-# Azure Container Registry access key (preview)
+# Azure Container Registry access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 32 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqr0123456789/+AB`
+## Credential example
+
+`account.azurecr.io/ #docker password: abcdefghijklmnopqr0123456789/+AB;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access [Azure Container Registry](/azure/container-registry/container-registry-authentication) services as an admin account.
compliance Sit Defn Azure Cosmos Db Account Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-cosmos-db-account-access-key.md
Title: "Azure COSMOS DB account access key entity definition (preview)"
+ Title: "Azure COSMOS DB account access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure COSMOS DB account access key sensitive information type entity definition."
-# Azure COSMOS DB account access key (preview)
+# Azure COSMOS DB account access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 88 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`AccountEndpoint=https://account.documents.azure.com;AccountKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to provide access to administrative resources for [Azure COSMOS Database](/azure/cosmos-db/secure-access-to-data) accounts.
compliance Sit Defn Azure Databricks Personal Access Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-databricks-personal-access-token.md
Title: "Azure Databricks personal access token entity definition (preview)"
+ Title: "Azure Databricks personal access token entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Databricks personal access token sensitive information type entity definition."
-# Azure Databricks personal access token (preview)
+# Azure Databricks personal access token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 32 characters consisting of letters and digits.
for example:
`abcdef0123456789abcdef0123456789`
+## Credential example
+
+`account.azuredatabricks.net;PAT=dapiabcdef0123456789abcdef0123456789;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate to the [Azure Databricks REST API](/azure/databricks/administration-guide/access-control/tokens).
compliance Sit Defn Azure Devops App Secret https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-devops-app-secret.md
Title: "Azure DevOps app secret entity definition (preview)"
+ Title: "Azure DevOps app secret entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure DevOps app secret sensitive information type entity definition."
-# Azure DevOps app secret (preview)
+# Azure DevOps app secret
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 52 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz234567abcdefghijklmnopqrst`
+## Credential example
+
+`AdoAppId=...;AdoAppSecret=abcdefghijklmnopqrstuvwxyz234567abcdefghijklmnopqrst;`
+
+> [!IMPORTANT]
+> This example has been invalidated. ItΓÇÖs not a detectable example of this SIT.
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No**, other (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate web app users for [Azure DevOps REST API access.](/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops)
compliance Sit Defn Azure Devops Personal Access Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-devops-personal-access-token.md
Title: "Azure DevOps personal access token entity definition (preview)"
+ Title: "Azure DevOps personal access token entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure DevOps personal access token sensitive information type entity definition."
-# Azure DevOps personal access token (preview)
+# Azure DevOps personal access token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 52 characters consisting of letters, digits, and special characters.
Any combination of 52 characters consisting of:
for example:
-`ntpi2ch67ci2vjzcohglogyygwo5fuyl365n2zdowwxhsys6jnoa`
+`abcdefghijklmnopqrstuvwxyz234567abcdefghijklmnopqrst`
+
+## Credential example
+
+`URL="org.visualstudio.com/proj"; PAT = "abcdefghijklmnopqrstuvwxyz234567abcdefghijklmnopqrst"`
+
+> [!IMPORTANT]
+> This example has been invalidated. ItΓÇÖs not a detectable example of this SIT.
## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No**, other (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used as an alternate password to authenticate into [Azure DevOps.](/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops)
compliance Sit Defn Azure Eventgrid Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-eventgrid-access-key.md
Title: "Azure EventGrid access key entity definition (preview)"
+ Title: "Azure EventGrid access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure EventGrid access key sensitive information type entity definition."
-# Azure EventGrid access key (preview)
+# Azure EventGrid access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 43 characters consisting of letters, digits, and special characters ending in an equals sign (=) that isn't part of the pattern.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+## Credential example
+
+`host: account.eventgrid.azure.net; accesskey: abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate an application publishing events to [Azure Event Grid resources (topics and domains).](/azure/event-grid/get-access-keys)
compliance Sit Defn Azure Function Master Api Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-function-master-api-key.md
Title: "Azure Function Master / API key entity definition (preview)"
+ Title: "Azure Function Master / API key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Function Master / API key sensitive information type entity definition."
-# Azure Function Master / API key (preview)
+# Azure Function Master / API key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 56 characters consisting of letters, digits, and special characters.
for example:
abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDEF0123456789%3D%3D
+## Credential example
+
+`https://account.azurewebsites.net/api/function?code=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDEF0123456789%3D%3D`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to request [Azure Function API](/azure/azure-functions/functions-how-to-use-azure-function-app-settings?tabs=portal) when its authorization level is set a value other than anonymous.
compliance Sit Defn Azure Iot Connection String https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-iot-connection-string.md
Title: "Azure IoT connection string entity definition (preview)"
+ Title: "Azure IoT connection string entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure IoT connection string sensitive information type entity definition."
-# Azure IoT connection string (preview)
+# Azure IoT connection string
-### Format
+#This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
The string `HostName` followed by the characters and strings outlined in the pattern below, including the strings `azure-devices.net` and `SharedAccessKey`.
The string `HostName` followed by the characters and strings outlined in the pat
- any combination of 43 lower- or uppercase letters, digits, forward slash (/), or plus sign (+) - an equal sign (=)
+## Credential example
+
+`HostName=account.azure-devices.net;SharedAccessKeyName=key;SharedAccessKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
compliance Sit Defn Azure Logic App Shared Access Signature https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-logic-app-shared-access-signature.md
Title: "Azure Logic App shared access signature entity definition (preview)"
+ Title: "Azure Logic App shared access signature entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Logic App shared access signature sensitive information type entity definition."
-# Azure Logic App shared access signature (preview)
+# Azure Logic App shared access signature
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 76 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+## Credential example
+
+`https://account.logic.azure.com/?...&sig=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to grant access to a request endpoint on [Azure Logic Apps.](/azure/logic-apps/logic-apps-securing-a-logic-app?tabs=azure-portal)
compliance Sit Defn Azure Machine Learning Web Service Api Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-machine-learning-web-service-api-key.md
Title: "Azure Machine Learning web service API key entity definition (preview)"
+ Title: "Azure Machine Learning web service API key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Machine Learning web service API key sensitive information type entity definition."
-# Azure Machine Learning web service API key (preview)
+# Azure Machine Learning web service API key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 88 characters consisting of letters, digits, and special characters ending in two equals signs (==).
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`host: account.azureml.net/services/01234567-abcd-abcd-abcd-abcdef012345/workspaces/01234567-abcd-abcd-abcd-abcdef012345/; apikey: abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to connect to [Azure Machine Learning Web services](/azure/machine-learning/classic/consume-web-services).
compliance Sit Defn Azure Maps Subscription Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-maps-subscription-key.md
Title: "Azure Maps subscription key entity definition (preview)"
+ Title: "Azure Maps subscription key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Maps subscription key sensitive information type entity definition."
-# Azure Maps subscription key (preview)
+# Azure Maps subscription key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 43 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789-_ABCDE`
+## Credential example
+
+`host: atlas.microsoft.com; key: abcdefghijklmnopqrstuvwxyz0123456789-_ABCDE;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access resources in [Azure Maps accounts](/azure/azure-maps/how-to-manage-authentication).
compliance Sit Defn Azure Redis Cache Connection String Password https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-redis-cache-connection-string-password.md
Title: "Azure Redis cache connection string password entity definition (preview)"
+ Title: "Azure Redis cache connection string password entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Redis cache connection string password sensitive information type entity definition."
-# Azure Redis cache connection string password (preview)
+# Azure Redis cache connection string password
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 20,000-characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+## Credential example
+
+`HostName=account.redis.cache.windows.net;Password=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information thatΓÇÖs used to connect to [Azure Cache for Redis servers](/azure/azure-cache-for-redis/).
compliance Sit Defn Azure Service Bus Shared Access Signature https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-service-bus-shared-access-signature.md
Title: "Azure service bus shared access signature entity definition (preview)"
+ Title: "Azure service bus shared access signature entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure service bus shared access signature sensitive information type entity definition."
-# Azure service bus shared access signature (preview)
+# Azure service bus shared access signature
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 44-characters consisting of letters, digits, and special characters ending with an equals sign (=) that isn't part of the pattern.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+## Credential example
+
+`Endpoint=sb://account.servicebus.windows.net;SharedAccessKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information thatΓÇÖs used to grant a user access to [Azure Service Bus resources](/azure/service-bus-messaging/service-bus-authentication-and-authorization) with specific rights.
compliance Sit Defn Azure Shared Access Key Web Hook Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-shared-access-key-web-hook-token.md
Title: "Azure Shared Access key / Web Hook token signature entity definition (preview)"+
+ Title: "Azure Shared Access key / Web Hook token signature entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Shared Access key / Web Hook token sensitive information type entity definition."
-# Azure Shared Access key / Web Hook token (preview)
+# Azure Shared Access key / Web Hook token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 44 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+## Credential example
+
+`PrimaryKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access general [Azure resources with restricted permission](/azure/notification-hubs/notification-hubs-push-notification-security).
compliance Sit Defn Azure Signalr Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-signalr-access-key.md
Title: "Azure SignalR access key entity definition (preview)"
+ Title: "Azure SignalR access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure SignalR access key sensitive information type entity definition."
-# Azure SignalR access key (preview)
+# Azure SignalR access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 43 characters consisting of letters, digits, and special characters ending in an equals sign (=) that isn't part of the pattern.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+## Credential example
+
+`host: account.service.signalr.net; accesskey: abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate [Azure SignalR](/azure/azure-signalr/signalr-howto-key-rotation) clients when requests are made to the service.
compliance Sit Defn Azure Sql Connection String https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-sql-connection-string.md
Title: "Azure SQL connection string entity definition (preview)"
+ Title: "Azure SQL connection string entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure SQL connection string sensitive information type entity definition."
-# Azure SQL connection string (preview)
+# Azure SQL connection string
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
Up to 20,000-character combination of letters, digits, and special characters.
Variant username and password formats, for example:
`Service Account=...;Password=********;` <br>
+## Credential example
+
+`server=server.database.windows.net;database=database;user=user;pwd=ZYXWVU_2;`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to connect to [Azure SQL Databases](/azure/sql-database/sql-database-aad-authentication-configure).
compliance Sit Defn Azure Storage Account Access Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-storage-account-access-key.md
Title: "Azure storage account access key entity definition (preview)"
+ Title: "Azure storage account access key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure storage account access key sensitive information type entity definition."
-# Azure storage account access key (preview)
+# Azure storage account access key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 20,000 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`Endpoint=account.table.core.windows.net;AccountName=account;AccountKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to make request against [Azure Storage services](/rest/api/storageservices/authorize-with-shared-key), like Blob, Queue, Table and File services.
compliance Sit Defn Azure Storage Account Shared Access Signature High Risk Resources https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-storage-account-shared-access-signature-high-risk-resources.md
description: "Azure Storage account shared access signature for high risk resour
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 44 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+## Credential example
+
+`https://account.blob.core.windows.net/file.cspkg?...&sig=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to grant restricted access rights to high risk [Azure Storage resources such as certificates, configurations, or deployment packages](/rest/api/storageservices/delegate-access-with-shared-access-signature).
compliance Sit Defn Azure Storage Account Shared Access Signature https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-storage-account-shared-access-signature.md
Title: "Azure Storage account shared access signature entity definition (preview)"
+ Title: "Azure Storage account shared access signature entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure Storage account shared access signature sensitive information type entity definition."
-# Azure Storage account shared access signature (preview)
+# Azure Storage account shared access signature
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 44 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+## Credential example
+
+`https://account.blob.core.windows.net/?sr=...&sv=...&st=...&se=...&sp=...&sig=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDE%3D`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to grant restricted access rights to [Azure Storage resources](/rest/api/storageservices/delegate-access-with-shared-access-signature).
compliance Sit Defn Azure Subscription Management Certificate https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-azure-subscription-management-certificate.md
Title: "Azure subscription management certificate entity definition (preview)"
+ Title: "Azure subscription management certificate entity definition"
f1.keywords: - CSH
recommendations: false
description: "Azure subscription management certificate sensitive information type entity definition."
-# Azure subscription management certificate (preview)
+# Azure subscription management certificate
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 20,000 characters consisting of letters, digits, and special characters.
for example:
`MIIKcQIBAzCCCi0GCSqGSIb3DQEHAaCCCh4EggoaMIIKFjCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCBfQGCyqGSIb3DQEM`
+## Credential example
+
+`<Subscription id="f70163aa-03a8-4f4a-8a30-d38e3f38fde4" ManagementCertificate="MIIPuQIBAzCCD38GCSqGS...`
+
+> [!IMPORTANT]
+> This example has been truncated. ItΓÇÖs not a detectable example of this SIT.
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to authenticate with the [classic deployment model](/azure/azure-resource-manager/management/deployment-models) provided by Azure. Many programs and tools, like Visual Studio or the Azure SDK, use these certificates to automate configuration and deployment of various [Azure services](/azure/azure-api-management-certs).
compliance Sit Defn Client Secret Api Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-client-secret-api-key.md
Title: "Client secret / API key entity definition (preview)"
+ Title: "Client secret / API key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Client secret / API key sensitive information type entity definition."
-# Client secret / API key (preview)
+# Client secret / API key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A client secret or refresh token used in OAuth 2.0 protocol.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`client_secret=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's known only to the [OAuth application and the authorization server to exchange](/azure/active-directory/develop/active-directory-how-applications-are-added) for an access token at runtime.
compliance Sit Defn General Password https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-general-password.md
Title: "General password entity definition (preview)"
+ Title: "General password entity definition"
f1.keywords: - CSH
recommendations: false
description: "General password sensitive information type entity definition."
-# General Password (preview)
+# General Password
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
Up to 20,000-character combination of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`<secret>ZYXWVU_3</secret>`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Description This SIT is designed to match the security information that's like usernames and passwords used in general sign-in process [user login process](/azure/key-vault/quick-create-portal). It uses several primary resources:
compliance Sit Defn General Symmetric Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-general-symmetric-key.md
Title: "General Symmetric key entity definition (preview)"
+ Title: "General Symmetric key entity definition"
f1.keywords: - CSH
recommendations: false
description: "General Symmetric key sensitive information type entity definition."
-# General Symmetric key (preview)
+# General Symmetric key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 44 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`key=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used in [general authentication process.](/dotnet/api/system.security.cryptography.aes?view=net-5.0)
compliance Sit Defn Github Personal Access Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-github-personal-access-token.md
Title: "GitHub personal access token entity definition (preview)"
+ Title: "GitHub personal access token entity definition"
f1.keywords: - CSH
recommendations: false
description: "GitHub personal access token sensitive information type entity definition."
-# GitHub personal access token (preview)
+# GitHub personal access token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 40 characters consisting of letters, digits, and special characters.
for example:
`abcdef0123456789abcdef0123456789abcdef01`
+## Credential example
+
+`pat=ghp_abcdefghijklmnopqrstuvwxyzABCD012345`
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used as an alternate password for authentication to GitHub when using [GitHub API or the command line](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
compliance Sit Defn Google Api Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-google-api-key.md
Title: "Google API key entity definition (preview)"
+ Title: "Google API key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Google API key sensitive information type entity definition."
-# Google API key (preview)
+# Google API key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 39 characters consisting of letters, digits, and special characters.
for example:
`AIzaefgh0123456789_-ABCDEFGHIJKLMNOPQRS`
+## Credential example
+
+`apiKey=AIzaefgh0123456789_-ABCDEFGHIJKLMNOPQRS;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used as a simple encrypted string that identifies a [Google REST API client](https://cloud.google.com/docs/authentication/api-keys) without any principal that is used to associate API requests with your project for quota and billing.
compliance Sit Defn Http Authorization Header https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-http-authorization-header.md
Title: "Http authorization header entity definition (preview)"
+ Title: "Http authorization header entity definition"
f1.keywords: - CSH
recommendations: false
description: "Http authorization header sensitive information type entity definition."
-# Http authorization header (preview)
+# Http authorization header
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
An authorization header used in HTTP request.
Various authentication header formats for example:
`authorization: digest ********` <br> `authorization: negotiate ********` <br>
+## Credential example
+
+`Authorization: Basic ABCDEFGHIJKLMNOPQRS0123456789;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used in the header of an [HTTP request for authentication and authorization.](/dotnet/api/system.net.http.headers.httprequestheaders.authorization?view=netframework-4.8)
compliance Sit Defn Microsoft Bing Maps Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-microsoft-bing-maps-key.md
Title: "Microsoft Bing maps key entity definition (preview)"
+ Title: "Microsoft Bing maps key entity definition"
f1.keywords: - CSH
recommendations: false
description: "Microsoft Bing maps key sensitive information type entity definition."
-# Microsoft Bing maps key (preview)
+# Microsoft Bing maps key
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of 64 characters consisting of letters, digits, and special characters.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789-_ABCDEabcdefghijklmnopqrstu`
+## Credential example
+
+`bingMapsKey=abcdefghijklmnopqrstuvwxyz0123456789-_ABCDEabcdefghijklmnopqrstu`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to call [Bing Maps API.](/bingmaps/getting-started/bing-maps-dev-center-help/getting-a-bing-maps-key)
compliance Sit Defn Slack Access Token https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-slack-access-token.md
Title: "Slack access token entity definition (preview)"
+ Title: "Slack access token entity definition"
f1.keywords: - CSH
recommendations: false
description: "Slack access token sensitive information type entity definition."
-# Slack access token (preview)
+# Slack access token
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 34 characters consisting of letters, digits, and special characters.
for example:
`xoxp-abcdef-abcdef-abcdef-abcdef`
+## Credential example
+
+`slack_token= xoxp-abcdef-abcdef-abcdef-abcdef;`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used to access [Slack platform functionalities](https://api.slack.com/docs/token-type) (for example Bot tokens, User tokens and App-level tokens).
compliance Sit Defn User Login Credentials https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-user-login-credentials.md
Title: "User login credentials entity definition (preview)"
+ Title: "User login credentials entity definition"
f1.keywords: - CSH
recommendations: false
description: "User login credentials sensitive information type entity definition."
-# User login credentials (preview)
+# User login credentials
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A paired username and password used in general authentication process.
for example:
`abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEabcdefghijklmnopqrstuvwxyz0123456789/+ABCDE==`
+## Credential example
+
+`{ "user": "user_name", "password": "ZYXWVU_2" }`
+ ## Checksum No
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used in general [user login process](/azure/key-vault/quick-create-portal).
compliance Sit Defn X 509 Certificate Private Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-x-509-certificate-private-key.md
Title: "X.509 certificate private key entity definition (preview)"
+ Title: "X.509 certificate private key entity definition"
f1.keywords: - CSH
description: "X.509 certificate private key sensitive information type entity de
[!INCLUDE [purview-preview](../includes/purview-preview.md)]
-## Format
+This SIT is also included in the [All credentials](sit-defn-all-creds.md) bundled SIT.
+
+ ## Format
A combination of up to 20,000 characters consisting of letters, digits, and special characters.
for example:
`--BEGIN PRIVATE KEY--`
+## Credential example
+
+`--BEGIN PRIVATE KEY-- MIIPuQIBAzCCD38GCSqGSIb3DQEHAaCCD3AEgg9sMIIPaDCCBZ8GCSqGSIb3DQEHBqCCBZAw...`
+
+> [!IMPORTANT]
+> This example has been truncated. ItΓÇÖs not a detectable example of this SIT.
+ ## Checksum Yes
+SITs that have checksums use a unique calculation to check if the information is valid. This means when the **Checksum** value is **Yes**, the service can make a positive detection based on the sensitive data alone. When the **Checksum** value is **No** additional (secondary) elements must also be detected for the service to make a positive detection.
+ ## Definition This SIT is designed to match the security information that's used as a private component in [SSL certificates.](/azure/key-vault/certificate-scenarios)
compliance Whats New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md
Whether it be adding new solutions to the [Microsoft Purview compliance portal](
- [Increase classifier accuracy (preview)](data-classification-increase-accuracy.md) - This article shows you how to confirm whether items matched by a classifier are true positive (a Match) or a false positive (Not a match) and provide Match, or Not a match feedback. You can use that feedback to tune your classifiers to increase accuracy. You can also send redacted versions of the document and the Match, Not a Match feedback to Microsoft if you want to help increase the accuracy of the classifiers that Microsoft provides.
+### Data lifecycle management and records management
+- In preview: Retention labels now support running a Power Automate flow at the end of the retention period to support custom actions and integration with other solutions. For more information, see [Customize what happens at the end of the retention period](retention-label-flow.md).
+- For records management items undergoing disposition review, when you select that item in the Disposition area of the compliance portal, a new Progress column displays the item's status. That status can be "Approved for deletion, "Awaiting deletion from SharePoint/OneDriveΓÇ¥ or ΓÇ£Awaiting deletion from ExchangeΓÇ¥, or "Permanently Deleted". When an item is approved for permanent deletion as part of the disposition review process, that deletion can take up to 15 days to complete and this new column helps you to track its progress.
+- The configuration to [enable a mailbox for archiving](enable-archive-mailboxes.md) is moving to the new Exchange admin center (EAC) and instructions have been updated accordingly.
+- Currently, trainable classifiers for auto-apply retention labels aren't supported with adaptive scopes. As a workaround, use static scopes for this configuration combination.
+- Instructions to [Customize an archive and deletion policy for mailboxes](set-up-an-archive-and-deletion-policy-for-mailboxes.md) are updated to include only retention tags that that have an outcome that can't be achieved with Microsoft 365 retention.
+ ### Data loss prevention - [Design a data loss prevention policy complex rule design (preview)](dlp-policy-design.md#complex-rule-design-preview) - The DLP rule builder supports boolean logic (AND, OR, NOT) and nested groups. New video and content added that walks you through this new functionality.
-
+
+### Sensitivity labels
+- [PDF support](sensitivity-labels-office-apps.md#pdf-support) in Word, Excel, and PowerPoint is now available to Windows Current Channel and Monthly Enterprise Channel.
+- Default label for existing documents is now fully rolled out to Mac and Windows in Current Channel and Monthly Enterprise Channel, providing parity with the AIP add-in.
+- In preview: The new [sensitivity bar](sensitivity-labels-office-apps.md#sensitivity-bar) and support for [label colors](sensitivity-labels-office-apps.md#label-colors) in Office apps, providing parity with the AIP add-in with additional functionality.
+- In preview: [S/MIME support](sensitivity-labels-office-apps.md#configure-a-label-to-apply-smime-protection-in-outlook) for Windows, providing parity with the AIP add-in. Support for Mac and mobile is now fully rolled out.
+- In preview: Trainable classifiers for auto-labeling policies (all workloads).
+ ### Trainable classifiers - [Trainable classifiers definitions](classifier-tc-definitions.md) - more than 20 new classifiers have been added, so the definitions for all trainable classifiers have been broken out into this new article. + ## August 2022 ### Compliance Manager
contentunderstanding Accessibility Mode https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/accessibility-mode.md
Title: Accessibility mode in Microsoft SharePoint Syntex
+ Title: Accessibility mode in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to use accessibility features mode when training and working with models in SharePoint Syntex.
+description: Learn how to use accessibility features mode when training and working with models in Microsoft Syntex.
-# Accessibility mode in Microsoft SharePoint Syntex
+# Accessibility mode in Microsoft Syntex
-In [SharePoint Syntex](index.md), users can turn on accessibility mode in all stages of model training (label, train, test) when working with example documents. Using accessibility mode can help low-sight users to have easier keyboard accessibility as they navigate and label items in the document viewer.
+In [Microsoft Syntex](index.md), users can turn on accessibility mode in all stages of model training (label, train, test) when working with example documents. Using accessibility mode can help low-sight users to have easier keyboard accessibility as they navigate and label items in the document viewer.
This helps users to use their keyboards to navigate through text in the document viewer and to hear a narration of not only the selected values, but also of actions (such as labeling or removing labeling from selected text), or predicted label values as you train the model with additional example documents.
contentunderstanding Adoption Assessment Tool https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/adoption-assessment-tool.md
Title: Discover opportunities in SharePoint Syntex by using the Microsoft 365 Assessment tool
+ Title: Discover opportunities in Microsoft Syntex by using the Microsoft 365 Assessment tool
- admindeeplinkMAC search.appverid: ms.localizationpriority: medium
-description: Learn how to use the adoption assessment tool to see how your organization can benefit from SharePoint Syntex.
+description: Learn how to use the adoption assessment tool to see how your organization can benefit from Microsoft Syntex.
-# Discover opportunities in SharePoint Syntex by using the Microsoft 365 Assessment tool
+# Discover opportunities in Microsoft Syntex by using the Microsoft 365 Assessment tool
> [!NOTE] > The Microsoft 365 Assessment tool can be run only against SharePoint Online.
-You can assess how SharePoint Syntex will benefit your organization by using the Microsoft 365 Assessment tool. When you run an assessment, you'll generate a Power BI report that summarizes aspects of your SharePoint information architecture that are indicators for where SharePoint Syntex might be of value.
+You can assess how Microsoft Syntex will benefit your organization by using the Microsoft 365 Assessment tool. When you run an assessment, you'll generate a Power BI report that summarizes aspects of your SharePoint information architecture that are indicators for where Syntex might be of value.
![Image of three sample report pages in the Power BI summary.](../media/content-understanding/assessment-tool-reports.png) The assessment report includes the following information: -- **Libraries with custom columns** ΓÇô Identify libraries where SharePoint Syntex can automatically populate columns, improving consistency.
+- **Libraries with custom columns** ΓÇô Identify libraries where Syntex can automatically populate columns, improving consistency.
-- **Column usage** ΓÇô Identify patterns of column usage, to target SharePoint Syntex models where they'll have the maximum benefit.
+- **Column usage** ΓÇô Identify patterns of column usage, to target Syntex models where they'll have the maximum benefit.
-- **Libraries with custom content types** ΓÇô Identify libraries using custom content types, where SharePoint Syntex models can be used to automatically categorize files.
+- **Libraries with custom content types** ΓÇô Identify libraries using custom content types, where Syntex models can be used to automatically categorize files.
-- **Content type usage** ΓÇô Identify patterns of content type usage, to target SharePoint Syntex models where they'll have the maximum benefit.
+- **Content type usage** ΓÇô Identify patterns of content type usage, to target Syntex models where they'll have the maximum benefit.
-- **Libraries with retention labels** ΓÇô Identify libraries where retention labels are used, where SharePoint Syntex can be used to automate and improve consistency.
+- **Libraries with retention labels** ΓÇô Identify libraries where retention labels are used, where Syntex can be used to automate and improve consistency.
- **Library size** ΓÇô Identify large libraries where classification and metadata can improve the content discovery experience. -- **Library modernization status** ΓÇô Identify libraries that might need to be modernized to fully make use of SharePoint Syntex.
+- **Library modernization status** ΓÇô Identify libraries that might need to be modernized to fully make use of Syntex.
- **Prebuilt model candidates** ΓÇô Identify libraries where names or content types suggest a prebuilt model could be applied. -- **Syntex model usage** ΓÇô Review the current use of SharePoint Syntex models in your sites.
+- **Syntex model usage** ΓÇô Review the current use of Syntex models in your sites.
- **Assessment overview** ΓÇô Review the assessment results to identify any failures. ## Run the assessment
-The SharePoint Syntex assessment is a module in the Microsoft 365 Assessment tool. To run the assessment:
+The Syntex assessment is a module in the Microsoft 365 Assessment tool. To run the assessment:
1. Visit the [Microsoft 365 Assessment tool documentation](https://pnp.github.io/pnpassessment/https://docsupdatetracker.net/index.html) to learn more.
The SharePoint Syntex assessment is a module in the Microsoft 365 Assessment too
4. [Configure permissions](https://pnp.github.io/pnpassessment/sharepoint-syntex/requirements.html).
-5. [Run a SharePoint Syntex assessment](https://pnp.github.io/pnpassessment/sharepoint-syntex/assess.html).
+5. [Run a Syntex assessment](https://pnp.github.io/pnpassessment/sharepoint-syntex/assess.html).
contentunderstanding Adoption Getstarted https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/adoption-getstarted.md
Title: Get started driving adoption of Microsoft SharePoint Syntex
-description: Learn how to use and implement SharePoint Syntex in your organization to help you streamline your business processes.
+ Title: Get started driving adoption of Microsoft Syntex
+description: Learn how to use and implement Microsoft Syntex in your organization to help you streamline your business processes.
search.appverid:
ms.localizationpriority: medium
-# Get started driving adoption of Microsoft SharePoint Syntex
+# Get started driving adoption of Microsoft Syntex
-Think of the intelligent content services available in SharePoint Syntex as having three parts:
+Think of the intelligent content services available in Microsoft Syntex as having three parts:
- **Content understanding:** Create no-code AI models to classify and extract information from content to automatically apply metadata for knowledge discovery and reuse. Learn more about [content understanding](document-understanding-overview.md). - **Content processing:** Automate capture, ingestion, and categorization of content and streamline content-centric processes using Power Automate. Learn more about [content processing](form-processing-overview.md). - **Content compliance:** Control and manage content to improve security and governance with integration to Microsoft Purview Information Protection.
-With new AI services and capabilities, you can build content understanding and classification apps directly into the content management flow using SharePoint Syntex. There are two different ways of understanding your content. The model type you use is based on file format and use case.
+With new AI services and capabilities, you can build content understanding and classification apps directly into the content management flow using Syntex. There are two different ways of understanding your content. The model type you use is based on file format and use case.
| Form processing | Document understanding | |:-|:-|
-| Created from document library. | Created in the content center, part of SharePoint Syntex. |
+| Created from document library. | Created in the content center, part of Syntex. |
| Model created in AI builder. | Model created in native interface. | | Used for semi-structured file formats. | Used for unstructured file formats. | | Settable classifier. | Trainable classifier with optional extractors. |
For a more complete comparison of the capabilities, see [Difference between docu
## Identify pilot business scenarios to optimize
-To prepare for using SharePoint Syntex in your organization, you first need to understand the scenarios in which it will be useful. The "why" helps determine what model will be needed, and how to structure your org based on where the model will be applied. Here are a few scenarios where document understanding can help your organization:
+To prepare for using Syntex in your organization, you first need to understand the scenarios in which it will be useful. The "why" helps determine what model will be needed, and how to structure your org based on where the model will be applied. Here are a few scenarios where document understanding can help your organization:
- **Content processing:** Process contracts, statements of work, and other form-like documents. Intake the forms, train the model to understand and map the fields, and then run your forms through to automatically collect the data. For more information, see [Form processing overview](form-processing-overview.md). - **Invoice analysis:** Pull out the relevant details from your invoices and make sure they're complying with policy or are being processed appropriately.
-Think about ways that SharePoint Syntex can help your organization:
+Think about ways that Syntex can help your organization:
- Automate business processes - Improve search accuracy
When thinking about which business scenarios to consider, ask yourself the follo
Prioritize scenarios based on impact and ease of implementation. Make your initial focus area higher impact scenarios that can also be easily implemented. De-prioritize lower impact scenarios that are hard to implement.
-Use the [example scenarios and use cases](adoption-scenarios.md) to prompt ideas about how you can use SharePoint Syntex in your organization.
+Use the [example scenarios and use cases](adoption-scenarios.md) to prompt ideas about how you can use Syntex in your organization.
## Identify roles & responsibilities
Where will they build and apply the models? Are there existing processes or repo
## Strategic positioning
-Work with stakeholders to make sure they are aligned on the strategy for using SharePoint Syntex. Research and provide the following resources to help with this positioning:
+Work with stakeholders to make sure they are aligned on the strategy for using Syntex. Research and provide the following resources to help with this positioning:
- Business outcomes: - Potential fiscal outcomes
Identify the stakeholders for your project.
## Readiness checklist
-To get ready for implementing SharePoint Syntex, you need to:
+To get ready for implementing Syntex, you need to:
![Readiness for Content Understanding.](../media/content-understanding/cu-adoption-readinesschecklist.png)
To get ready for implementing SharePoint Syntex, you need to:
## See also
-[Scenarios and use cases for SharePoint Syntex](adoption-scenarios.md)
+[Scenarios and use cases for Syntex](adoption-scenarios.md)
[Manage contracts using a Microsoft 365 solution](solution-manage-contracts-in-microsoft-365.md)
contentunderstanding Adoption Scenarios https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/adoption-scenarios.md
Title: Scenarios and use cases for Microsoft SharePoint Syntex
+ Title: Scenarios and use cases for Microsoft Syntex
search.appverid: ms.localizationpriority: medium
-description: Find business scenarios about how to use SharePoint Syntex in your organization.
+description: Find business scenarios about how to use Microsoft Syntex in your organization.
-# Scenarios and use cases for Microsoft SharePoint Syntex
+# Scenarios and use cases for Microsoft Syntex
-Use the following example scenarios to prompt ideas about how you can use SharePoint Syntex in your organization.
+Use the following example scenarios to prompt ideas about how you can use Microsoft Syntex in your organization.
- [Scenario: Track data from invoices with form processing](adoption-scenarios.md#scenario-track-data-from-invoices-with-form-processing) - [Scenario: Track information from contracts with document understanding](adoption-scenarios.md#scenario-track-information-from-contracts-with-document-understanding)-- [Scenario: Avoid risk with records management, document governance, and compliance processes based on SharePoint Syntex](adoption-scenarios.md#scenario-avoid-risk-with-records-management-document-governance-and-compliance-processes-based-on-sharepoint-syntex)
+- [Scenario: Avoid risk with records management, document governance, and compliance processes based on Syntex](adoption-scenarios.md#scenario-avoid-risk-with-records-management-document-governance-and-compliance-processes-based-on-syntex)
- [Scenario: Capture information from previously inaccessible documents](adoption-scenarios.md#scenario-capture-information-from-previously-inaccessible-documents) - [Scenario: Improve data processing to provide insights and analytics](adoption-scenarios.md#scenario-improve-data-processing-to-provide-insights-and-analytics) - [Scenario: Automate order processing](adoption-scenarios.md#scenario-automate-order-processing)
Use the following example scenarios to prompt ideas about how you can use ShareP
## Scenario: Track data from invoices with form processing
-For example, you can set up a process using SharePoint Syntex and Power Automate features to track and monitor invoices.
+For example, you can set up a process using Syntex and Power Automate features to track and monitor invoices.
1. Set up a library to store the invoice documents. 1. Train the model to recognize fields in the documents.
For example, you can set up a process using SharePoint Syntex and Power Automate
- An invoice is past its due date. - An invoice is for an amount that's larger than your automatic approval amount.
-![Track and monitor invoices with SharePoint Syntex and Power Automate.](../media/content-understanding/process-invoices-flow.png)
+![Track and monitor invoices with Syntex and Power Automate.](../media/content-understanding/process-invoices-flow.png)
When you automate this scenario, you can:
As another example, you can set up a process to identify contracts your company
1. When the model is complete, apply the model to a library where you can upload contracts. 1. Apply a retention label to the date field, so that contracts are retained in the library for the required length of time.
-![Track and monitor contracts with SharePoint Syntex and retention labels.](../media/content-understanding/process-contracts-flow.png)
+![Track and monitor contracts with Syntex and retention labels.](../media/content-understanding/process-contracts-flow.png)
When you automate this scenario, you can: - Save time and money by automatically extracting data from the contracts instead of doing it manually. - Ensure better compliance by using retention labels to ensure that the contracts are retained appropriately.
-## Scenario: Avoid risk with records management, document governance, and compliance processes based on SharePoint Syntex
+## Scenario: Avoid risk with records management, document governance, and compliance processes based on Syntex
Reducing risks is a common goal for most companies. You might need:
Reducing risks is a common goal for most companies. You might need:
- To audit receipts, contracts, and so on, to ensure compliance with company policies. - To ensure that projects have all the documentation required for compliance.
-Set up some processes for compliance with SharePoint Syntex to capture and appropriately classify, audit, and flag documents and forms that need better governance. You can rely on SharePoint Syntex to auto classify content rather than relying on end users to manually tag, or the compliance team to manually apply governance rules and archiving. And you can enable a simplified search experience, manage data volumes, apply records management and retention policies, ensure compliance, and best practice archiving and purging practices.
+Set up some processes for compliance with Syntex to capture and appropriately classify, audit, and flag documents and forms that need better governance. You can rely on Syntex to auto classify content rather than relying on end users to manually tag, or the compliance team to manually apply governance rules and archiving. And you can enable a simplified search experience, manage data volumes, apply records management and retention policies, ensure compliance, and best practice archiving and purging practices.
When you automate this scenario, you can feel secure that:
When you automate this scenario, you can:
## Scenario: Improve data processing to provide insights and analytics
-For example, a pharmaceutical company could use SharePoint Syntex to extract information from FDA documents to answer questions that their leaders have. Having the answers more easily accessible can reduce the time needed to produce these answers and increase the availability of data to generate more accurate answers to leadership questions.
+For example, a pharmaceutical company could use Syntex to extract information from FDA documents to answer questions that their leaders have. Having the answers more easily accessible can reduce the time needed to produce these answers and increase the availability of data to generate more accurate answers to leadership questions.
For example, a project manager needs to quickly provide answers to product-related questions from my leadership team. They need to find information and metrics related to queries in one consolidated dashboard. TheyΓÇÖre looking for a solution that extracts the information they need from product labels, product pamphlets, and other materials and generates a consolidated report that they can use when reporting back to their leadership team.
When you automate this scenario, you can:
## Scenario: Automate order processing
-With SharePoint Syntex, you can reduce the time of manual processing of customer orders. For example, you can upload orders from fax, email, or paper into SharePoint by using OCR processing and then extract the metadata from those orders so you can fulfill them by using automated processes.
+With Syntex, you can reduce the time of manual processing of customer orders. For example, you can upload orders from fax, email, or paper into SharePoint document library by using OCR processing and then extract the metadata from those orders so you can fulfill them by using automated processes.
For example, a supply chain manager wants to reduce errors caused by manual data entry. They want to avoid manual review and data entry of inbound customer orders (paper, fax, or e-mail) to reduce errors going into their business systems. They want a solution that applies AI and machine learning techniques to validate incoming order information, extract core data and automatically push it into their ERP system, for order fulfillment and reconciliation.
When you automate this scenario, you can ensure that:
## Scenario: Simplify visa renewal process
-SharePoint Syntex can help you automate reminders and renewals for key contract information. For example, an HR director needs to ensure that employeesΓÇÖ visas are up to date and/or renewed on time. They want to give people a simple and intuitive process for updating their Visas. They need a solution that extracts renewal dates from contracts and automatically sends employees reminders when their renewal dates are approaching.
+Syntex can help you automate reminders and renewals for key contract information. For example, an HR director needs to ensure that employeesΓÇÖ visas are up to date and/or renewed on time. They want to give people a simple and intuitive process for updating their Visas. They need a solution that extracts renewal dates from contracts and automatically sends employees reminders when their renewal dates are approaching.
When you automate this scenario, you can ensure that:
When you automate this scenario, you can ensure that:
## See also
-[Get started driving adoption of SharePoint Syntex](adoption-getstarted.md)
+[Get started driving adoption of Syntex](adoption-getstarted.md)
contentunderstanding Apply A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/apply-a-model.md
Title: Apply a document understanding model in Microsoft SharePoint Syntex
+ Title: Apply a document understanding model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to apply a published a model to a SharePoint document library in Microsoft SharePoint Syntex.
+description: Learn how to apply a published a model to a SharePoint document library in Microsoft Syntex.
