Updates from: 02/17/2021 05:01:28
Category Microsoft Docs article Related commit history on GitHub Change details
admin https://docs.microsoft.com/en-us/microsoft-365/admin/contact-support-for-business-products https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/contact-support-for-business-products.md
@@ -28,7 +28,7 @@ Last updated 7/28/2020
::: moniker range="o365-worldwide" > [!IMPORTANT]
-> You must be an admin for a business subscription to use these support methods. If you're not a business admin, please use [this support page](https://support.microsoft.com/help/contactus).
+> You must be an admin for a business subscription to use these support methods. If you're not a business admin, please use [this support page](https://support.microsoft.com/contactus).
Start by [checking the current health of your services](https://docs.microsoft.com/microsoft-365/enterprise/view-service-health). You can view detailed information about current and past issues on the <a href="https://go.microsoft.com/fwlink/p/?linkid=842900" target="_blank">Service health dashboard</a>. If you're experiencing an issue that isn't listed, you can get support in one of the following ways:
admin https://docs.microsoft.com/en-us/microsoft-365/admin/email/create-a-shared-mailbox https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/create-a-shared-mailbox.md
@@ -77,6 +77,30 @@ Before creating a shared mailbox, be sure to read [About shared mailboxes](about
You have a shared mailbox and it includes a shared calendar. Now go on to the next step: block sign-in for the shared mailbox account.
+## Which permissions should you use?
+
+You can use the following permissions with a shared mailbox:
+
+- **Full Access**: The Full Access permission lets a user open the shared mailbox and act as the owner of that mailbox. After accessing the shared mailbox, a user can create calendar items, read, view, delete, and change email messages, and create tasks and calendar contacts. However, a user with Full Access permission can't send email from the shared mailbox unless they also have Send As or Send on Behalf permission.
+
+- **Send As**: The Send As permission lets a user impersonate the shared mailbox when sending mail. For example, if Katerina logs into the shared mailbox Marketing Department and sends an email, it will look like the Marketing Department sent the email.
+
+- **Send on Behalf**: The Send on Behalf permission lets a user send email on behalf of the shared mailbox. For example, if John logs into the shared mailbox Reception Building 32 and sends an email, it will look like the mail was sent by "John on behalf of Reception Building 32". You can't use the EAC to grant Send on Behalf permissions, you must use the **Set-Mailbox** cmdlet with the _GrantSendonBehalf_ parameter.
+
+### Use the EAC to edit shared mailbox delegation
+
+1. In the EAC, go to **Recipients** \> **Shared**. Select the shared mailbox, and then select **Edit** ![Edit icon](../media/ITPro_EAC_EditIcon.gif).
+
+2. Select **Mailbox delegation**.
+
+3. To grant or remove Full Access and Send As permissions, select **Add** ![Add Icon](../media/ITPro_EAC_AddIcon.gif) or **Remove** ![Remove icon](../media/ITPro_EAC_RemoveIcon.gif) and then select the users you want to grant permissions to.
+
+ > [!NOTE]
+ > The Full Access permission allows a user to open the mailbox as well as create and modify items in it. The Send As permission allows anyone other than the mailbox owner to send email from this shared mailbox. Both permissions are required for successful shared mailbox operation.
+
+4. Select **Save** to save your changes.
++ ## Block sign-in for the shared mailbox account Every shared mailbox has a corresponding user account. Notice how you weren't asked to provide a password when you created the shared mailbox? The account has a password, but it's system-generated (unknown). You aren't supposed to use the account to log in to the shared mailbox.
@@ -182,6 +206,3 @@ When you created the shared mailbox, you automatically created a shared calendar
[Resolve issues with shared mailboxes](resolve-issues-with-shared-mailboxes.md) ---
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-retention-labels-automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md
@@ -124,6 +124,9 @@ You can apply retention labels to content automatically when that content contai
#### Auto-apply labels to content with specific types of sensitive information
+> [!WARNING]
+> This configuration currently has a known limitation where all unlabeled emails always have the selected retention label applied when there is a match for your chosen sensitive information types. For example, even if you scope your auto-apply policy to specific users, or select locations other than Exchange for the policy, the label is always applied to unlabeled emails when there is a match.
+ When you create auto-apply retention label policies for sensitive information, you see the same list of policy templates as when you create a data loss prevention (DLP) policy. Each template is preconfigured to look for specific types of sensitive information. For example, the template shown here looks for U.S. ITIN, SSN, and passport numbers from the **Privacy** category, and **U.S Personally Identifiable Information (PII) Data** template: ![Policy templates with sensitive information types](../media/dafd87d4-c7bb-439a-ac7b-193c018f98a5.png)
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell.md
@@ -428,9 +428,13 @@ When you upload your rule package XML file, the system validates the XML and che
- Each Custom Sensitive Information Type can have a maximum of 2048 keywords total. -- When using the PowerShell Cmdlet there is a maximum return size of the Deserialized Data of approximately 1 megabyte. This will affect the size of your XML file. Keep the uploaded file limited to a 512 megabyte maximum as a suggested limit for consistent results without error when processing.