-# Apply a document understanding model in Microsoft SharePoint Syntex
+# Apply a document understanding model in Microsoft Syntex
</br>
While an applied model processes all files and folder content uploaded to the do
### Classification Date field
-When a SharePoint Syntex document understanding model (or a form processing model) is applied to a document library, the **Classification Date** field is included in the library schema. By default, this field is empty. However, when documents are processed and classified by a model, this field is updated with a date-time stamp of completion.
+When a Syntex document understanding model (or a form processing model) is applied to a document library, the **Classification Date** field is included in the library schema. By default, this field is empty. However, when documents are processed and classified by a model, this field is updated with a date-time stamp of completion.
![Screenshot of a document library showing the Classification Date column.](../media/content-understanding/class-date-column.png)
The **Classification Date** field is used by the [**When a file is classified by
The **When a file is classified by a content understanding model** trigger can then be used to start a flow using any extracted information from the file or folder.
-As an example, when a model is stamped with the **Classification Date**, you can use the **Send an email after SharePoint Syntex processes a file** flow to notify users that a new file has been processed and classified by a model in the SharePoint document library.
+As an example, when a model is stamped with the **Classification Date**, you can use the **Send an email after Syntex processes a file** flow to notify users that a new file has been processed and classified by a model in the SharePoint document library.
To run the flow: 1. Select a file, and then select **Integrate** > **Power Automate** > **Create a flow**.
-2. On the **Create a flow** panel, select **Send an email after SharePoint Syntex processes a file**.
+2. On the **Create a flow** panel, select **Send an email after Syntex processes a file**.
![Screenshot showing the Create a flow panel and flow option highlighted.](../media/content-understanding/integrate-create-flow.png)
contentunderstanding Apply A Retention Label To A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/apply-a-retention-label-to-a-model.md
Title: Apply a retention label to a model in SharePoint Syntex
+ Title: Apply a retention label to a model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to apply a retention label to a model in SharePoint Syntex.
+description: Learn how to apply a retention label to a model in Microsoft Syntex.
-# Apply a retention label to a model in SharePoint Syntex
+# Apply a retention label to a model in Microsoft Syntex
</br>
description: Learn how to apply a retention label to a model in SharePoint Synte
</br>
-You can easily apply a [retention label](../compliance/retention.md) to a model in Microsoft SharePoint Syntex. You can do this for both document understanding and form processing models.
+You can easily apply a [retention label](../compliance/retention.md) to a model in Microsoft Syntex. You can do this for both document understanding and form processing models.
Retention labels let you apply retention settings to the documents that your models identify. For example, you want your model to not only identify any *Insurance notice* documents that are uploaded to your document library, but to also apply a *Business* retention tag to them so that these documents cannot be deleted from the document library for the specified time period (the next five months, for example).
contentunderstanding Apply A Sensitivity Label To A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/apply-a-sensitivity-label-to-a-model.md
Title: Apply a sensitivity label to a model in Microsoft SharePoint Syntex
+ Title: Apply a sensitivity label to a model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to apply a sensitivity label to a model in SharePoint Syntex.
+description: Learn how to apply a sensitivity label to a model in Microsoft Syntex.
-# Apply a sensitivity label to a model in Microsoft SharePoint Syntex
+# Apply a sensitivity label to a model in Microsoft Syntex
-You can easily apply a [sensitivity label](../compliance/sensitivity-labels.md) to document understanding models in Microsoft SharePoint Syntex. This feature isn't available yet for form processing models.
+You can easily apply a [sensitivity label](../compliance/sensitivity-labels.md) to document understanding models in Microsoft Syntex. This feature isn't available yet for form processing models.
-Sensitivity labels let you apply encryption to the documents that your models identify. For example, you want your model to not only identify any financial documents that contain bank account numbers or credit card numbers that are uploaded to your document library, but also to apply a sensitivity label that's configured with encryption settings to restrict who can access that content and how it can be used. SharePoint Syntex models honor the [label order](../compliance/apply-sensitivity-label-automatically.md#how-multiple-conditions-are-evaluated-when-they-apply-to-more-than-one-label) rules and also do not overwrite an existing label that was manually applied by a user to the file.
+Sensitivity labels let you apply encryption to the documents that your models identify. For example, you want your model to not only identify any financial documents that contain bank account numbers or credit card numbers that are uploaded to your document library, but also to apply a sensitivity label that's configured with encryption settings to restrict who can access that content and how it can be used. Syntex models honor the [label order](../compliance/apply-sensitivity-label-automatically.md#how-multiple-conditions-are-evaluated-when-they-apply-to-more-than-one-label) rules and also do not overwrite an existing label that was manually applied by a user to the file.
You can apply a pre-existing sensitivity label to your model through your model settings on your model's home page. The label must already be published to be available for selection from model settings. Labels apply to Office files for Word (.docx), PowerPoint (.pptx), and Excel (.xlsx).
contentunderstanding Automate Document Generation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/automate-document-generation.md
Title: Automate document generation with SharePoint Syntex and Power Automate (preview)
+ Title: Automate document generation with Microsoft Syntex and Power Automate (preview)
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to automatically create documents and other content using SharePoint Syntex and Power Automate.
+description: Learn how to automatically create documents and other content using Microsoft Syntex and Power Automate.
-# Automate document generation with SharePoint Syntex and Power Automate (preview)
+# Automate document generation with Microsoft Syntex and Power Automate (preview)
-Using content assembly in SharePoint Syntex together with Power Automate, you can automate the generation of documents using modern templates.
+Using content assembly in Microsoft Syntex together with Power Automate, you can automate the generation of documents using modern templates.
-This preview version is a Power Automate action in a SharePoint connector. The action is named ΓÇ£Generate document using SharePoint Syntex (preview)ΓÇ¥ and has limited capabilities for preview.
+This preview version is a Power Automate action in a SharePoint connector. The action is named ΓÇ£Generate document using Syntex (preview)ΓÇ¥ and has limited capabilities for preview.
## Scope of the preview
Follow these steps to automatically generate documents using a modern template a
![Screenshot of the When a document is created or modified trigger showing a sample site address and site name.](../media/content-understanding/document-generation-trigger.png)
-5. Select the SharePoint connector again. In the search box, search for and select the action **Generate document using SharePoint Syntex (preview)**.
+5. Select the SharePoint connector again. In the search box, search for and select the action **Generate document using Syntex (preview)**.
- ![Screenshot of the SharePoint connector Actions tab showing Generate document using SharePoint Syntex (preview) action.](../media/content-understanding/document-generation-action.png)
+ ![Screenshot of the SharePoint connector Actions tab showing Generate document using Syntex (preview) action.](../media/content-understanding/document-generation-action.png)
6. Enter the site information and select the document library that contains the modern template.
Follow these steps to automatically generate documents using a modern template a
## See also
- [Create documents using content assembly in SharePoint Syntex](content-assembly.md)
+ [Create documents using content assembly in Microsoft Syntex](content-assembly.md)
contentunderstanding Content Assembly Create Document https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/content-assembly-create-document.md
+
+ Title: Create a document from a modern template in Microsoft Syntex
+++
+audience: admin
+++
+search.appverid:
+
+ - enabler-strategic
+ - m365initiative-syntex
+ms.localizationpriority: medium
+description: Learn how to create documents and other content using a modern template in Microsoft Syntex.
++
+# Create a document from a modern template in Microsoft Syntex
+
+You can use a *published* modern template to quickly create similar documents without having to start from scratch. To create a document using a published template, follow these steps:
+
+1. From a SharePoint document library, select **New**, and then select the modern template you want to use.
+
+ ![Screenshot of document library showing the modern template choices on the New menu.](../media/content-understanding/content-assembly-create-document-1.png)
+
+2. The template opens in the template studio.
+
+3. On the **Create a document from a template** panel, enter the information, and then select **Create document**.
+
+ ![Screenshot of document library showing the Create a document from a template panel.](../media/content-understanding/content-assembly-create-document-2b.png)
+
+ To help reduce time and effort involved in filling values for placeholders, Syntex provides:
+
+ - Suggestions to help you easily pick values when selecting values from a list.
+ - Autofill placeholder values if able to uniquely identify a record for placeholders associated with the same list.
contentunderstanding Content Assembly Modern Template https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/content-assembly-modern-template.md
+
+ Title: Create a modern template in Microsoft Syntex
+++
+audience: admin
+++
+search.appverid:
+
+ - enabler-strategic
+ - m365initiative-syntex
+ms.localizationpriority: medium
+description: Learn how to create a modern template in Microsoft Syntex.
++
+# Create a modern template in Microsoft Syntex
+
+## Upload a document to create a modern template
+
+Follow these steps to create a modern template.
+
+1. From a SharePoint document library, select **New** > **Create modern template**.
+
+ ![Screenshot of document library with the Create modern template option highlighted.](../media/content-understanding/content-assembly-create-template-1.png)
+
+2. Select a Word document to upload from your organizationΓÇÖs SharePoint or OneDrive, or from your local storage.
+
+ ![Screenshot of upload page where you select a document.](../media/content-understanding/content-assembly-pick-a-file.png)
+
+3. After you upload the document, the document is displayed in the template studio where you can convert the document to a template by adding fields.
+
+ ![Screenshot of the document in the template viewer.](../media/content-understanding/content-assembly-create-template-3.png)
+
+4. At the upper-left corner of the template studio, select the name for the template. The default name is the name of the document used to create the template. If you want to rename the template, select the default name or the pencil icon next to the name, type the new name, and then select **Enter**.
+
+ ![Screenshot of the template viewer showing the name of the document to select to rename.](../media/content-understanding/content-assembly-create-template-3a.png)
+
+<!
+5. Create placeholders for all dynamic text in the document that users might want to change from one document to another. For example, you might want to create a placeholder for input such as company name, client name, address, phone number, or date.
+
+ To create a placeholder, select the text (such as the date). The **All placeholders** panel will open, where you'll give the placeholder a relevant name and choose the type of input you want to associate with the placeholder.
+
+ ![Screenshot of the template viewer showing a field highlighted and the All placeholders panel.](../media/content-understanding/content-assembly-create-template-4b.png)
+
+ Currently, there are three ways for users to fill in a placeholder:
+
+ - [Enter text or select a date](#associate-a-placeholder-by-entering-text-or-selecting-a-date)
+ - [Select from choices in a column of a list or library](#associate-a-placeholder-by-selecting-from-choices-in-a-column-of-a-list-or-library)
+ - [Select from managed metadata term set or term](#associate-a-placeholder-by-selecting-from-managed-metadata-term-set-or-term)
+
+ > [!NOTE]
+ > You can create placeholders for text, and also placeholders for text within cells in a table. However, images, smart art, complete tables, and bulleted lists are currently not supported.
+>
+
+## Associate fields with different data sources
+
+You can associate fields and placeholders by:
+
+- [Entering text or selecting a date](#associate-a-placeholder-by-entering-text-or-selecting-a-date)
+
+- [Selecting from choices in a column of a list or library](#associate-a-placeholder-by-selecting-from-choices-in-a-column-of-a-list-or-library)
+
+- [Selecting from a managed metadata term set or term](#associate-a-placeholder-by-selecting-from-a-managed-metadata-term-set-or-term)
+
+### Associate a placeholder by entering text or selecting a date
+
+On the **All placeholders** panel:
+
+1. In the **Name** field, enter a relevant name for the placeholder.
+
+ ![Screenshot of the template viewer showing the All placeholders panel for manual input.](../media/content-understanding/content-assembly-create-template-5a.png)
+
+2. In the **How authors fill in this placeholder** section, select **Enter text or select a date**.
+
+3. In the **Type of info** field, select the data type you want to associate with the placeholder. Currently, there are six options available: **Single line of text**, **Multiple lines of text**, **Number**, **Date and time**, **Email**, and **Hyperlink**.
+
+4. Select **Add**.
+
+ > [!NOTE]
+ > You can configure multiple date formatters such as MM/DD/YYYY, DD/MM/YYYY, YYYY/MM/DD, and Month DD, including setting time in both 12-hour and 24-hour format.
+
+### Associate a placeholder by selecting from choices in a column of a list or library
+
+On the **All placeholders** panel:
+
+1. In the **Name** field, enter a relevant name for the placeholder.
+
+ ![Screenshot of the template viewer showing the All placeholders panel for input from a SharePoint list.](../media/content-understanding/content-assembly-create-template-6a.png)
+
+2. In the **How authors fill in this placeholder** section, choose **Select from choices in a column of a list or library**, and then choose **Select**.
+
+3. On the **Select a list for adding a source column** page, select the list you want to use, and then select **Next**.
+
+ ![Screenshot of the Select a list for adding a source column page showing lists.](../media/content-understanding/content-assembly-create-template-7.png)
+
+4. On the **Select a source column from the existing list** page, select the column name you want to associate with the placeholder, and then select **Save**.
+
+ ![Screenshot of the Select a source column from the existing list page showing column names.](../media/content-understanding/content-assembly-create-template-8.png)
+
+ If you want to see the original page of lists again, select **Go to (list name)** link at the bottom of the list.
+
+5. When you're done, you'll see that the list field has been associated with the placeholder.
+
+ ![Screenshot of the All placeholders panel showing the list field associated with the placeholder.](../media/content-understanding/content-assembly-create-template-9.png)
+
+6. If you want users to be able to add inputs manually, in addition to choosing from a list, select **Allow authors to add new choices**. In this case, the default for the manual input data type is *Single line of text*. Also the values input by the authors will only be used to generate the document. They won't be added to the SharePoint list.
+
+### Associate a placeholder by selecting from a managed metadata term set or term
+
+On the **All placeholders** panel:
+
+1. In the **Name** field, enter a relevant name for the placeholder.
+
+ ![Screenshot of the template viewer showing the All placeholders panel for input from a term or term set.](../media/content-understanding/content-assembly-create-template-term.png)
+
+2. In the **How authors fill in this placeholder** section, choose **Select from managed metadata term set or term**, and then choose **Select**.
+
+3. On the **Select term sets or terms** page, search for or select the term set or term to associate with the placeholder, and then select **Save**.
+
+ ![Screenshot of the Select term sets or terms page.](../media/content-understanding/content-assembly-select-term.png)
+
+4. When youΓÇÖre done, youΓÇÖll see that the selected term set or term has been associated with the placeholder.
+
+ ![Screenshot of the All placeholders panel showing the associated term set or term.](../media/content-understanding/content-assembly-associated-term.png)
+
+5. If you want users to be able to add multiple values corresponding to the term set or term, select **Allow multiple values**. Also, if the term set is configured as an open term set, you can select **Allow new values**. If you enable this option, users who generate documents from the modern template can add new terms to the term set and add those terms as placeholder values.
+
+ > [!TIP]
+ > When you enable the **Allow new values** option (only allowed for open term sets), users are more likely to add redundant terms in the term store. Redundant terms can make it difficult for admins to manage a term set.
+
+## Save a modern template as a draft
+
+You can create as many fields as you think are necessary. When you're done, you can choose to save the template as a draft.
+
+1. Select **Save draft** to save the template as a draft and you can access it later.
+
+2. To view, edit, or publish saved drafts from the **Draft templates** dropdown menu in the **Modern templates**, select **New** > **Edit New menu** from the document library.
+
+## Publish a modern template
+
+When you have completed adding all relevant fields to the template and you want to make it available for use by other users in the document library, you can publish the template.
+
+1. Select **Publish** to publish the template to be used by other users in the organization to create documents.
+
+2. To view, edit, or unpublish *published* templates from the **Published templates** dropdown menu in the **Modern templates** section, select **New** > **Edit New menu** from the document library.
+
+## Edit a modern template
+
+If you need to edit an existing template or to delete or unpublish a template, follow these steps.
+
+1. From a SharePoint document library, select **New** > **Edit New menu**.
+
+ ![Screenshot of document library with the Edit New menu option highlighted.](../media/content-understanding/content-assembly-edit-template-1.png)
+
+2. On the **Edit New menu** panel, in the **Modern templates** section, select the published or draft template you want to edit.
+
+ ![Screenshot of the Edit New menu panel showing the Modern templates section.](../media/content-understanding/content-assembly-edit-template-2.png)
+
+3. To edit a published template or a draft template:
+
+ - For **Published templates**, select **Edit** to open the template studio where you can edit the published template. You can also choose to delete or unpublish the template.
+
+ ![Screenshot of the Modern templates section showing the published templates.](../media/content-understanding/content-assembly-edit-published.png)
+
+ - For **Draft templates**, select **Edit** to open the template studio where you can edit the draft template. You can also choose to delete or publish the template.
+
+ ![Screenshot of the Modern templates section showing the draft templates.](../media/content-understanding/content-assembly-edit-draft.png)
+
+> [!div class="nextstepaction"]
+> [Next step > Create a document from a modern template](content-assembly-create-document.md)
contentunderstanding Content Assembly https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/content-assembly.md
Title: Create documents using content assembly in Microsoft SharePoint Syntex
+ Title: Overview of content assembly in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to automatically create documents and other content using a modern template in Microsoft SharePoint Syntex.
+description: Learn about how to create documents and other content using a modern template in Microsoft Syntex.
-# Create documents using content assembly in Microsoft SharePoint Syntex
+# Overview of content assembly in Microsoft Syntex
-You can use SharePoint Syntex to help you automatically generate standard repetitive business documents, such as contracts, statements of work, service agreements, letters of consent, sales pitches, and correspondence. You can do all this quicker, more consistently, and with fewer errors by using content assembly in SharePoint Syntex.
+You can use the content assembly capabilities in Microsoft Syntex to help you automatically generate standard repetitive business documents, such as contracts, statements of work, service agreements, letters of consent, sales pitches, and correspondence. You can do all these actions quicker, more consistently, and with fewer errors by creating modern templates and using those templates to generate documents.
-With content assembly, you can use an existing document to create a *modern template*, and then use that template to automatically generate new content using SharePoint lists or manual entries as a data source.
+![Diagram of the flow of creating documents from a modern template.](../media/content-understanding/content-assembly-diagram.png)
-> [!NOTE]
-> You must be a licensed SharePoint Syntex user to access and use content assembly capabilities. You also must have permissions to manage SharePoint lists.
-
-## Create a modern template
-
-Follow these steps to create a modern template.
-
-1. From a SharePoint document library, select **New** > **Create modern template**.
-
- ![Screenshot of document library with the Create modern template option highlighted.](../media/content-understanding/content-assembly-create-template-1.png)
-
-2. Choose an existing Word document that you want to use as a basis for creating a modern template, and then select **Open**.
-
- ![Screenshot of upload page where you select a document.](../media/content-understanding/content-assembly-create-template-2.png)
-
- > [!NOTE]
- > Currently, you can upload only Word documents (.docx extension) to create templates. Upload Word documents from your local storage or desktop.
-
-3. After you upload the document, the document is displayed in the template studio where you can convert the document to a template.
-
- ![Screenshot of the document in the template viewer.](../media/content-understanding/content-assembly-create-template-3.png)
-
-4. At the upper-left corner of the template studio, select the name for the template. The default name is the name of the document used to create the template. If you want to rename the template, select the default name or the pencil icon next to the name, type the new name, and then select **Enter**.
-
- ![Screenshot of the template viewer showing the name of the document to select to rename.](../media/content-understanding/content-assembly-create-template-3a.png)
-
-5. Create placeholders for all dynamic text in the document that users might want to change from one document to another. For example, you might want to create a placeholder for input such as company name, client name, address, phone number, or date.
-
- To create a placeholder, select the text (such as the date). The **All placeholders** panel will open, where you'll give the placeholder a relevant name and choose the type of input you want to associate with the placeholder.
-
- ![Screenshot of the template viewer showing a field highlighted and the All placeholders panel.](../media/content-understanding/content-assembly-create-template-4b.png)
-
- Currently, there are three ways for users to fill in a placeholder:
-
- - [Enter text or select a date](#associate-a-placeholder-by-entering-text-or-selecting-a-date)
- - [Select from choices in a column of a list or library](#associate-a-placeholder-by-selecting-from-choices-in-a-column-of-a-list-or-library)
- - [Select from managed metadata term set or term](#associate-a-placeholder-by-selecting-from-managed-metadata-term-set-or-term)
-
- > [!NOTE]
- > You can create placeholders for text, and also placeholders for text within cells in a table. However, images, smart art, complete tables, and bulleted lists are currently not supported.
---
-### Associate a placeholder by entering text or selecting a date
-
-On the **All placeholders** panel:
-
-1. In the **Name** field, enter a relevant name for the placeholder.
-
- ![Screenshot of the template viewer showing the All placeholders panel for manual input.](../media/content-understanding/content-assembly-create-template-5a.png)
-
-2. In the **How authors fill in this placeholder** section, select **Enter text or select a date**.
-
-3. In the **Type of info** field, select the data type you want to associate with the placeholder. Currently, there are six options available: **Single line of text**, **Multiple lines of text**, **Number**, **Date and time**, **Email**, and **Hyperlink**.
-
-4. Select **Add**.
-
- > [!NOTE]
- > You can configure multiple date formatters such as MM/DD/YYYY, DD/MM/YYYY, YYYY/MM/DD, and Month DD, including setting time in both 12-hour and 24-hour format.
-
-### Associate a placeholder by selecting from choices in a column of a list or library
-
-On the **All placeholders** panel:
-
-1. In the **Name** field, enter a relevant name for the placeholder.
+You upload an existing document to create a modern template, and then use that template to automatically generate new content using SharePoint lists or manual entries as a data source.
- ![Screenshot of the template viewer showing the All placeholders panel for input from a SharePoint list.](../media/content-understanding/content-assembly-create-template-6a.png)
-
-2. In the **How authors fill in this placeholder** section, choose **Select from choices in a column of a list or library**, and then choose **Select**.
-
-3. On the **Select a list for adding a source column** page, select the list you want to use, and then select **Next**.
-
- ![Screenshot of the Select a list for adding a source column page showing lists.](../media/content-understanding/content-assembly-create-template-7.png)
-
-4. On the **Select a source column from the existing list** page, select the column name you want to associate with the placeholder, and then select **Save**.
-
- ![Screenshot of the Select a source column from the existing list page showing column names.](../media/content-understanding/content-assembly-create-template-8.png)
-
- If you want to see the original page of lists again, select **Go to (list name)** link at the bottom of the list.
-
-5. When you're done, you'll see that the list field has been associated with the placeholder.
-
- ![Screenshot of the All placeholders panel showing the list field associated with the placeholder.](../media/content-understanding/content-assembly-create-template-9.png)
-
-6. If you want users to be able to add inputs manually, in addition to choosing from a list, select **Allow authors to add new choices**. In this case, the default for the manual input data type is *Single line of text*. Also the values input by the authors will only be used to generate the document. They won't be added to the SharePoint list.
-
-### Associate a placeholder by selecting from managed metadata term set or term
-
-On the **All placeholders** panel:
-
-1. In the **Name** field, enter a relevant name for the placeholder.
-
- ![Screenshot of the template viewer showing the All placeholders panel for input from a term or term set.](../media/content-understanding/content-assembly-create-template-term.png)
-
-2. In the **How authors fill in this placeholder** section, choose **Select from managed metadata term set or term**, and then choose **Select**.
-
-3. On the **Select term sets or terms** page, search for or select the term set or term to associate with the placeholder, and then select **Save**.
-
- ![Screenshot of the Select term sets or terms page.](../media/content-understanding/content-assembly-select-term.png)
-
-4. When youΓÇÖre done, youΓÇÖll see that the selected term set or term has been associated with the placeholder.
-
- ![Screenshot of the All placeholders panel showing the associated term set or term.](../media/content-understanding/content-assembly-associated-term.png)
-
-5. If you want users to be able to add multiple values corresponding to the term set or term, select **Allow multiple values**. Also, if the term set is configured as an open term set, you can select **Allow new values**. If you enable this option, users who generate documents from the modern template can add new terms to the term set and add those terms as placeholder values.
-
- > [!TIP]
- > When you enable the **Allow new values** option (only allowed for open term sets), users are more likely to add redundant terms in the term store. Redundant terms can make it difficult for admins to manage a term set.
-
-You can create as many placeholders as you think are necessary. When you're done, you can choose to save the template as a draft or publish the template.
-
- - **Save draft** ΓÇô Saves the template as a draft and you can access it later. You can view, edit, or publish saved drafts from the **Modern templates** section by selecting **New** > **Edit New menu** from the document library.
-
- - **Publish** ΓÇô Publishes the template to be used by other users in the organization to create documents. You can view, edit, or unpublish *published* templates from the **Modern templates** section by selecting **New** > **Edit New menu** from the document library.
-
-## Edit a modern template
-
-If you need to edit an existing template or to delete or unpublish a template, follow these steps.
-
-1. From a SharePoint document library, select **New** > **Edit New menu**.
-
- ![Screenshot of document library with the Edit New menu option highlighted.](../media/content-understanding/content-assembly-edit-template-1.png)
-
-2. On the **Edit New menu** panel, in the **Modern templates** section, select the published or draft template you want to edit.
-
- ![Screenshot of the Edit New menu panel showing the Modern templates section.](../media/content-understanding/content-assembly-edit-template-2.png)
+> [!NOTE]
+> You must be a licensed Syntex user to access and use content assembly capabilities. You also must have permissions to manage SharePoint lists.
-3. To edit a published template or a draft template:
- - For **Published templates**, select **Edit** to open the template studio where you can edit the published template. You can also choose to delete or unpublish the template.
+## Requirements and limitations
- ![Screenshot of the Modern templates section showing the published templates.](../media/content-understanding/content-assembly-edit-published.png)
+### Supported file types
- - For **Draft templates**, select **Edit** to open the template studio where you can edit the draft template. You can also choose to delete or publish the template.
+Only Microsoft Word documents (.docx/.doc extension) are currently supported for creating a template.
- ![Screenshot of the Modern templates section showing the draft templates.](../media/content-understanding/content-assembly-edit-draft.png)
+### File limitations
-## Create a document from a modern template
+- The Word document you want to use as a modern template shouldn't include comments or have Track Changes enabled.
-You can use a *published* modern template to quickly create similar documents without having to start from scratch. To create a document using a published template, follow these steps:
+- Because content controls are used in Word to create fields for the modern template, make sure any text placeholders for images aren't text-wrapped. If the document already contains content controls, remove them before you use it to create a modern template.
-1. From a SharePoint document library, select **New**, and then select the modern template you want to use.
+### Current release limitations
- ![Screenshot of document library showing the modern template choices on the New menu.](../media/content-understanding/content-assembly-create-document-1.png)
+- The template and the document are associated with one document library. To use the template in another document library, you'll need to create the template again in that document library.
-2. The template opens in the template studio.
+- The uploaded document that is used to create the modern template will be saved as a separate copy and placed in the /forms directory of the document library. The original file on the disk will be unaffected.
-3. On the **Create a document from a template** panel, enter the information, and then select **Create document**.
+- You can create fields for text, and also fields for text within cells in a table. However, images, smart art, complete tables, and bulleted lists are currently not supported.
- ![Screenshot of document library showing the Create a document from a template panel.](../media/content-understanding/content-assembly-create-document-2b.png)
+- Once a document is created from a template, it's not associated with the template.
- To help reduce time and effort involved in filling values for placeholders, SharePoint Syntex provides:
+## Differences between modern templates and other document templates
- - Suggestions to help you easily pick values when selecting values from a list.
- - Autofill placeholder values if able to uniquely identify a record for placeholders associated with the same list.
+|Feature |Modern templates |Other templates |
+||||
+|Licensing |Syntex license needed to access this offering. |Offered as a part of Microsoft E3 or E5 license. |
+|When to use each | You should use for generating standard transactional documents such as service agreements and statements of work when only specific parts of the document changes. Documents generated from modern templates ensure consistency and fewer chances of manual error and typos that occur when users change sections of the document in free flow. |You should use this method when you want to set a document as a sample for other users to refer. You can consider using regular templates for non-transactional documents such as sales pitches or executive summaries. |
+|Standardizing content generation |You can add fields and then associate with various data sources for only specific sections of the content to make it easy for users to generate documents once template is published. |Once uploaded, the file is kept as-is in the template. Any user using the template have to change the content accordingly. |
+|Data sources supported |You can associate fields with SharePoint lists and term store while creating templates. |Not applicable |
+|Document types supported |Only Microsoft Word documents (.docx/.doc extension) are currently supported for creating a template. |You can use any file to upload as template. |
+|Management of templates |Once template is created, you can edit or manage the template fields, rename the template, and republish for use. |Not applicable |
+|Draft version of templates |You can create draft versions of templates before finally publishing it for use by other users. |There's no capability to create drafts of regular templates. |
+|Workflows |You can automate document generation from templates by [setting up Power Automate workflows](automate-document-generation.md). |Workflows can't be configured with regular templates. |
-> [!NOTE]
-> **Current release limitations**
->- Only Microsoft Word documents (.docx extension) are currently supported for creating a template. Before uploading a Word document, ensure that it doesn't include comments or have **Track changes** enabled. If the document contains text placeholders for images, ensure that they are not text-wrapped. Content controls in Word are currently not supported. If you want to create a template from a Word document with content controls, remove them before you create a modern template.
->- The template and the document are associated with one document library. To use the template in another document library, you will need to create the template again in that document library.
->- The uploaded document that is used to create the modern template will be saved as a separate copy and placed in the /forms directory of the document library. The original file on the disk will be unaffected.
->- You can create placeholders for text, and also placeholders for text within cells in a table. However, images, smart art, complete tables, and bulleted lists are currently not supported.
->- Once a document is created from a template, it's not associated with the template.
+> [!div class="nextstepaction"]
+> [Get started > Create a modern template](content-assembly-modern-template.md)
contentunderstanding Create A Classifier https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/create-a-classifier.md
Title: Create a classifier in Microsoft SharePoint Syntex
+ Title: Create a classifier in Microsoft Syntex
- m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create a classifier in Microsoft SharePoint Syntex.
+description: Learn how to create a classifier in Microsoft Syntex.
-# Create a classifier in Microsoft SharePoint Syntex
+# Create a classifier in Microsoft Syntex
</br>
If you received a match on your labeled sample files, you can now test your mod
[Apply a model](apply-a-model.md)
-[SharePoint Syntex Accessibility Mode](accessibility-mode.md)
+[Syntex accessibility mode](accessibility-mode.md)
contentunderstanding Create A Content Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/create-a-content-center.md
Title: Create a content center in Microsoft SharePoint Syntex
+ Title: Create a content center in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create a content center in Microsoft SharePoint Syntex.
+description: Learn how to create a content center in Microsoft Syntex.
-# Create a content center in Microsoft SharePoint Syntex
+# Create a content center in Microsoft Syntex
</br>
To create and manage document understanding models, you first need a content cen
You create a default content center during [setup](set-up-content-understanding.md). But a SharePoint admin can also choose to create additional centers as needed. While a single content center may be fine for environments for which you want a roll-up of all model activity, you may want to have additional centers for multiple departments within your organization, which might have different needs and permission requirements for their models.
-Additionally, if you want to try SharePoint Syntex, you can create a content center using the instructions in this article without purchasing licenses. Unlicensed users can create document understanding models but can't apply them to a document library.
+Additionally, if you want to try Syntex, you can create a content center using the instructions in this article without purchasing licenses. Unlicensed users can create document understanding models but can't apply them to a document library.
> [!NOTE] > In a [Microsoft 365 Multi-Geo environment](../enterprise/microsoft-365-multi-geo.md), if you have a single default content center in your central location, you can only provide a roll-up of model activity from within that location. You currently cannot get a roll-up of model activity across farm-boundaries in Multi-Geo environment.
After you create the site, you can give additional users access to the site thro
### Roll up of models in the default content center
-In SharePoint Syntex, the first content center created during setup is the *default content center*. If subsequent content centers are created, their models are shown in the default content center view.
+In Syntex, the first content center created during setup is the *default content center*. If subsequent content centers are created, their models are shown in the default content center view.
![Screenshot of the Model library in the default content center.](../media/content-understanding/model-library-default-content-center.png)
contentunderstanding Create A Form Processing Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/create-a-form-processing-model.md
Title: Create a form processing model in Microsoft SharePoint Syntex
+ Title: Create a form processing model in Microsoft Syntex
- m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create a form processing model in SharePoint Syntex.
+description: Learn how to create a form processing model in Microsoft Syntex.
-# Create a form processing model in Microsoft SharePoint Syntex
+# Create a form processing model in Microsoft Syntex
</br>
description: Learn how to create a form processing model in SharePoint Syntex.
</br>
-Using [AI Builder](/ai-builder/overview) - a feature in Microsoft Power Apps - SharePoint Syntex users can create a [form processing model](form-processing-overview.md) directly from a SharePoint document library.
+Using [AI Builder](/ai-builder/overview) - a feature in Microsoft Power Apps - Microsoft Syntex users can create a [form processing model](form-processing-overview.md) directly from a SharePoint document library.
Creating a form processing model involves the following steps:
Two flows are available to process a selected file or batch of files in a librar
### Classification Date field
-When a SharePoint Syntex form processing model (or a document understanding model) is applied to a document library, the **Classification Date** field is included in the library schema. By default, this field is empty. However, when documents are processed and classified by a model, this field is updated with a date-time stamp of completion.
+When a Syntex form processing model (or a document understanding model) is applied to a document library, the **Classification Date** field is included in the library schema. By default, this field is empty. However, when documents are processed and classified by a model, this field is updated with a date-time stamp of completion.
-When a model is stamped with the **Classification Date**, you can use the **Send an email after SharePoint Syntex processes a file** flow to notify users that a new file has been processed and classified by a model in the SharePoint document library.
+When a model is stamped with the **Classification Date**, you can use the **Send an email after Syntex processes a file** flow to notify users that a new file has been processed and classified by a model in the SharePoint document library.
To run the flow: 1. Select a file, and then select **Integrate** > **Power Automate** > **Create a flow**.
-2. On the **Create a flow** panel, select **Send an email after SharePoint Syntex processes a file**.
+2. On the **Create a flow** panel, select **Send an email after Syntex processes a file**.
![Screenshot showing the Create a flow panel and flow option highlighted.](../media/content-understanding/integrate-create-flow.png)
contentunderstanding Create An Extractor https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/create-an-extractor.md
Title: Create an extractor in Microsoft SharePoint Syntex
+ Title: Create an extractor in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create an extractor in Microsoft SharePoint Syntex.
+description: Learn how to create an extractor in Microsoft Syntex.
-# Create an extractor in Microsoft SharePoint Syntex
+# Create an extractor in Microsoft Syntex
<br/>
If you have duplicate entities and want to extract only one value or a certain n
[Apply a model](apply-a-model.md)
-[SharePoint Syntex Accessibility Mode](accessibility-mode.md)
+[Syntex accessibility mode](accessibility-mode.md)
contentunderstanding Create Local Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/create-local-model.md
Title: Create a model on a local SharePoint site with Microsoft SharePoint Syntex
+ Title: Create a model on a local SharePoint site with Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create a local model on a local SharePoint site with SharePoint Syntex.
+description: Learn how to create a local model on a local SharePoint site with Microsoft Syntex.
-# Create a model on a local SharePoint site with Microsoft SharePoint Syntex
+# Create a model on a local SharePoint site with Microsoft Syntex
-SharePoint Syntex now provides an option to create and train models locally on your own SharePoint site. These models can be used only on the site where they're created.
+Microsoft Syntex now provides an option to create and train models locally on your own SharePoint site. These models can be used only on the site where they're created.
-By activating document classification and extraction on your SharePoint site, SharePoint Syntex lets you classify files in document libraries, extract information from new files, and automate activities based on extracted information.
+By activating document classification and extraction on your SharePoint site, Syntex lets you classify files in document libraries, extract information from new files, and automate activities based on extracted information.
When you activate local model creation, the following lists and libraries will be added to your site:
This feature is available only for creating [document understanding models](appl
![Screenshot of a SharePoint document library with the Classify and extract option highlighted.](../media/content-understanding/local-model-classify-and-extract-option.png)
-2. The first time you use this feature, you're activating SharePoint Syntex on your site. You'll see the following message.
+2. The first time you use this feature, you're activating Syntex on your site. You'll see the following message.
![Screenshot of the Activate document classification and extraction infomation page.](../media/content-understanding/local-model-first-run-activate-message.png)
contentunderstanding Delete A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/delete-a-model.md
Title: Delete a model in Microsoft SharePoint Syntex
+ Title: Delete a model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to delete a document understanding model in Microsoft SharePoint Syntex.
+description: Learn how to delete a document understanding model in Microsoft Syntex.
-# Delete a model in Microsoft SharePoint Syntex
+# Delete a model in Microsoft Syntex
At some point, you might want to delete a document understanding model or a prebuilt model. Before you delete the model, you must first remove the model from all of the SharePoint document libraries where it has been applied.
contentunderstanding Difference Between Document Understanding And Form Processing Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model.md
Title: Differences between custom models in Microsoft SharePoint Syntex
+ Title: Differences between custom models in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn about key differences between a document understanding model and a form processing model.
+description: Learn about key differences between a document understanding model and a form processing model in Microsoft Syntex.
-# Differences between custom models in Microsoft SharePoint Syntex
+# Differences between custom models in Microsoft Syntex
-Content understanding in Microsoft SharePoint Syntex allows you to identify and classify documents that are uploaded to SharePoint document libraries, and then to extract relevant information from each file. For example, as files are uploaded to a SharePoint document library, all files that are identified as *Purchase Orders* are classified as such, and then displayed in a custom document library view. Additionally, you can pull specific information from each file (for example, *PO Number* and *Total*) and display it as a column in your document library view.
+Content understanding in Microsoft Syntex allows you to identify and classify documents that are uploaded to SharePoint document libraries, and then to extract relevant information from each file. For example, as files are uploaded to a SharePoint document library, all files that are identified as *Purchase Orders* are classified as such, and then displayed in a custom document library view. Additionally, you can pull specific information from each file (for example, *PO Number* and *Total*) and display it as a column in your document library view.
Content understanding lets you create *models* to identify and extract the information you need. Models have value in helping to resolve business issues for search, business processes, compliance, and many others.
There are two custom model types that you can use:
While both models are generally used for the same purpose, the key differences listed below affect which ones you can use. > [!NOTE]
-> See the [Get started driving adoption of SharePoint Syntex](./adoption-getstarted.md) for more information about form processing and document understanding scenario examples.
+> See the [Get started driving adoption of Syntex](./adoption-getstarted.md) for more information about form processing and document understanding scenario examples.
## Structured versus unstructured and semi-structured content
Use the following table to understand when to use form processing and when to us
| Integrate with Managed Metadata | No | Yes, by training entity extractor referencing a configured managed metadata field.| | Compliance feature integration with Microsoft Purview Information Protection | Set published retention labels.<br>Set sensitivity labels is coming. | Set published retention labels.<br>Set published sensitivity labels. | | Supported regions| Form processing relies on Power Platform. For information about global availability for Power Platform and AI Builder, see [Power Platform availability](https://dynamics.microsoft.com/geographic-availability/). | Available in all regions.|
-| Transactional cost | Uses AI Builder credits.<br>3.5K credits are included for each SharePoint Syntex license per month.<br>1M credits will allow processing of 2,000 file pages.<br>| Not applicable |
+| Transactional cost | Uses AI Builder credits.<br>3.5K credits are included for each Syntex license per month.<br>1M credits will allow processing of 2,000 file pages.<br>| Not applicable |
| Capacity | Uses the default Power Platform environment (custom environments with Dataverse database supported). | Does not have capacity restrictions.| | Supported languages| Language support for more than [73 languages](/power-platform-release-plan/2021wave2/ai-builder/form-processing-new-language-support). | Models work on all Latin alphabet languages. In addition to English: German, Swedish, French, Spanish, Italian, and Portuguese.|
Use the following table to understand when to use form processing and when to us
[Form processing overview](form-processing-overview.md)
-[Introduction to SharePoint Syntex](index.md)
+[Introduction to Microsoft Syntex](index.md)
contentunderstanding Document Understanding Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/document-understanding-overview.md
Title: Document understanding overview in Microsoft SharePoint Syntex
+ Title: Document understanding overview in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn about document understanding in Microsoft SharePoint Syntex.