+- The maximum size of Keyword Dictionaries in a single tenant is 100 kilobytes compressed. Reference the same dictionary as many times as necessary when creating custom sensitive information types. Start with creating custom keyword lists in the sensitive information type and use keyword dictionaries if you have more than 2048 keywords in a keyword list or a keyword is larger than 50 characters in length.
-- The XML structure does not require formatting characters such as Spaces, Tabs or Carriage Return / Linefeed entries. Take note of this when optimizing for space on uploads.
+- Ensure each Entity element contains a recommendedConfidence attribute.
+
+- When using the PowerShell Cmdlet there is a maximum return size of the Deserialized Data of approximately 1 megabyte. This will affect the size of your rule pack XML file. Keep the uploaded file limited to a 770 kilobyte maximum as a suggested limit for consistent results without error when processing.
+
+- The XML structure does not require formatting characters such as spaces, tabs, or carriage return/linefeed entries. Take note of this when optimizing for space on uploads. Tools such as Microsoft Visual Code provide join line features to compact the XML file.
If a custom sensitive information type contains an issue that may affect performance, it won't be uploaded and you may see one of these error messages:
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/create-retention-policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-policies.md
@@ -252,20 +252,7 @@ For example, if a policy includes all Exchange email and all SharePoint sites, a
### A policy with specific inclusions or exclusions
-Only if you use the optional configuration to scope your retention settings to specific users, specific Microsoft 365 groups, or specific sites, there are some limits per policy to be aware of:
--- Maximum numbers for a retention policy:
- - 1,000 mailboxes (user mailboxes or group mailboxes)
- - 1,000 Microsoft 365 groups
- - 1,000 users for Teams private chats
- - 100 sites (OneDrive or SharePoint)
-
-These limitations are per policy, so if you need to use specific inclusions or exclusions that result in going over these numbers, you can create additional retention policies that have the same retention settings. See the next section for some [example scenarios and solutions](#examples-of-using-inclusions-and-exclusions) that use multiple retention policies for this reason. Multiple retention policies result in higher administrative overheads, so always challenge whether you really need inclusions and exclusions. Remember that the default configuration that applies to the entire location doesn't have any limitations, and this configuration choice might be a better solution than creating and maintaining multiple policies.
-
-> [!TIP]
-> If do you need to create and maintain multiple retention policies for this scenario, consider using [PowerShell](retention.md#powershell-cmdlets-for-retention-policies-and-retention-labels) for more efficient configuration.
-
-There is also a maximum number of policies that are supported for a tenant: 10,000. However, for Exchange Online, the maximum number is 1,800. The maximum number includes retention policies, retention label policies, and auto-apply retention policies.
+Be aware that if you use the optional configuration to scope your retention settings to specific users, specific Microsoft 365 groups, or specific sites, there are some limits per policy to be aware of. For more information, see [Limits for retention policies and retention label policies](retention-limits.md).
To use the optional configuration to scope your retention settings, make sure the **Status** of that location is **On**, and then use the links to include or exclude specific users, Microsoft 365 groups, or sites.
@@ -276,28 +263,6 @@ To use the optional configuration to scope your retention settings, make sure th
> > In this scenario, toggle the location off if you don't want the **All** setting for the location to be subject to the retention policy. Alternatively, specify excludes to be exempt from the policy.
-#### Examples of using inclusions and exclusions
-
-The following examples provide some design solutions for when you can't specify just the location for a retention policy, and must take into account the limitations documented in the previous section.
-
-Exchange example:
--- **Requirement**: In an organization that has over 40,000 user mailboxes, most users must have their email retained for 7 years but a subset of identified users (425) must have their email retained for only 5 years.--- **Solution**: Create one retention policy for Exchange email with a retention period of 7 years and exclude the subset of users. Then create a second retention policy for Exchange email with a retention period of 5 years and include the subset of users.
-
- In both cases, the number included and excluded is below the maximum number of specified mailboxes for a single policy, and the subset of users must be explicitly excluded from the first policy because it has a [longer retention period](retention.md#the-principles-of-retention-or-what-takes-precedence) than the second policy. If the subset of users required a longer retention policy, you wouldn't need to exclude them from the first policy.