+description: Learn about document understanding in Microsoft Syntex.
-# Document understanding overview in Microsoft SharePoint Syntex
+# Document understanding overview in Microsoft Syntex
</br>
description: Learn about document understanding in Microsoft SharePoint Syntex.
Document understanding uses artificial intelligence (AI) models to automate classification of files and extraction of information. It works best with unstructured documents, such as letters or contracts. These documents must have text that can be identified based on phrases or patterns. The identified text designates both the type of file it is (its classification) and what you'd like to extract (its extractors). > [!NOTE]
-> See the [SharePoint Syntex adoption: Get started guide](./adoption-getstarted.md) for more information about document understanding scenario examples.
+> See the [Syntex adoption: Get started guide](./adoption-getstarted.md) for more information about document understanding scenario examples.
Document understanding models are created and managed in a type of SharePoint site called a *content center*. When applied to a SharePoint document library, the model is associated with a content type has columns to store the information being extracted. The content type you create is stored in the SharePoint content type gallery. You can also choose to use existing content types to use their schema.
Document understanding models support *all* of the Latin-based languages, includ
[Form processing overview](form-processing-overview.md)
-[SharePoint Syntex Accessibility Mode](accessibility-mode.md)
+[Syntex accessibility mode](accessibility-mode.md)
contentunderstanding Duplicate A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/duplicate-a-model.md
Title: Duplicate a model in Microsoft SharePoint Syntex
+ Title: Duplicate a model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how and why to duplicate a document understanding model in Microsoft SharePoint Syntex.
+description: Learn how and why to duplicate a document understanding model in Microsoft Syntex.
-# Duplicate a model in Microsoft SharePoint Syntex
+# Duplicate a model in Microsoft Syntex
Duplicating a document understanding model can save you time and effort if you need to create a new model, and know that an existing model is very similar to what you need.
Follow these steps to duplicate a document understanding model.
[Apply a model](apply-a-model.md)
-[SharePoint Syntex Accessibility Mode](accessibility-mode.md)
+[Syntex accessibility mode](accessibility-mode.md)
contentunderstanding Explanation Templates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/explanation-templates.md
Title: Use explanation templates in Microsoft SharePoint Syntex
+ Title: Use explanation templates in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn more about how to use and save explanation templates in Microsoft SharePoint Syntex.
+description: Learn more about how to use and save explanation templates in Microsoft Syntex.
-# Use explanation templates in Microsoft SharePoint Syntex
+# Use explanation templates in Microsoft Syntex
While you can manually add various phrase list values for your explanation, it can be easier to use the templates provided to you in the explanation library.
You can save an explanation as a template to make it available in the explanatio
### See also
-[Explanation types in SharePoint Syntex](explanation-types-overview.md)
+[Explanation types in Microsoft Syntex](explanation-types-overview.md)
contentunderstanding Explanation Types Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/explanation-types-overview.md
Title: Explanation types in Microsoft SharePoint Syntex
+ Title: Explanation types in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn more about phrase list, regular expression, and proximity explanation types in Microsoft SharePoint Syntex.
+description: Learn more about phrase list, regular expression, and proximity explanation types in Microsoft Syntex.
-# Explanation types in Microsoft SharePoint Syntex
+# Explanation types in Microsoft Syntex
-Explanations are used to help to define the information you want to label and extract in your document understanding models in Microsoft SharePoint Syntex. When you create an explanation, you need to select an explanation type. This article helps you understand the different explanation types and how they're used.
+Explanations are used to help to define the information you want to label and extract in your document understanding models in Microsoft Syntex. When you create an explanation, you need to select an explanation type. This article helps you understand the different explanation types and how they're used.
![Screenshot of the Create an explanation panel showing the three explanation types.](../media/content-understanding/explanation-types.png)
When training a classifier there a few things to keep in mind that will produce
### See also
-[Use explanation templates in SharePoint Syntex](explanation-templates.md)
+[Use explanation templates in Microsoft Syntex](explanation-templates.md)
contentunderstanding Form Processing Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/form-processing-overview.md
Title: Form processing overview in Microsoft SharePoint Syntex
+ Title: Form processing overview in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to use AI Build to create form processing models in Microsoft SharePoint Syntex.
+description: Learn how to use AI Build to create form processing models in Microsoft Syntex.
-# Form processing overview in Microsoft SharePoint Syntex
+# Form processing overview in Microsoft Syntex
![AI Builder.](../media/content-understanding/ai-builder.png)</br>
-Microsoft SharePoint Syntex uses Microsoft Power Apps [AI Builder](/ai-builder/overview) form processing to create models within SharePoint document libraries.
+Microsoft Syntex uses Microsoft Power Apps [AI Builder](/ai-builder/overview) form processing to create models within SharePoint document libraries.
You can use AI Builder form processing to create AI models that use machine learning technology to identify and extract key-value pairs and table data from structured or semi-structured documents, such as forms and invoices. Organizations often receive invoices in large quantities from various sources, such as mail, fax, and email. Processing these documents and manually entering them into a database can take a considerable amount of time. By using AI to extract the text, key/value pairs, and tables from your documents, form processing automates this process. > [!NOTE]
-> See the [SharePoint Syntex adoption: Get started guide](./adoption-getstarted.md) for more information about form processing scenario examples.
+> See the [Syntex adoption: Get started guide](./adoption-getstarted.md) for more information about form processing scenario examples.
For example, you can create a form processing model that identifies all purchase order documents that are uploaded to the document library. From each purchase order, you can then extract and display specific data that is important to you, such as *PO Number*, *Date*, or *Total Cost*.
Form processing supports documents in more than 73 languages. For the list of la
## Multi-Geo environments
-When setting up SharePoint Syntex in a [Microsoft 365 Multi-Geo environment](../enterprise/microsoft-365-multi-geo.md), you can only configure it to use form processing in the central location. If you want to use form processing in a satellite location, contact Microsoft support.
+When setting up Syntex in a [Microsoft 365 Multi-Geo environment](../enterprise/microsoft-365-multi-geo.md), you can only configure it to use form processing in the central location. If you want to use form processing in a satellite location, contact Microsoft support.
## Custom environments
contentunderstanding Image Tagging https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/image-tagging.md
Title: 'Image tagging in SharePoint Syntex'
+ Title: Image tagging in Microsoft Syntex
- m365initiative-syntex ms.localizationpriority: medium
-description: 'Learn about image tagging in SharePoint Syntex'
+description: Learn about image tagging in Microsoft Syntex.
-# Image tagging in SharePoint Syntex
+# Image tagging in Microsoft Syntex
(Coming soon)
-With image tagging in SharePoint Syntex, users can find images through search by searching on image tags, and create workflows based on image tags. By default, basic image tagging is turned on for SharePoint and OneDrive. Images uploaded to either location are automatically scanned and applicable tags are applied, if available, from a list of 37 basic tags. Users can find images through search by searching on the image tags.
+With image tagging in Microsoft Syntex, users can find images through search by searching on image tags, and create workflows based on image tags. By default, basic image tagging is turned on for SharePoint and OneDrive. Images uploaded to either location are automatically scanned and applicable tags are applied, if available, from a list of 37 basic tags. Users can find images through search by searching on the image tags.
When a user uploads an image, the tagging process runs automatically. If an image is edited, the tagging process runs again to update the tags.
If you turn tagging off, images will no longer be automatically tagged. Existing
## Configure image tagging
-After you [set up SharePoint Syntex](set-up-content-understanding.md), you can configure image tagging in the Microsoft 365 admin center.
+After you [set up Syntex](set-up-content-understanding.md), you can configure image tagging in the Microsoft 365 admin center.
To turn image tagging on or off
contentunderstanding Import Term Set Skos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/import-term-set-skos.md
ms.localizationpriority: high
# Import a term set using a SKOS-based format
-You can import a term set using a SKOS-based format. For details about the format, see [SharePoint taxonomy SKOS format reference](skos-format-reference.md). This feature requires a [SharePoint Syntex](index.md) license.
+You can import a term set using a SKOS-based format. For details about the format, see [SharePoint taxonomy SKOS format reference](skos-format-reference.md). This feature requires a [Microsoft Syntex](index.md) license.
We recommend keeping your import files to less than 20,000 terms. Larger files can increase the time taken for validation and import.
contentunderstanding Index https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/index.md
Title: Introduction to Microsoft SharePoint Syntex
+ Title: Introduction to Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to find resources for Microsoft SharePoint Syntex.
+description: Learn how to find resources for Microsoft Syntex.
-# Introduction to Microsoft SharePoint Syntex
+# Introduction to Microsoft Syntex
-SharePoint Syntex is a Microsoft 365 service that helps organizations to:
+Microsoft Syntex is a Microsoft 365 service that helps organizations to:
- Use advanced AI and machine teaching and learning to amplify human experiences - Automate content processing - Transform content into knowledge
-The resources on this page are designed to get you started with learning about and using SharePoint Syntex in your organization.
+The resources on this page are designed to get you started with learning about and using Syntex in your organization.
</br>
The resources on this page are designed to get you started with learning about a
## Get started
-The resources in this section help you learn more about the methods of data classification and extraction used by SharePoint Syntex. There are two custom model typesΓÇö[document understanding](document-understanding-overview.md) and [form processing](form-processing-overview.md)ΓÇöand a [prebuilt](prebuilt-overview.md) model type.
+The resources in this section help you learn more about the methods of data classification and extraction used by Syntex. There are two custom model typesΓÇö[document understanding](document-understanding-overview.md) and [form processing](form-processing-overview.md)ΓÇöand a [prebuilt](prebuilt-overview.md) model type.
> [!NOTE]
-> You can get started with SharePoint Syntex without buying licenses by [creating a content center from the SharePoint admin center](create-a-content-center.md). Unlicensed users can create document understanding models but can't apply them to a document library.
+> You can get started with Syntex without buying licenses by [creating a content center from the SharePoint admin center](create-a-content-center.md). Unlicensed users can create document understanding models but can't apply them to a document library.
| If you're looking for this information: | Go to this resource: | |:--|:--| |Learn more about document understanding|[Document understanding overview](./document-understanding-overview.md)| |Learn more about form processing|[Form processing overview](./form-processing-overview.md)| |Understand the differences between the two methods|[Difference between document understanding and form processing models](./difference-between-document-understanding-and-form-processing-model.md)|
-|See resources in the Microsoft Tech Community Resource Center|[SharePoint Syntex - Content services in Microsoft 365](https://techcommunity.microsoft.com/t5/sharepoint-syntex/bg-p/SharePointSyntex)|
-|SharePoint Syntex FAQ on the Microsoft Tech Community Resource Center |[SharePoint Syntex - FAQ](https://resources.techcommunity.microsoft.com/sharepoint-syntex/faq/)|
-|How to get SharePoint Syntex |[SharePoint Syntex product page](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex)|
-|Learn to use SharePoint Syntex |[SharePoint Syntex learning path](/training/paths/syntex-get-started)|
+|See resources in the Microsoft Tech Community Resource Center|[Syntex - Content services in Microsoft 365](https://techcommunity.microsoft.com/t5/sharepoint-syntex/bg-p/SharePointSyntex)|
+|Syntex FAQ on the Microsoft Tech Community Resource Center |[Syntex - FAQ](https://resources.techcommunity.microsoft.com/sharepoint-syntex/faq/)|
+|How to get Syntex |[Syntex product page](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex)|
+|Learn to use Syntex |[Syntex learning path](/training/paths/syntex-get-started)|
## Adoption
-Learn more about how to use and implement SharePoint Syntex in your organization to help you solve your business problems.
+Learn more about how to use and implement Syntex in your organization to help you solve your business problems.
| If you're looking for this information: | Go to this resource: | |:--|:--|
-|Learn how to start planning to use SharePoint Syntex |[SharePoint Syntex adoption: get started](./adoption-getstarted.md)|
-|See example scenarios to give you ideas about how you can use SharePoint Syntex in your organization |[Scenarios and use cases for SharePoint Syntex](./adoption-scenarios.md)|
-|Set up and run a trial pilot program for SharePoint Syntex |[Run a trial](./trial-syntex.md)|
-|Learn how to use SharePoint Syntex to automate document processes |[Manage contracts using a Microsoft 365 solution](./solution-manage-contracts-in-microsoft-365.md)|
+|Learn how to start planning to use Syntex |[Syntex adoption: get started](./adoption-getstarted.md)|
+|See example scenarios to give you ideas about how you can use Syntex in your organization |[Scenarios and use cases for Syntex](./adoption-scenarios.md)|
+|Set up and run a trial pilot program for Syntex |[Run a trial](./trial-syntex.md)|
+|Learn how to use Syntex to automate document processes |[Manage contracts using a Microsoft 365 solution](./solution-manage-contracts-in-microsoft-365.md)|
|Try out a customizable SharePoint site template to help manage contracts |[Use the Contracts Management site template](./use-contracts-management-site.md)| |Try out an instructional Content Center site template to learn more about models |[Use the Content Center site template](./use-content-center-site.md)|
-## Set up SharePoint Syntex
+## Set up Syntex
-The resources in this section help your admin in your organization to set up and configure Microsoft SharePoint Syntex in your Microsoft 365 environment.
+The resources in this section help your admin in your organization to set up and configure Microsoft Syntex in your Microsoft 365 environment.
| If you're looking for this information: | Go to this resource: | |:--|:--|
-|Set up and configure SharePoint Syntex|[Set up SharePoint Syntex](./set-up-content-understanding.md)|
-|Learn about licensing for SharePoint Syntex|[Licensing for SharePoint Syntex](./syntex-licensing.md)|
-|Learn about image tagging and how to disable|[Image tagging in SharePoint Syntex](./image-tagging.md)|
-|Use PowerShell to manage SharePoint Syntex|[Manage SharePoint Syntex with PowerShell](./powershell-syntex-intro.md)|
+|Set up and configure Syntex|[Set up Syntex](./set-up-content-understanding.md)|
+|Learn about licensing for Syntex|[Licensing for Syntex](./syntex-licensing.md)|
+|Learn about image tagging and how to disable|[Image tagging in Syntex](./image-tagging.md)|
+|Use PowerShell to manage Syntex|[Manage Syntex with PowerShell](./powershell-syntex-intro.md)|
## Models
The resources in this section help your users learn how to create and configure
|Perform metadata-based queries on document libraries|[Search for metadata in document libraries](./metadata-search.md)| |Use Managed Metadata services term store taxonomy when creating an extractor|[Leverage term store taxonomy when creating an extractor](./leverage-term-store-taxonomy.md)| |Learn how to see data about your models|[Model usage analytics](./model-usage-analytics.md)|
-|Learn how to use accessibility mode when training a model|[SharePoint Syntex accessibility mode](./accessibility-mode.md)|
+|Learn how to use accessibility mode when training a model|[Syntex accessibility mode](./accessibility-mode.md)|
## Premium services
-A SharePoint Syntex license gives your users premium content services that give you additional functionality in your Microsoft 365 environment. The resources in this section give you more details about these features and how to use them.
+A Syntex license gives your users premium content services that give you additional functionality in your Microsoft 365 environment. The resources in this section give you more details about these features and how to use them.
| If you're looking for this information: | Go to this resource: | |:--|:--|
Use REST APIs to create a document understanding model, apply or remove the mode
| If you're looking for this information: | Go to this resource: | |:--|:--|
-|Use REST APIs for document understanding models|[SharePoint Syntex document understanding model REST API](/sharepoint/dev/apis/syntex/syntex-model-rest-api)|
+|Use REST APIs for document understanding models|[Syntex document understanding model REST API](/sharepoint/dev/apis/syntex/syntex-model-rest-api)|
contentunderstanding Learn About Document Understanding Models Through The Sample Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/learn-about-document-understanding-models-through-the-sample-model.md
Title: Import a sample document understanding model for Microsoft SharePoint Syntex
+ Title: Import a sample document understanding model for Microsoft Syntex
ms.localizationpriority: medium
description: Learn about document understanding models through the sample model.
-# Import a sample document understanding model for Microsoft SharePoint Syntex
+# Import a sample document understanding model for Microsoft Syntex
-SharePoint Syntex provides you with a sample model you can use to examine, giving you a better understanding of how to create your own models. The sample model also allows you to examine model components, such as its classifier, extractors, and explanations. You can also use the sample files to train the model.
+Microsoft Syntex provides you with a sample model you can use to examine, giving you a better understanding of how to create your own models. The sample model also allows you to examine model components, such as its classifier, extractors, and explanations. You can also use the sample files to train the model.
## Import the sample model
You can not only look through analyze the sample model to get a better understan
## Get sample models
-You can access the [SharePoint Syntex Samples repository](https://github.com/pnp/syntex-samples), which contains community samples that demonstrate different usage patterns of document understanding models. The samples in this repository contain both the document understanding model files and the files used to train the model. Once imported, you can use these models to process files and to view and edit the classifier and extractors.
+You can access the [Syntex Samples repository](https://github.com/pnp/syntex-samples), which contains community samples that demonstrate different usage patterns of document understanding models. The samples in this repository contain both the document understanding model files and the files used to train the model. Once imported, you can use these models to process files and to view and edit the classifier and extractors.
## See also [Create a classifier](create-a-classifier.md)
contentunderstanding Leverage Term Store Taxonomy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/leverage-term-store-taxonomy.md
Title: Leverage term store taxonomy when creating an extractor in Microsoft SharePoint Syntex
+ Title: Leverage term store taxonomy when creating an extractor in Microsoft Syntex
- m365initiative-syntex ms.localizationpriority: medium
-description: Use term store taxonomy when creating an extractor in your document understanding model in Microsoft SharePoint Syntex.
+description: Use term store taxonomy when creating an extractor in your document understanding model in Microsoft Syntex.
-# Leverage term store taxonomy when creating an extractor in Microsoft SharePoint Syntex
+# Leverage term store taxonomy when creating an extractor in Microsoft Syntex
</br>
description: Use term store taxonomy when creating an extractor in your document
</br>
-When you create an extractor in your document understanding model using SharePoint Syntex, you can take advantage of global term sets in the [term store](/sharepoint/managed-metadata) to display preferred terms for data that you extract.
+When you create an extractor in your document understanding model using Microsoft Syntex, you can take advantage of global term sets in the [term store](/sharepoint/managed-metadata) to display preferred terms for data that you extract.
As an example, your model identifies and classifies all **Contract** documents that are uploaded to the document library. Additionally, the model also extracts a **Contract Service** value from each contract, and will display it in a column in your library view. Among the various Contract Services values in the contracts, there are several older values that your company no longer uses and have been renamed. For example, all references to the terms *Design*, *Graphics*, or *Topography* contract services should now be called *Creative*. Whenever your model extracts one of the outdated terms from a contract document, you want it to display the current term - Creative - in your library view. In the example below, while training the model we see that one sample document contains the outdated term of *Design*.
contentunderstanding Metadata Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/metadata-search.md
Title: Search for metadata in document libraries in Microsoft SharePoint Syntex
+ Title: Search for metadata in document libraries in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: high
-description: Learn how to use advanced metadata search and search for custom site columns to find items in SharePoint document libraries using SharePoint Syntex.
+description: Learn how to use advanced metadata search and search for custom site columns to find items in SharePoint document libraries using Microsoft Syntex.
-# Search for metadata in document libraries in Microsoft SharePoint Syntex
+# Search for metadata in document libraries in Microsoft Syntex
-The advanced metadata search feature in SharePoint Syntex lets you perform specific metadata-based queries on SharePoint document libraries. You can make faster, more precise queries based on specific metadata column values, rather than just searching for keywords.
+The advanced metadata search feature in Microsoft Syntex lets you perform specific metadata-based queries on SharePoint document libraries. You can make faster, more precise queries based on specific metadata column values, rather than just searching for keywords.
Advanced metadata search lets you use the metadata associated with a document to help locate the file in a SharePoint document library. This feature is particularly useful when you have a specific piece of information you want to search for, such as when a document was last modified, a specific person associated with a file, or a specific file type. > [!NOTE]
-> This feature is available only for users who are licensed for SharePoint Syntex.
+> This feature is available only for users who are licensed for Syntex.
## To use advanced metadata search
contentunderstanding Model Discovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/model-discovery.md
Title: Publish and discover models in Microsoft SharePoint Syntex
+ Title: Publish and discover models in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to make trained models available to other users and how to apply other trained models in Microsoft SharePoint Syntex.
+description: Learn how to make trained models available to other users and how to apply other trained models in Microsoft Syntex.
-# Publish and discover models in Microsoft SharePoint Syntex
+# Publish and discover models in Microsoft Syntex
You can make your trained document understanding models available for others to view and use directly from the SharePoint document library.
contentunderstanding Model Usage Analytics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/model-usage-analytics.md
Title: Analyze how your models are used in Microsoft SharePoint Syntex
+ Title: Analyze how your models are used in Microsoft Syntex
ms.localizationpriority: medium
description: Learn how to find more information about how your document understanding and form processing models are performing.
-# Analyze how your models are used in Microsoft SharePoint Syntex
+# Analyze how your models are used in Microsoft Syntex
</br>
description: Learn how to find more information about how your document understa
</br>
-Your SharePoint Syntex content center provides you model usage analytics to provide more information about how your models that have been published from the content center are being used. The <b>How your models are performing in the last 30 days</b> section of the content center includes a 30 day roll-up of usage analytics data provided in the following charts and lists:
+Your Microsoft Syntex content center provides you model usage analytics to provide more information about how your models that have been published from the content center are being used. The <b>How your models are performing in the last 30 days</b> section of the content center includes a 30 day roll-up of usage analytics data provided in the following charts and lists:
- Classification by model - Classification by library
Your SharePoint Syntex content center provides you model usage analytics to prov
### Roll up of model usage data in the default content center
-In SharePoint Syntex, the default content center is created during setup. More content centers can also be created as needed. For example, departments might create their own content centers to create and manage their models.
+In Syntex, the default content center is created during setup. More content centers can also be created as needed. For example, departments might create their own content centers to create and manage their models.
Regarding model usage analytics, note that:
contentunderstanding Powershell Syntex Explanations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-explanations.md
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: medium
-description: "Learn about work with SharePoint Syntex document understanding model explanations in PowerShell."
+description: Learn about work with Microsoft Syntex document understanding model explanations in PowerShell.
# Work with document understanding model explanations in PowerShell > [!IMPORTANT]
-> The SharePoint Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
+> The Microsoft Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
Custom explanation templates are stored in a list within a content center. Because these explanations are stored as list items, PowerShell can be used to interact with them.
contentunderstanding Powershell Syntex Import Export https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-import-export.md
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: medium
-description: "Learn about how to export and import document understanding models with PowerShell in SharePoint Syntex."
+description: Learn about how to export and import document understanding models with PowerShell in Microsoft Syntex.
# Export and import document understanding models with PowerShell > [!IMPORTANT]
-> The SharePoint Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
+> The Microsoft Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
-SharePoint Syntex models can be exported as PnP templates, enabling reuse across content centers or tenants.
+Syntex models can be exported as PnP templates, enabling reuse across content centers or tenants.
## Export all models in a content center
contentunderstanding Powershell Syntex Intro https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-intro.md
Title: Manage SharePoint Syntex by using PowerShell
+ Title: Manage Microsoft Syntex by using PowerShell
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: medium
-description: Learn how to manage SharePoint Syntex with PowerShell.
+description: Learn how to manage Microsoft Syntex with PowerShell.
-# Manage SharePoint Syntex by using PowerShell
+# Manage Microsoft Syntex by using PowerShell
> [!IMPORTANT]
-> The SharePoint Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
+> The Microsoft Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
-For these scenarios, the SharePoint Syntex cmdlets in the PnP PowerShell module can be used to interact with models and explanations. To learn more about how to install this module, see [PnP PowerShell overview](/powershell/sharepoint/sharepoint-pnp/sharepoint-pnp-cmdlets).
+For these scenarios, the Syntex cmdlets in the PnP PowerShell module can be used to interact with models and explanations. To learn more about how to install this module, see [PnP PowerShell overview](/powershell/sharepoint/sharepoint-pnp/sharepoint-pnp-cmdlets).
-Select from the following scenarios to learn how to use PowerShell to manage SharePoint Syntex:
+Select from the following scenarios to learn how to use PowerShell to manage Syntex:
- [**Import and Export Models**](powershell-syntex-import-export.md)
contentunderstanding Powershell Syntex Processing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-processing.md
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: medium
-description: Learn how to use PowerShell to request processing by a SharePoint Syntex document understanding model.
+description: Learn how to use PowerShell to request processing by a Microsoft Syntex document understanding model.
# Use PowerShell to request processing by a document understanding model > [!IMPORTANT]
-> The SharePoint Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
+> The Microsoft Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
Document understanding models will process newly uploaded files to a library. It is also possible to manually request processing in the UI. However there might be scenarios where it is more efficient to trigger processing through PowerShell.
contentunderstanding Powershell Syntex Publishing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/powershell-syntex-publishing.md
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: medium
-description: "Learn how to publish a SharePoint Syntex document understanding models with PowerShell."
+description: "Learn how to publish a Microsoft Syntex document understanding models with PowerShell."
# Publish document understanding models with PowerShell > [!IMPORTANT]
-> The SharePoint Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
+> The Microsoft Syntex PowerShell cmdlets and all other PnP components are open-source tools backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels.
-SharePoint Syntex models typically are deployed to document libraries across your tenant. This can be done by using the content center site, but this can also be done using [PnP PowerShell](https://pnp.github.io/powershell/) as explained in this article.
+Syntex models typically are deployed to document libraries across your tenant. This can be done by using the content center site, but this can also be done using [PnP PowerShell](https://pnp.github.io/powershell/) as explained in this article.
## Listing the available models in a content center
-To get an overview of the models added to the current SharePoint Syntex content center site, use the [Get-PnPSyntexModel](https://pnp.github.io/powershell/cmdlets/Get-PnPSyntexModel.html) cmdlet:
+To get an overview of the models added to the current Syntex content center site, use the [Get-PnPSyntexModel](https://pnp.github.io/powershell/cmdlets/Get-PnPSyntexModel.html) cmdlet:
```PowerShell Connect-PnPOnline -Url "https://contoso.sharepoint.com/sites/yourContentCenter"
contentunderstanding Prebuilt Models https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/prebuilt-models.md
Title: Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex
+ Title: Use a prebuilt model to extract info from invoices or receipts in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to create and configure a prebuilt model in SharePoint Syntex.
+description: Learn how to create and configure a prebuilt model in Microsoft Syntex.
-# Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex
+# Use a prebuilt model to extract info from invoices or receipts in Microsoft Syntex
Prebuilt models are pretrained to recognize documents and the structured information in the documents. Instead of having to create a new custom model from scratch, you can iterate on an existing pretrained model to add specific fields that fit the needs of your organization.
Additional prebuilt models will be available in future releases.
## Create a prebuilt model
-Follow these steps to create a prebuilt model to classify documents in SharePoint Syntex.
+Follow these steps to create a prebuilt model to classify documents in Syntex.
1. From the **Models** page, select **Create a model**.
contentunderstanding Prebuilt Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/prebuilt-overview.md
Title: Prebuilt models overview in Microsoft SharePoint Syntex
+ Title: Prebuilt models overview in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn about prebuilt models in Microsoft SharePoint Syntex.
+description: Learn about prebuilt models in Microsoft Syntex.
-# Prebuilt models overview in Microsoft SharePoint Syntex
+# Prebuilt models overview in Microsoft Syntex
-In addition to [document understanding models](document-understanding-overview.md) and [form processing models](form-processing-overview.md), SharePoint Syntex provides prebuilt models to automate the extraction of information.
+In addition to [document understanding models](document-understanding-overview.md) and [form processing models](form-processing-overview.md), Microsoft Syntex provides prebuilt models to automate the extraction of information.
Prebuilt models are pretrained to recognize documents and the structured information in the documents. Instead of having to create a new custom model from scratch, you can iterate on an existing pretrained model to add specific fields that fit the needs of your organization.
contentunderstanding Push Content Type To Hub https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/push-content-type-to-hub.md
Title: Push content types to a hub
-description: "Learn how to Push content types to a hub"
+description: Learn how to push content types to a hub.
+ audience: admin
ms.localizationpriority: high
</br>
-To make important content types more consistently available to SharePoint libraries and lists, you can push them to the hubs that you choose. Pushing the content types automatically adds them to any new lists and libraries created on the sites associated with the hub, and to any new sites added to the hub. This feature requires a [SharePoint Syntex](index.md) license.
+To make important content types more consistently available to SharePoint libraries and lists, you can push them to the hubs that you choose. Pushing the content types automatically adds them to any new lists and libraries created on the sites associated with the hub, and to any new sites added to the hub. This feature requires a [Microsoft Syntex](index.md) license.
For this feature to work, the content types being pushed must already be published.
contentunderstanding Rename A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rename-a-model.md
Title: Rename a model in Microsoft SharePoint Syntex
+ Title: Rename a model in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how and why to rename a document understanding model in Microsoft SharePoint Syntex.
+description: Learn how and why to rename a document understanding model in Microsoft Syntex.
-# Rename a model in Microsoft SharePoint Syntex
+# Rename a model in Microsoft Syntex
At some point, you might want to rename a document understanding model. A common example is when you create an initial draft of a model, you might not have given a lot of thought as to the final name (for example, you might have named it ΓÇ£AlexWilburModel1ΓÇ¥). As you come closer to finalizing the model and putting it to use, you realize that a more proper name would be ΓÇ£Contract Renewals,ΓÇ¥ and you want to rename it.
contentunderstanding Rename An Extractor https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rename-an-extractor.md
Title: Rename an extractor in Microsoft SharePoint Syntex
+ Title: Rename an extractor in Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how and why to rename an extractor in Microsoft SharePoint Syntex.
+description: Learn how and why to rename an extractor in Microsoft Syntex.
-# Rename an extractor in Microsoft SharePoint Syntex
+# Rename an extractor in Microsoft Syntex
At some point, you might need to rename an extractor if you want to refer to an extracted data field by a different name. For example, your organization decides to make changes to their contract documents, and refers to ΓÇ£customersΓÇ¥ as ΓÇ£clientsΓÇ¥ in their documents. If you were extracting a ΓÇ£CustomerΓÇ¥ field in your model, you can choose to rename it to ΓÇ£Client.ΓÇ¥
contentunderstanding Set Up Content Understanding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/set-up-content-understanding.md
Title: 'Set up SharePoint Syntex'
+ Title: Set up Microsoft Syntex
- admindeeplinkMAC search.appverid: MET150 ms.localizationpriority: high
-description: "Set up SharePoint Syntex"
+description: Set up Microsoft Syntex.
-# Set up SharePoint Syntex
+# Set up Microsoft Syntex
-Admins can use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> to set up [Microsoft SharePoint Syntex](index.md).
+Admins can use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> to set up [Microsoft Syntex](index.md).
Consider the following before you start:
Prior to setup, make sure to plan for the best way to set up and configure conte
## Requirements > [!NOTE]
-> You must have Global admin or SharePoint admin permissions to be able to access the Microsoft 365 admin center and set up SharePoint Syntex.
+> You must have Global admin or SharePoint admin permissions to be able to access the Microsoft 365 admin center and set up Syntex.
As an admin, you can also make changes to your selected settings anytime after setup, and throughout the content understanding management settings in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a>.
Users creating models in a [content center site](/microsoft-365/contentunderstan
### Licensing
-To use SharePoint Syntex, your organization must have a subscription to SharePoint Syntex, and each user must have a licenses assigned. SharePoint Syntex licenses include the following apps, which must all be assigned:
+To use Syntex, your organization must have a subscription to Syntex, and each user must have a licenses assigned. yntex licenses include the following apps, which must all be assigned:
-- SharePoint Syntex-- SharePoint Syntex - SPO type-- Common Data Service for SharePoint Syntex
+- Microsoft Syntex
+- Microsoft Syntex - SPO type
+- Common Data Service for Microsoft Syntex
-To use form processing, you also need AI Builder credits. For each licensed user of SharePoint Syntex, an allocation of AI Builder credits is provided each month.
+To use form processing, you also need AI Builder credits. For each licensed user of Syntex, an allocation of AI Builder credits is provided each month.
-For details about SharePoint Syntex licensing, see [SharePoint Syntex licensing](syntex-licensing.md)
+For details about Syntex licensing, see [Syntex licensing](syntex-licensing.md).
-## To set up SharePoint Syntex
+## To set up Syntex
1. In the Microsoft 365 admin center, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2171997" target="_blank">**Setup**</a>, and then view the **Files and content** section.
For details about SharePoint Syntex licensing, see [SharePoint Syntex licensing]
## Assign licenses
-Once you have configured SharePoint Syntex, you must assign licenses for the users who will be using any SharePoint Syntex features.
+Once you have configured Syntex, you must assign licenses for the users who will be using any Syntex features.
To assign licenses:
To assign licenses:
4. Select **Show apps for SharePoint Syntex**. Under **Apps**, make sure **Common Data Service for SharePoint Syntex**, **SharePoint Syntex**, and **SharePoint Syntex - SPO type** are all selected. > [!div class="mx-imgBorder"]
- > ![SharePoint Syntex licenses in the Microsoft 365 admin center.](../media/content-understanding/sharepoint-syntex-licenses.png)
+ > ![Syntex licenses in the Microsoft 365 admin center.](../media/content-understanding/sharepoint-syntex-licenses.png)
5. Click **Save changes**.
contentunderstanding Skos Format Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/skos-format-reference.md
Title: 'SKOS format reference for SharePoint taxonomy'
+ Title: SKOS format reference for SharePoint taxonomy
- enabler-strategic - m365initiative-syntex ms.localizationpriority: high
-description: 'SKOS format reference for SharePoint taxonomy'
+description: Learn about SKOS format reference for SharePoint taxonomy.
+ # SKOS format reference for SharePoint taxonomy This article includes RDF vocabulary used to represent [SharePoint taxonomy](/dotnet/api/microsoft.sharepoint.taxonomy) and is based on [SKOS](https://www.w3.org/TR/skos-primer/). For serialization of this RDF syntax, use RDF [TURTLE](https://www.w3.org/TR/turtle/).
contentunderstanding Solution Manage Contracts In Microsoft 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-in-microsoft-365.md
search.appverid: ms.localizationpriority: medium ROBOTS:
-description: Learn how to manage contracts using a Microsoft 365 solution of SharePoint Syntex, SharePoint Lists, Microsoft Teams, and Power Automate.
+description: Learn how to manage contracts using a Microsoft 365 solution of Microsoft Syntex, SharePoint Lists, Microsoft Teams, and Power Automate.
# Manage contracts using a Microsoft 365 solution
-This article describes how to create a contracts management solution for your organization by using SharePoint Syntex and components of Microsoft 365. It provides you with a framework to help you plan and create a solution that fits your unique business needs. Even though this solution talks about contract management, you can adapt it to create other document management solutions, such as for statements of work or invoices.
+This article describes how to create a contracts management solution for your organization by using Microsoft Syntex and components of Microsoft 365. It provides you with a framework to help you plan and create a solution that fits your unique business needs. Even though this solution talks about contract management, you can adapt it to create other document management solutions, such as for statements of work or invoices.
</br>
The first step in planning your contract management system is to understand the
## Overview of the solution
- ![Diagram of the solution using SharePoint Syntex, SharePoint lists, Teams, and Power Automate.](../media/content-understanding/syntex-solution-manage-contracts-setup-steps.png)
+ ![Diagram of the solution using Syntex, SharePoint lists, Teams, and Power Automate.](../media/content-understanding/syntex-solution-manage-contracts-setup-steps.png)
This contract management solution guidance includes four components of Microsoft 365: -- **Microsoft SharePoint Syntex**: Create models to identify and classify your contract files and then extract the appropriate data from them.
+- **Microsoft Syntex**: Create models to identify and classify your contract files and then extract the appropriate data from them.
- **Microsoft SharePoint lists**: Use the formatting available in modern SharePoint lists to present contracts in a business-friendly format.
This contract management solution guidance includes four components of Microsoft
![Diagram of the solution showing the workflow to upload documents, extract data, notify stakeholders, and approve or reject the contract.](../media/content-understanding/syntex-solution-manage-contracts-overview.png)
-1. Documents are uploaded to a SharePoint document library. A SharePoint Syntex document understanding model has been applied to the document library. It checks each file to see if any match a "contract" content type it's trained to look for. If it finds a match, it classifies the file as a "contract" and updates the content type for the document.
+1. Documents are uploaded to a SharePoint document library. A Syntex document understanding model has been applied to the document library. It checks each file to see if any match a "contract" content type it's trained to look for. If it finds a match, it classifies the file as a "contract" and updates the content type for the document.
2. The model also pulls out specific data from each contract file that stakeholders are interested in seeing, such as the *Client*, *Contractor*, and *Fee amount*.
This contract management solution guidance includes four components of Microsoft
This solution relies on the following functionality, all available as part of a Microsoft 365 Enterprise (E1, E3, E5, F3) or Business (Basic, Standard, or Premium) license: -- Microsoft SharePoint Syntex
+- Microsoft Syntex
- Microsoft Teams - Power Automate
-### Learn how to use SharePoint Syntex
+### Learn how to use Syntex
-New to SharePoint Syntex? Learn how to use SharePoint Syntex to manage content using AI.
+New to Microsoft Syntex? Learn how to use Syntex to manage content using AI.
-The [Get started with SharePoint Syntex](/training/paths/syntex-get-started) learning path will teach how you can use document understanding and form processing models to classify documents, extract text, and label your documents for quick and easy knowledge management.
+The [Get started with Microsoft Syntex](/training/paths/syntex-get-started) learning path will teach how you can use document understanding and form processing models to classify documents, extract text, and label your documents for quick and easy knowledge management.
## Create the solution The next sections will go into detail about how to configure your contracts management solution. It's divided into three steps: -- [Step 1. Use SharePoint Syntex to identify contract files and extract data](solution-manage-contracts-step1.md)
+- [Step 1. Use Microsoft Syntex to identify contract files and extract data](solution-manage-contracts-step1.md)
- [Step 2. Use Microsoft Teams to create your contract management channel](solution-manage-contracts-step2.md) - [Step 3. Use Power Automate to create the flow to process your contracts](solution-manage-contracts-step3.md)
contentunderstanding Solution Manage Contracts Step1 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-step1.md
Title: Step 1. Use SharePoint Syntex to identify contract files and extract data
+ Title: Step 1. Use Microsoft Syntex to identify contract files and extract data
search.appverid: ms.localizationpriority: medium ROBOTS:
-description: Learn how to use SharePoint Syntex to identify contract files and extract data by using a Microsoft 365 solution.
+description: Learn how to use Microsoft Syntex to identify contract files and extract data by using a Microsoft 365 solution.
-# Step 1. Use SharePoint Syntex to identify contract files and extract data
+# Step 1. Use Microsoft Syntex to identify contract files and extract data
-Your organization needs a way to identify and classify all contract documents from the many files you receive. You also want to be able to quickly view several key elements in each of the contract files identified (for example, *Client*, *Contractor*, and *Fee amount*). You can do this by using [SharePoint Syntex](index.md) to create a document understanding model and applying it to a document library.
+Your organization needs a way to identify and classify all contract documents from the many files you receive. You also want to be able to quickly view several key elements in each of the contract files identified (for example, *Client*, *Contractor*, and *Fee amount*). You can do this by using [Syntex](index.md) to create a document understanding model and applying it to a document library.
## Overview of the process
Document understanding models use Optical Character Recognition (OCR) technology
1. First, you need to find at least five example files that you can use to "train" the model to search for characteristics that are specific to the content type you're trying to identify (a contract).
-2. Using SharePoint Syntex, create a new document understanding model. Using your example files, you need to [create a classifier](create-a-classifier.md). By training the classifier with your example files, you teach it to search for characteristics that are specific to what you would see in your company's contracts. For example, [create an "explanation"](create-a-classifier.md#create-an-explanation) that searches for specific strings that are in your contracts, such as *Service Agreement*, *Terms of Agreement*, and *Compensation*. You can even train your explanation to look for these strings in specific sections of the document, or located next to other strings. When you think you have trained your classifier with the information it needs, you can test your model on a sample set of example files to see how efficient it is. After testing, if needed you can choose to make changes to your explanations to make them more efficient.
+2. Using Syntex, create a new document understanding model. Using your example files, you need to [create a classifier](create-a-classifier.md). By training the classifier with your example files, you teach it to search for characteristics that are specific to what you would see in your company's contracts. For example, [create an "explanation"](create-a-classifier.md#create-an-explanation) that searches for specific strings that are in your contracts, such as *Service Agreement*, *Terms of Agreement*, and *Compensation*. You can even train your explanation to look for these strings in specific sections of the document, or located next to other strings. When you think you have trained your classifier with the information it needs, you can test your model on a sample set of example files to see how efficient it is. After testing, if needed you can choose to make changes to your explanations to make them more efficient.
3. In your model, you can [create an extractor](create-an-extractor.md) to pull out specific pieces of data from each contract. For example, for each contract, the information you're most concerned about is who the client is, the name of the contractor, and the total cost.
contentunderstanding Solution Manage Contracts Step2 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-step2.md
When your organization sets up a contracts management solution, you need a centr
## Attach your SharePoint document library to the Contracts tab
-After you create a **Contracts** tab in your Contracts Management channel, you need to [attach your SharePoint document library to it](https://support.microsoft.com/office/add-a-sharepoint-page-list-or-document-library-as-a-tab-in-teams-131edef1-455f-4c67-a8ce-efa2ebf25f0b). The SharePoint document library you want to attach is the one in which you applied your SharePoint Syntex document understanding model to in the previous section.
+After you create a **Contracts** tab in your Contracts Management channel, you need to [attach your SharePoint document library to it](https://support.microsoft.com/office/add-a-sharepoint-page-list-or-document-library-as-a-tab-in-teams-131edef1-455f-4c67-a8ce-efa2ebf25f0b). The SharePoint document library you want to attach is the one in which you applied your Syntex document understanding model to in the previous section.
After you attach the SharePoint document library, you'll be able to view any classified contracts through a default list view.
After you attach the SharePoint document library, you'll be able to view any cla
> [!NOTE] > This section references code examples that are contained in the [ContractTileFormatting.json](https://github.com/pnp/syntex-samples/blob/main/scenario%20samples/Contracts%20Management/View%20Formatter/ContractTileFormatting.json) file that is included in the [Contracts Management Solution Assets repository](https://github.com/pnp/syntex-samples/tree/main/scenario%20samples/Contracts%20Management).
-While Teams lets you view your contracts in a tile view, you might want to customize it to view the contract data you want to make visible in the contract card. For example, for the **Contracts** tab, it is important for members to see the client, contractor, and fee amount on the contract card. All of these fields were extracted from each contract through your SharePoint Syntex model that was applied to your document library. You also want to be able to change the tile header bar to different colors for each status so that members can easily see where the contract is in the approval process. For example, all approved contracts will have a blue header bar.
+While Teams lets you view your contracts in a tile view, you might want to customize it to view the contract data you want to make visible in the contract card. For example, for the **Contracts** tab, it is important for members to see the client, contractor, and fee amount on the contract card. All of these fields were extracted from each contract through your Syntex model that was applied to your document library. You also want to be able to change the tile header bar to different colors for each status so that members can easily see where the contract is in the approval process. For example, all approved contracts will have a blue header bar.
![Tile view of SharePoint library.](../media/content-understanding/tile.png)
The following code lets you define the status of each title card. Note that each
## Extracted fields
-Each contract card will display three fields that were extracted for each contract (*Client*, *Contractor*, and *Fee Amount*). Additionally, you also want to display the time/date that the file was classified by the SharePoint Syntex model used to identify it.
+Each contract card will display three fields that were extracted for each contract (*Client*, *Contractor*, and *Fee Amount*). Additionally, you also want to display the time/date that the file was classified by the Syntex model used to identify it.
In the [ContractTileFormatting.json](https://github.com/pnp/syntex-samples/blob/main/scenario%20samples/Contracts%20Management/View%20Formatter/ContractTileFormatting.json) file, the following sections define each of these.
contentunderstanding Solution Manage Contracts Step3 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/solution-manage-contracts-step3.md
description: Learn how to use Power Automate to create your flow to process your
# Step 3. Use Power Automate to create the flow to process your contracts
-You've created your Contract Management channel and have attached your SharePoint document library. The next step is to create a Power Automate flow to process your contracts that your SharePoint Syntex model identifies and classifies. You can do this step by [creating a Power Automate flow in your SharePoint document library](https://support.microsoft.com/office/create-a-flow-for-a-list-or-library-in-sharepoint-or-onedrive-a9c3e03b-0654-46af-a254-20252e580d01).
+You've created your Contract Management channel and have attached your SharePoint document library. The next step is to create a Power Automate flow to process your contracts that your Syntex model identifies and classifies. You can do this step by [creating a Power Automate flow in your SharePoint document library](https://support.microsoft.com/office/create-a-flow-for-a-list-or-library-in-sharepoint-or-onedrive-a9c3e03b-0654-46af-a254-20252e580d01).
For your contracts management solution, you want to create a Power Automate flow to do the following actions: -- After a contract has been classified by your SharePoint Syntex model, change the contract status to **In review**.
+- After a contract has been classified by your Syntex model, change the contract status to **In review**.
- The contract is then reviewed and is either approved or rejected. - For approved contracts, the contract information is posted to a tab for payment processing. - For rejected contracts, the team is notified for further analysis.
The following diagram shows the Power Automate flow for the contract management
## Prepare your contract for review
-When a contract is identified and classified by your SharePoint Syntex document understanding model, the Power Automate flow will first change the status to **In review**.
+When a contract is identified and classified by your Syntex document understanding model, the Power Automate flow will first change the status to **In review**.
![Update status.](../media/content-understanding/flow-overview.png)
contentunderstanding Syntex Licensing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/syntex-licensing.md
Title: 'Licensing for SharePoint Syntex'
+ Title: Licensing for Microsoft Syntex
- m365initiative-syntex search.appverid: MET150 ms.localizationpriority: high
-description: "Learn about licensing for SharePoint Syntex"
+description: Learn about licensing for Microsoft Syntex.
-# Licensing for SharePoint Syntex
+# Licensing for Microsoft Syntex
-To use SharePoint Syntex, each Syntex user must have a license for it. If you cancel your SharePoint Syntex licenses at a future date (or your trial expires), users will no longer be able to create, publish, or run document understanding or form processing models. Additionally, term store reports, SKOS taxonomy import, and content type push will no longer be available. No models, content, or metadata will be deleted and site permissions will not be changed.
+To use Microsoft Syntex, you must have a license for each Syntex user. If you remove all Syntex licenses from your tenant at a future date (or your trial expires), users will no longer be able to create, publish, or run document understanding or form processing models. Additionally, term store reports, SKOS taxonomy import, and Content type push will no longer be available. No models, content, or metadata will be deleted and site permissions will not be changed.
> [!NOTE]
-> SharePoint Syntex is an add-on license and requires users also to have a license for Microsoft 365.
+> Syntex is an add-on license and requires users also to have a license for Microsoft 365.
## Tasks requiring a license
-The following tasks require a [SharePoint Syntex license](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex) for the user performing them:
+The following tasks require a [Syntex license](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex) for the user performing them:
- Applying a document understanding model to a library. (Unlicensed users can be granted access to a content center and can create document understanding models there but can't apply them to a document library.) - Creating a form processing model via the entry point in a library
Unlicensed users can be granted access to a content center and can create docume
## Cost of training and running models
-The cost of training and running document understanding models is included in the cost of a SharePoint Syntex license. However, form processing models use AI Builder capacity, for both training and runtime processing. Capacity must be allocated to the Power Apps environment where you will use AI Builder.
+The cost of training and running document understanding models is included in the cost of a Syntex license. However, form processing models use AI Builder capacity, for both training and runtime processing. Capacity must be allocated to the Power Apps environment where you will use AI Builder.
-For each SharePoint Syntex license, you are allocated 3,500 AI Builder credits per license, per month pooled at the tenant level, with a maximum allocation of 1 million credits per month. This allocation is renewed each month for each active SharePoint Syntex license. (Unused credits don't roll over from month to month.)
+For each Syntex license, you are allocated 3,500 AI Builder credits per license, per month pooled at the tenant level, with a maximum allocation of 1 million credits per month. This allocation is renewed each month for each active Syntex license. (Unused credits don't roll over from month to month.)
You can estimate the AI Builder capacity thatΓÇÖs right for you with the [AI Builder calculator](https://powerapps.microsoft.com/ai-builder-calculator).
Go to the [Power Platform admin center](https://admin.powerplatform.microsoft.co
## Additional term store features
-Having one or more SharePoint Syntex licenses in your organization enables the following additional term store features for SharePoint admins:
+Having one or more Syntex licenses in your organization enables the following additional term store features for SharePoint admins:
- SKOS-based term set import - Pushing enterprise content types to a hub site, which also adds them to the associated sites and any newly created lists or libraries
contentunderstanding Term Store Analytics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/term-store-analytics.md
- m365initiative-syntex ms.localizationpriority: high- # Term store reports
-You can access reports for <a href="https://go.microsoft.com/fwlink/?linkid=2185073" target="_blank">Term store</a> in the SharePoint admin center. This feature requires a [SharePoint Syntex](index.md) license.
+You can access reports for <a href="https://go.microsoft.com/fwlink/?linkid=2185073" target="_blank">Term store</a> in the SharePoint admin center. This feature requires a [Microsoft Syntex](index.md) license.
Expand **Reports**, and then click **Content services**.
contentunderstanding Trial Syntex https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/trial-syntex.md
Title: Run a trial of Microsoft SharePoint Syntex
+ Title: Run a trial of Microsoft Syntex
- admindeeplinkMAC search.appverid: ms.localizationpriority: medium
-description: Learn how to plan, sign up, and run a trial pilot program for SharePoint Syntex in your organization.
+description: Learn how to plan, sign up, and run a trial pilot program for Microsoft Syntex in your organization.
-# Run a trial of Microsoft SharePoint Syntex
+# Run a trial of Microsoft Syntex
-This article describes how to set up and run a trial pilot program to deploy SharePoint Syntex in your organization. It also recommends best practices for the trial.
+This article describes how to set up and run a trial pilot program to deploy Microsoft Syntex in your organization. It also recommends best practices for the trial.
## Sign up for a trial
-The trial of SharePoint Syntex gives access to 300 users for 30 days.
+The trial of Syntex gives access to 300 users for 30 days.
> [!NOTE] > Up to 300 users are included in the trial to ensure the automatic addition of 1 million AI Builder credits. You do not have to include 300 users for a trial to succeed. You can get the trial version from one of the following sources: -- The [SharePoint Syntex product page](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex?activetab=pivot:overviewtab)
+- The [Syntex product page](https://www.microsoft.com/microsoft-365/enterprise/sharepoint-syntex?activetab=pivot:overviewtab)
- The [Microsoft 365 admin center](https://admin.microsoft.com) 1. Sign in to the [Microsoft 365 admin center](https://admin.microsoft.com). 2. Go to **Billing** > <a href="https://go.microsoft.com/fwlink/p/?linkid=868433" target="_blank">**Purchase Services**</a>. 3. Scroll down to the **Add-Ons** section.
- 4. On the SharePoint Syntex tile, select **Details**.
+ 4. On the Syntex tile, select **Details**.
5. Select **Start free trial**. 6. To confirm the trial, follow the remaining wizard steps.
You must be a Microsoft 365 global administrator or billing administrator to act
|Role|Activity| ||| |Microsoft 365 global admin or billing admin|Activate the trial and assign licenses|
-|Microsoft 365 global admin or SharePoint admin|Configure SharePoint Syntex and create content centers|
+|Microsoft 365 global admin or SharePoint admin|Configure Syntex and create content centers|
|Business users|Model building and testing| ### Before you activate a trial
-To successfully plan a SharePoint Syntex trial, consider the following factors:
+To successfully plan a Syntex trial, consider the following factors:
- The most meaningful testing is completed on ΓÇ£real worldΓÇ¥ scenarios and data.-- You can only activate a SharePoint Syntex trial once per tenant.
+- You can only activate a Syntex trial once per tenant.
A test or demo tenant can be used as a ΓÇ£dry runΓÇ¥ to walk through the activation steps and administrative controls. But it's probably best to evaluate model building on a production tenant.
-To maximize the value of a trial on a production tenant, planning and business engagement are essential. You should engage one or more business areas to identify three to six use cases that could potentially be addressed by SharePoint Syntex. These use cases should:
+To maximize the value of a trial on a production tenant, planning and business engagement are essential. You should engage one or more business areas to identify three to six use cases that could potentially be addressed by Syntex. These use cases should:
- Include scenarios that could be solved by either the form processing or document understanding model.-- Have a clear understanding of the purpose for any extracted metadata; for example, view formatting or automation by using Power Automate. While SharePoint Syntex is focused on classifying documents and extracting metadata, the value to quantify is what this metadata enables.-- Be based on a defined set of data; for example, specific SharePoint sites or libraries. A common misconception of SharePoint Syntex is that general purpose models can be applied across all organization content. A more accurate view is that models are built to help solve specific business problems in targeted locations.
+- Have a clear understanding of the purpose for any extracted metadata; for example, view formatting or automation by using Power Automate. While Syntex is focused on classifying documents and extracting metadata, the value to quantify is what this metadata enables.
+- Be based on a defined set of data; for example, specific SharePoint sites or libraries. A common misconception of Syntex is that general purpose models can be applied across all organization content. A more accurate view is that models are built to help solve specific business problems in targeted locations.
-All of these use cases might not be a good fit for SharePoint Syntex. The goal of a quality trial isn't to prove that SharePoint Syntex will fit all the scenarios. Instead, the trial should help you better understand the value of the product.
+All of these use cases might not be a good fit for Syntex. The goal of a quality trial isn't to prove that Syntex will fit all the scenarios. Instead, the trial should help you better understand the value of the product.
-For each of the planned use cases, identify users who are subject matter experts in the related content or process. The creation of SharePoint Syntex models is focused on domain experts in the content, rather than on IT professionals or developer resources.
+For each of the planned use cases, identify users who are subject matter experts in the related content or process. The creation of Syntex models is focused on domain experts in the content, rather than on IT professionals or developer resources.
## Activate a trial When you initiate a trial, you need to: - Assign licenses to the relevant users.-- Perform [additional setup of SharePoint Syntex](set-up-content-understanding.md).
+- Perform [additional setup of Syntex](set-up-content-understanding.md).
- You might want to [create more content centers](create-a-content-center.md). After the trial is activated, you can create models and process files. See [guidance for model creation](create-a-content-center.md). ## During a trial
-Trial periods are limited, so it's best to focus initially on whether SharePoint Syntex models can classify documents and extract metadata for the defined use cases. After the trial period is over, you can evaluate how the metadata can be used.
+Trial periods are limited, so it's best to focus initially on whether Syntex models can classify documents and extract metadata for the defined use cases. After the trial period is over, you can evaluate how the metadata can be used.
## After a trial
-Based on the outcome of the trial, you can decide whether to proceed to production use of SharePoint Syntex.
+Based on the outcome of the trial, you can decide whether to proceed to production use of Syntex.
### Proceed to production use
-To ensure continuity of service, you need to purchase the required number of [licenses](syntex-licensing.md) and assign those licenses to users. Trial users who don't have a full license at the end of the trial period won't be able to fully use SharePoint Syntex.
+To ensure continuity of service, you need to purchase the required number of [licenses](syntex-licensing.md) and assign those licenses to users. Trial users who don't have a full license at the end of the trial period won't be able to fully use Syntex.
You might have to estimate your projected use of form processing and plan for the expected number of AI Builder credits. For help, see [Estimate the AI Builder capacity that's right for you](https://powerapps.microsoft.com/ai-builder-calculator/).
If you don't purchase licenses following the trial:
- Libraries that were running models will no longer automatically classify files or extract models. - Any previously classified files or extracted metadata won't be affected. - Content centers and any document understanding models won't be automatically deleted. These will remain available for use if you decide to purchase licenses in the future.-- Form processing models will be stored in the Dataverse (previously named Common Data Service (CDS)) instance of the default Power Platform environment. These could be used with future licensing for SharePoint Syntex or with AI Builder capabilities in the Power Platform.
+- Form processing models will be stored in the Dataverse (previously named Common Data Service (CDS)) instance of the default Power Platform environment. These could be used with future licensing for Syntex or with AI Builder capabilities in the Power Platform.
## See also
-[Get started driving adoption of SharePoint Syntex](adoption-getstarted.md)
+[Get started driving adoption of Microsoft Syntex](adoption-getstarted.md)
-[Scenarios and use cases for SharePoint Syntex](adoption-scenarios.md)
+[Scenarios and use cases for Microsoft Syntex](adoption-scenarios.md)
contentunderstanding Use Content Center Site https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/use-content-center-site.md
Title: Use the Content Center site template for Microsoft SharePoint Syntex
+ Title: Use the Content Center site template for Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to provision and use the Content Center site template in Microsoft SharePoint Syntex.
+description: Learn how to provision and use the Content Center site template in Microsoft Syntex.
-# Use the Content Center site template for Microsoft SharePoint Syntex
+# Use the Content Center site template for Microsoft Syntex
-The SharePoint Syntex Content Center site is a ready-to-deploy instructional SharePoint site template designed to help you better understand SharePoint Syntex capabilities.
+The Microsoft Syntex Content Center site is a ready-to-deploy instructional SharePoint site template designed to help you better understand Syntex capabilities.
-You'll be introduced to the tools and information youΓÇÖll need to create and train your own models. You'll then be able to use this site as a central content repository or as the control center for managing your own SharePoint Syntex models.
+You'll be introduced to the tools and information youΓÇÖll need to create and train your own models. You'll then be able to use this site as a central content repository or as the control center for managing your own Syntex models.
![Screenshot of the Content Center site template home page.](../media/content-understanding/content-center-site-home-page.png)
-In this site, models can be trained and evaluated using your own content. However, to apply the models to libraries, a license for SharePoint Syntex is required.
+In this site, models can be trained and evaluated using your own content. However, to apply the models to libraries, a license for Syntex is required.
## Provision the site
The Content Center site can be provisioned from the [SharePoint look book servic
> [!NOTE] > You must be a global administrator or SharePoint administrator in Microsoft 365 to provision the site.
-1. From the main page of the [SharePoint look book](https://lookbook.microsoft.com/), on the **View the designs** menu, select **SharePoint Syntex** > **SharePoint Syntex Content Center**.
+1. From the main page of the [SharePoint look book](https://lookbook.microsoft.com/), on the **View the designs** menu, select **Syntex** > **Syntex Content Center**.
2. On the **Content Center** page, select **Add to your tenant**.
The Content Center site can be provisioned from the [SharePoint look book servic
4. Select **Provision**, and in a short time your site will be ready for you to use. YouΓÇÖll get an email (sent to the email address you provided) indicating that your request to provision the Content Center site template is completed.
-5. Select **Open site**, and youΓÇÖll see your Content Center site. From here, you can explore the site and learn more about SharePoint Syntex.
+5. Select **Open site**, and youΓÇÖll see your Content Center site. From here, you can explore the site and learn more about Syntex.
For more information about provisioning from the SharePoint look book service, see [Provision a new learning pathways solution](/office365/customlearning/custom_provision). ## Explore the site
-The Content Center site includes pre-populated pages that walk you through the steps to begin using SharePoint Syntex in your organization.
+The Content Center site includes pre-populated pages that walk you through the steps to begin using Syntex in your organization.
-### Get started with SharePoint Syntex
+### Get started with Syntex
-Get an introduction to SharePoint Syntex and learn how you can use it for your organization. Watch a video that gives you an overview of SharePoint Syntex, and find training to help you get started.
+Get an introduction to Syntex and learn how you can use it for your organization. Watch a video that gives you an overview of Syntex, and find training to help you get started.
### Learn about model types
Learn about three types of models, and see how you can use them to resolve busin
See how to build a document understanding model in the models library, and then enable a pretrained sample model.
-### SharePoint Syntex in six simple steps
+### Syntex in six simple steps
Begin with a content center, and then learn step-by-step how to create models to identify, classify, and extract the information you need. ### Streamline everyday processes and tasks
-Learn how to use SharePoint Syntex to take what is manual and turn it into something automated and streamlined for your organization.
+Learn how to use Syntex to take what is manual and turn it into something automated and streamlined for your organization.
### Manage compliance
See how content is used to illustrate model activity and to provide more informa
### Find additional resources
-Discover additional resources and scenarios to help you learn more about SharePoint Syntex.
+Discover additional resources and scenarios to help you learn more about Syntex.
contentunderstanding Use Contracts Management Site https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/use-contracts-management-site.md
Title: Use the Contracts Management site template for Microsoft SharePoint Syntex
+ Title: Use the Contracts Management site template for Microsoft Syntex
- enabler-strategic - m365initiative-syntex ms.localizationpriority: medium
-description: Learn how to provision, use, and customize the Contracts Management site template in Microsoft SharePoint Syntex.
+description: Learn how to provision, use, and customize the Contracts Management site template in Microsoft Syntex.
-# Use the Contracts Management site template for Microsoft SharePoint Syntex
+# Use the Contracts Management site template for Microsoft Syntex
-The Contracts Management site is a ready-to-deploy and customizable SharePoint site template that helps your organization maximize the value of SharePoint Syntex. The site is designed to let you create a professional site to manage, process, and track the status of contracts in your organization.
+The Contracts Management site is a ready-to-deploy and customizable SharePoint site template that helps your organization maximize the value of Microsoft Syntex. The site is designed to let you create a professional site to manage, process, and track the status of contracts in your organization.
## Features of the site
The Contracts Management site is a ready-to-deploy and customizable SharePoint s
The Contract Management site includes pre-populated pages, web parts, and site navigation. The site can be customized to incorporate your organization's own branding, employee information, policy and planning information, workflow, contacts, and resources.
-The site uses the power of a SharePoint Syntex model running on a SharePoint document library to classify documents and extract metadata. The site provides prebuilt document libraries to get you started quickly, but you can also create your own as needed. The site includes the following featured libraries:
+The site uses the power of a Syntex model running on a SharePoint document library to classify documents and extract metadata. The site provides prebuilt document libraries to get you started quickly, but you can also create your own as needed. The site includes the following featured libraries:
- **Regions** ΓÇô Classify contract documents by geographical area, country, or region.
The site uses the power of a SharePoint Syntex model running on a SharePoint doc
- **Models** ΓÇô Use the model in this library to classify documents and extract metadata. Users can create their own models to fit their needs and add them to this library. -- **Sample contracts library** ΓÇô Find files that were classified and have had metadata extracted using the SharePoint Syntex model.
+- **Sample contracts library** ΓÇô Find files that were classified and have had metadata extracted using the Syntex model.
There is a separate view in the library where you can track other metadata such as status, and that uses document library formatting to show it in a more visual way.
The Contracts Management site can be provisioned from the [SharePoint look book
![Screenshot of the Contracts Management site template provisioning page.](../media/content-understanding/contracts-management-site-provisioning-page.png) > [!NOTE]
-> You must be a global administrator or SharePoint administrator in Microsoft 365 to provision the site. You also must have a SharePoint Syntex license to add this site template to your organization.
+> You must be a global administrator or SharePoint administrator in Microsoft 365 to provision the site. You also must have a Syntex license to add this site template to your organization.
-1. From the main page of the [SharePoint look book](https://lookbook.microsoft.com/), on the **View the designs** menu, select **SharePoint Syntex** > **SharePoint Syntex Contracts Management**.
+1. From the main page of the [SharePoint look book](https://lookbook.microsoft.com/), on the **View the designs** menu, select **Syntex** > **Syntex Contracts Management**.
2. On the **Contracts Management** page, select **Add to your tenant**.
You have control of the site navigation for the Contracts Management site. Use t
The Contracts Management site contains the components you need to get started, but you can also include additional components, such as: - Use a [Power Automate flow](/power-automate/getting-started) to trigger a workflow when a new contract is added to the **Contract requests** library.-- Build additional [SharePoint Syntex models](/microsoft-365/contentunderstanding/#models).
+- Build additional [Syntex models](/microsoft-365/contentunderstanding/#models).
- Use the [content assembly](content-assembly.md) feature on the **Templates** library.-- Create a [contracts management solution](solution-manage-contracts-in-microsoft-365.md) by using SharePoint Syntex together with other components of Microsoft 365.
+- Create a [contracts management solution](solution-manage-contracts-in-microsoft-365.md) by using Syntex together with other components of Microsoft 365.
## Share the site with others
enterprise Cross Tenant Onedrive Migration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cross-tenant-onedrive-migration.md
+
+ Title: Cross-tenant OneDrive migration
+++
+recommendations: true
+audience: ITPro
++
+ms.localizationpriority: high
+
+- SPMigration
+- M365-collaboration
+- m365initiative-migratetom365
+search.appverid: MET150
+description: "Cross-tenant OneDrive migration"
++
+# Cross-tenant OneDrive migration
+
+>[!Note]
+> Information in this article refers to **Cross-tenant OneDrive migration**. [Learn about about the cross-tenant Mailbox migration here](/microsoft-365/enterprise/cross-tenant-mailbox-migration)
+
+During mergers or divestitures, you commonly need the ability to move your user OneDrive accounts into a new Microsoft 365 tenant. With Cross-tenant OneDrive migration, tenant administrators can use familiar tools like *SharePoint Online PowerShell* to transition users into their new organization.
+
+SharePoint administrators of two separate tenants can use the *Set-SPOCrossTenantRelationship* cmdlet to establish an organization relationship, and the *Start-SPOCrossTenantUserContentMove* command to begin Cross-tenant OneDrive moves.
+
+Up to 4,000 OneDrive accounts can be scheduled for migration in advance at a given time. Once scheduled, migrations occur without the user's data ever leaving the Microsoft 365 cloud and with minimal disruption, requiring only a few minutes where a user's OneDrive will be read-only. When migrations are complete, a redirect is placed in the location of the user's original OneDrive, so any links to files and folders can continue working in the new location.
+
+>[!Important]
+>- Each user having their OneDrive migrated cross-tenant must be licensed for Cross-tenant User Data Migration.
+>- Cross-tenant OneDrive migration cannot be used for customers using Service Encryption with Microsoft Purview Customer Key. [Learn about Service encryption with Microsoft Purview Customer Key - Microsoft Purview](/microsoft-365/compliance/customer-key-overview?view=o365-worldwide)
enterprise Microsoft 365 U S Government Gcc High Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints.md
Title: "Office 365 U.S. Government GCC High endpoints"
Previously updated : 06/29/2022 Last updated : 09/29/2022 audience: ITPro
Office 365 requires connectivity to the Internet. The endpoints below should be
|Notes|Download| |||
-|**Last updated:** 06/29/2022 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
+|**Last updated:** 09/29/2022 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
| Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
enterprise Move Onedrive Between Geo Locations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/move-onedrive-between-geo-locations.md
To ensure that all geo locations are compatible, run:
Get-SPOGeoMoveCrossCompatibilityStatus ```
-You will see a list of your geo locations and whether content can be moved between will be denoted as "Compatible". If the command returns "Incompatible" please retry validating the status at a later date.
+This will display all your geo locations and whether the environment is compatible with the destination geo location. If a geo location is incompatible, that means an update is in progress in that location. Try again in a few days.
If a OneDrive contains a subsite, for example, it cannot be moved. You can use the Start-SPOUserAndContentMove cmdlet with the -ValidationOnly parameter to validate if the OneDrive is able to be moved:
enterprise Move Sharepoint Between Geo Locations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/move-sharepoint-between-geo-locations.md
We do not support moving sites with:
- InfoPath forms - Information Rights Management (IRM) templates applied
-To ensure all geo locations are compatible, run `Get-SPOGeoMoveCrossCompatibilityStatus`. This will display all your geo locations and whether the environment is compatible with the destination geo location.
+To ensure all geo locations are compatible, run `Get-SPOGeoMoveCrossCompatibilityStatus`. This will display all your geo locations and whether the environment is compatible with the destination geo location. If a geo location is incompatible, that means an update is in progress in that location. Try again in a few days.
To perform a validation-only check on your site, use `Start-SPOSiteContentMove` with the `-ValidationOnly` parameter to validate if the site is able to be moved. For example:
frontline Deploy Teams At Scale https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/deploy-teams-at-scale.md
This article walks you through how to deploy Teams at scale.
## Set up and deploy your teams
-> [!NOTE]
-> Before you deploy your teams, make sure that all teams owners have a Teams license.
+> [!IMPORTANT]
+> Team owners must have a Teams license. Before you use these steps to deploy your teams, make sure that all teams owners have a license.
Follow these steps to deploy up to 500 teams at a time.
frontline Flw Devices https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/flw-devices.md
In some cases, users may be reluctant to enroll their personal devices into mana
To learn more, see ["Personal devices vs Organization-owned devices" in the Intune planning guide](/mem/intune/fundamentals/intune-planning-guide#personal-devices-vs-organization-owned-devices) and [Deployment guidance: Enroll devices in Microsoft Intune](/mem/intune/fundamentals/deployment-guide-enrollment).
-### Off-shift access controls in Teams
-
-Off-shift access controls help you limit access to Teams when employees are off shift. With this feature, you can set Teams to display a message when employees access the app outside working hours. They must accept the message before they can use Teams.
-
-The default message notifies the employee that they wonΓÇÖt be paid for time spent on Teams outside working hours. You can use the default message, choose a pre-defined message, or display your own. This feature helps ensure employees arenΓÇÖt involuntarily working when not on shift and helps to comply with labor regulations.
-
-To learn more, see [Off shift access to Teams](manage-shift-based-access-flw.md#off-shift-access-to-teams).
- ## Related articles - [Frontline worker management](/azure/active-directory/fundamentals/frontline-worker-management)
frontline Flw Technical Planning Guide Deployment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/flw-technical-planning-guide-deployment.md
+
+ Title: Technical planning guide for deploying frontline solutions
+++++
+audience: admin
+
+search.appverid: MET150
+description: Use this guide to help your technical teams plan and deploy MicrosoftΓÇÖs frontline solution in the context of your organizationΓÇÖs existing deployment infrastructure and core business apps.
+ms.localizationpriority: high
+
+ - M365-collaboration
+ - m365-frontline
+ - highpri
+appliesto:
+ - Microsoft 365 for frontline workers
+++
+# Technical planning guide for deploying frontline solutions (white paper)
+
+Technical teams who are involved in planning and implementing a frontline solution must understand frontline workers' day-to-day experiences, needs and challenges, and adopt new practices for managing user access and application service delivery for a mobile-only workforce.
+
+Use this guide to help you plan and deploy Microsoft's frontline solution in the context of your organization's existing infrastructure and core business apps. This guide covers the following areas:
+
+- Overview of Microsoft's frontline solution
+- Frontline deployment architecture
+- Frontline deployment process
+
+[Download the guide](https://go.microsoft.com/fwlink/?linkid=2211637).
frontline Manage Shift Based Access Flw https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/manage-shift-based-access-flw.md
appliesto:
# Manage shift-based access for frontline workers in Teams
-## Overview
+> [!IMPORTANT]
+> This feature has been deprecated.
+## Overview
Presence in Microsoft Teams indicates a user's current availability and status to other users. The presence of frontline workers is often less predictable than other staff as their working hours are typically not the same each day. As an admin, you can configure Teams to show a set of shift-based presence states for the frontline workers in your organization to indicate when they are on and off shift.
In this example, we assign a policy named Off Shift Teams Access Custom Message
Grant-CsTeamsShiftsPolicy -Identity remy@contoso.com -PolicyName "Off Shift Teams Access Custom Message" ```
-## Related topics
+## Related articles
- [Manage the Shifts app for your organization in Teams](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json) - [Teams PowerShell overview](/microsoftteams/teams-powershell-overview)
frontline Pin Teams Apps Based On License https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/pin-teams-apps-based-on-license.md
With the tailored frontline app experience, your frontline workers get the most
Apps are pinned to the app bar, which is the bar at the bottom of the Teams mobile clients (iOS and Android) and on the side of the Teams desktop client. The following apps are pinned for users who have an [F license](https://www.microsoft.com/microsoft-365/enterprise/frontline#office-SKUChooser-0dbn8nt):
+- [Viva Connections](https://support.microsoft.com/office/your-intranet-is-now-in-microsoft-teams-8b4e7f76-f305-49a9-b6d2-09378476f95b) ([coming soon](#coming-soon))
- [Activity](https://support.microsoft.com/office/explore-the-activity-feed-in-teams-91c635a1-644a-4c60-9c98-233db3e13a56) - [Chat](https://support.microsoft.com/office/get-started-with-chat-0b506ce2-eb6d-4fca-9668-e56980ba755e) - [Teams](https://support.microsoft.com/office/teams-and-channels-in-microsoft-teams-c6d0e61d-a61e-44a6-a972-04f2a8fa4155)
The feature is off. | The frontline worker gets the apps defined in the global
> [!NOTE] > You can't change the apps or order of apps in the tailored frontline app experience. For now, if you want to make changes, you can set up your own custom experience. To do this, first turn off the feature. Then, [create a custom app setup policy](/microsoftteams/teams-app-setup-policies), and [assign it to users or groups](/microsoftteams/assign-policies-users-and-groups).
+### Coming soon
+
+ Viva Connections will soon be part of the frontline tailored apps experience. Frontline users who see the tailored app experience will have Viva Connections pinned in the first position on both mobile and desktop.
+
+This experience includes a default dashboard with relevant frontline cards such as Tasks, Shifts, Approvals, and Top News that can be customized to fit the needs of your organization. If your organization has already set up a Viva Connections home site, it will take precedence over the default experience. To learn more, see the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=99706).
+
+**Teams mobile**
++
+**Teams desktop**
++ ## Related articles - [Manage the Walkie Talkie app in Teams](/microsoftteams/walkie-talkie?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)
frontline Schedule Owner For Shift Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/schedule-owner-for-shift-management.md
Grant-CsTeamsShiftsPolicy -Identity remy@contoso.com -PolicyName ScheduleOwnerPo
## Related articles -- [Manage the Shifts app for your organization in Teams](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)-- [Manage shift-based access for frontline workers in Teams](manage-shift-based-access-flw.md)
+- [Manage the Shifts app for your organization in Teams](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)
frontline Shifts Connector Ukg Known Issues https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/shifts-connector-ukg-known-issues.md
To work around this issue, keep the time zone setting as is.
The start and end break capability of the time clock feature isn't supported in an integration with UKG Dimensions. Users won't be able to clock out or clock in to a break, even though the buttons are displayed in Shifts.
+## Availability settings of users don't apply to the current week
+
+Teams mobile users can set their personal availability in Shifts. However, if a user sets their availability after the day that's established as the start of the week in UKG Dimensions, their availability applies to the following week onwards and not to the current week. For example, Sunday is set as the start of the week in UKG Dimensions, and on Monday of the current week, a user changes their availability for Thursday and Friday. In this scenario, their availability settings are applied to the following week.
+
+## Users see a red "X" when a coworker accepts their swap request and the manager declines the request
+
+Currently, if a user creates a swap request with a coworker and the coworker accepts the request but the manager denies it, the user unexpectedly sees a red "X" next to both the coworker's and manager's response.
+
+The correct, expected behavior is a green check mark to indicate that the coworker accepted the request and a red "X" to indicate that the manager denied the request.
+ ## A user canΓÇÖt perform some actions in Shifts in the Teams web app after signing in with a different account This issue can occur if a user who has multiple accounts in Teams performs actions in Shifts that require single sign-on (SSO) in UKG Dimensions and that user switches accounts in the Teams web app in the same browser.
For example, a user signs in to Teams, approves a time off request, and then sig
In this scenario, a caching issue occurs in which the user is signed in to Teams and Shifts on one account and signed in to UKG Dimensions on the other account.
-To work around this issue, do one of the following:
+To work around this issue, do one of the following actions:
- Clear cookies and site data for the mykronos.com site in the browser. To learn more, see [Delete cookies in Microsoft Edge](https://support.microsoft.com/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09) or [Clear, enable, and manage cookies in Chrome](https://support.google.com/chrome/answer/95647). - Use the Teams web app in an InPrivate window in Microsoft Edge or in Incognito mode in Google Chrome.
frontline Shifts Connectors https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/shifts-connectors.md
The Teams Shifts connector for UKG Dimensions is a first-party offering that's h
Frontline managers can: - Publish shifts and schedules in UKG Dimensions and view them in Shifts.-- Create, manage, and assign open shifts in UKG Dimensions and view them in both UKG Dimensions and Shifts.
+- Create, view, manage, and assign open shifts in UKG Dimensions and Shifts on Teams desktop and Teams web app. (Currently, managers can't view or assign open shifts in Shifts on Teams mobile.)
- Create, edit, and delete time off in UKG Dimensions and view in Shifts. - View and approve schedule requests from workers in both UKG Dimensions and Shifts. - Set and update worker availability in UKG Dimensions and view in Shifts.
Frontline workers can:
- Request time off, view time off information, and view their team's open shifts in Shifts. - View and post timecard entries in Shifts. - Request open shifts and swap shifts in Shifts.-- Set their availability in Shifts.
+- Set their availability in Shifts on Teams mobile.