-
- With this solution, if anybody new joins the organization, their mailbox is automatically included in the first policy for 7 years and there is no impact to the maximum numbers supported. However, new users that require the 5 year retention period add to the include and exclude numbers, and this limit would be reached at 1,000.
-
-SharePoint example:
--- **Requirement**: An organization has several thousand SharePoint sites but only 2,000 sites require a retention period of 10 years, and 8,000 sites require a retention period of 4 years.--- **Solution**: Create 20 retention policies for SharePoint with a retention period of 10 years that includes 100 specific sites, and create 80 retention policies for SharePoint with a retention period of 4 years that includes 100 specific sites.
-
- Because you don't need to retain all SharePoint sites, you must create retention policies that specify the specific sites. Because a retention policy doesn't support more than 100 specified sites, you must create multiple policies for the two retention periods. These retention policies have the maximum number of included sites, so the next new site that needs retaining would require a new retention policy, irrespective of the retention period.
- ## Updating retention policies Some settings can't be changed after a retention policy is created and saved, which include:
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption-sensitivity-labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-sensitivity-labels.md
@@ -374,6 +374,8 @@ Encrypting your most sensitive documents and emails helps to ensure that only au
- DLP policies work for the metadata of these encrypted files (including retention label information) but not the content of these files (such as credit card numbers within files). - Users can't open encrypted files using Office on the web. When sensitivity labels for Office files in SharePoint and OneDrive are enabled, users can use Office on the web to open encrypted files, with some [limitations](sensitivity-labels-sharepoint-onedrive-files.md#limitations) that include encryption that has been applied with an on-premises key (known as "hold your own key", or HYOK), [double key encryption](#double-key-encryption), and encryption that has been applied independently from a sensitivity label.
+- If you share encrypted documents with people outside your organization, you might need to create guest accounts and modify Conditional Access policies. For more information, see [Sharing encrypted documents with external users](sensitivity-labels-office-apps.md#support-for-external-users-and-labeled-content).
+ - For multiple users to edit an encrypted file at the same time, they must all be using Office for the web. If this isn't the case, and the file is already open: - In Office apps (Windows, Mac, Android, and iOS), users see a **File In Use** message with the name of the person who has checked out the file. They can then view a read-only copy or save and edit a copy of the file, and receive notification when the file is available.
@@ -392,6 +394,7 @@ Encrypting your most sensitive documents and emails helps to ensure that only au
For the best collaboration experience for files that are encrypted by a sensitivity label, we recommend you use [sensitivity labels for Office files in SharePoint and OneDrive](sensitivity-labels-sharepoint-onedrive-files.md) and Office for the web. + ## Important prerequisites Before you can use encryption, you might need to do some configuration tasks.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-policies.md
@@ -69,12 +69,12 @@ In addition to the [required licenses and permissions](information-barriers.md#r
- [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell) - [Install the Azure PowerShell module](/powershell/azure/install-az-ps?view=azps-2.3.2) -- Admin consent for information barriers in Microsoft Teams - When your policies are in place, information barriers can remove people from chat sessions they are not supposed to be in. This configuration helps ensure your organization remains compliant with policies and regulations. Use the following procedure to enable information barrier policies to work as expected in Microsoft Teams.
+- Admin consent for information barriers in Microsoft Teams - When your IB policies are in place, they can remove non-IB compliance users from Groups (i.e. Teams channels, which are based on groups). This configuration helps ensure your organization remains compliant with policies and regulations. Use the following procedure to enable information barrier policies to work as expected in Microsoft Teams.
1. Run the following PowerShell cmdlets: ```powershell
- Connect-AzureAD
+ Connect-AzAccount
$appId="bcf62038-e005-436d-b970-2a472f8c1982" $sp=Get-AzADServicePrincipal -ServicePrincipalName $appId if ($sp -eq $null) { New-AzADServicePrincipal -ApplicationId $appId }
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-configure.md
@@ -52,12 +52,12 @@ If you don't have an existing Microsoft 365 Enterprise E5 plan and want to try i
There are four roles groups used to configure permissions to manage insider risk management features. To continue with these configuration steps, your tenant administrators must first assign you to the **Insider Risk Management** or **Insider Risk Management Admin** role group. To access and manage insider risk management features after initial configuration, users must be a member of at least one insider risk management role group.