The following actions are currently not supported:
security TOC https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/TOC.md
## [Evaluate capabilities](evaluation-lab.md) ### [Microsoft defender for endpoint demonstrations]() #### [Microsoft Defender for Endpoint demonstration scenarios](defender-endpoint-demonstrations.md)
-#### [App reputation demonstrations](defender-endpoint-demonstration-app-reputation.md)
+#### [App reputation demonstration](defender-endpoint-demonstration-app-reputation.md)
#### [Attack surface reduction rules demonstrations](defender-endpoint-demonstration-attack-surface-reduction-rules.md)
-#### [Block at First Sight \(BAFS\) demonstration)](defender-endpoint-demonstration-block-at-first-sight-bafs.md)
+#### [Block at First Sight (BAFS) demonstration](defender-endpoint-demonstration-block-at-first-sight-bafs.md)
#### [Cloud-delivered protection demonstration](defender-endpoint-demonstration-cloud-delivered-protection.md)
-#### [Controlled folder access \(CFA\) demonstration test tool](defender-endpoint-demonstration-controlled-folder-access-test-tool.md)
-#### [Controlled folder access \(CFA\) demonstration](defender-endpoint-demonstration-controlled-folder-access.md)
-#### [Exploit protection \(EP\) demonstrations](defender-endpoint-demonstration-exploit-protection.md)
-#### [Network protection demonstration](defender-endpoint-demonstration-network-protection.md)
-#### [Potentially unwanted applications \(PUA\) demonstration](defender-endpoint-demonstration-potentially-unwanted-applications.md)
+#### [Controlled folder access (CFA) demonstration (block script)](defender-endpoint-demonstration-controlled-folder-access-test-tool.md)
+#### [Controlled folder access (CFA) demonstrations (block ransomware)](defender-endpoint-demonstration-controlled-folder-access.md)
+#### [Exploit protection (EP) demonstrations](defender-endpoint-demonstration-exploit-protection.md)
+#### [Network protection demonstrations](defender-endpoint-demonstration-network-protection.md)
+#### [Potentially unwanted applications (PUA) demonstration](defender-endpoint-demonstration-potentially-unwanted-applications.md)
#### [URL reputation demonstrations](defender-endpoint-demonstration-smartscreen-url-reputation.md) ## [Plan deployment](deployment-strategy.md)
### Next-generation protection #### [Next-generation protection overview](next-generation-protection.md) ##### [Overview of Microsoft Defender Antivirus](microsoft-defender-antivirus-windows.md)
+##### [Microsoft Defender Antivirus on Windows Server](microsoft-defender-antivirus-on-windows-server.md)
##### [Enable and update Microsoft Defender Antivirus on Windows Server](enable-update-mdav-to-latest-ws.md) ##### [Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](why-use-microsoft-defender-antivirus.md) ##### [Better together: Microsoft Defender Antivirus and Office 365](office-365-microsoft-defender-antivirus.md)
#### [Configure AIR capabilities](configure-automated-investigations-remediation.md) #### [View the details and results of an automated investigation](autoir-investigation-results.md)
-### [Microsoft Threat Experts]()
-#### [Microsoft Threat Experts overview](microsoft-threat-experts.md)
-#### [Configure and manage Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
- ### [Next generation protection]() #### [Run and customize scheduled and on-demand scans](customize-run-review-remediate-scans-microsoft-defender-antivirus.md)
+## [Endpoint Attack Notifications](endpoint-attack-notifications.md)
+
+### [Experts on Demand](experts-on-demand.md)
+ ## Reference ### [Understand threat intelligence concepts](threat-indicator-concepts.md) ### [Configure integration with other Microsoft solutions]()
security Advanced Features https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/advanced-features.md
Depending on the Microsoft security products that you use, some advanced feature
1. In the navigation pane, select **Settings** \> **Endpoints** \> **Advanced features**. 2. Select the advanced feature you want to configure and toggle the setting between **On** and **Off**.
-3. Click **Save preferences**.
+3. Select **Save preferences**.
Use the following advanced features to get better protected from potentially malicious files and gain better insight during security investigations.
Enabling this feature allows you to run unsigned scripts in a live response sess
Potentially unwanted applications (PUA) are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software, which might be unexpected or unwanted.
-Turn on this feature so that potentially unwanted applications (PUA) are remediated on all devices in your tenant even if PUA protection is not configured on the devices. This activation of the feature helps to protect users from inadvertently installing unwanted applications on their device. When turned off, remediation is dependent on the device configuration.
+Turn on this feature so that potentially unwanted applications (PUA) are remediated on all devices in your tenant even if PUA protection isn't configured on the devices. This activation of the feature helps to protect users from inadvertently installing unwanted applications on their device. When turned off, remediation is dependent on the device configuration.
## Restrict correlation to within scoped device groups
When you turn on this feature, you'll be able to incorporate data from Microsoft
To receive contextual device integration in Office 365 Threat Intelligence, you'll need to enable the Defender for Endpoint settings in the Security & Compliance dashboard. For more information, see [Threat investigation and response](/microsoft-365/security/office-365-security/office-365-ti).
-## Microsoft Threat Experts - Targeted Attack Notifications
+## Endpoint Attack Notifications
-Out of the two Microsoft Threat Expert components, targeted attack notification is in general availability. Experts-on-demand capability is still in preview. You can only use the experts-on-demand capability if you've applied for preview and your application has been approved. You can receive targeted attack notifications from Microsoft Threat Experts through your Defender for Endpoint portal's alerts dashboard and via email if you configure it.
+Endpoint Attack Notifications enable Microsoft to actively hunt for critical threats to be prioritized based on urgency and impact over your endpoint data.
-> [!NOTE]
-> The Microsoft Threat Experts capability in Defender for Endpoint is available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security).
+For proactive hunting across the full scope of Microsoft 365 DefenderΓÇöincluding threats that span email, collaboration, identity, cloud applications, as and endpointsΓÇö[learn more](https://aka.ms/DefenderExpertsForHuntingGetStarted) about Microsoft Defender Experts.
## Microsoft Defender for Cloud Apps
Enabling this setting forwards Defender for Endpoint signals to Microsoft Defend
To receive contextual device integration in Microsoft Defender for Identity, you'll also need to enable the feature in the Microsoft Defender for Identity portal.
-1. Log in to the [Microsoft Defender for Identity portal](https://portal.atp.azure.com/) with a Global Administrator or Security Administrator role.
+1. Sign in to the [Microsoft Defender for Identity portal](https://portal.atp.azure.com/) with a Global Administrator or Security Administrator role.
-2. Click **Create your instance**.
+2. Select **Create your instance**.
-3. Toggle the Integration setting to **On** and click **Save**.
+3. Toggle the Integration setting to **On** and select **Save**.
After completing the integration steps on both portals, you'll be able to see relevant alerts in the device details or user details page.
security Attack Surface Reduction Rules Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference.md
- m365-security - tier2-- Last updated 08/10/2022
+- Last updated 10/07/2022
search.appverid: met150
The following table lists the supported operating systems for rules that are cur
Links to information about configuration management system versions referenced in this table are listed below this table.
-|Rule name | Intune | Microsoft Endpoint Manager |Microsoft Endpoint Configuration Manager |Group Policy<sup>[[1](#fn1)]<sup></sup> | PowerShell<sup>[[1](#fn1)]<sup></sup> |
-||::|::|::|::|::|
-|[Block abuse of exploited vulnerable signed drivers](#block-abuse-of-exploited-vulnerable-signed-drivers) | Y | Y MEM OMA-URI | | Y | Y |
-|[Block Adobe Reader from creating child processes](#block-adobe-reader-from-creating-child-processes) | Y | | | Y | Y |
-|[Block all Office applications from creating child processes](#block-all-office-applications-from-creating-child-processes) | Y | |Y <br><br> CB 1710 | Y | Y |
-|[Block credential stealing from the Windows local security authority subsystem (lsass.exe)](#block-credential-stealing-from-the-windows-local-security-authority-subsystem) | Y | | Y <br><br>CB 1802 | Y | Y |
-|[Block executable content from email client and webmail](#block-executable-content-from-email-client-and-webmail) | Y | |Y <br><br> CB 1710 | Y | Y |
-|[Block executable files from running unless they meet a prevalence, age, or trusted list criterion](#block-executable-files-from-running-unless-they-meet-a-prevalence-age-or-trusted-list-criterion) | Y | | Y <br><br> CB 1802 | Y | Y |
-|[Block execution of potentially obfuscated scripts](#block-execution-of-potentially-obfuscated-scripts) | Y | | Y <br><br> CB 1710 | Y | Y |
-|[Block JavaScript or VBScript from launching downloaded executable content](#block-javascript-or-vbscript-from-launching-downloaded-executable-content) | Y | | Y <br><br> CB 1710 | Y | Y |
-|[Block Office applications from creating executable content](#block-office-applications-from-creating-executable-content) | Y | |Y <br><br> CB 1710 | Y | Y |
-|[Block Office applications from injecting code into other processes](#block-office-applications-from-injecting-code-into-other-processes) | Y | | Y <br><br> CB 1710 | Y | Y |
-|[Block Office communication application from creating child processes](#block-office-communication-application-from-creating-child-processes) | Y | |Y <br><br> CB 1710 | Y | Y |
-|[Block persistence through WMI event subscription](#block-persistence-through-wmi-event-subscription) | | | |Y | Y |
-|[Block process creations originating from PSExec and WMI commands](#block-process-creations-originating-from-psexec-and-wmi-commands) | Y | | | Y | Y |
-|[Block untrusted and unsigned processes that run from USB](#block-untrusted-and-unsigned-processes-that-run-from-usb) | Y | |Y <br><br> CB 1802 | Y | Y |
-|[Block Win32 API calls from Office macros](#block-win32-api-calls-from-office-macros) | Y | | Y <br><br> CB 1710 | Y | Y |
-|[Use advanced protection against ransomware](#use-advanced-protection-against-ransomware) | Y | | Y <br><br> CB 1802 | Y | Y |
+|Rule name | Microsoft Intune | Microsoft Endpoint Configuration Manager |Group Policy<sup>[[1](#fn1)]<sup></sup> | PowerShell<sup>[[1](#fn1)]<sup></sup> |
+||::|::|::|::|
+|[Block abuse of exploited vulnerable signed drivers](#block-abuse-of-exploited-vulnerable-signed-drivers) | Y | | Y | Y |
+|[Block Adobe Reader from creating child processes](#block-adobe-reader-from-creating-child-processes) | Y | | Y | Y |
+|[Block all Office applications from creating child processes](#block-all-office-applications-from-creating-child-processes) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block credential stealing from the Windows local security authority subsystem (lsass.exe)](#block-credential-stealing-from-the-windows-local-security-authority-subsystem) | Y | Y <br><br>CB 1802 | Y | Y |
+|[Block executable content from email client and webmail](#block-executable-content-from-email-client-and-webmail) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block executable files from running unless they meet a prevalence, age, or trusted list criterion](#block-executable-files-from-running-unless-they-meet-a-prevalence-age-or-trusted-list-criterion) | Y | Y <br><br> CB 1802 | Y | Y |
+|[Block execution of potentially obfuscated scripts](#block-execution-of-potentially-obfuscated-scripts) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block JavaScript or VBScript from launching downloaded executable content](#block-javascript-or-vbscript-from-launching-downloaded-executable-content) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block Office applications from creating executable content](#block-office-applications-from-creating-executable-content) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block Office applications from injecting code into other processes](#block-office-applications-from-injecting-code-into-other-processes) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block Office communication application from creating child processes](#block-office-communication-application-from-creating-child-processes) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Block persistence through WMI event subscription](#block-persistence-through-wmi-event-subscription) |Y | |Y | Y |
+|[Block process creations originating from PSExec and WMI commands](#block-process-creations-originating-from-psexec-and-wmi-commands) | Y | | Y | Y |
+|[Block untrusted and unsigned processes that run from USB](#block-untrusted-and-unsigned-processes-that-run-from-usb) | Y |Y <br><br> CB 1802 | Y | Y |
+|[Block Win32 API calls from Office macros](#block-win32-api-calls-from-office-macros) | Y |Y <br><br> CB 1710 | Y | Y |
+|[Use advanced protection against ransomware](#use-advanced-protection-against-ransomware) | Y |Y <br><br> CB 1802 | Y | Y |
(<a id="fn1">1</a>) You can configure attack surface reduction rules on a per-rule basis by using any rule's GUID.
security Configure Microsoft Threat Experts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts.md
search.appverid: met150
-# Configure and manage Microsoft Threat Experts capabilities
+# Configure and manage Microsoft Defender Experts capabilities
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
search.appverid: met150
Ensure that you have Defender for Endpoint deployed in your environment with devices enrolled, and not just on a laboratory set-up.
-If you're a Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly. Contact your account team or Microsoft representative to subscribe to **Microsoft Threat Experts - Experts on Demand** to consult with our threat experts on relevant detections and adversaries.
+If you're a Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly. Contact your account team or Microsoft representative to subscribe to **Microsoft Defender Experts - Experts on Demand** to consult with our threat experts on relevant detections and adversaries.
## Apply for Endpoint Attack Notifications service
If you're already a Defender for Endpoint customer, you can apply through the Mi
2. Click **Apply**.
- :::image type="content" source="images/mte-collaboratewithmte.png" alt-text="The Microsoft Threat Experts settings" lightbox="images/mte-collaboratewithmte.png":::
+ :::image type="content" source="images/mte-collaboratewithmte.png" alt-text="The Microsoft Defender Experts settings" lightbox="images/mte-collaboratewithmte.png":::
3. Enter your name and email address so that Microsoft can get back to you on your application.
- :::image type="content" source="images/mte-apply.png" alt-text="The Name field on the Microsoft Threat Experts application page" lightbox="images/mte-apply.png":::
+ :::image type="content" source="images/mte-apply.png" alt-text="The Name field on the Microsoft Defender Experts application page" lightbox="images/mte-apply.png":::
4. Read the [privacy statement](https://privacy.microsoft.com/privacystatement), then click **Submit** when you're done. You'll receive a welcome email once your application is approved.
- :::image type="content" source="images/mte-applicationconfirmation.png" alt-text="The Microsoft Threat Experts application confirmation message" lightbox="images/mte-applicationconfirmation.png":::
+ :::image type="content" source="images/mte-applicationconfirmation.png" alt-text="The Microsoft Defender Experts application confirmation message" lightbox="images/mte-applicationconfirmation.png":::
When accepted, you'll receive a welcome email and you'll see the **Apply** button change to a toggle that is "on". In case you want to take yourself out of the Endpoint Attack Notifications service, slide the toggle "off" and click **Save preferences** at the bottom of the page.
-## Where you'll see the Endpoint Attack Notifications from Microsoft Threat Experts
+## Where you'll see the Endpoint Attack Notifications from Microsoft Defender Experts
-You can receive targeted attack notification from Microsoft Threat Experts through the following medium:
+You can receive targeted attack notification from Microsoft Defender Experts through the following medium:
- The Defender for Endpoint portal's **Incidents** page - The Defender for Endpoint portal's **Alerts** dashboard
You can create rules to send email notifications for notification recipients. Se
## View the Endpoint Attack Notifications
-You'll start receiving Endpoint Attack Notifications from Microsoft Threat Experts in your email after you've configured your system to receive email notification.
+You'll start receiving Endpoint Attack Notifications from Microsoft Defender Experts in your email after you've configured your system to receive email notification.
1. Click the link in the email to go to the corresponding alert context in the dashboard tagged with **Threat experts**.
You can filter your incidents and alerts if you want to only see the Endpoint At
2. Scroll down to the Tags field > select the **Defender Experts** check box. 3. Select **Apply**.
-## Subscribe to Microsoft Threat Experts - Experts on Demand
+## Subscribe to Microsoft Defender Experts - Experts on Demand
-This is available as a subscription service. If you're already a Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand.
+This is available as a subscription service. If you're already a Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Defender Experts - Experts on Demand.
> [!NOTE] > Experts on Demand is not a security incident response service. ItΓÇÖs intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/). ## Ask Defender Experts about suspicious cybersecurity activities in your organization
-You can partner with Microsoft Threat Experts who can be engaged directly from within the Microsoft 365 Defender portal for their response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised device, or a threat intelligence context that you see on your portal dashboard.
+You can partner with Microsoft Defender Experts who can be engaged directly from within the Microsoft 365 Defender portal for their response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised device, or a threat intelligence context that you see on your portal dashboard.
> [!NOTE] >
You can partner with Microsoft Threat Experts who can be engaged directly from w
![The Microsoft Ask Defender Experts trial subscription page](../../media/mte/flyout-screen-trial-subscription.png)
-A flyout screen opens. The following screen shows when you are on a trial subscription. The following screen shows when you are on a full Microsoft Threat Experts - Experts on Demand subscription.
+A flyout screen opens. The following screen shows when you are on a trial subscription. The following screen shows when you are on a full Microsoft Defender Experts - Experts on Demand subscription.
The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or device details page that you were at when you made the request.
-3. In the next field, provide enough information to give the Microsoft Threat Experts enough context to start the investigation.
+3. In the next field, provide enough information to give the Microsoft Defender Experts enough context to start the investigation.
-4. Enter the email address that you'd like to use to correspond with Microsoft Threat Experts.
+4. Enter the email address that you'd like to use to correspond with Microsoft Defender Experts.
> [!NOTE] > If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Customer Success Account Manager.
Watch this video for a quick overview of the Microsoft Services Hub.
> [!VIDEO <https://www.microsoft.com/videoplayer/embed/RE4pk9f>]
-## Sample investigation topics that you can consult with Microsoft Threat Experts - Experts on Demand
+## Sample investigation topics that you can consult with Microsoft Defender Experts - Experts on Demand
### Alert information
Watch this video for a quick overview of the Microsoft Services Hub.
### Defender Experts' alert communications - Can your incident response team help us address the Endpoint Attack Notifications that we got?-- I received this Endpoint Attack Notifications from Microsoft Threat Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?-- I received an Endpoint Attack Notifications from Microsoft Threat Experts. What data can you provide to us that we can pass on to our incident response team?
+- I received this Endpoint Attack Notifications from Microsoft Defender Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?
+- I received an Endpoint Attack Notifications from Microsoft Defender Experts. What data can you provide to us that we can pass on to our incident response team?
> [!NOTE]
- > Microsoft Threat Experts is a managed cybersecurity hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry.
+ > Microsoft Defender Experts is a managed cybersecurity hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry.
## Scenario ### Receive a progress report about your managed hunting inquiry
-Response from Microsoft Threat Experts varies according to your inquiry. They'll email a progress report to you about your **Ask Defender Experts** inquiry within two days, to communicate the investigation status from the following categories:
+Response from Microsoft Defender Experts varies according to your inquiry. They'll email a progress report to you about your **Ask Defender Experts** inquiry within two days, to communicate the investigation status from the following categories:
- More information is needed to continue with the investigation - A file or several file samples are needed to determine the technical context
security Configure Network Connections Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus.md
Previously updated : 06/28/2022 Last updated : 10/13/2022 - m365-security
search.appverid: met150
**Platforms** - Windows
+> [!TIP]
+> RSS feed: Get notified when this page is updated by copying and pasting the following URL into your feed reader:
+>
+> ```https
+> https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus.md.atom
+> ```
+ To ensure Microsoft Defender Antivirus cloud-delivered protection works properly, your security team must configure your network to allow connections between your endpoints and certain Microsoft servers. This article lists connections that must be allowed for using the firewall rules. It also provides instructions for validating your connection. Configuring your protection properly will ensure you receive the best value from your cloud-delivered protection services. > [!IMPORTANT]
security Configure Remediation Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-remediation-microsoft-defender-antivirus.md
Last updated 10/18/2021 -+
+- m365-security
+- tier2
search.appverid: met150
security Defender Endpoint Demonstration App Reputation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-app-reputation.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
This download is known malware; SmartScreen should block this program from runni
Launching this link should render a message similar to the following:
- :::image type="content" source="images/smartscreen-app-reputation-known-malware.png" alt-text="SmartScreen detects a file download with an unsafe reputation.; the download is blocked.":::
+ :::image type="content" source="images/smartscreen-app-reputation-known-malware.png" alt-text="Screenshot showing how SmartScreen detects a file download with an unsafe reputation.; the download is blocked.":::
## Learn more
security Defender Endpoint Demonstration Attack Surface Reduction Rules https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-attack-surface-reduction-rules.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Attack Surface Reduction (ASR) rules target specific behaviors that are typicall
- Executable files and scripts used in Office apps or web mail that attempt to download or run files - Scripts that are obfuscated or otherwise suspicious-- Behaviors that apps undertake that aren't inititated during normal day-to-day work
+- Behaviors that apps undertake that aren't initiated during normal day-to-day work
## Scenario requirements and setup
Add-MpPreference -AttackSurfaceReductionRules_Ids 01443614-CD74-433A-B99E-2ECDC0
Add-MpPreference -AttackSurfaceReductionRules_Ids 26190899-1602-49E8-8B27-EB1D0A1CE869 -AttackSurfaceReductionRules_Actions AuditMode Add-MpPreference -AttackSurfaceReductionRules_Ids 7674BA52-37EB-4A4F-A9A1-F0F9A1619A2C -AttackSurfaceReductionRules_Actions AuditMode ```
-### States
-- Enabled = Block mode (1)-- AuditMode = Audit Mode (2)-- Disabled = Off (0)+
+### Rule states
+
+|State | Mode| Numeric value |
+|:|:|:|
+| AuditMode | = Audit Mode | 2 |
+| Enabled | = Block mode | 1 |
+| Disabled | = Off | 0 |
### Verify configuration -- Get-MpPreference
+```powershell
+
+Get-MpPreference
+```
## Test files
Note - some test files have multiple exploits embedded and will trigger multiple
### Setup
-Download and run this [setup script](https://demo.wd.microsoft.com/Content/ASR_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command: Set-ExecutionPolicy Unrestricted
+Download and run this [setup script](https://demo.wd.microsoft.com/Content/ASR_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command:
+
+```powershell
+Set-ExecutionPolicy Unrestricted
+
+```
You can perform these manual steps instead: 1. Create a folder under c: named demo, "c:\demo"
-2. Save this [clean file](https://demo.wd.microsoft.com/Content/testfile_safe.txt) into c:\demo (we need something to encrypt)
+2. Save this [clean file](https://demo.wd.microsoft.com/Content/testfile_safe.txt) into c:\demo.
3. Enable all rules using the powershell commands above. ### Scenario 1: ASR blocks a test file with multiple vulnerabilities
You should immediately see an "Action blocked" notification.
### Scenario 2: ASR rule blocks the test file with the corresponding vulnerability 1. Configure the rule you want to test using the PowerShell command from above.
-2. Example: Add-MpPreference -AttackSurfaceReductionRules_Ids D4F940AB-401B-4EfC-AADC-AD5F3C50688A -AttackSurfaceReductionRules_Actions Enabled
+2. Example: `Add-MpPreference -AttackSurfaceReductionRules_Ids D4F940AB-401B-4EfC-AADC-AD5F3C50688A -AttackSurfaceReductionRules_Actions Enabled`
3. Download and open the test file/document for the rule you want to test linked above, enable editing and content if prompted 4. Example: [Block Office applications from creating child processes](https://demo.wd.microsoft.com/Content/ransomware_testfile_doc.docm) D4F940AB-401B-4EFC-AADC-AD5F3C50688A
security Defender Endpoint Demonstration Block At First Sight Bafs https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-block-at-first-sight-bafs.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Block at First Sight, is a feature of Microsoft Defender Antivirus cloud-deliver
## Scenario requirements and setup - Windows 10 Anniversary update (1607) or later-- Cloud protection enabled
+- Cloud protection is enabled
- You can [download and use the Powershell script](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/) to enable this setting and others-- Note: You should see your browser ask to save this file in a few seconds.+
+ > [!NOTE]
+ > You should see your browser ask to save this file in a few seconds.
### Test BAFS -- Click the create and download new file button-- You should see the browser scanning the file, followed by an antivirus block notification.-- [Create & download new file!](https://demowdtestground.blob.core.windows.net/samples/ztp_xzXLX_s1H8MsxK2SRlsjmzaH62cOZEaqtstGsOw/wdtestfile.exe?sv=2015-07-08&sr=b&sig=7JNcGzAYWEinuWKNmjoC6tDmEjGZMQj8rAEF9HIzJdE%3D&se=2022-09-30T18%3A29%3A28Z&sp=r)
+1. Click **Create and download new file** below.
+1. You should see the browser scanning the file, followed by an antivirus block notification.
+1. [Create & download new file!](https://demowdtestground.blob.core.windows.net/samples/ztp_xzXLX_s1H8MsxK2SRlsjmzaH62cOZEaqtstGsOw/wdtestfile.exe?sv=2015-07-08&sr=b&sig=7JNcGzAYWEinuWKNmjoC6tDmEjGZMQj8rAEF9HIzJdE%3D&se=2022-09-30T18%3A29%3A28Z&sp=r)
## See also
security Defender Endpoint Demonstration Cloud Delivered Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-cloud-delivered-protection.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Cloud-delivered protection for Microsoft Defender Antivirus, also referred to as
## Scenario requirements and setup -- Windows 7, Windows 8.1 & Windows 10
+- Windows 7, Windows 8.1, Windows 10, Windows 11
- Microsoft Defender Real-time protection is enabled - Cloud-delivered protection is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies. For more information, see [Enable cloud-delivered protection in Microsoft Defender Antivirus](/windows/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus?ocid=wd-av-demo-cloud-middle).-- You can also download and use the [PowerShell script](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/) to enable this setting and others on Windows 10.
+- You can also download and use the [PowerShell script](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/) to enable this setting and others on Windows 10 and Windows 11.
### Scenario
Cloud-delivered protection for Microsoft Defender Antivirus, also referred to as
5. If the file executes, or if you see that it was blocked by Microsoft Defender SmartScreen, cloud-delivered protection isn't working. For more information, see [Configure and validate network connections for Microsoft Defender Antivirus](/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus?ocid=wd-av-demo-cloud-middle). - ## See also [Utilize Microsoft cloud-delivered protection in Microsoft Defender Antivirus](/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus?ocid=wd-av-demo-cloud-bottom)
security Defender Endpoint Demonstration Controlled Folder Access Test Tool https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-controlled-folder-access-test-tool.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Controlled Folder Access helps you protect valuable data from malicious apps and
Set-MpPreference -EnableControlledFolderAccess <State> ```
-States:
-- Enabled = Block mode (1)-- AuditMode = Audit Mode (2)-- Disabled = Off (0)
+Rule states
+
+|State | Mode| Numeric value |
+|:|:|:|
+| AuditMode | = Audit Mode | 2 |
+| Enabled | = Block mode | 1 |
+| Disabled | = Off | 0 |
### Verify configuration ```powershell Get-MpPreference ```+ ## Scenario ### Setup
-Download and run this [setup script](https://demo.wd.microsoft.com/Content/CFA_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command: Set-ExecutionPolicy Unrestricted
+Download and run this [setup script](https://demo.wd.microsoft.com/Content/CFA_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command:
+
+```powershell
+Set-ExecutionPolicy Unrestricted
+```
You can perform these manual steps instead:
-1. Turn on CFA using powershell command: Set-MpPreference -EnableControlledFolderAccess Enabled
+
+1. Turn on CFA using powershell command:
+
+ ```powershell
+ Set-MpPreference -EnableControlledFolderAccess Enabled
+ ```
+ 2. Download the CFA [test tool](https://demo.wd.microsoft.com/Content/CFAtool.exe) 3. Execute the PowerShell commands above - ## Scenario: Use the CFA test tool to simulate an untrusted process writing to a protected folder+ 1. Launch CFA test tool 2. Select the desired folder and create file - You can find more information [here](/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
You can perform these manual steps instead:
Download and run this [cleanup script](https://demo.wd.microsoft.com/Content/ASR_CFA_CleanupScript.zip). You can perform these manual steps instead: -- Set-MpPreference -EnableControlledFolderAccess Disabled
+```powershell
+Set-MpPreference -EnableControlledFolderAccess Disabled
+```
## See also [Controlled folder access](/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
security Defender Endpoint Demonstration Controlled Folder Access https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-controlled-folder-access.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Controlled Folder Access helps you protect valuable data from malicious apps and
## PowerShell commands -- Set-MpPreference -EnableControlledFolderAccess (State)-- Set-MpPreference -ControlledFolderAccessProtectedFolders C:\demo\
+```powershell
+Set-MpPreference -EnableControlledFolderAccess (State)
+```
-States
-- Enabled = Block mode (1)-- AuditMode = Audit Mode (2)-- Disabled = Off (0)
+```powershell
+Set-MpPreference -ControlledFolderAccessProtectedFolders C:\demo\
+```
+
+## Rule states
+
+|State | Mode| Numeric value |
+|:|:|:|
+| AuditMode | = Audit Mode | 2 |
+| Enabled | = Block mode | 1 |
+| Disabled | = Off | 0 |
## Verify configuration
+```powershell
Get-MpPreference
+```
## Test file+ [CFA ransomware test file](https://demo.wd.microsoft.com/Content/ransomware_testfile_unsigned.exe) ## Scenarios ### Setup
-Download and run this [setup script](https://demo.wd.microsoft.com/Content/CFA_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command: Set-ExecutionPolicy Unrestricted
+Download and run this [setup script](https://demo.wd.microsoft.com/Content/CFA_SetupScript.zip). Before running the script set execution policy to Unrestricted using this PowerShell command:
+
+```powershell
+Set-ExecutionPolicy Unrestricted
+```
You can perform these manual steps instead:
You can perform these manual steps instead:
### Scenario 1: CFA blocks ransomware test file
-1. Turn on CFA using PowerShell command: Set-MpPreference -EnableControlledFolderAccess Enabled
-2. Add the demo folder to protected folders list using PowerShell command: Set-MpPreference -ControlledFolderAccessProtectedFolders C:\demo\
+1. Turn on CFA using PowerShell command:
+
+```powershell
+Set-MpPreference -EnableControlledFolderAccess Enabled
+```
+
+2. Add the demo folder to protected folders list using PowerShell command:
+
+```powershell
+Set-MpPreference -ControlledFolderAccessProtectedFolders C:\demo\
+```
+ 3. Download the ransomware [test file](https://demo.wd.microsoft.com/Content/ransomware_testfile_unsigned.exe) 4. Execute the ransomware test file *this isn't ransomware, it simple tries to encrypt c:\demo #### Scenario 1 expected results
-5 seconds after executing the ransomware test file you should see a notification CFA blocked it
+5 seconds after executing the ransomware test file you should see a notification CFA blocked the encryption attempt.
### Scenario 2: What would happen without CFA
-1. Turn off CFA using this PowerShell command: Set-MpPreference -EnableControlledFolderAccess Disabled
+1. Turn off CFA using this PowerShell command:
+
+```powershell
+Set-MpPreference -EnableControlledFolderAccess Disabled
+```
+ 2. Execute the ransomware [test file](https://demo.wd.microsoft.com/Content/ransomware_testfile_unsigned.exe) #### Scenario 2 expected results
You can perform these manual steps instead:
Download and run this [cleanup script](https://demo.wd.microsoft.com/Content/ASR_CFA_CleanupScript.zip). You can perform these manual steps instead: -- Set-MpPreference -EnableControlledFolderAccess Disabled-- Cleanup c:\demo encryption run the [encrypt/decrypt file](https://demo.wd.microsoft.com/Content/ransomware_cleanup_encrypt_decrypt.exe)
+```powershell
+Set-MpPreference -EnableControlledFolderAccess Disabled
+```
+
+Cleanup c:\demo encryption run the [encrypt/decrypt file](https://demo.wd.microsoft.com/Content/ransomware_cleanup_encrypt_decrypt.exe)
## See also
-[Controlled folder access](/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard?ocid=wd-av-demo-cfa-bottom)
+[Controlled folder access](/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard?ocid=wd-av-demo-cfa-bottom)
security Defender Endpoint Demonstration Exploit Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-exploit-protection.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Exploit Protection automatically applies exploit mitigation settings system wide
## Scenario requirements and setup - Windows 10 1709 build 16273
-PowerShell command
-- Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml-- Set-ProcessMitigation ΓÇôhelp
-Verify configuration
-- Get-ProcessMitigation
+- Run PowerShell commands:
+
+```powershell
+Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml
+```
+
+```powershell
+Set-ProcessMitigation ΓÇôhelp
+```
+
+- Verify configuration
+
+```powershell
+
+Get-ProcessMitigation
+```
### Sample xml file
Verify configuration
### Scenario 1: Convert EMET xml to Exploit Protection settings
-1. Convert EMET to xml, run PowerShell command: ConvertTo-ProcessMitigationPolicy
-2. Apply settings, run PowerShell command: Set-ProcessMitigation -PolicyFilePath *use the XML from the prior step*
-3. Confirm settings were applied, run PowerShell command: Get-ProcessMitigation
+1. Convert EMET to xml, run PowerShell command:
+
+```powershell
+ConvertTo-ProcessMitigationPolicy
+```
+
+2. Apply settings, run PowerShell command: *use the XML from the prior step*
+
+```powershell
+Set-ProcessMitigation -PolicyFilePath
+```
+
+3. Confirm settings were applied, run PowerShell command:
+
+```powershell
+Get-ProcessMitigation
+```
+ 4. Review the event log for application compatibility ### Scenario 2: Apply selfhost xml to Exploit Protection settings 1. Download our EP xml config file (right select, "save target as") or use your own
-2. Apply settings, run PowerShell command: Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml
-3. Confirm settings were applied, run PowerShell command: Get-ProcessMitigation
+2. Apply settings, run PowerShell command:
+
+```powershell
+Set-ProcessMitigation -PolicyFilePath ProcessMitigation.xml
+```
+
+3. Confirm settings were applied, run PowerShell command:
+
+```powershell
+Get-ProcessMitigation
+```
+ 4. Review the event log for application compatibility ## See also
security Defender Endpoint Demonstration Network Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-network-protection.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
Network Protection helps reduce the attack surface of your devices from Internet
## Scenario requirements and setup -- Windows 10 1709 build 16273
+- Windows 10 1709 build 16273, Windows 11
- Microsoft Defender Antivirus ## PowerShell command
+```powershell
Set-MpPreference -EnableNetworkProtection Enabled
+```
-### States
-- Enabled = Block mode (1)-- AuditMode = Audit Mode (2)-- Disabled = Off (0)
+## Rule states
+
+|State | Mode| Numeric value |
+|:|:|:|
+| AuditMode | = Audit Mode | 2 |
+| Enabled | = Block mode | 1 |
+| Disabled | = Off | 0 |d
## Verify configuration
+```powershell
Get-MpPreference
+```
## Scenario
-1. Turn on Network Protection using powershell command: Set-MpPreference -EnableNetworkProtection Enabled
-2. Using the browser of your choice (not Microsoft Edge*), navigate to the [Network Protection website test](https://smartscreentestratings2.net/) (Microsoft Edge has other security measures in place to protect from this vulnerability(SmartScreen)).
+1. Turn on Network Protection using powershell command:
+
+```powershell
+Set-MpPreference -EnableNetworkProtection Enabled
+
+```
+
+2. Using the browser of your choice (not Microsoft Edge*), navigate to the [Network Protection website test](https://smartscreentestratings2.net/). Microsoft Edge has other security measures in place to protect from this vulnerability (SmartScreen).
## Expected results
-Navigation to the website should be blocked and you should see a "Connection blocked" notification.
+Navigation to the website should be blocked and you should see a **Connection blocked** notification.
## Clean-up
+```powershell
Set-MpPreference -EnableNetworkProtection Disabled
+```
## See also
security Defender Endpoint Demonstration Potentially Unwanted Applications https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-potentially-unwanted-applications.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
The Potentially Unwanted Applications (PUA) protection feature in Microsoft Defe
## Scenario requirements and setup -- Windows 10
+- Windows 10, Windows 11
- Enable PUA protection. See the [Detect and block Potentially Unwanted Applications](detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md) article for more information. - You can also [download and use the PowerShell script](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/) to enable this setting and others.
security Defender Endpoint Demonstration Smartscreen Url Reputation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-smartscreen-url-reputation.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
security Defender Endpoint Demonstrations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstrations.md
ms.mktglfcycl: evaluation ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro-+
+- m365-security
+- tier2
+<! v-jweston resumes authorship and ms.authorship appx April-May 2023 >
+ # Microsoft Defender for Endpoint - demonstration scenarios The following demonstration scenarios will help you learn about the capabilities of Microsoft Defender for Endpoint on Windows (Mac and Linux are out of scope). Demonstration scenarios are provided for the following Microsoft Defender for Endpoint protection areas:
security Endpoint Attack Notifications https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/endpoint-attack-notifications.md
+
+ Title: Endpoint Attack Notifications
+
+description: Endpoint Attack Notifications provides proactive hunting for the most important threats to your network.
+keywords: Endpoint Attack Notification, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts, endpoint attack notification, Ask Defender Experts, experts on demand
+search.product: Windows 10
+
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
++
+ms.localizationpriority: medium
+
+audience: ITPro
+
+- m365-security
+- tier2
++
+search.appverid: met150
++
+# Endpoint Attack Notifications
++
+**Applies to:**
+- [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
+
+> [!NOTE]
+> This covers threat hunting on your Microsoft Defender for Endpoint service. However, if you're interested to explore the service beyond your current license, and proactively hunt threats not just on endpoints but also across Office 365, cloud applications, and identity, refer to [Microsoft Defender Experts for Hunting](/microsoft-365/security/defender/defender-experts-for-hunting).
+
+Endpoint Attack Notifications (previously referred to as Microsoft Threat Experts - Targeted Attack Notification) provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyber-espionage. These notifications show up as a new alert. The managed hunting service includes:
+
+- Threat monitoring and analysis, reducing dwell time and risk to the business
+- Hunter-trained artificial intelligence to discover and prioritize both known and unknown attacks
+- Identifying the most important risks, helping SOCs maximize time and energy
+- Scope of compromise and as much context as can be quickly delivered to enable fast SOC response
++
+![Screenshot of the Endpoint Attack Notifications alert](../../media/defender-endpoint/endpoint-attack-notification-alert.png)
+
+## Apply for Endpoint Attack Notifications
+If you're a Microsoft Defender for Endpoint customer, you can apply for Endpoint Attack Notifications. Go to **Settings** \> **Endpoints** \> **General** \> **Advanced features** \> **Endpoint Attack Notifications** to apply. Once accepted, you'll get the benefits of Endpoint Attack Notifications.
+
+![How to enable Endpoint Attack Notifications in 365 Defender Portal](../../media/defender-endpoint/enable-endpoint-attack-notifications.png)
+
+## Receive Endpoint Attack notifications
+Endpoint Attack Notifications are alerts that have been hand crafted by MicrosoftΓÇÖs managed hunting service based on suspicious activity in your environment. They can be viewed through several mediums:
+- The alerts queue in the Microsoft 365 Defender portal
+- Using the [API](../../security/defender-endpoint/get-alerts.md)
+- [DeviceAlertEvents](../../security/defender-endpoint/advanced-hunting-devicealertevents-table.md) table in Advanced hunting
+- Your email if you [configure an email notifications](../../security/defender-endpoint/configure-email-notifications.md) rule
++
+Endpoint Attack Notifications can be identified by:
+- Have a tag named **Endpoint Attack Notification**
+- Have a service source of **Microsoft Defender for Endpoint** \> **Microsoft Defender Experts**
+
+> [!NOTE]
+> If you have enrolled for Endpoint Attack Notifications but are not seeing any alerts from the service, it indicates that you have a strong security posture and are less prone to attacks.
+
+## Create an email notification rule
+You can create rules to send email notifications for notification recipients. See [Configure alert notifications](configure-email-notifications.md) to create, edit, delete, or troubleshoot email notification, for details.
++
+## Next steps
+- To ask Defender Experts directly from the Microsoft Defender for Endpoint portal about insights on certain endpoint notifications, refer to [Ask Defender Experts ](../defender-endpoint/experts-on-demand.md).
+- To proactively hunt threats across endpoints, Office 365, cloud applications, and identity, refer to [Microsoft Defender Experts for Hunting](../defender/defender-experts-for-hunting.md).
security Experts On Demand https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/experts-on-demand.md
+
+ Title: Experts on Demand
+
+description: You can partner with Microsoft Defender Experts who can be engaged directly from within the Microsoft 365 Defender portal for their response
+keywords: Ask Defender Experts, experts on demand, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts, endpoint attack notification, Endpoint Attack Notification
+search.product: Windows 10
+
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
++
+ms.localizationpriority: medium
+
+audience: ITPro
+
+ - m365-security-compliance
+ - m365-initiative-defender-endpoint
++
+search.appverid: met150
++
+# Ask Defender Experts
++
+**Applies to:**
+- [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
+
+> [!NOTE]
+> As of August 2022, the Experts on Demand option to **Consult a threat expert** has been rebranded to **Ask Defender Experts**. This documentation is still here to support the legacy Microsoft Threat Experts service, however, if you're interested to explore the service beyond your current license, refer to [Microsoft Defender Experts for Hunting](/microsoft-365/security/defender/defender-experts-for-hunting). Microsoft Defender Experts for Hunting subscription includes [Experts on Demand](/microsoft-365/security/defender/onboarding-defender-experts-for-hunting?view=o365-worldwide#collaborate-with-experts-on-demand).
+
+Customers can engage our security experts directly from within Microsoft 365 Defender portal to get their response. Experts provide insights needed to better understand the complex threats affecting your organization, from alert inquiries, potentially compromised devices, root cause of a suspicious network connection, to more threat intelligence regarding ongoing advanced persistent threat campaigns. With this capability, you can:
+
+- Get more clarification on alerts including root cause or scope of the incident
+- Gain clarity into suspicious device behavior and next steps if faced with an advanced attacker
+- Determine risk and protection regarding threat actors, campaigns, or emerging attacker techniques
+
+> [!NOTE]
+> Experts on Demand is not a security incident response service. ItΓÇÖs intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/).
+
+## Ask Defender Experts about suspicious cybersecurity activities in your organization
+
+You can partner with Microsoft Defender Experts who can be engaged directly from within the Microsoft 365 Defender portal for their response. Experts provide insights to better understand complex threats, defender expert notifications that you get, or if you need more information about the alerts, a potentially compromised device, or a threat intelligence context that you see on your portal dashboard.
+
+> [!NOTE]
+>
+> - Alert inquiries related to your organization's customized threat intelligence data are currently not supported. Consult your security operations or incident response team for details.
+> - You need to have the **Manage security settings** permission in the Microsoft 365 Defender portal to be able to submit the **Ask Defender Experts** inquiry.
+
+1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or device is in view before you send an investigation request.
+
+2. From the upper right-hand menu, click the **?** icon. Then, select **Ask Defender Experts**
+
+The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or device details page that you were at when you made the request.
+
+3. In the next field, provide enough information to give Microsoft Defender Experts enough context to start the investigation.
+
+4. Enter the email address that you'd like to use to correspond with Microsoft Defender Experts. Ensure that the email address is for an account with a mailbox attached to it. If not, include an email address with a mailbox attached.
+
+> [!NOTE]
+> If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Customer Success Account Manager.
+
+Watch this video for a quick overview of the Microsoft Services Hub.
+
+> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4pk9f]
+
+## Sample investigation topics that you can Ask Defender Experts
+
+### Alert information
+
+- We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further?
+- We've observed two similar attacks, which try to execute malicious PowerShell scripts but generate different alerts. One is "Suspicious PowerShell command line" and the other is "A malicious file was detected based on indication provided by O365". What is the difference?
+- I receive an odd alert today for abnormal number of failed logins from a high profile user's device. I can't find any further evidence around these sign-in attempts. How can Defender for Endpoint see these attempts? What type of sign-ins are being monitored?
+- Can you give more context or insights about this alert: "Suspicious behavior by a system utility was observed".
+
+### Possible device compromise
+
+- Can you help answer why we see "Unknown process observed?" This message or alert is seen frequently on many devices. We appreciate any input to clarify whether this message or alert is related to malicious activity.
+- Can you help validate a possible compromise on the following system on [date] with similar behaviors as the previous [malware name] malware detection on the same system in [month]?
+
+### Threat intelligence details
+
+- We detected a phishing email that delivered a malicious Word document to a user. The malicious Word document caused a series of suspicious events, which triggered multiple Endpoint Attack Notifications alerts for [malware name] malware. Do you have any information on this malware? If yes, can you send me a link?
+- I recently saw a [social media reference, for example, Twitter or blog] post about a threat that is targeting my industry. Can you help me understand what protection Defender for Endpoint provides against this threat actor?
+
+### Defender Experts' alert communications
+
+- Can your incident response team help us address the Endpoint Attack Notifications that we got?
+- I received this Endpoint Attack Notifications from Microsoft Security Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?
+- I received an Endpoint Attack Notifications from Microsoft Defender Experts. What data can you provide to us that we can pass on to our incident response team?
+
+ > [!NOTE]
+ > Experts on Demand is a managed cybersecurity hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry.
+
+## Scenario
+
+### Receive a progress report about your managed hunting inquiry
+
+Response from Microsoft Defender Experts varies according to your inquiry. They'll email a progress report to you about your **Ask Defender Experts** inquiry within two days, to communicate the investigation status from the following categories:
+
+- More information is needed to continue with the investigation
+- A file or several file samples are needed to determine the technical context
+- Investigation requires more time
+- Initial information was enough to conclude the investigation
+
+It's crucial to respond in quickly to keep the investigation moving.
+
+## Next steps
+- To proactively hunt threats across endpoints, refer to [Endpoint Attack Notification](../defender-endpoint/endpoint-attack-notifications.md).
+- To proactively hunt threats across endpoints, Office 365, cloud applications, and identity, refer to [Microsoft Defender Experts for Hunting](../defender/defender-experts-for-hunting.md).
+
security Linux Preferences https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-preferences.md
Enables or disables file hash computation feature. When this feature is enabled,
|Description|Value| ||| |**Key**|enableFileHashComputation|
-|**Data type**|String|
-|**Possible values**|disabled (default) <p> enabled|
+|**Data type**|Boolean|
+|**Possible values**|false (default) <p> true|
|**Comments**|Available in Defender for Endpoint version 101.73.77 or higher.| #### Run a scan after definitions are updated
security Linux Static Proxy Configuration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-static-proxy-configuration.md
sudo systemctl daemon-reload; sudo systemctl restart mdatp
``` > [!NOTE] > To remove any additions you might have made before uninstalling `mdatp`, delete the custom file from `/etc/systemd/system`.+
+> [!NOTE]
+> Red Hat Enterprise Linux 6.X and CentOS 6.X don't support **systemctl**. To configure statuc proxy for MDE, use **mdatp config proxy set --value http://address:port**. This method works for all other Linux distributions as well.
security Mac Install With Intune https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-install-with-intune.md
This topic describes how to deploy Microsoft Defender for Endpoint on macOS thro
## Prerequisites and system requirements + Before you get started, see [the main Microsoft Defender for Endpoint on macOS page](microsoft-defender-endpoint-mac.md) for a description of prerequisites and system requirements for the current software version. ## Overview
In the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com/
### Onboarding blob
-This profile contains license information for Microsoft Defender for Endpoint. Without this profile, Microsoft Defender for Endpoint will report that it isn't licensed.
+This profile contains a license information for Microsoft Defender for Endpoint. Without license information, Microsoft Defender for Endpoint will report that it is not licensed.
1. Select **Create Profile** under **Configuration Profiles**. 1. Select **Platform**=**macOS**, **Profile type**=**Templates**. **Template name**=**Custom**. Click **Create**.
security Mac Preferences https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-preferences.md
Enables or disables file hash computation feature. When this feature is enabled,
||| |**Domain**|`com.microsoft.wdav`| |**Key**|enableFileHashComputation|
-|**Data type**|String|
-|**Possible values**|disabled (default) <p> enabled|
+|**Data type**|Boolean|
+|**Possible values**|false (default) <p> true|
|**Comments**|Available in Defender for Endpoint version 101.73.77 or higher.| #### Run a scan after definitions are updated
security Mac Whatsnew https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-whatsnew.md
For more information on Microsoft Defender for Endpoint on other operating syste
- [What's new in Microsoft Defender for Endpoint on Linux](linux-whatsnew.md) - [What's new in Microsoft Defender for Endpoint on iOS](ios-whatsnew.md)</br>
+<details>
+ <summary>Oct-2022 (Build: 101.82.21 | Release version: 20.122082.18221.0)</summary>
+
+&ensp;Build: **101.82.21**<br/>
+&ensp;Release version: **20.122082.18221.0**<br/>
+&ensp;Engine version: **1.1.19400.3**<br/>
+&ensp;Signature version: **1.369.962.0**<br/>
+
+**What's new**
+
+- Bug fix - Mac TP in Block mode causing device hang on shutdown/crashes on reboot
+- Add a mdatp command-line switch to view the on-demand scan history
+- Improve Performance of Device Owner on MacOs
+- Ready for macOS Ventura (13.0)
+- Bug and performance fixes
+
+<br/>
+</details>
+
+> [!IMPORTANT]
+> This is a minimal MDE version without known issues on macOS Ventura on the day of publishing the release notes. Between now and macOS Ventura GA, Apple may still release Ventura Beta's with platform changes that impact MDE experience. Visit these release notes around Ventura GA date for the final recommended Ventura-compatible MDE version number.
+ <details> <summary>Aug-2022 (Build: 101.78.13 | Release version: 20.122072.17813.0)</summary>
For more information on Microsoft Defender for Endpoint on other operating syste
- Fix for UI crash on Ventura - Fix for definitions not getting downloaded right after install - Other bug fixes-
+
<br/> </details>
security Manage Updates Baselines Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus.md
ms.mktglfcycl: manage
ms.sitesec: library ms.pagetype: security ms.localizationpriority: high Previously updated : 09/27/2022 Last updated : 10/13/2022 audience: ITPro
All our updates contain
- Integration improvements (Cloud, [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender)) <br/><br/> <details>
+<summary>September-2022 (Platform: 4.18.2209.7 | Engine: 1.1.19700.3)</summary>
+
+&ensp;Security intelligence update version: **1.377.8.0**<br/>
+&ensp;Release date: **October 10, 2022**<br/>
+&ensp;Platform: **4.18.2209.7**<br/>
+&ensp;Engine: **1.1.19700.3**<br/>
+&ensp;Support phase: **Security and Critical Updates**<br/>
+
+Engine version: 1.1.19700.3<br/>
+Security intelligence update version: 1.377.8.0<br/>
+
+### What's new
+
+- Improved processing of Defender fallback order on Server SKU
+- Fixed Defender updates during OOBE process
+- Fixed Trusted Installer security descriptor vulnerability
+- Fixed [Microsoft Defender Antivirus exclusions](configure-exclusions-microsoft-defender-antivirus.md) visibility
+- Fixed output of fallback order of the PowerShell cmdlet
+- Fixed Defender Platform update failure on Server Core 2019 SKUs
+- Improved hardening support for Defender disablement configurations on Server SKUs
+- Improved Defender configuration logics for [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) on servers
+- Improved WARN mode for [ASR rule](attack-surface-reduction-rules-reference.md)
+- Improved certificate handling of OSX
+- Improved logging for scanning FilesStash location
+- Beginning with platform version 4.18.2208.0 and later: If a server has been [onboarded to Microsoft Defender for Endpoint](onboard-configure.md#onboard-devices-to-the-service), the "Turn off Windows Defender" [group policy setting](configure-endpoints-gp.md#update-endpoint-protection-configuration) will no longer completely disable Windows Defender Antivirus on Windows Server 2012 R2 and later operating systems. Instead, it will be either ignored (if [ForceDefenderPassiveMode](switch-to-mde-phase-2.md#set-microsoft-defender-antivirus-to-passive-mode-on-windows-server) is configured explicitly) or it will place Microsoft Defender Antivirus into [passive mode](microsoft-defender-antivirus-windows.md#comparing-active-mode-passive-mode-and-disabled-mode) (if `ForceDefenderPassiveMode` isn't configured). Moreover, [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) will allow a switch to active mode via changing `ForceDefenderPassiveMode` to `0`, but not to passive mode. These changes apply only to servers onboarded to Microsoft Defender for Endpoint. For more information, please refer to [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility#microsoft-defender-antivirus-and-non-microsoft-antivirusantimalware-solutions)
+
+### Known Issues
+
+- Some customers might have received platform updates 4.18.2209.2 from preview. It can cause the service to get stuck at the start state after the update.
+<br/><br/>
+</details><details>
<summary>August-2022 (Platform: 4.18.2207.7 | Engine: 1.1.19600.3)</summary> &ensp;Security intelligence update version: **1.373.1647.0**<br/>
Security intelligence update version: 1.373.219.0 <br/>
- Performance improvement for [AntiMalware Scan Interface (AMSI)](/windows/win32/amsi/antimalware-scan-interface-portal) caching - Improved detection and remediation for [Microsoft Visual Basic for Applications](/office/vba/language/concepts/getting-started/64-bit-visual-basic-for-applications-overview) (VBA) related macros - Improved processing of AMSI exclusions -- Fixed deadlock detection in Host Intrusion Prevention System (HIPS) rule processing. (For additional information about HIPS and Defender for Endpoint, see [Migrating from a third-party HIPS to ASR rules](migrating-asr-rules.md).)
+- Fixed deadlock detection in Host Intrusion Prevention System (HIPS) rule processing. (For more information about HIPS and Defender for Endpoint, see [Migrating from a third-party HIPS to ASR rules](migrating-asr-rules.md).)
- Fixed memory leak where `MsMpEng.exe` was consuming private bytes. (If high CPU usage is also an issue, see [High CPU usage due to Microsoft Defender Antivirus](troubleshooting-mode-scenarios.md)) - Fixed deadlock with [behavior monitoring](configure-real-time-protection-microsoft-defender-antivirus.md) - Improved trust validation
Security intelligence update version: 1.373.219.0 <br/>
- Customers deploying platform update 4.18.2207.5 might experience lagging network performance that could impact applications. <br/><br/>
-</details><details>
+</details>
++
+### Previous version updates: Technical upgrade support only
+
+After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only.<br/><br/>
+
+<details>
<summary>May-2022 (Platform: 4.18.2205.7 | Engine: 1.1.19300.2)</summary> &ensp;Security intelligence update version: **1.369.88.0**<br/> &ensp;Released: **June 22, 2022**<br/> &ensp;Platform: **4.18.2205.7**<br/> &ensp;Engine: **1.1.19300.2**<br/>
-&ensp;Support phase: **Security and Critical Updates**<br/>
+&ensp;Support phase: **Technical upgrade support (only)**<br/>
Engine version: 1.1.19300.2<br/> Security intelligence update version: 1.369.88.0<br/>
Security intelligence update version: 1.369.88.0<br/>
No known issues <br/><br/>
-</details>
--
-### Previous version updates: Technical upgrade support only
-
-After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only.<br/><br/>
-
-<details>
+</details><details>
<summary>March-2022 *UPDATE* (Platform: 4.18.2203.5 | Engine: 1.1.19200.5)</summary> *Customers who applied the March 2022 Microsoft Defender engine update (**1.1.19100.5**) might have encountered high resource utilization (CPU and/or memory). Microsoft has released an update (**1.1.19200.5**) that resolves the bugs introduced in the earlier version. Customers are recommended to update to at least this new engine build of Antivirus Engine (**1.1.19200.5**). To ensure any performance issues are fully fixed, it's recommended to reboot machines after applying update.*
No known issues
- New controls for managing the gradual rollout process of Microsoft Defender updates. See [Manage the gradual rollout process for Microsoft Defender updates](manage-gradual-rollout.md). - Improvement to the behavior monitoring engine - Improvements to the rollout of antimalware definitions-- Extended Edge network event inspections
+- Extended Microsoft Edge network event inspections
### Known Issues No known issues
We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Wind
For more information, see [Microsoft Defender update for Windows operating system installation images](https://support.microsoft.com/help/4568292/defender-update-for-windows-operating-system-installation-images). <details>
+<summary>20220929.1</summary>
+
+&ensp;Package version: **20220929.1**<br/>
+&ensp;Platform version: **4.18.2207.7**<br/>
+&ensp;Engine version: **1.1.19600.3**<br/>
+&ensp;Signature version: **1.373.1243.0**<br/>
+
+### Fixes
+- None
+
+### Additional information
+- None
+
+<br/>
+</details><details>
<summary>20220925.2</summary> &ensp;Package version: **20220925.2**<br/>
security Microsoft Defender Antivirus Compatibility https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility.md
ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: medium Previously updated : 08/30/2022- Last updated : 10/03/2022+
You can use one of several methods to confirm the state of Microsoft Defender An
- [Use Windows PowerShell to confirm that Microsoft Defender Antivirus is running](#use-windows-powershell-to-confirm-that-microsoft-defender-antivirus-is-running). - [Use Windows PowerShell to confirm that antivirus protection is running](#use-windows-powershell-to-confirm-that-antivirus-protection-is-running).
+> [!IMPORTANT]
+> Beginning with [platform version 4.18.2208.0 and later](manage-updates-baselines-microsoft-defender-antivirus.md#monthly-platform-and-engine-versions): If a server has been onboarded to Microsoft Defender for Endpoint, the "Turn off Windows Defender" [group policy](configure-endpoints-gp.md#update-endpoint-protection-configuration) setting will no longer completely disable Windows Defender Antivirus on Windows Server 2012 R2 and later. Instead, it will place it into passive mode. In addition, the [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) feature will allow a switch to active mode but not to passive mode.
+>
+> - If "Turn off Windows Defender" is already in place before onboarding to Microsoft Defender for Endpoint, there will be no change and Defender Antivirus will remain disabled.
+> - To switch Defender Antivirus to passive mode, even if it was disabled before onboarding, you can apply the [ForceDefenderPassiveMode configuration](switch-to-mde-phase-2.md#set-microsoft-defender-antivirus-to-passive-mode-on-windows-server) with a value of `1`. To place it into active mode, switch this value to `0` instead.
+>
+> Note the modified logic for `ForceDefenderPassiveMode` when tamper protection is enabled: Once Microsoft Defender Antivirus is toggled to active mode, tamper protection will prevent it from going back into passive mode even when `ForceDefenderPassiveMode` is set to `1`.
+ ### Use the Windows Security app to identify your antivirus app 1. On a Windows device, open the Windows Security app.
security Microsoft Defender Antivirus On Windows Server https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server.md
+
+ Title: Microsoft Defender Antivirus on Windows Server
+description: Learn how to enable and configure Microsoft Defender Antivirus on Windows Server 2016, Windows Server 2019, and Windows Server 2022.
+keywords: windows defender, server, scep, system center endpoint protection, server 2016, current branch, server 2012
+ms.pagetype: security
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.localizationpriority: medium
+++++ Last updated : 10/10/2022+
+- M365-security-compliance
+- m365initiative-defender-endpoint
++
+# Microsoft Defender Antivirus on Windows Server
++
+**Applies to:**
+- [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
+Microsoft Defender Antivirus is available in the following editions/versions of Windows Server:
+
+- Windows Server 2022
+- Windows Server 2019
+- Windows Server, version 1803 or later
+- Windows Server 2016
+- Windows Server 2012 R2 (Requires Microsoft Defender for Endpoint)
+
+## Setting up Microsoft Defender Antivirus on Windows Server
+
+The process of setting up and running Microsoft Defender Antivirus on Windows Server includes the following steps:
+
+1. [Enable the interface](#enable-the-user-interface-on-windows-server).
+2. [Install Microsoft Defender Antivirus](#install-microsoft-defender-antivirus-on-windows-server).
+3. [Verify Microsoft Defender Antivirus is running](#verify-microsoft-defender-antivirus-is-running).
+4. [Update your antimalware Security intelligence](#update-antimalware-security-intelligence).
+5. (As needed) [Submit samples](#submit-samples).
+6. (As needed) [Configure automatic exclusions](#configure-automatic-exclusions).
+7. (Only if necessary) [Set Windows Server to passive mode](#passive-mode-and-windows-server).
+
+## Enable the user interface on Windows Server
+
+> [!IMPORTANT]
+> If you're using Windows Server 2012 R2, see [Options to install Microsoft Defender for Endpoint](configure-server-endpoints.md#options-to-install-the-microsoft-defender-for-endpoint-packages).
+
+By default, Microsoft Defender Antivirus is installed and functional on Windows Server. Sometimes, the user interface (GUI) is installed by default. The GUI isn't required; you can use PowerShell, Group Policy, or other methods to manage Microsoft Defender Antivirus. However, many organizations prefer to use the GUI for Microsoft Defender Antivirus. To install the GUI, use one of the procedures in the following table:
+
+| Procedure | What to do |
+|:|:|
+| Turn on the GUI using the Add Roles and Features Wizard | 1. See [Install roles, role services, and features by using the add Roles and Features Wizard](/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features#install-roles-role-services-and-features-by-using-the-add-roles-and-features-wizard), and use the **Add Roles and Features Wizard**. <br/><br/>2. When you get to the **Features** step of the wizard, under **Windows Defender Features**, select the **GUI for Windows Defender** option. |
+| Turn on the GUI using PowerShell | 1. On your Windows Server, open Windows PowerShell as an administrator. <br/><br/>2. Run the following PowerShell cmdlet: `Install-WindowsFeature -Name Windows-Defender-GUI` |
+
+For more information, see [Getting Started with PowerShell](/powershell/scripting/learn/ps101/01-getting-started).
+
+## Install Microsoft Defender Antivirus on Windows Server
+
+If you need to install or reinstall Microsoft Defender Antivirus on Windows Server, use one of the procedures in the following table:
+
+| Procedure | What to do |
+|:|:|
+| Use the Add Roles and Features Wizard to install Microsoft Defender Antivirus | 1. See [Install or Uninstall Roles, Role Services, or Features](/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features#install-roles-role-services-and-features-by-using-the-add-roles-and-features-wizard), and use the **Add Roles and Features Wizard**. <br/><br/>2. When you get to the **Features** step of the wizard, select the Microsoft Defender Antivirus option. Also select the **GUI for Windows Defender** option. |
+| Use PowerShell to install Microsoft Defender Antivirus | 1. On your Windows Server, open Windows PowerShell as an administrator. <br/><br/>2. Run the following PowerShell cmdlet: `Install-WindowsFeature -Name Windows-Defender` |
+
+> [!NOTE]
+> Event messages for the antimalware engine included with Microsoft Defender Antivirus can be found in [Microsoft Defender Antivirus Events](troubleshoot-microsoft-defender-antivirus.md).
+
+## Verify Microsoft Defender Antivirus is running
+
+After you've installed (or reinstalled) Microsoft Defender Antivirus, your next step is to verify that it's running. Use the PowerShell cmdlets in the following table:
+
+| Procedure | PowerShell cmdlet |
+|:|:|
+| Verify that Microsoft Defender Antivirus is running | `Get-Service -Name windefend` |
+| Verify that firewall protection is turned on | `Get-Service -Name mpssvc` |
+
+As an alternative to PowerShell, you can use Command Prompt to verify that Microsoft Defender Antivirus is running. To do that, run the following command from a command prompt:
+
+```cmd
+sc query Windefend
+```
+
+The `sc query` command returns information about the Microsoft Defender Antivirus service. When Microsoft Defender Antivirus is running, the `STATE` value displays `RUNNING`.
+
+To view all the services that aren't running, run the following PowerShell cmdlet:
+
+```cmd
+sc query state= all
+```
+
+## Update antimalware Security intelligence
+
+> [!IMPORTANT]
+> Beginning with [platform version 4.18.2208.0 and later](manage-updates-baselines-microsoft-defender-antivirus.md#monthly-platform-and-engine-versions): If a server has been onboarded to Microsoft Defender for Endpoint, the "Turn off Windows Defender" [group policy](configure-endpoints-gp.md#update-endpoint-protection-configuration) setting will no longer completely disable Windows Defender Antivirus on Windows Server 2012 R2 and later. Instead, it will place it into passive mode. In addition, the [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) feature will allow a switch to active mode but not to passive mode.
+>
+> - If "Turn off Windows Defender" is already in place before onboarding to Microsoft Defender for Endpoint, there will be no change and Defender Antivirus will remain disabled.
+> - To switch Defender Antivirus to passive mode, even if it was disabled before onboarding, you can apply the [ForceDefenderPassiveMode configuration](switch-to-mde-phase-2.md#set-microsoft-defender-antivirus-to-passive-mode-on-windows-server) with a value of `1`. To place it into active mode, switch this value to `0` instead.
+>
+> Note the modified logic for `ForceDefenderPassiveMode` when tamper protection is enabled: Once Microsoft Defender Antivirus is toggled to active mode, tamper protection will prevent it from going back into passive mode even when `ForceDefenderPassiveMode` is set to `1`.
+
+To get your regular security intelligence updates, the Windows Update service must be running. If you use an update management service, like Windows Server Update Services (WSUS), make sure that updates for Microsoft Defender Antivirus Security intelligence are approved for the computers you manage.
+
+By default, Windows Update doesn't download and install updates automatically on Windows Server 2019 or Windows Server 2022, or Windows Server 2016. You can change this configuration by using one of the following methods:
+
+| Method | Description |
+|||
+| **Windows Update** in Control Panel | **Install updates automatically** results in all updates being automatically installed, including Windows Defender Security intelligence updates. <br/><br/> **Download updates but let me choose whether to install them** allows Windows Defender to download and install Security intelligence updates automatically, but other updates aren't automatically installed. |
+| **Group Policy** | You can set up and manage Windows Update by using the settings available in Group Policy, in the following path: **Administrative Templates\Windows Components\Windows Update\Configure Automatic Updates** |
+| The **AUOptions** registry key | The following two values allow Windows Update to automatically download and install Security intelligence updates: <br/><br/> **4** - **Install updates automatically**. This value results in all updates being automatically installed, including Windows Defender Security intelligence updates. <br/><br/> **3** - **Download updates but let me choose whether to install them**. This value allows Windows Defender to download and install Security intelligence updates automatically, but other updates aren't automatically installed. |
+
+To ensure that protection from malware is maintained, enable the following
+
+- Windows Error Reporting service
+- Windows Update service
+
+The following table lists the services for Microsoft Defender Antivirus and the dependent services.
+
+| Service Name | File Location | Description |
+||||
+| Windows Defender Service (WinDefend) | `C:\Program Files\Windows Defender\MsMpEng.exe` | This service is the main Microsoft Defender Antivirus service that needs to be running always.|
+| Windows Error Reporting Service (Wersvc) | `C:\WINDOWS\System32\svchost.exe -k WerSvcGroup` | This service sends error reports back to Microsoft. |
+| Windows Defender Firewall (MpsSvc) | `C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork` | We recommend keeping the Windows Defender Firewall service enabled. |
+| Windows Update (Wuauserv) | `C:\WINDOWS\system32\svchost.exe -k netsvcs`| Windows Update is needed to get Security intelligence updates and antimalware engine updates |
+
+## Submit samples
+
+Sample submission allows Microsoft to collect samples of potentially malicious software. To help provide continued and up-to-date protection, Microsoft researchers use these samples to analyze suspicious activities and produce updated antimalware Security intelligence. We collect program executable files, such as .exe files and .dll files. We don't collect files that contain personal data, like Microsoft Word documents and PDF files.
+
+### Submit a file
+
+1. Review the [submission guide](/windows/security/threat-protection/intelligence/submission-guide).
+
+2. Visit the [sample submission portal](https://www.microsoft.com/wdsi/filesubmission), and submit your file.
+
+### Enable automatic sample submission
+
+To enable automatic sample submission, start a Windows PowerShell console as an administrator, and set the **SubmitSamplesConsent** value data according to one of the following settings:
+
+|Setting|Description|
+|||
+| **0** - **Always prompt** | The Microsoft Defender Antivirus service prompts you to confirm submission of all required files. This is the default setting for Microsoft Defender Antivirus, but isn't recommended for installations on Windows Server 2016 or 2019, or Windows Server 2022 without a GUI. |
+| **1** - **Send safe samples automatically** | The Microsoft Defender Antivirus service sends all files marked as "safe" and prompts for the remainder of the files. |
+| **2** - **Never send** | The Microsoft Defender Antivirus service doesn't prompt and doesn't send any files. |
+| **3** - **Send all samples automatically** | The Microsoft Defender Antivirus service sends all files without a prompt for confirmation. |
+
+> [!NOTE]
+> This option is not available for Windows Server 2012 R2.
+
+## Configure automatic exclusions
+
+To help ensure security and performance, certain exclusions are automatically added based on the roles and features you install when using Microsoft Defender Antivirus on Windows Server 2016 or 2019, or Windows Server 2022.
+
+See [Configure exclusions in Microsoft Defender Antivirus on Windows Server](configure-server-exclusions-microsoft-defender-antivirus.md).
+
+## Passive mode and Windows Server
+
+If you're using a non-Microsoft antivirus product as your primary antivirus solution on Windows Server, you must set Microsoft Defender Antivirus to passive mode or disabled mode. If your Windows Server endpoint is onboarded to Microsoft Defender for Endpoint, you can set Microsoft Defender Antivirus to passive mode. If you're not using Microsoft Defender for Endpoint, set Microsoft Defender Antivirus to disabled mode.
+
+> [!TIP]
+> See [Microsoft Defender Antivirus compatibility with other security products](microsoft-defender-antivirus-compatibility.md).
+
+The following table describes methods to set Microsoft Defender Antivirus to passive mode, disable Microsoft Defender Antivirus, and uninstall Microsoft Defender Antivirus:
+
+| Procedure | Description |
+|||
+| Set Microsoft Defender Antivirus to passive mode by using a registry key | Set the `ForceDefenderPassiveMode` registry key as follows: <br/>- Path: `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection` <br/>- Name: `ForceDefenderPassiveMode` <br/>- Type: `REG_DWORD` <br/>- Value: `1` |
+| Turn off the Microsoft Defender Antivirus user interface using PowerShell | Open Windows PowerShell as an administrator, and run the following PowerShell cmdlet: `Uninstall-WindowsFeature -Name Windows-Defender-GUI`
+| Disable Microsoft Defender Antivirus using PowerShell | Use the following PowerShell cmdlet: `Set-MpPreference -DisableRealtimeMonitoring $true` |
+| Disable Microsoft Defender Antivirus using the Remove Roles and Features wizard | See [Install or Uninstall Roles, Role Services, or Features](/windows-server/administration/server-manager/install-or-uninstall-roles-role-services-or-features#remove-roles-role-services-and-features-by-using-the-remove-roles-and-features-wizard), and use the **Remove Roles and Features Wizard**. <br/><br/>When you get to the **Features** step of the wizard, clear the **Windows Defender Features** option. <br/><br/> If you clear **Windows Defender** by itself under the **Windows Defender Features** section, you'll be prompted to remove the interface option **GUI for Windows Defender**.<br/><br/>Microsoft Defender Antivirus will still run normally without the user interface, but the user interface can't be enabled if you disable the core **Windows Defender** feature. |
+| Uninstall Microsoft Defender Antivirus using PowerShell | Use the following PowerShell cmdlet: `Uninstall-WindowsFeature -Name Windows-Defender` |
+| Disable Microsoft Defender Antivirus using Group Policy | In your Local Group Policy Editor, navigate to **Administrative Template** > **Windows Component** > **Endpoint Protection** > **Disable Endpoint Protection**, and then select **Enabled** > **OK**. |
+
+For more information, see [Working with Registry Keys](/powershell/scripting/samples/working-with-registry-keys).
+
+### Are you using Windows Server 2012 R2 or Windows Server 2016?
+
+If your Windows Server is onboarded to Microsoft Defender for Endpoint, you can now run Microsoft Defender Antivirus in passive mode on Windows Server 2012 R2 and Windows Server 2016. See the following articles:
+
+- [Options to install Microsoft Defender for Endpoint](configure-server-endpoints.md#options-to-install-the-microsoft-defender-for-endpoint-packages)
+
+- [Microsoft Defender Antivirus compatibility with other security products](microsoft-defender-antivirus-compatibility.md)
+
+## See also
+
+- [Microsoft Defender Antivirus in Windows](microsoft-defender-antivirus-windows.md)
security Microsoft Defender Antivirus Windows https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows.md
ms.sitesec: library
ms.pagetype: security ms.localizationpriority: high Last updated 10/03/2022-+
To learn more, see [Microsoft Defender Antivirus compatibility](microsoft-defend
You can use one of several methods, such as the Windows Security app or Windows PowerShell, to check the state of Microsoft Defender Antivirus on your device.
+> [!IMPORTANT]
+> Beginning with [platform version 4.18.2208.0 and later](manage-updates-baselines-microsoft-defender-antivirus.md#monthly-platform-and-engine-versions): If a server has been onboarded to Microsoft Defender for Endpoint, the "Turn off Windows Defender" [group policy](configure-endpoints-gp.md#update-endpoint-protection-configuration) setting will no longer completely disable Windows Defender Antivirus on Windows Server 2012 R2 and later. Instead, it will place it into passive mode. In addition, the [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) feature will allow a switch to active mode but not to passive mode.
+>
+> - If "Turn off Windows Defender" is already in place before onboarding to Microsoft Defender for Endpoint, there will be no change and Defender Antivirus will remain disabled.
+> - To switch Defender Antivirus to passive mode, even if it was disabled before onboarding, you can apply the [ForceDefenderPassiveMode configuration](switch-to-mde-phase-2.md#set-microsoft-defender-antivirus-to-passive-mode-on-windows-server) with a value of `1`. To place it into active mode, switch this value to `0` instead.
+>
+> Note the modified logic for `ForceDefenderPassiveMode` when tamper protection is enabled: Once Microsoft Defender Antivirus is toggled to active mode, tamper protection will prevent it from going back into passive mode even when `ForceDefenderPassiveMode` is set to `1`.
+ ### Use the Windows Security app to check the status of Microsoft Defender Antivirus 1. On your Windows device, select the **Start** menu, and begin typing `Security`. Then open the Windows Security app in the results.
security Microsoft Defender Endpoint Android https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-android.md
This topic describes how to install, configure, update, and use Defender for End
### Installation instructions
-Microsoft Defender for Endpoint on Android supports installation on both modes of enrolled devices - the legacy Device Administrator and Android Enterprise modes. **Currently, Personally-owned devices with work profile and Corporate-owned fully managed user device enrollments are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready.**
+Microsoft Defender for Endpoint on Android supports installation on both modes of enrolled devices - the legacy Device Administrator and Android Enterprise modes. **Currently, Personally-owned devices with work profile, Corporate-owned, personally enabled and Corporate-owned fully managed user device enrollments are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready.**
- Deployment of Microsoft Defender for Endpoint on Android is via Microsoft Intune (MDM). For more information, see [Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune](android-intune.md). - Installation of Microsoft Defender for Endpoint on devices that are not enrolled using Intune mobile device management (MDM), see [Configure Microsoft Defender for Endpoint risk signals in app protection policy (MAM)](android-configure-mam.md).
security Microsoft Threat Experts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-threat-experts.md
search.appverid: met150
-# Microsoft Threat Experts
+# Microsoft Defender Experts
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
search.appverid: met150
> [!NOTE] > As of August 2022, the Experts on Demand option to **Consult a threat expert** has been rebranded to **Ask Defender Experts**.
-Microsoft Threat Experts is a managed threat hunting service that provides your Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in your unique environments don't get missed.
+Microsoft Defender Experts is a managed threat hunting service that provides your Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in your unique environments don't get missed.
This managed threat hunting service provides expert-driven insights and data through these two capabilities: endpoint attack notification and access to experts on demand.
-Watch this video to learn how Microsoft Threat Experts provides Security Operation Centers (SOCs) with expert-level monitoring and analysis and ensures that no critical threat is missed.
+Watch this video to learn how Microsoft Defender Experts provides Security Operation Centers (SOCs) with expert-level monitoring and analysis and ensures that no critical threat is missed.
> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qZ0B] ## Before you begin > [!NOTE] > Discuss the eligibility requirements with your Microsoft Technical Service provider and account team before you apply to the managed threat hunting service.
-> Threat Experts is not currently available in the Microsoft 365 for U.S. Government clouds.
+> Defender Experts is not currently available in the Microsoft 365 for U.S. Government clouds.
If you're a Microsoft Defender for Endpoint customer, you need to apply for **Endpoint Attack Notifications** to get special insights and analysis that help identify the most critical threats in your environment so you can respond to them quickly. To enroll to Endpoint Attack Notifications benefits, go to **Settings** \> **Endpoints** \> **General** \> **Advanced features** \> **Endpoint Attack Notifications** to apply. Once accepted, you'll get the benefits of Endpoint Attack Notifications.
-Contact your account team or Microsoft representative to subscribe to **Microsoft Threat Experts - Experts on Demand** to consult with our threat experts on relevant detections and adversaries that your organization is facing.
+Contact your account team or Microsoft representative to subscribe to **Microsoft Defender Experts - Experts on Demand** to consult with our threat experts on relevant detections and adversaries that your organization is facing.
-See [Configure Microsoft Threat Experts capabilities](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts#before-you-begin) for details.
+See [Configure Microsoft Defender Experts capabilities](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts#before-you-begin) for details.
-## Endpoint attack notification
+## Endpoint Attack Notifications
-Endpoint Attack Notifications (previously referred to as Microsoft Threat Experts - Targeted Attack Notification) provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyber-espionage. These notifications show up as a new alert. The managed hunting service includes:
+Endpoint Attack Notifications (previously referred to as Microsoft Threat Experts - Targeted Attack Notification) provide proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyber-espionage. These notifications show up as a new alert. The managed hunting service includes:
- Threat monitoring and analysis, reducing dwell time and risk to the business - Hunter-trained artificial intelligence to discover and prioritize both known and unknown attacks-- Identifying the most important risks, helping SOCs maximize time and energy-- Scope of compromise and as much context as can be quickly delivered to enable fast SOC response.
+- Identification of the most important risks, helping SOCs maximize time and energy
+- Help in scoping compromises and as much context as can be quickly delivered to enable fast SOC response.
-## Microsoft Threat Experts - Experts on Demand
+## Microsoft Defender Experts - Experts on Demand
> [!NOTE] > Experts on Demand is not a security incident response service. ItΓÇÖs intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/).
Watch this video for a quick overview of the Microsoft Services Hub.
## See also -- [Configure Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
+- [Configure Microsoft Defender Experts capabilities](configure-microsoft-threat-experts.md)
security Network Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/network-protection.md
ms.mktglfcycl: manage
ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium Previously updated : 08/12/2022 Last updated : 10/13/2022 audience: ITPro
Support for Command and Control servers (C2) is a key part of this ransomware ev
## SmartScreen Unblock
-A new feature in Defender for Endpoint indicators enables administrators to allow end users to bypass warnings that are generated for some URLs and IPs. Depending on why the URL was blocked, when a SmartScreen block is encountered it may offer administrators the ability to unblock the site for up to 24 hours. In such cases, a Windows Security toast notification will appear, permitting the end-user to **Unblock** the URL or IP for the defined period of time.
+With indicators in Defender for Endpoint, administrators can allow end users to bypass warnings that are generated for some URLs and IPs. Depending on why the URL was blocked, when a SmartScreen block is encountered it may offer administrators the ability to unblock the site for up to 24 hours. In such cases, a Windows Security toast notification will appear, permitting the end-user to **Unblock** the URL or IP for the defined period of time.
:::image type="content" source="images/network-protection-smart-screen-block-notification.png" alt-text="Windows Security notification for network protection.":::
-Microsoft Defender for Endpoint Administrators can configure SmartScreen Unblock functionality at [Microsoft 365 Defender](https://security.microsoft.com/), using the following configuration tool. From the Microsoft 365 Defender portal, navigate to the path to the ConfigToolName.
+Microsoft Defender for Endpoint administrators can configure SmartScreen Unblock functionality in the [Microsoft 365 Defender portal](https://security.microsoft.com) using an "allow" indicator for IPs, URLs, and domains.
:::image type="content" source="images/network-protection-smart-screen-block-configuration.png" alt-text="Network protection SmartScreen block configuration ULR and IP form.":::
+See [Create indicators for IPs and URLs/domains](indicator-ip-domain.md).
+ ## Using network protection Network protection is enabled per device, which is typically done using your management infrastructure. For supported methods, see [Turn on network protection](enable-network-protection.md).
Network protection is enabled per device, which is typically done using your man
> [!NOTE] > Microsoft Defender Antivirus must be active to enable network protection.
-You can enable network protection in **Audit** mode or **Block** mode. If you want to evaluate the impact of enabling network protection before actually blocking IP addresses or URLs, you can enable network protection in Audit mode for a period of time to gather data on what would be blocked. Audit mode logs when end users have connected to an address or site that would otherwise have been blocked by network protection.
+You can enable network protection in **Audit** mode or **Block** mode. If you want to evaluate the impact of enabling network protection before actually blocking IP addresses or URLs, you can enable network protection in Audit mode for time to gather data on what would be blocked. Audit mode logs when end users have connected to an address or site that would otherwise have been blocked by network protection.
-For information about Network protection for Linux and macOS see: [Network protection for Linux](network-protection-linux.md) and [Network protection for MacOS](network-protection-macos.md).
+For information about network protection for Linux and macOS see: [Network protection for Linux](network-protection-linux.md) and [Network protection for macOS](network-protection-macos.md).
## Advanced hunting
Network protection now has a performance optimization that allows Block mode to
- [Enable network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network. - [Configuring attack surface reduction capabilities in Microsoft Intune](/mem/intune/protect/endpoint-security-asr-policy) - [Network protection for Linux](network-protection-linux.md) | To learn about using Microsoft Network protection for Linux devices.-- [Network protection for MacOS](network-protection-macos.md) | To learn more about Microsoft Network protection for MacOS
+- [Network protection for macOS](network-protection-macos.md) | To learn more about Microsoft Network protection for macOS
security Onboard Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboard-configure.md
We recommend using Privileged Identity Management to manage your roles to provid
Defender for Endpoint supports two ways to manage permissions: -- **Basic permissions management**: Sets permissions to either full access or read-only. Users with global administrator or security administrator roles in Azure Active Directory (Azure AD) have full access. The security reader role has read-only access and does not grant access to view machines/device inventory.
+- **Basic permissions management**: Sets permissions to either full access or read-only. Users with global administrator or security administrator roles in Azure Active Directory (Azure AD) have full access. The security reader role has read-only access and doesn't grant access to view machines/device inventory.
- **Role-based access control (RBAC)**: Sets granular permissions by defining roles, assigning Azure AD user groups to the roles, and granting the user groups access to device groups. For more information. see [Manage portal access using role-based access control](rbac.md). > [!NOTE]
After onboarding the devices, you'll then need to configure the other capabiliti
| [Configure Next-generation protection (NGP)](configure-microsoft-defender-antivirus-features.md) | Microsoft Defender Antivirus is a built-in antimalware solution that provides next-generation protection for desktops, portable computers, and servers. Microsoft Defender Antivirus includes:<br> <br>-Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Microsoft Defender Antivirus.<br> <br> - Always-on scanning using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection").<br><br> - Dedicated protection updates based on machine learning, human and automated big-data analysis, and in-depth threat resistance research. | | [Configure attack surface reduction (ASR)](overview-attack-surface-reduction.md) | Attack surface reduction capabilities in Microsoft Defender for Endpoint help protect the devices and applications in the organization from new and emerging threats. | | [Configure Auto Investigation & Remediation (AIR) capabilities](configure-automated-investigations-remediation.md) | Microsoft Defender for Endpoint uses Automated investigations to significantly reduce the volume of alerts that need to be investigated individually. The Automated investigation feature leverages various inspection algorithms, and processes used by analysts (such as playbooks) to examine alerts and take immediate remediation action to resolve breaches. This significantly reduces alert volume, allowing security operations experts to focus on more sophisticated threats and other high value initiatives. |
-| [Configure Microsoft Threat Experts (MTE) capabilities](configure-microsoft-threat-experts.md) | Microsoft Threat Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed. |
+| [Configure Microsoft Defender Experts capabilities](../defender/defender-experts-for-hunting.md) | Microsoft Defender Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed. |
For more information, see [Supported Microsoft Defender for Endpoint capabilities by platform](supported-capabilities-by-platform.md).
security Onboard Windows Multi Session Device https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboard-windows-multi-session-device.md
Only Microsoft Edge is supported for web filtering in Windows 10 multi-session.
#### Related Links
-[Add exclusions for Defender for Endpoint via PowerShell](/azure/architecture/example-scenario/wvd/windows-virtual-desktop-fslogix#add-exclusions-for-microsoft-defender-by-using-powershell)
+[Add exclusions for Defender for Endpoint via PowerShell](/azure/architecture/example-scenario/wvd/windows-virtual-desktop-fslogix#add-exclusions-for-microsoft-defender-for-cloud-by-using-powershell)
security Onboarding Endpoint Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboarding-endpoint-manager.md
In the [Planning](deployment-strategy.md) topic, there were several methods prov
While Defender for Endpoint supports onboarding of various endpoints and tools, this article does not cover them. For information on general onboarding using other supported deployment tools and methods, see [Onboarding overview](onboarding.md).
-[Microsoft Endpoint Manager](/mem/endpoint-manager-overview) is a solution platform that unifies several services. It includes [Microsoft Intune](/mem/intune/fundamentals/what-is-intune)-based device management.
+[Microsoft Endpoint Manager](/mem/endpoint-manager-overview) is a solution platform that unifies several services. It includes [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](/mem/configmgr).
This topic guides users in:
security Onboarding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboarding.md
The following table lists the available tools based on the endpoint that you nee
## Step 2: Configure capabilities
-After onboarding the endpoints, you'll then configure the capabilities. The following table lists the components that you can configure. Choose the components that you'd like to use and remove the ones that do not apply.
+After onboarding the endpoints, you'll then configure the capabilities. The following table lists the components that you can configure. Choose the components that you'd like to use and remove the ones that don't apply.
| Capability | Description | |-|-|
After onboarding the endpoints, you'll then configure the capabilities. The foll
| [Next-generation protection (NGP)](microsoft-defender-antivirus-windows.md) | Microsoft Defender Antivirus is a built-in antimalware solution that provides next-generation protection for desktops, portable computers, and servers. Microsoft Defender Antivirus includes:<br> <br>-Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Microsoft Defender Antivirus.<br> <br> - Always-on scanning using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection").<br><br> - Dedicated protection updates based on machine learning, human and automated big-data analysis, and in-depth threat resistance research. | | [Attack Surface Reduction (ASR)](overview-attack-surface-reduction.md) | Attack surface reduction capabilities in Microsoft Defender for Endpoint help protect the devices and applications in the organization from new and emerging threats. | | [Auto Investigation & Remediation (AIR)](automated-investigations.md) | Microsoft Defender for Endpoint uses Automated investigations to significantly reduce the volume of alerts that need to be investigated individually. The Automated investigation feature leverages various inspection algorithms, and processes used by analysts (such as playbooks) to examine alerts and take immediate remediation action to resolve breaches. This significantly reduces alert volume, allowing security operations experts to focus on more sophisticated threats and other high value initiatives. |
-| [Microsoft Threat Experts (MTE)](microsoft-threat-experts.md) | Microsoft Threat Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed. |
+| [Microsoft Defender Experts](microsoft-threat-experts.md) | Microsoft Defender Experts is a managed hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don't get missed. |
After onboarding the endpoints, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction.
security Prevent Changes To Security Settings With Tamper Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection.md
search.appverid: met150
**Platforms** - Windows
+- macOS
Tamper protection is available for devices that are running one of the following versions of Windows:
Tamper protection is available for devices that are running one of the following
> [!NOTE] > Tamper protection in Windows Server 2012 R2 is available for devices onboarded using the modern unified solution package. For more information, see [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints).
+Tamper protection is available for devices that are running one of the following versions of macOS:
+
+- Monterey (12)
+- Big Sur (11)
+- Catalina (10.15+)
+ ## Overview During some kinds of cyber attacks, bad actors try to disable security features, such as antivirus protection, on your machines. Bad actors like to disable your security features to get easier access to your data, to install malware, or to otherwise exploit your data, identity, and devices. Tamper protection helps prevent these kinds of things from occurring. With tamper protection, malicious apps are prevented from taking actions such as:
security Respond File Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/respond-file-alerts.md
Response actions run along the top of the file page, and include:
- Stop and Quarantine File - Add Indicator - Download file-- Consult a threat expert
+- Ask Defender Experts
- Action center You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
This action takes effect on devices with Windows 10, version 1703 or later, and
1. Select the file you want to stop and quarantine. You can select a file from any of the following views or use the Search box:
- - **Alerts** - click the corresponding links from the Description or Details in the Alert Story timeline
+ - **Alerts** - select the corresponding links from the Description or Details in the Alert Story timeline
- **Search box** - select **File** from the drop-down menu and enter the file name > [!NOTE]
This action takes effect on devices with Windows 10, version 1703 or later, and
4. Select any of the status indicators to view more information about the action. For example, select **Failed** to see where the action failed.
-#### Notification on device userf
+#### Notification on device user
When the file is being removed from a device, the following notification is shown:
Files that have been quarantined by Microsoft Defender Antivirus or your securit
The location depends on your organization's geo settings (either EU, UK, or US). A quarantined file will only be collected once per organization. Learn more about Microsoft's data protection from the Service Trust Portal at https://aka.ms/STP.
-Having this setting turned on can help security teams examine potentially bad files and investigate incidents quickly and in a less risky way. However, if you need to turn this setting off, go to **Settings** \> **Endpoints** \> **Advanced features** \> **Download quarantined files** to adjust the setting. [Learn more about advanced features](advanced-features.md)
+Having this setting turned on can help security teams examine potentially bad files and investigate incidents quickly and in a less risky way. However, if you need to turn off this setting, go to **Settings** \> **Endpoints** \> **Advanced features** \> **Download quarantined files** to adjust the setting. [Learn more about advanced features](advanced-features.md)
#### Backing up quarantined files Users may be prompted to provide explicit consent before backing up the quarantined file, depending on your [sample submission configuration](enable-cloud-protection-microsoft-defender-antivirus.md#use-group-policy-to-turn-on-cloud-protection).
-This feature will not work if sample submission is turned off. If automatic sample submission is set to request permission from the user, only samples that the user agrees to send will be collected.
+This feature won't work if sample submission is turned off. If automatic sample submission is set to request permission from the user, only samples that the user agrees to send will be collected.
> [!IMPORTANT] > Download quarantined file requirements:
This feature will not work if sample submission is turned off. If automatic samp
### Collect files
-If a file is not already stored by Microsoft Defender for Endpoint, you can't download it. Instead, you'll see a **Collect file** button in the same location. If a file hasn't been seen in the organization in the past 30 days, **Collect file** will be disabled.
+If a file isn't already stored by Microsoft Defender for Endpoint, you can't download it. Instead, you'll see a **Collect file** button in the same location. If a file hasn't been seen in the organization in the past 30 days, **Collect file** will be disabled.
> [!Important] > A file that was quarantined as a potential network threat might not be recoverable. If a user attempts to restore the file after quarantine, that file might not be accessible. This can be due to the system no longer having network credentials to access the file. Typically, this is a result of a temporary log on to a system or shared folder and the access tokens expired.
You can also edit indicators from the **Settings** page, under **Rules** \> **I
## Consult a threat expert
-Consult a Microsoft threat expert for more insights on a potentially compromised device, or already compromised devices. Microsoft Threat Experts are engaged directly from within the Microsoft 365 Defender portal for timely and accurate response. Experts provide insights on a potentially compromised device and help you understand complex threats and targeted attack notifications. They can also provide information about the alerts or a threat intelligence context that you see on your portal dashboard.
+Select Ask Defender Experts to get more insights from Microsoft experts on a potentially compromised device, or already compromised devices. Microsoft Defender Experts are engaged directly from within the Microsoft 365 Defender portal for timely and accurate response. Experts provide insights on a potentially compromised device and help you understand complex threats and targeted attack notifications. They can also provide information about the alerts or a threat intelligence context that you see on your portal dashboard.
-See [Consult a Microsoft Threat Expert](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
+See [Ask Defender Experts](experts-on-demand.md) for details.
## Check activity details in Action center
If you come across a problem when trying to submit a file, try each of the follo
5. Change the organizational unit through the Group Policy. For more information, see [Configure with Group Policy](configure-endpoints-gp.md).
-6. If these steps do not resolve the issue, contact support.
+6. If these steps don't resolve the issue, contact support.
## Related topics
security Configure Microsoft Threat Experts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/configure-microsoft-threat-experts.md
- tier1
-# Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender
+# Configure and manage Microsoft Defender Experts capabilities through Microsoft 365 Defender
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender.md)]
> [!IMPORTANT] > Before you apply, make sure to discuss the eligibility requirements for Endpoint Attack Notifications managed threat hunting service with your Microsoft Technical Service provider and account team.
-To receive Endpoint Attack Notifications, you'll need to have Microsoft 365 Defender deployed with devices enrolled. Then, submit an application through the M365 portal for Endpoint Attack Notifications.
+To receive Endpoint Attack Notifications, you'll need to have Microsoft 365 Defender deployed with devices enrolled. Then, submit an application through the Microsoft 365 Defender portal for Endpoint Attack Notifications.
-Contact your account team or Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand. Experts on Demand lets you consult with our threat experts on how to protect your organization from relevant detections and adversaries.
+Contact your account team or Microsoft representative to subscribe to Microsoft Defender Experts - Experts on Demand. Experts on Demand lets you consult with our threat experts on how to protect your organization from relevant detections and adversaries.
## Apply for Endpoint Attack Notifications service
If you already have Microsoft Defender for Endpoint and Microsoft 365 Defender,
3. Enter your email address so that Microsoft can contact you about your application.
- :::image type="content" source="../../media/mte/mte-apply.png" alt-text="The Microsoft Threat Experts application page in the Microsoft 365 Defender portal" lightbox="../../media/mte/mte-apply.png":::
+ :::image type="content" source="../../media/mte/mte-apply.png" alt-text="The Microsoft Defender Experts application page in the Microsoft 365 Defender portal" lightbox="../../media/mte/mte-apply.png":::
4. Read the [privacy statement](https://privacy.microsoft.com/en-us/privacystatement), then select **Submit** when you're done. You'll receive a welcome email once your application is approved.
- :::image type="content" source="../../media/mte/mte-applicationconfirmation.png" alt-text="The Microsoft Threat Experts application confirmation in the Microsoft 365 Defender portal" lightbox="../../media/mte/mte-applicationconfirmation.png":::
+ :::image type="content" source="../../media/mte/mte-applicationconfirmation.png" alt-text="The Microsoft Defender Experts application confirmation in the Microsoft 365 Defender portal" lightbox="../../media/mte/mte-applicationconfirmation.png":::
5. After you receive your welcome email, you'll automatically start receiving Endpoint Attack Notifications. 6. You can verify your status by visiting **Settings > Endpoints > General > Advanced features**. Once approved, the **Endpoint Attack Notification** toggle will be visible and switched **On**.
-## Where you'll see the Endpoint Attack Notifications from Microsoft Threat Experts
+## Where you'll see the Endpoint Attack Notifications from Microsoft Defender Experts
-You can receive Endpoint Attack Notifications from Microsoft Threat Experts through the following mediums:
+You can receive Endpoint Attack Notifications from Microsoft Defender Experts through the following mediums:
- The Microsoft 365 Defender portal's **Incidents** page - The Microsoft 365 Defender portal's **Alerts** dashboard
You can create rules to send email notifications for notification recipients. Fo
## View Endpoint Attack Notifications
-You'll start receiving Endpoint Attack Notifications from Microsoft Threat Experts in your email after you have configured your system to receive email notification.
+You'll start receiving Endpoint Attack Notifications from Microsoft Defender Experts in your email after you've configured your system to receive email notification.
1. Select the link in the email to go to the corresponding alert context in the dashboard tagged with **Defender Experts**.
You can filter your incidents and alerts if you want to only see the Defender Ex
2. Scroll down to the **Tags** field > select the **Defender Experts** check box. 3. Select **Apply**.
-## Subscribe to Microsoft Threat Experts - Experts on Demand
+## Subscribe to Microsoft Defender Experts - Experts on Demand
> [!NOTE] > Experts on Demand is not a security incident response service. ItΓÇÖs intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/).
-If you're already a Microsoft Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand.
+If you're already a Microsoft Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Defender Experts - Experts on Demand.
## Consult a Microsoft threat expert about suspicious cybersecurity activities in your organization
-You can contact Microsoft Threat Experts from inside the Microsoft 365 Defender portal. Experts can help you understand complex threats and Endpoint Attack Notifications. Partner with experts for further details about alerts and incidents, or advice on handling compromise. Gain insight into the threat intelligence context described by your portal dashboard.
+You can contact Microsoft Defender Experts from inside the Microsoft 365 Defender portal. Experts can help you understand complex threats and Endpoint Attack Notifications. Partner with experts for further details about alerts and incidents, or advice on handling compromise. Gain insight into the threat intelligence context described by your portal dashboard.
> [!NOTE] >
You can contact Microsoft Threat Experts from inside the Microsoft 365 Defender
1. Navigate to the portal page related to the information that you'd like to investigate: for example, **Device**, **Alert**, or **Incident**. Make sure that the portal page related to your inquiry is in view before you send an investigation request.
-2. From the top menu, select **? Ask Defender Experts**. A flyout screen will open. The header will indicate if you are on a trial subscription, or a full Microsoft Threat Experts - Experts on Demand subscription. The **Investigation topic** field will already be populated with the link to the relevant page for your request.
+2. From the top menu, select **? Ask Defender Experts**. A flyout screen will open. The header will indicate if you are on a trial subscription, or a full Microsoft Defender Experts - Experts on Demand subscription. The **Investigation topic** field will already be populated with the link to the relevant page for your request.
-3. In the next field, provide enough information to give the Microsoft Threat Experts enough context to start the investigation.
+3. In the next field, provide enough information to give the Microsoft Defender Experts enough context to start the investigation.
-4. Enter the email address that you'd like to use to correspond with Microsoft Threat Experts.
+4. Enter the email address that you'd like to use to correspond with Microsoft Defender Experts.
> [!NOTE] > If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your technical account manager.
Watch this video for a quick overview of the Microsoft Services Hub.
- We recently saw a blog post about a threat that is targeting our industry. Can you help us understand what protection Microsoft 365 Defender provides against this threat actor? - We recently observed a phishing campaign conducted against our organization. Can you tell us if this was targeted specifically to our company or vertical?
-### Microsoft Threat Experts' alert communications
+### Microsoft Defender Experts alert communications
- Can your incident response team help us address the targeted attack notification that we got?-- We received Endpoint Attack Notifications from Microsoft Threat Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?-- We received a targeted attack notification from Microsoft Threat Experts. What data can you provide to us that we can pass on to our incident response team?
+- We received Endpoint Attack Notifications from Microsoft Defender Experts. We don't have our own incident response team. What can we do now, and how can we contain the incident?
+- We received a targeted attack notification from Microsoft Defender Experts. What data can you provide to us that we can pass on to our incident response team?
> [!NOTE]
-> Microsoft Threat Experts is a managed threat hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry.
+> Microsoft Defender Experts is a managed threat hunting service and not an incident response service. However, you can engage with your own incident response team to address issues that require an incident response. If you don't have your own incident response team and would like Microsoft's help, you can engage with the CSS Cybersecurity Incident Response Team (CIRT). They can open a ticket to help address your inquiry.
## Scenario ### Receive a progress report about your managed hunting inquiry
-The response from Microsoft Threat Experts will vary according to your inquiry. You'll generally receive one of the following responses:
+The response from Microsoft Defender Experts will vary according to your inquiry. You'll generally receive one of the following responses:
- More information is needed to continue with the investigation - A file or several file samples are needed to determine the technical context
security First Incident Remediate https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/first-incident-remediate.md
Microsoft 365 Defender offers several remediation actions that analysts can manu
## Actions on devices - **Isolate the device** - This activity immediately blocks all network traffic (internet and internal) to minimize the spread of malware and allow analysts to continue analysis without a malicious actor being able to continue an attack. The only connection allowed is to the Microsoft Defender for Identity service cloud so Microsoft Defender for Identity can continue to monitor the device. -- **Restrict app execution** - To restrict an application from running, a code integrity policy is applied that only allows files to run if they are signed by a Microsoft-issued certificate. This method of restriction can help prevent an attacker from controlling compromised devices and performing further malicious activities.
+- **Restrict app execution** - To restrict an application from running, a code integrity policy is applied that only allows files to run if they're signed by a Microsoft-issued certificate. This method of restriction can help prevent an attacker from controlling compromised devices and performing further malicious activities.
- **Run Antivirus scan** - A Microsoft Defender Antivirus scan can run alongside other antivirus solutions, whether Defender Antivirus is the active antivirus solution or not. If another antivirus vendor product is the primary endpoint protection solution, you can run Defender Antivirus in Passive mode. - **Initiate automated investigation** - You can start a new general purpose automated investigation on the device. While an investigation is running, any other alert generated from the device will be added to an ongoing automated investigation until that investigation is completed. In addition, if the same threat is seen on other devices, those devices are added to the investigation. - **Initiate live response** - Live response is a capability that gives you instantaneous access to a device by using a remote shell connection. This gives you the ability to do in-depth investigative work and take immediate response actions to promptly contain identified threats in real time. Live response is designed to enhance investigations by enabling you to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats. - **Collect investigation package** - As part of the investigation or response process, you can collect an investigation package from a device. By collecting the investigation package, you can identify the current state of the device and further understand the tools and techniques used by the attacker. -- **Consult a threat expert** (available in both Actions on devices and files) - You can consult a Microsoft threat expert for more insights regarding potentially compromised devices or devices that are already compromised. Microsoft threat experts can be engaged directly from within Microsoft 365 Defender for a timely and accurate response.
+- **Ask Defender Experts** (available in both Actions on devices and files) - You can consult a Microsoft Defender expert for more insights regarding potentially compromised devices or devices that are already compromised. Microsoft Defender experts can be engaged directly from within Microsoft 365 Defender for a timely and accurate response.
## Actions on files
security Incident Response Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/incident-response-overview.md
Here are the primary investigate and respond tasks for Microsoft 365 Defender:
- [Review and approve automatic remediation actions](#automated-investigation-and-remediation) - [Search for known threats in your data](#proactive-search-for-threats-with-advanced-hunting) - [Understand the latest cyberattacks](#get-ahead-of-emerging-threats-with-threat-analytics)-- [Get help](#collaborate-with-microsoft-experts)
+- [Get help](#collaborate-with-microsoft-defender-experts)
## Incident response
For each incident, use your incident response workflow to analyze the incident a
If your organization is using Microsoft 365 Defender, your security operations team receives an alert within the Microsoft 365 Defender portal whenever a malicious or suspicious activity or artifact is detected. Given the never-ending flow of threats that can come in, security teams often face the challenge of addressing the high volume of alerts. Fortunately, Microsoft 365 Defender includes automated investigation and response (AIR) capabilities that can help your security operations team address threats more efficiently and effectively.
-When an automated investigation completes, a verdict is reached for every piece of evidence of an incident. Depending on the verdict, remediation actions are identified. In some cases, remediation actions are taken automatically; in other cases, remediation actions await approval through the Microsoft 365 Defender Action center.
+When an automated investigation completes, a verdict is reached for every piece of evidence of an incident. Depending on the verdict, remediation actions are identified. In some cases, remediation actions are taken automatically; in other cases, remediation actions await approval through the Microsoft 365 Defender Action center.
-See [Automated investigation and response in Microsoft 365 Defender](m365d-autoir.md) for more information.
+For more information, see [Automated investigation and response in Microsoft 365 Defender](m365d-autoir.md).
## Proactive search for threats with advanced hunting
-It is not enough to respond to attacks as they occur. For extended, multi-phase attacks such as ransomware, you must proactively search for the evidence of an attack in progress and take action to stop it before it completes.
+It's not enough to respond to attacks as they occur. For extended, multi-phase attacks such as ransomware, you must proactively search for the evidence of an attack in progress and take action to stop it before it completes.
Advanced hunting is a query-based threat hunting tool in Microsoft 365 Defender that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. This flexible access to the Microsoft 365 Defender data enables unconstrained hunting for both known and potential threats.
Each identified threat includes an analyst report, a comprehensive analysis of t
For more information, see [Threat analytics in Microsoft 365 Defender](threat-analytics.md).
-## Collaborate with Microsoft experts
+## Collaborate with Microsoft Defender experts
-Microsoft Threat Experts - Targeted Attack Notifications is a managed threat hunting service. Once you apply and are accepted, you'll receive targeted attack notifications from Microsoft threat experts, so you won't miss critical threats to your environment. These notifications will help you protect your organization's endpoints, email, and identities. Microsoft Threat Experts ΓÇô Experts on Demand lets you get expert advice about threats your organization is facing and you can reach out for help on threats your organization is facing. It's available as an additional subscription service.
+Endpoint Attack Notifications (previously referred to as Microsoft Threat Experts - Targeted Attack Notifications) is a managed threat hunting service. Once you apply and are accepted, you'll receive Endpoint Attack Notifications from Microsoft Defender experts, so you won't miss critical threats to your environment. These notifications will help you protect your organization's endpoints, email, and identities. Microsoft Defender Experts ΓÇô Experts on Demand lets you get expert advice about threats your organization is facing and you can reach out for help on threats your organization is facing. It's available as an additional subscription service.
-For more information, see [Microsoft Threat Experts in Microsoft 365 overview](/microsoft-365/security/defender/microsoft-threat-experts).
+For more information, see [Microsoft Defender Experts in Microsoft 365 overview](../defender-endpoint/experts-on-demand.md).
security Microsoft Threat Experts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-threat-experts.md
- tier1
-# Microsoft Threat Experts in Microsoft 365 overview
+# Microsoft Defender Experts in Microsoft 365 overview
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender.md)]
Endpoint Attack Notifications (previously referred to as Microsoft Threat Experts - Targeted Attack Notification) is a managed threat hunting service. Once you apply and are accepted, you'll receive endpoint attack notifications from Microsoft threat experts, so you won't miss critical threats to your environment. These notifications will help you protect your organization's endpoints, email, and identities.
-Microsoft Threat Experts ΓÇô Experts on Demand lets you get expert advice about threats your organization is facing. You can reach out for help on threats your organization is facing. It's available as a subscription service.
+Microsoft Defender Experts ΓÇô Experts on Demand lets you get expert advice about threats your organization is facing. You can reach out for help on threats your organization is facing. It's available as a subscription service.
## Apply for Endpoint Attack Notifications > [!IMPORTANT] > Before you apply, make sure to discuss the eligibility requirements for Endpoint Attack Notifications with your Microsoft Technical Service provider and account team.
-If you already have Microsoft Defender for Endpoint and Microsoft 365 Defender, you can apply for Endpoint Attack Notifications through their Microsoft 365 Defender portal. Go to **Settings > Endpoints > General > Advanced features > Endpoint Attack Notifications**, and select **Apply**. See [Configure Microsoft Threat Experts capabilities](./configure-microsoft-threat-experts.md) for a full description.
+If you already have Microsoft Defender for Endpoint and Microsoft 365 Defender, you can apply for Endpoint Attack Notifications through their Microsoft 365 Defender portal. Go to **Settings > Endpoints > General > Advanced features > Endpoint Attack Notifications**, and select **Apply**. See [Configure Microsoft Defender Experts capabilities](./configure-microsoft-threat-experts.md) for a full description.
-Once your application is approved, you'll start receiving endpoint attack notifications whenever Threat Experts detect a threat to your environment.
+Once your application is approved, you'll start receiving endpoint attack notifications whenever Defender Experts detect a threat to your environment.
-## Subscribe to Microsoft Threat Experts - Experts on Demand
+## Subscribe to Microsoft Defender Experts - Experts on Demand
> [!NOTE] > Experts on Demand is not a security incident response service. ItΓÇÖs intended to provide a better understanding of complex threats affecting your organization. Engage with your own security incident response team to address urgent security incident response issues. If you don't have your own security incident response team and would like Microsoft's help, create a support request in the [Premier Services Hub](/services-hub/).
-Contact your Microsoft representative to subscribe to Experts on Demand. See [Configure Microsoft Threat Experts capabilities](./configure-microsoft-threat-experts.md) for full details.
+Contact your Microsoft representative to subscribe to Experts on Demand. See [Configure Microsoft Defender Experts capabilities](./configure-microsoft-threat-experts.md) for full details.
-## Receive endpoint attack notification
+## Receive Endpoint Attack Notification
The Endpoint Attack Notification capability provides proactive hunting for the most important threats to your network. Our Defender Experts hunt for human adversary intrusions, hands-on-keyboard attacks, and advanced attacks, such as cyberespionage. These notifications will show up as a new alert. The managed hunting service includes:
Watch this video for a quick overview of the Microsoft Services Hub.
## See also -- [Configure Microsoft Threat Experts capabilities](./configure-microsoft-threat-experts.md)
+- [Configure Microsoft Defender Experts capabilities](./configure-microsoft-threat-experts.md)
security Supported Event Types https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/supported-event-types.md
The Event Streaming API is constantly being expanded to support more event types. Learn which Hunting tables are generally available, currently in public preview, or not yet supported.
-**New - Email event types/tables are now GA**
+
+**New - Identity and CloudApp event types/tables are now GA**.
## Hunting tables support status in Event Streaming API
security Allow Block Urls https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/allow-block-urls.md
This article describes how to create and manage URL allow and block entries that are available in the Tenant Allow/Block List. For more information about the Tenant Allow/Block List, see [Manage your allows and blocks in the Tenant Allow/Block List](manage-tenant-allow-block-list.md).
-You manage allow and block entries for URLs in the Microsoft 365 Defender Portal or in Exchange Online PowerShell.
+You manage allow and block entries for URLs in the Microsoft 365 Defender Portal or in Exchange Online PowerShell. Messages containing the blocked URLs are quarantined.
## What do you need to know before you begin?
security Attack Simulation Training https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training.md
When you're finished, click **Next**.
### Landing page
-On the **Landing page** page, you configure the web page that user are taken to if they open the payload in the simulation.
+On the **Landing page** page, you configure the web page that users are taken to if they open the payload in the simulation.
Microsoft-curated landing pages are available in 12 languages: Chinese (Simplified), Chinese (Traditional), English, French, German, Italian, Japanese, Korean, Portuguese, Russian, Spanish, and Dutch.
The following settings are available:
- **Select launch time** - **Configure number of days to end simulation after**: The default value is 2. - **Enable region aware time zone delivery**: Deliver simulated attack messages to your employees during their working hours based on their region.
+- **Display the drive-by technique interstitial data gathered page**: You can show the overlay that appears for the drive-by URL technique attacks. To hide this overlay and directly go to the landing page, de-select this option.
- **Display the drive-by technique interstitial data gathered page**: This setting is available only if you selected **Drive-by URL** on the [select a technique page](#select-a-social-engineering-technique) page. You can show the overlay that comes up for drive-by URL technique attacks. To hide the overlay and go directly to the landing page, don't select this option.
security Create Block Sender Lists In Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/create-block-sender-lists-in-office-365.md
A standard SMTP email message consists of a _message envelope_ and message conte
Frequently, the `5321.MailFrom` and `5322.From` addresses are the same (person-to-person communication). However, when email is sent on behalf of someone else, the addresses can be different.
-Blocked sender lists and blocked domain lists in anti-spam policies in EOP inspect both the `5321.MailFrom` and `5322.From` addresses. Outlook Blocked Senders only uses the `5322.From` address.
+Blocked sender lists and blocked domain lists in anti-spam policies in EOP inspect only the `5322.From` addresses. This behavior is similar to Outlook Blocked Senders that use the `5322.From` address.
## Use Outlook Blocked Senders
When messages are successfully blocked due to a user's Blocked Senders list, the
## Use blocked sender lists or blocked domain lists
-When multiple users are affected, the scope is wider, so the next best option is blocked sender lists or blocked domain lists in anti-spam policies. Messages from senders on the lists are marked as **Spam** (not **High confidence spam**), and the action that you've configured for the **Spam** filter verdict is taken on the message. For more information, see [Configure anti-spam policies](configure-your-spam-filter-policies.md).
+When multiple users are affected, the scope is wider, so the next best option is blocked sender lists or blocked domain lists in anti-spam policies. Messages from senders on the lists are marked as **High confidence spam**, and the action that you've configured for the **High Confidence Spam** filter verdict is taken on the messages. For more information, see [Configure anti-spam policies](configure-your-spam-filter-policies.md).
The maximum limit for these lists is approximately 1000 entries.
security Create Safe Sender Lists In Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365.md
The following example assumes you need email from contoso.com to skip spam filte
Instead of an organizational setting, users or admins can add the sender email addresses to the Safe Senders list in the mailbox. For instructions, see [Configure junk email settings on Exchange Online mailboxes in Office 365](configure-junk-email-settings-on-exo-mailboxes.md). This method is not desirable in most situations since senders will bypass parts of the filtering stack. Although you trust the sender, the sender can still be compromised and send malicious content. Itt's better when you let our filters check every message and then [report the false positive/negative to Microsoft](report-junk-email-messages-to-microsoft.md) if we got it wrong. Bypassing the filtering stack also interferes with [zero-hour auto purge (ZAP)](zero-hour-auto-purge.md).
-By design and for increased security of Exchange Online mailboxes, only the junk email settings for safe senders and safe domains, blocked senders, and blocked domains are recognized. Safe mailing list settings are ignored.
+By design and for increased security of Exchange Online mailboxes, only the junk email settings for safe senders, blocked senders, and blocked domains are recognized. Safe mailing list settings are ignored.
+
+**Note**: In Exchange Online, domain entries in the Outlook Safe Senders list or TrustedSendersAndDomains parameter aren't recognized, so only use email addresses.
When messages skip spam filtering due to a user's Safe Senders list, the **X-Forefront-Antispam-Report** header field will contain the value `SFV:SFE`, which indicates that filtering for spam, spoof, and phishing were bypassed.
security Install App Guard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/install-app-guard.md
**Applies to:** Word, Excel, and PowerPoint for Microsoft 365 Apps, Windows 10 Enterprise, Windows 11 Enterprise
-Microsoft Defender Application Guard for Office (Application Guard for Office) helps prevent untrusted files from accessing trusted resources, keeping your enterprise safe from new and emerging attacks. This article walks admins through setting up devices for a preview of Application Guard for Office. It provides information about system requirements and installation steps to enable Application Guard for Office on a device.
+Microsoft Defender Application Guard for Office (Application Guard for Office) helps prevent untrusted files from accessing trusted resources, keeping your enterprise safe from new and emerging attacks. This article walks admins through setting up supported devices for Application Guard for Office.
## Prerequisites
+### Licensing requirements
+
+* Microsoft 365 E5 or Microsoft 365 E5 Security
+* [Safe Documents in Microsoft 365](/microsoft-365/security/office-365-security/safe-docs)
+ ### Minimum hardware requirements * **CPU**: 64-bit, 4 cores (physical or virtual), virtualization extensions (Intel VT-x OR AMD-V), Core i5 equivalent or higher recommended
Microsoft Defender Application Guard for Office (Application Guard for Office) h
For detailed system requirements, refer to [System requirements for Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard). Also, please refer to your computer manufacturer's guides on how to enable virtualization technology. To learn more about Microsoft 365 Apps update channels, see [Overview of update channels for Microsoft 365 Apps](/deployoffice/overview-update-channels).
-### Licensing requirements
-
-* Microsoft 365 E5 Security
-* Microsoft 365 A5 for Faculty
-* Microsoft 365 A5 for Students
-
-> [!NOTE]
-> Microsoft 365 Apps for enterprise with shared computer activation or device-based licensing do not have access to Application Guard for Office.
->
-> Safe Documents licensing plans allow access to Application Guard for Office. For more information, see [Safe Documents in Microsoft 365 E5/A5](/microsoft-365/security/office-365-security/safe-docs).
- ## Deploy Application Guard for Office ### Enable Application Guard for Office
-1. Download and install **Windows 10 cumulative monthly security updates KB4571756**.
+1. (Windows 10 only) Download and install **Windows 10 cumulative monthly security updates KB4571756**.
-2. Select **Microsoft Defender Application Guard** under Windows Features and select **OK**. Enabling the Application Guard feature will prompt a system reboot. You can choose to reboot now or after step 3.
+2. Select **Microsoft Defender Application Guard** under Windows Features and select **OK**. Enabling the Application Guard feature will prompt a system reboot. You can choose to reboot now or after step 3.
:::image type="content" source="../../media/ag03-deploy.png" alt-text="The Windows Features dialog box showing AG" lightbox="../../media/ag03-deploy.png":::
To learn more about Microsoft 365 Apps update channels, see [Overview of update
Enable-WindowsOptionalFeature -online -FeatureName Windows-Defender-ApplicationGuard ```
-3. Search for **Microsoft Defender Application Guard in Managed Mode**, a group policy in **Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Defender Application Guard**. Turn on this policy by setting the value under Options as **2** or **3**, and then selecting **OK** or **Apply**.
+3. From the Group Policy Editor window, expand **Computer Configuration -> Administrative Templates -> Windows Components -> Microsoft Defender Application Guard**. Enable the **Turn on Microsoft Defender Application Guard in Managed Mode** setting. Set the value under Options as **2** or **3**.
:::image type="content" source="../../media/ag04-deploy.png" alt-text="The option to turn on AG in Managed Mode" lightbox="../../media/ag04-deploy.png":::
- Instead, you can set the corresponding CSP policy:
+ Alternatively, you can set the corresponding CSP policy:
> OMA-URI: **./Device/Vendor/MSFT/WindowsDefenderApplicationGuard/Settings/AllowWindowsDefenderApplicationGuard** <br> Data type: **Integer** <br> Value: **2**
This step ensures that the data necessary to identify and fix problems is reachi
1. Open **Settings** from the Start menu.
- :::image type="content" source="../../media/ag05-diagnostic.png" alt-text="The Start menu" lightbox="../../media/ag05-diagnostic.png":::
- 2. On **Windows Settings**, select **Privacy**.
- :::image type="content" source="../../media/ag06-diagnostic.png" alt-text="The Windows Settings menu" lightbox="../../media/ag06-diagnostic.png":::
- 3. Under Privacy, select **Diagnostics & feedback** and select **Optional diagnostic data**.
- :::image type="content" source="../../media/ag07a-diagnostic.png" alt-text="The Diagnostics and feedback menu" lightbox="../../media/ag07a-diagnostic.png":::
- For more on configuring Windows diagnostic settings, refer to [Configuring Windows diagnostic data in your organization](/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enterprise-management). ### Confirm that Application Guard for Office is enabled and working
-Before confirming that Application Guard for Office is enabled, launch Word, Excel, or PowerPoint on a device where the policies have been deployed. Make sure Office is activated. You may need to use your work identity to activate the Office product first.
+Before confirming that Application Guard for Office is enabled:
+1. Launch Word, Excel, or PowerPoint on a device where the policies have been deployed.
+2. From the app you launched, go to **File -> Account**. On the Account page, verify that the expected license is shown.
-To confirm that Application Guard for Office is enabled, launch Word, Excel, or PowerPoint, and then open an untrusted document. For example, you can open a document that was downloaded from the internet or an email attachment from someone outside your organization.
+To confirm that Application Guard for Office is enabled, open an untrusted document. For example, you can open a document that was downloaded from the internet or an email attachment from someone outside your organization.
-When you first open an untrusted file, you may see an Office splash screen like the following example. It might be displayed for some time while Application Guard for Office is being activated and the file is being opened. Subsequent openings of untrusted files should be faster.
+When you first open an untrusted file, you see an Office splash screen like the following example. Application Guard for Office is being activated and the file is being opened. Subsequent openings of untrusted files are typically faster.
:::image type="content" source="../../media/ag08-confirm.png" alt-text="The Office app splash page" lightbox="../../media/ag08-confirm.png":::
-Upon being opened, the file should display a few visual indicators that the file was opened inside Application Guard for Office:
+After the file opens, there are a few visual indicators that signal that the file is open inside Application Guard for Office:
* A callout in the ribbon
Upon being opened, the file should display a few visual indicators that the file
## Configure Application Guard for Office
-Office supports the following policies to enable you to configure the capabilities of Application Guard for Office. These policies can be configured through Group policies or through the [Office cloud policy service](/DeployOffice/overview-office-cloud-policy-service).
+Office supports the following policies to configure Application Guard for Office. These policies can be configured through group policies or through the [Office cloud policy service](/DeployOffice/overview-office-cloud-policy-service).
> [!NOTE]
-> Configuring these policies can disable some functionalities for files opened in Application Guard for Office.
+> Configuring these policies can disable some functionality for files opened in Application Guard for Office.
|Policy|Description| |||
-|Don't use Application Guard for Office|Enabling this policy will force Word, Excel, and PowerPoint to use the Protected View isolation container instead of Application Guard for Office. This policy can be used to temporarily disable Application Guard for Office when there are issues in leaving it enabled for Microsoft Edge.|
-|Configure Application Guard for Office container pre-creation|This policy determines if the Application Guard for Office container, for isolating untrusted files, is pre-created for improved run-time performance. If you enable this setting, you can specify the number of days to continue pre-creating a container or let the Office built-in heuristic pre-create the container.
-|Don't allow copy/paste for Office documents opened in Application Guard for Office|Enabling this policy will prevent a user from copying and pasting content from a document opened in Application Guard for Office to a document opened outside of it.|
+|Don't use Application Guard for Office|Enabling this policy forces Word, Excel, and PowerPoint to use the Protected View isolation container instead of Application Guard for Office.|
+|Configure Application Guard for Office container pre-creation|This policy determines if the Application Guard for Office container is pre-created for improved run-time performance. When you enable this policy, you can specify the number of days to continue pre-creating a container or let the Office built-in heuristic pre-create the container.
+|Don't allow copy/paste for Office documents opened in Application Guard for Office|Enabling this policy prevents a user from copying and pasting content from a document opened in Application Guard for Office to a document opened outside of the container.|
|Disable hardware acceleration in Application Guard for Office|This policy controls whether Application Guard for Office uses hardware acceleration to render graphics. If you enable this setting, Application Guard for Office uses software-based (CPU) rendering and won't load any third-party graphics drivers or interact with any connected graphics hardware. |Disable unsupported file types protection in Application Guard for Office|This policy controls whether Application Guard for Office will block unsupported file types from being opened or if it will enable the redirection to Protected View.
-|Turn off camera and microphone access for documents opened in Application Guard for Office|Enabling this policy will remove Office access to the camera and microphone inside Application Guard for Office.|
-|Restrict printing from documents opened in Application Guard for Office|Enabling this policy will limit the printers that a user can print to from a file opened in Application Guard for Office. For example, you can use this policy to restrict users to only print to PDF.|
-|Prevent users from removing Application Guard for Office protection on files|Enabling this policy will remove the option (within the Office application experience) to disable Application Guard for Office protection or to open a file outside Application Guard for Office. <p> **Note:** Users can still bypass this policy by manually removing the mark-of-the-web property from the file or by moving a document to a Trusted location.|
+|Turn off camera and microphone access for documents opened in Application Guard for Office|Enabling this policy removes Office access to the camera and microphone inside Application Guard for Office.|
+|Restrict printing from documents opened in Application Guard for Office|Enabling this policy limits the printers that a user can print to from a file opened in Application Guard for Office. For example, you can use this policy to restrict users to only print to PDF.|
+|Prevent users from removing Application Guard for Office protection on files|Enabling this policy removes the option (within the Office application experience) to disable Application Guard for Office protection or to open a file outside Application Guard for Office. <p> **Note:** Users can still bypass this policy by manually removing the mark-of-the-web property from the file or by moving a document to a trusted location.|
+|
> [!NOTE]
-> The following policies will require the user to sign out and sign in again to Windows to take effect:
+> For the following policies to take effect, users are required to sign out and sign in again to Windows:
> > * Disable copy/paste for documents opened in Application Guard for Office > * Restrict printing for documents opened in Application Guard for Office
-> * Turn off camera and mic access to documents opened in Application Guard for Office
+> * Turn off camera and microphone access to documents opened in Application Guard for Office
## Submit feedback
If you encounter any issues when launching Application Guard for Office, you're
2. If you get an error dialog while launching Application Guard, select **Report to Microsoft** in the error dialog to start a new feedback submission. Otherwise, navigate to <https://aka.ms/mdagoffice-fb> to select the correct category for Application Guard, then select **+&nbsp;Add new feedback** near the top right.
-3. Enter a summary in the **Summarize your feedback** box if it isn't already filled in for you.
+3. Enter a summary in the **Summarize your feedback** box.
-4. Enter a detailed description of the issue that you experienced and what steps you took in the **Explain in more detail** box, then select **Next**.
+4. Enter a detailed description of the issue and what steps you completed to debug in the **Explain in more detail** box, then select **Next**.
5. Select the bubble next to **Problem**. Make sure the category selected is **Security and Privacy \> Microsoft Defender Application Guard ΓÇô Office**, then select **Next**.
If you encounter any issues when launching Application Guard for Office, you're
9. Select **Submit**.
-### Submit feedback via Office Customer Voice
+### Submit feedback via One Customer Voice
-You may also submit feedback from within Office if the issue happens when Office documents are opened in Application Guard. Refer to the [Office Insider Handbook](https://insider.office.com/handbook) for submitting feedback.
+You may also submit feedback from within Word, Excel, and PowerPoint if the issue happens when files are opened in Application Guard. Refer to [Provide feedback](https://insider.office.com/en-us/handbook#Provide-feedback) for detailed guidance.
## Integration with Microsoft Defender for Endpoint and Microsoft Defender for Office 365
Application Guard for Office is integrated with Microsoft Defender for Endpoint
[Safe Documents in Microsoft E365 E5](/microsoft-365/security/office-365-security/safe-docs) is a feature that uses Microsoft Defender for Endpoint to scan documents opened in Application Guard for Office. For an additional layer of protection, users can't leave Application Guard for Office until the results of the scan have been determined.
-Microsoft Defender for Endpoint is a security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. For more details about this platform, see [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). To learn more about onboarding devices to this platform, see [Onboard devices to the Microsoft Defender for Endpoint service](/windows/security/threat-protection/microsoft-defender-atp/onboard-configure).
-
-You can also configure Microsoft Defender for Office 365 to work with Defender for Endpoint. For more info, refer to [Integrate Defender for Office 365 with Microsoft Defender for Endpoint](integrate-office-365-ti-with-mde.md).
- ## Limitations and considerations
-* Application Guard for Office is a protected mode that isolates untrusted documents so that they cannot access trusted corporate resources, an intranet, the user's identity, and arbitrary files on the computer. As a result, if a user tries to access a feature that has a dependency on such access, such as inserting a picture from a local file on disk, the access fails and produces a prompt that resembles the following example. To enable an untrusted document to access trusted resources, users must remove Application Guard protection from the document.
+* Application Guard for Office is a protected mode that isolates untrusted documents so that they can't access trusted corporate resources, an intranet, the user's identity, and arbitrary files on the computer. As a result, if a user tries to access a feature that has a dependency on such accessΓÇöfor example, inserting a picture from a local file on diskΓÇöthe access fails and displays a prompt like the following example. To enable an untrusted document to access trusted resources, users must remove Application Guard protection from the document.
:::image type="content" source="../../media/ag09-confirm.png" alt-text="The Dialog box stating safety message and the feature status" lightbox="../../media/ag09-confirm.png"::: > [!NOTE]
- > Advise users to only remove protection if they trust the file and its source or where it came from.
+ > Advise users to only remove protection if they trust the file and the source of the file.
-* When an untrusted document is stored in a trusted location, the trust from the location is inherited by the document. Typically, an organization's cloud storage is identified as a trusted location.
+* Active content like macros and ActiveX controls are disabled in Application Guard for Office. To enable active content, the Application Guard protection must be removed.
-* Active content in documents like macros and ActiveX controls are disabled in Application Guard for Office. Users need to remove Application Guard protection to enable active content.
-
-* Untrusted files from network shares or files shared from OneDrive, OneDrive for Business, or SharePoint Online from a different organization open as read-only in Application Guard. Users can save a local copy of such files to continue working in the container or remove protection to directly work with the original file.
+* Untrusted files from network shares or files shared from OneDrive, OneDrive for Business, or SharePoint Online open as read-only in Application Guard. Users can save a local copy of such files to continue working in the container or remove protection to directly work with the original file.
* Files that are protected by Information Rights Management (IRM) are blocked by default. If users want to open such files in Protected View, an administrator must configure policy settings for unsupported file types for the organization.
-* Any customizations to Office applications in Application Guard for Office won't persist after a user signs out and signs in again or after the device restarts.
+* Any customizations to Office applications in Application Guard for Office do not persist after a user signs out and signs in again or after the device restarts.
* Only Accessibility tools that use the UIA framework can provide an accessible experience for files opened in Application Guard for Office.
-* Network connectivity is required for the first launch of Application Guard after installation. Connectivity is required for Application Guard to validate the license.
+* Network connectivity is required for the first launch of Application Guard after installation.
-* In the document's info section, the *Last Modified By* property may display **WDAGUtilityAccount** as the user. WDAGUtilityAccount is the anonymous user configured in Application Guard. The desktop user's identity isn't shared inside the Application Guard container.
+* In the document's info section, the *Last Modified By* property may display **WDAGUtilityAccount** as the user. WDAGUtilityAccount is the anonymous account used by Application Guard. The desktop user's identity isn't available inside the Application Guard container.
## Performance optimizations for Application Guard for Office
-This section provides an overview of the performance optimizations used in Application Guard for Office. This information can help administrators diagnose reports from users related to the performance of Office or the overall system when Application Guard is enabled.
-
-Application Guard uses a virtualized container to isolate untrusted documents away from the system. The process of creating a container and setting up the Application Guard container to open Office documents has a performance overhead that might negatively affect user experience when users open an untrusted document.
+Application Guard uses a virtualized container, similar to a virtual machine, to isolate untrusted documents away from the system. The process of creating a container and setting up the Application Guard container to open Office documents has a performance overhead that might negatively affect user experience when users open an untrusted document.
To provide users with the expected file-opening experience, Application Guard uses logic to pre-create a container when the following heuristic is met on a system: A user has opened a file in either Protected View or Application Guard in the past 28 days.
security Manage Tenant Allow Block List https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/manage-tenant-allow-block-list.md
Use the Submissions portal (also known as *admin submission*) at <https://securi
- **Files**: Email messages that contain these blocked files are blocked as *malware*. -- **URLs**: Email messages that contain these blocked URLs are blocked as *high confidence phishing*.
+- **URLs**: Email messages that contain these blocked URLs are blocked as *high confidence phishing*. Messages containing the blocked URLs are quarantined.
In the Tenant Allow/Block List, you can also directly create block entries for the following types of items:
security Mdo Email Entity Page https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-email-entity-page.md
- m365-security - m365initiative-defender-office365
-description: Microsoft Defender for Office 365 E5 and P1 and P2 customers can now get a 360-degree view of each email with email entity page.
+description: Microsoft Defender for Office 365 E5 and P1 and P2 customers can see email details in Explorer (Threat Explorer) including the email headers for copy, Detection details, Threat detected, Latest and Original deliver locations, Delivery actions, and IDs like Network Message ID and more.
search.appverid: met150
search.appverid: met150
Admins of Microsoft Defender for Office 365 E5, and Defender for Office P1 and P2 have a 360-degree view of email using the **Email entity page**. This go-to email page was created to enhance information delivered on the [Threat Explorer 'email details' fly-out](threat-explorer-views.md).
-## Reach the email entity page
+See email details in Explorer / Threat Explorer including the email headers *with the option to copy*, Detection details, Threat detected, Latest and Original deliver locations, Delivery actions, and IDs like Network Message ID and more.
-The email entity page is available in the Microsoft 365 Defender portal at <https://security.microsoft.com> at **Email & collaboration** \> **Explorer**. Or, to go directly to the **Explorer** page, use <https://security.microsoft.com/threatexplorer>.
+## How to get to the email entity page
-In **Explorer**, select the subject of an email you're investigating. A gold bar will display at the top of the email fly-out for that mail. This invitation to the new page, reads 'Try out our new email entity page with enriched data...'. Select to view the new page.
+Navigate to the Microsoft 365 Defender portal at <https://security.microsoft.com>, **Email & collaboration** \> **Explorer**. Or, to go directly to the **Explorer** page, use <https://security.microsoft.com/threatexplorer>.
+1. In **Explorer**, select the subject of an email you're investigating.
+1. The email fly-out for that mail will open.
+1. You'll see **Open email entity**.
+1. Select it for your email deep dive.
+ :::image type="content" source="../../media/email-entities-2-eep.png" alt-text="The graphic of the email entity page that focuses on headings that you'll see" lightbox="../../media/email-entities-2-eep.png"::: > [!NOTE] > The permissions needed to view and use this page are the same as to view **Explorer**. The admin must be a member of Global admin or global reader, or Security admin or Security Reader. For more information, see [Permissions in the Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md).
-## Read the email entity page
+## How to read the email entity page
The structure is designed to be easy to read and navigate through at a glance. Various tabs along the top of the page allow you to investigate in more detail. Here's how the layout works:
The structure is designed to be easy to read and navigate through at a glance. V
:::image type="content" source="../../media/email-entities-4-middle-panel.png" alt-text="The main panel of the page which includes the email header and authentication status" lightbox="../../media/email-entities-4-middle-panel.png":::
-### Use email entity page tabs
+### How to use the email entity page tabs
The tabs along the top of the entity page will allow you to investigate email efficiently.
The tabs along the top of the entity page will allow you to investigate email ef
4. **URLs**: This tab lists URLs found in the email with other details about the URLs. The number of URLs is limited to 10 right now, but these 10 are prioritized to show *malicious URLs first*. Prioritization saves you time and guess-work. The URLs that were found to be malicious and detonated will also be shown here. 5. **Similar emails**: This tab lists all emails similar to the *network message id + recipient* combination specific to this email. Similarity is based on the *body of the message*, only. The determinations made on mails to categorize them as 'similar' don't include a consideration of *attachments*.
-## New to the email entity page
+## Available on the email entity page
-There are new capabilities that come with this email entity page. Here's the list.
+Here are some helpful specifics to get started.
### Email preview for Cloud mailboxes
Users will see enriched detonation details for known malicious attachments or UR
:::image type="content" source="../../media/email-entities-6-detonation-page.png" alt-text="The detonation summary showing the chain, summary, detonation details, and screenshot under the heading *Deep Analysis*" lightbox="../../media/email-entities-6-detonation-page.png":::
-### Other innovations
+### Other features that make the Email entity page helpful
*Tags*: These are tags applied to users. If the user is a recipient, admins will see a *recipient* tag. Likewise, if the user is a sender, a *sender* tag. This will appear in the left side of the email entities page (in the part that's described as *sticky* and, thus, anchored to the page).
Users will see enriched detonation details for known malicious attachments or UR
- None: Indicates that no DMARC TXT record exists for the sending domain in DNS. *Composite Authentication*: This is a value used by Microsoft 365 to combine email authentication like SPF, DKIM, and DMARC, to determine if the message is authentic. It uses the *From:* domain of the mail as the basis of evaluation.
-## Actions into Email entity Page
+
+## Actions you can take on the Email entity Page
Security teams can now take email actions like soft delete and hard delete, move to junk, move to inbox, trigger an investigation, submit to Microsoft for review in line, and et cetera. **Tenant level block** actions like file and URL or sender can also be triggered from the Email entity page.
We are also bringing Tenant level block URL and attachment to the respective Ema
See [permissions](permissions-microsoft-365-security-center.md) required to take these actions.
-### Email summary panel
+### The Email summary panel
The email summary panel is a summarized view of the full email entity page. It contains standardized details about the email (for example, detections), as well as context-specific information (for example, for Quarantine or Submissions metadata). The email summary panel replaces the traditional Real-time Detections, Threat Explorer, Submissions, and Reporting flyouts.
security Recommended Settings For Eop And Office365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365.md
For more information about this setting, see [Advanced phishing thresholds in an
|Security feature name|Default|Standard|Strict|Comment| ||::|::|::||
-|**Phishing email threshold** <br><br> _PhishThresholdLevel_|**1 - Standard** <br><br> `1`|**2 - Aggressive** <br><br> `2`|**3 - More aggressive** <br><br> `3`||
+|**Phishing email threshold** <br><br> _PhishThresholdLevel_|**1 - Standard** <br><br> `1`|**3 - More aggressive** <br><br> `3`|**4 - Most aggressive** <br><br> `4`||
#### Impersonation settings in anti-phishing policies in Microsoft Defender for Office 365
security Spam Confidence Levels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/spam-confidence-levels.md
What the SCL means and the default actions that are taken on messages are descri
|-1|The message skipped spam filtering. For example, the message is from a safe sender, was sent to a safe recipient, or is from an email source server on the IP Allow List. For more information, see [Create safe sender lists in EOP](create-safe-sender-lists-in-office-365.md).|Deliver the message to the recipients' inbox.| |0, 1|Spam filtering determined the message was not spam.|Deliver the message to the recipients' inbox.| |5, 6|Spam filtering marked the message as **Spam**|Deliver the message to the recipients' Junk Email folder.|
-|9|Spam filtering marked the message as **High confidence spam**|Deliver the message to the recipients' Junk Email folder.|
+|8, 9|Spam filtering marked the message as **High confidence spam**|Deliver the message to the recipients' Junk Email folder.|
-You'll notice that SCL 2, 3, 4, 7, and 8 aren't used by spam filtering.
+You'll notice that SCL 2, 3, 4, and 7 aren't used by spam filtering.
You can use mail flow rules (also known as transport rules) to stamp the SCL on messages. If you use a mail flow rule to set the SCL, the values 5 or 6 trigger the spam filtering action for **Spam**, and the values 7, 8, or 9 trigger the spam filtering action for **High confidence spam**. For more information, see [Use mail flow rules to set the spam confidence level (SCL) in messages](/exchange/security-and-compliance/mail-flow-rules/use-rules-to-set-scl).
security Tenant Wide Setup For Increased Security https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security.md
f1.keywords:
Previously updated : 04/06/2022 audience: ITPro
ms.assetid: 8d274fe3-db51-4107-ba64-865e7155b355
- seo-marvel-apr2020 - admindeeplinkSPO
-description: This topic walks you through recommended configuration for tenant-wide settings that affect the security of your Microsoft 365 environment.
+description: Manual configurations for Exchange Online Protection, Microsoft Defender for Office 365, Plan 1 and 2, and Microsoft 365 Defender, for complete protection of your Office 365 subscription.
- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md)
-This topic walks you through recommended configuration for tenant-wide settings that affect the security of your Microsoft 365 environment. Your security needs might require more or less security. Use these recommendations as a starting point.
+Your organizational needs require security.
+Specifics are up to your business.
+
+This topic will walk you through the manual configuration of tenant-wide settings that affect the security of your Microsoft 365 environment. Use these recommendations as a starting point.
## Tune threat management policies in the Microsoft 365 Defender portal
-The Microsoft 365 Defender portal includes capabilities that protect your environment. It also includes reports and dashboards you can use to monitor and take action. Some areas come with default policy configurations. Some areas do not include default policies or rules. Visit these policies under **Email & collaboration** \> **Policies & rules** \> **Threat policies** to tune threat management settings for a more secure environment.
+The Microsoft 365 Defender portal has capabilities for both protection and reporting. It has dashboards you can use to monitor and take action when threats arise.
+
+Keep in mind that some areas come with *default policy configurations*. Some areas do not include default policies or rules.
+
+For example, the *recommended* setup of Microsoft Defender for Office 365 (plan 1 and plan 2) is described by this handy step-by-step guide, right here: '[Ensuring you always have the optimal security'](step-by-step-guides/ensuring-you-always-have-the-optimal-security-controls-with-preset-security-policies.md). But, even so, some admins opt for a more hands-on approach to this product.
+
+To automate your setup of Microsoft Defender for Office 365 visit the Standard and Strict policies under **Email & collaboration** \> **Policies & rules** \> **Threat policies** to tune threat management settings for a more secure environment.
|Area|Default policy?|Recommendation| ||||
The Microsoft 365 Defender portal includes capabilities that protect your enviro
|**Safe Attachments in Defender for Office 365**|No|Configure the global settings for Safe Attachments and create a Safe Attachments policy as described here: [Configure Safe Attachments settings in Microsoft Defender for Office 365](protect-against-threats.md#safe-attachments-policies-in-microsoft-defender-for-office-365). <p> More information: <ul><li>[Recommended Safe Attachments settings](recommended-settings-for-eop-and-office365.md#safe-attachments-settings)</li><li>[Safe Attachments in Microsoft Defender for Office 365](safe-attachments.md)</li><li>[Set up Safe Attachments policies](set-up-safe-attachments-policies.md)</li><li>[Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](mdo-for-spo-odb-and-teams.md)</li><li>[Safe Documents in Microsoft 365 E5](safe-docs.md)</li></ul>| |**Safe Links in Microsoft Defender for Office 365**|No|Create a Safe Links policy as described here: [Configure Safe Links settings in Microsoft Defender for Office 365](protect-against-threats.md#safe-links-policies-in-microsoft-defender-for-office-365). <p> More information: <ul><li>[Recommended Safe Links settings](recommended-settings-for-eop-and-office365.md#safe-links-settings)</li><li>[Set up Safe Links policies](set-up-safe-links-policies.md)</li><li>[Safe Links in Microsoft Defender for Office 365](safe-links.md)</li></ul>| |**Anti-spam (mail filtering)**|Yes|Configure the default anti-spam policy as described here: [Configure anti-spam protection settings in EOP](protect-against-threats.md#part-3anti-spam-protection-in-eop) <p> More information: <ul><li>[Recommended anti-spam policy settings](recommended-settings-for-eop-and-office365.md#eop-anti-spam-policy-settings)</li><li>[Anti-spam protection in EOP](anti-spam-protection.md)</li><li>[Configure anti-spam policies in EOP](configure-your-spam-filter-policies.md)</li></ul>|
-|***Email Authentication***|Yes|Email authentication uses DNS records to add verifiable information to email messages about the message source and sender. Microsoft 365 automatically configures email authentication for its default domain (onmicrosoft.com), but Microsoft 365 admins can also configure email authentication for custom domains. Three authentication methods are used: <ul><li>Sender Policy Framework (or SPF).</li><ul><li>For setup, see [Set up SPF in Microsoft 365 to help prevent spoofing](set-up-spf-in-office-365-to-help-prevent-spoofing.md).</li></ul> <li>DomainKeys Identified Mail (DKIM).</li><ul><li>See [Use DKIM to validate outbound email sent from your custom domain](use-dkim-to-validate-outbound-email.md).</li><li>After you've configured DKIM, enable it in the Microsoft 365 Defender portal.</li></ul><li>Domain-based Message Authentication, Reporting, and Conformance (DMARC).</li><ul><li>For DMARC setup [Use DMARC to validate email in Microsoft 365](use-dmarc-to-validate-email.md).</li></ul></ul>|
+|***Email Authentication***|Yes|Email authentication uses DNS records to add verifiable information to email messages about the message source and sender. Microsoft 365 automatically configures email authentication for its default domain (onmicrosoft.com), but Microsoft 365 admins can also configure email authentication for custom domains. Three authentication methods are used: <ul><li>**Sender Policy Framework (or SPF)**.</li><ul><li>For setup, see [Set up SPF in Microsoft 365 to help prevent spoofing](set-up-spf-in-office-365-to-help-prevent-spoofing.md).</li></ul> <li>**DomainKeys Identified Mail (DKIM)**.</li><ul><li>See [Use DKIM to validate outbound email sent from your custom domain](use-dkim-to-validate-outbound-email.md).</li><li>After you've configured DKIM, enable it in the Microsoft 365 Defender portal.</li></ul><li>**Domain-based Message Authentication, Reporting, and Conformance (DMARC)**.</li><ul><li>For DMARC setup [Use DMARC to validate email in Microsoft 365](use-dmarc-to-validate-email.md).</li></ul><li>After you've configured DKIM, enable it in the Microsoft 365 Defender portal.</li></ul><ul><li>**Authenticated Received Chain (ARC) in Microsoft 365 Defender for Office.** <ul><li>List your [Trusted ARC sealers](use-arc-exceptions-to-mark-trusted-arc-senders.md) so *legitimate* intermediaries will be trusted even if they modify mail.</li></ul>|
> [!NOTE] > For non-standard deployments of SPF, hybrid deployments, and troubleshooting: [How Microsoft 365 uses Sender Policy Framework (SPF) to prevent spoofing](how-office-365-uses-spf-to-prevent-spoofing.md). ## View dashboards and reports in the Microsoft 365 Defender portal
-Visit these reports and dashboards to learn more about the health of your environment. The data in these reports will become richer as your organization uses Office 365 services. For now, be familiar with what you can monitor and take action on.
+Browse to [security.microsoft.com](https://security.microsoft.com). The menu of Microsoft 365 Defender is divided into sections that begin, in order, Home, Email & Collaboration, Cloud Apps, and Reports (you may see *some* or *all* of these depending on your Plan). You're looking for Reports.
+
+1. Browse to [security.microsoft.com](https://security.microsoft.com).
+2. Click **Reports** on the menu.
+ 1. Here you can view information about security trends and track the protection status of your identities, data, devices, apps, and infrastructure.
+
+The data in these reports will become richer as your organization uses Office 365 services, keep that in mind if you are in pilot or testing. For now, be familiar with what you can monitor and take action on.
+
+Inside each report, you'll see cards for the specific areas monitored.
+
+1. Click the **Email & Collaboration reports**.
+1. Take note of the report cards available.
+ 1. Everything from *Malware detected in email*, to *Spam detections*, *Compromised users*, to *User reported messages* and *Submissions* the final two, with a button that links to Submissions.
+1. Click a report, such as *Mailflow status summary* and the click the **View details** button to dig into the data (which even includes a funnel view for easier interpretation of total mail flow vs. blocked, spam, and phishing emails, and more).
|Dashboard|Description| |||
test-base Feature https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/feature.md
f1.keywords: NOCSH
# Windows Feature update validation
-Do you need insights on how your applications will perform with the next release of Windows 10 or Windows 11 - without you maintaining an environment to validate new Windows features?
+Do you need insights on how your applications will perform with the latest Windows features - prior to it being available in the market and without you maintaining an environment?
-Do you want to run your validation tests against Windows Insider Program builds in our Azure environment?
+Do you want to run your validation tests against Windows Insider Program builds in our Azure environment?
-**Feature update** validation on Test Base for M365 can help you achieve all these and more!
+**Feature update** validation on Test Base for Microsoft 365 can help you achieve all these and more!
-Check out the step-by-step outline below to find out how to access this new capability in Test Base for M365 service.
+Check out the step-by-step outline below to find out how to access this new capability in Test Base for Microsoft 365 service.
-To get started with ```Feature update validation``` in Test Base for M365, upload your applications (and related files) through the self-service onboarding portal.
+To get started with Feature update validation in Test Base for Microsoft 365, upload your applications (and related files) through the self-service onboarding portal.
-Highlighted below are the steps to take as you fill out the **Test details**:
+Highlighted below are the steps to take as you fill out the **Test Matrix**:
-1. Select **Feature Update** as your OS update type:
+To set up for feature updates, you must specify the target product and its preview channel from "Insider Channel" dropdown list.
-![Feature update validation OS type.](Media/Feature-update-validation-01.png)
+![Screenshot shows Set insider channel product.](Media/windowsfeatureupdatevalidation01-featureupdate.png)
-2. Choose the Windows Insider Channel against which you want your application validated.
+Your selection will register your application for automatic test runs against the latest feature updates of your selected product channel and all future new updates in the latest Windows Insider Preview Builds of your selection.
-![Feature update validation. Choosing the Insider beta channel.](Media/Feature-update-validation-02.png)
+You may also set your current OS in "OS baseline for Insight". We would provide you with more test insights by regression analysis of your as-is OS environment and the latest target OS.
-3. Select an in-market release of Windows 10 or Windows 11 as the baseline for your test (and resulting insights!) and provide the other details required to onboard your package successfully.
+![Screenshot shows Set OS baseline for Insight product.](Media/windowsfeatureupdatevalidation02-osbaseline.png)
-![Feature update validation with released versions of Windows 10 and Windows 11.](Media/Feature-update-validation-03.png)
-
-4. To view the results from the validation of your application against pre-released Windows 10 feature updates, visit the ```Feature Updates Test Results```.
-
-![Feature update validation allows you to review results quickly.](Media/Feature-update-validation-04.png)
+To check more details on the Windows Insider Preview builds, refer to [Flight Hub - Windows Insider Program | Microsoft Docs](/../../../../MicrosoftDocs/windows-insider/tree/public/wip/flight-hub/index.md).
## Next steps
test-base Testapplication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testapplication.md
In the left-hand menu under **Package catalog**, select the **New package**. The
4. Once all required info is filled out, you can move to step 4 by clicking the Next button at the bottom.
-### Step 4. Test matrix
+### Step 4. Set test matrix
-1. In the Test matrix tab, select the **OS update type**. There are two OS update types supported.
- - The **Security updates** enable your package to be tested against incremental churns of Windows pre-release monthly security updates.
- - The **Feature updates** enable your package to be tested against Windows pre-release bi-annual feature updates builds from the Windows Insider Program.
+The Test matrix tab is for you to indicate the specific Windows update program or Windows product that you may want your test to execute against.
-2. Select the OS version(s) for Security update tests.
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix new package.](Media/settestmatrix01-newpackage.png)
- If **Security updates** is selected in OS update type, you need to select the OS version(s) of Windows your package will be tested on.
+1. Choose **OS update type**
+ - Test Base provides scheduled testing to make sure your applications performance wonΓÇÖt break by the latest Windows updates.
- > [!NOTE]
- > If you select to test your package against both Server and Client OSes, please make sure that the package is compatible and can run on both OSes.
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix choose osupdate.](Media/settestmatrix02-chooseosupdate.png)
-3. Select options for Feature update tests.
- - If **Feature updates** is selected in OS update type, you need to finish the following options.
- - For **Insider Channel**, select the Windows Insider Program Channel as the build that your packages should be tested against. We currently use builds flighted in the **Insider Beta Channel**.
- - For **OS baseline for Insight**, select the Windows OS version to be used as a baseline in comparing your test results.
+ - There are 2 available options:
+
+ - The **Security updates** enable your package to be tested against incremental churns of Windows monthly security updates.
+ - The **Feature updates** enable your package to be tested against new features in the latest Windows Insider Preview Builds from the Windows Insider Program.
+
+2. Configure **Security Update**
+ To set up for security updates, you must specify the Windows product(s) you want to test against from the dropdown list of "OS versions to test".
> [!div class="mx-imgBorder"]
- > ![Select the Windows OS version](Media/testapplication14.png)
+ > ![Screenshot shows Set test matrix configure securityupdate.](Media/settestmatrix03-configuresecurityupdate.png)
+
+ - Your selection will register your application for automatic test runs against the B release of Windows monthly quality updates of selected product(s).
+ - For customers who have Default Access customers on Test Base, their applications are validated against the final release version of the B release security updates, starting from Patch Tuesday.
+ - For customers who have Full Access customers on Test Base, their applications are validated against the pre-release versions of the B release security updates, starting up to 3-weeks before prior to Patch Tuesday. This allows time for the Full Access customers time to take proactive steps in resolving any issues found during testing before in advance of the final release on Patch Tuesday.
+ (How to become a Full Access customer? Please refer to [Request to change access level | Microsoft Docs](accesslevel.md))
+
+3. Configure **Feature Update**
+ - To set up for feature updates, you must specify the target product and its preview channel from "Insider Channel" dropdown list.
-4. Once all the required info is filled out, you can move to step 5 (the last step) by clicking the Next button at the bottom.
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix configure featureupdate.](Media/settestmatrix04-configurefeatureupdate.png)
+
+ - Your selection will register your application for automatic test runs against the latest feature updates of your selected product channel and all future new updates in the latest Windows Insider Preview Builds of your selection.
+
+ - You may also set your current OS in "OS baseline for Insight". We would provide you more test insights by regression analysis of your as-is OS environment and the latest target OS.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix set os.](Media/settestmatrix05-setos.png)
### Step 5. Review + publish
test-base Testintuneapplication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testintuneapplication.md
As an Intune customer who has an Intune package, which has been already onboarde
4. Check the dependency binaries **which has been uploaded** put under the **guid** folder. 5. You can edit the scripts as needed and save. > [!Note]
- > If the dependency package has not been uploaded, Test Base will not generate install/uninstall commands for it.
+ > If the dependency package has not been uploaded, Test Base will not generate install/uninstall commands for it.
-**Step 4: Test Matrix**
-1. Check the default selections present in the OS list for the corresponding test types.
- - Test base supports selecting multiple Windows cumulative update **from Windows 10 1909 except Windows 10 2004**, however Intune Win app would be assigned with a version from versions equal to or higher than **Windows 10 1607**.
- - OS list will be default to include all OSes supported by Test base, which is higher than the minimum OS specified for the Intune Win app.
-2. Users are allowed to modify the OS selection as need.
+**Step 4. Set test matrix**
+
+The Test matrix tab is for you to indicate the specific Windows update program or Windows product that you may want your test to execute against.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix new package.](Media/settestmatrix01-newpackage.png)
+
+1. Choose **OS update type**
+ - Test Base provides scheduled testing to make sure your applications performance wonΓÇÖt break by the latest Windows updates.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix choose osupdate.](Media/settestmatrix02-chooseosupdate.png)
+
+ - There are 2 available options:
+
+ - The **Security updates** enable your package to be tested against incremental churns of Windows monthly security updates.
+ - The **Feature updates** enable your package to be tested against new features in the latest Windows Insider Preview Builds from the Windows Insider Program.
+
+2. Configure **Security Update**
+ To set up for security updates, you must specify the Windows product(s) you want to test against from the dropdown list of "OS versions to test".
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix configure securityupdate.](Media/settestmatrix03-configuresecurityupdate.png)
+
+ - Your selection will register your application for automatic test runs against the B release of Windows monthly quality updates of selected product(s).
+ - For customers who have Default Access customers on Test Base, their applications are validated against the final release version of the B release security updates, starting from Patch Tuesday.
+ - For customers who have Full Access customers on Test Base, their applications are validated against the pre-release versions of the B release security updates, starting up to 3-weeks before prior to Patch Tuesday. This allows time for the Full Access customers time to take proactive steps in resolving any issues found during testing before in advance of the final release on Patch Tuesday.
+ (How to become a Full Access customer? Please refer to [Request to change access level | Microsoft Docs](accesslevel.md))
+
+3. Configure **Feature Update**
+ - To set up for feature updates, you must specify the target product and itΓÇÖs preview channel from "Insider Channel" dropdown list.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix configure featureupdate.](Media/settestmatrix04-configurefeatureupdate.png)
+
+ - Your selection will register your application for automatic test runs against the latest feature updates of your selected product channel and all future new updates in the latest Windows Insider Preview Builds of your selection.
+
+ - You may also set your current OS in "OS baseline for Insight". We would provide you more test insights by regression analysis of your as-is OS environment and the latest target OS.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix set os.](Media/settestmatrix05-setos.png)
**Step 5: Review + Publish** <br/>
test-base Uploadapplication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/uploadapplication.md
In the left-hand menu under **Package catalog**, select the **New package**. The
4. Once all required info is filled out, you can proceed to step 4 by selecting the Next button at the bottom.
-### Step 4. Test matrix
+### Step 4. Set test matrix
-1. In the Test matrix tab, select the **OS update type**. There are two OS update types supported.
+The Test matrix tab is for you to indicate the specific Windows update program or Windows product that you may want your test to execute against.
- - The **Security updates** enable your package to be tested against incremental churns of Windows pre-release monthly security updates.
- - The **Feature updates** enable your package to be tested against Windows pre-release bi-annual feature updates builds from the Windows Insider Program.
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix new package.](Media/settestmatrix01-newpackage.png)
-2. Select the OS version(s) for Security update tests.
+1. Choose **OS update type**
+ - Test Base provides scheduled testing to make sure your applications performance wonΓÇÖt break by the latest Windows updates.
- If **Security updates** is selected in OS update type, you need to select the OS version(s) of Windows your package will be tested on.
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix choose osupdate.](Media/settestmatrix02-chooseosupdate.png)
- > [!NOTE]
- > If you select to test your package against both Server and Client OSes, please make sure that the package is compatible and can run on both OSes.
+ - There are 2 available options:
+
+ - The **Security updates** enable your package to be tested against incremental churns of Windows monthly security updates.
+ - The **Feature updates** enable your package to be tested against new features in the latest Windows Insider Preview Builds from the Windows Insider Program.
-3. Select options for Feature update tests.
+2. Configure **Security Update**
+ To set up for security updates, you must specify the Windows product(s) you want to test against from the dropdown list of "OS versions to test".
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix configure securityupdate.](Media/settestmatrix03-configuresecurityupdate.png)
- - If **Feature updates** is selected in OS update type, you need to finish the following options.
- - For **Insider Channel**, select the Windows Insider Program Channel as the build that your packages should be tested against. We currently use builds flighted in the **Insider Beta Channel**.
- - For **OS baseline for Insight**, select the Windows OS version to be used as a baseline in comparing your test results.
+ - Your selection will register your application for automatic test runs against the B release of Windows monthly quality updates of selected product(s).
+ - For customers who have Default Access customers on Test Base, their applications are validated against the final release version of the B release security updates, starting from Patch Tuesday.
+ - For customers who have Full Access customers on Test Base, their applications are validated against the pre-release versions of the B release security updates, starting up to 3-weeks before prior to Patch Tuesday. This allows time for the Full Access customers time to take proactive steps in resolving any issues found during testing before in advance of the final release on Patch Tuesday.
+ (How to become a Full Access customer? Please refer to [Request to change access level | Microsoft Docs](accesslevel.md))
+
+3. Configure **Feature Update**
+ - To set up for feature updates, you must specify the target product and itΓÇÖs preview channel from "Insider Channel" dropdown list.
> [!div class="mx-imgBorder"]
- > [ ![Test matrix](Media/uploadingzip11-test-matrix.png) ](Media/uploadingzip11-test-matrix.png#lightbox)
+ > ![Screenshot shows Set test matrix configure featureupdate.](Media/settestmatrix04-configurefeatureupdate.png)
+
+ - Your selection will register your application for automatic test runs against the latest feature updates of your selected product channel and all future new updates in the latest Windows Insider Preview Builds of your selection.
-4. Once all the required info is filled out, you can proceed to step 5 (the last step) by selecting the Next button at the bottom.
+ - You may also set your current OS in "OS baseline for Insight". We would provide you more test insights by regression analysis of your as-is OS environment and the latest target OS.
+
+ > [!div class="mx-imgBorder"]
+ > ![Screenshot shows Set test matrix set os.](Media/settestmatrix05-setos.png)
### Step 5. Review + publish