-Depending on the structure of your compliance management team, you have options to assign users to specific role groups to manage different sets of insider risk management features. Choose from these role group options when configuring insider risk management:
+Depending on the structure of your compliance management team, you have options to assign users to specific role groups to manage different sets of insider risk management features. To view the **Permissions** tab in the Office 365 Security & Compliance Center and manage role groups, you need to be assigned to the *Organization Management* role group or need to be assigned the *Role Management* role. Choose from these role group options when configuring insider risk management:
| **Role group** | **Role permissions** | | :- | :- | | **Insider Risk Management** | Use this role group to manage insider risk management for your organization in a single group. By adding all user accounts for designated administrators, analysts, and investigators, you can configure insider risk management permissions in a single group. This role group contains all the insider risk management permission roles. This configuration is the easiest way to quickly get started with insider risk management and is a good fit for organizations that do not need separate permissions defined for separate groups of users.|
-| **Insider Risk Management Admin** | Use this role group to initially configure insider risk management and later to segregate insider risk administrators into a defined group. Users in this role group can create, read, update, and delete insider risk management policies, global settings, and role group assignments. |
+| **Insider Risk Management Admin** | Use this role group to initially configure insider risk management and later to segregate insider risk administrators into a defined group. Users in this role group can create, read, update, and delete insider risk management policies, and global settings. |
| **Insider Risk Management Analysts** | Use this group to assign permissions to users that will act as insider risk case analysts. Users in this role group can access all insider risk management alerts, cases, and notices templates. They cannot access the insider risk Content Explorer. | | **Insider Risk Management Investigators** | Use this group to assign permissions to users that will act as insider risk data investigators. Users in this role group can access all insider risk management alerts, cases, notices templates, and the Content Explorer. |
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-plan https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-plan.md
@@ -39,12 +39,12 @@ If you have requirements for specific stakeholders to be involved in case invest
Select dedicated stakeholders to monitor and review the alerts and cases on a regular cadence in the [Microsoft 365 compliance center](https://compliance.microsoft.com/). Make sure understand how you will assign different stakeholders to the different role groups available in insider risk management.
-Depending on the structure of your compliance management team, you have options to assign users to specific role groups to manage different sets of insider risk management features. Choose from these role group options when configuring insider risk management:
+Depending on the structure of your compliance management team, you have options to assign users to specific role groups to manage different sets of insider risk management features. To view the **Permissions** tab in the Office 365 Security & Compliance Center and manage role groups, you need to be assigned to the *Organization Management* role group or need to be assigned the *Role Management* role. Choose from these role group options when configuring insider risk management:
| **Role group** | **Role permissions** |
-| :- | :- |
+| :- | :- |
| **Insider Risk Management** | Use this role group to manage insider risk management for your organization in a single group. By adding all user accounts for designated administrators, analysts, and investigators, you can configure insider risk management permissions in a single group. This role group contains all the insider risk management permission roles. This configuration is the easiest way to quickly get started with insider risk management and is a good fit for organizations that do not need separate permissions defined for separate groups of users.|
-| **Insider Risk Management Admin** | Use this role group to initially configure insider risk management and later to segregate insider risk administrators into a defined group. Users in this role group can create, read, update, and delete insider risk management policies, global settings, and role group assignments. |
+| **Insider Risk Management Admin** | Use this role group to initially configure insider risk management and later to segregate insider risk administrators into a defined group. Users in this role group can create, read, update, and delete insider risk management policies, and global settings. |
| **Insider Risk Management Analysts** | Use this group to assign permissions to users that will act as insider risk case analysts. Users in this role group can access to all insider risk management alerts, cases, and notices templates. They cannot access the insider risk Content Explorer. | | **Insider Risk Management Investigators** | Use this group to assign permissions to users that will act as insider risk data investigators. Users in this role group can access to all insider risk management alerts, cases, notices templates, and the Content Explorer for all cases. |
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/protect-documents-that-have-fci-or-other-properties https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/protect-documents-that-have-fci-or-other-properties.md
@@ -45,6 +45,9 @@ Before you can use a Windows Server FCI property or other property in a DLP poli
In SharePoint Online and OneDrive for Business, the search index is built up by crawling the content on your sites. The crawler picks up content and metadata from the documents in the form of crawled properties. The search schema helps the crawler decide what content and metadata to pick up. Examples of metadata are the author and the title of a document. However, to get the content and metadata from the documents into the search index, the crawled properties must be mapped to managed properties. Only managed properties are kept in the index. For example, a crawled property related to author is mapped to a managed property related to author.
+> [!NOTE]
+> Be sure to use a managed property name and not a crawled property name when creating DLP rules using the `ContentPropertyContainsWords` condition.
+ This is important because DLP uses the search crawler to identify and classify sensitive information on your sites, and then store that sensitive information in a secure portion of the search index. When you upload a document to Office 365, SharePoint automatically creates crawled properties based on the document properties. But to use an FCI or other property in a DLP policy, that crawled property needs to be mapped to a managed property so that content with that property is kept in the index. For more information on search and managed properties, see [Manage the search schema in SharePoint Online](https://go.microsoft.com/fwlink/p/?LinkID=627454).
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-limits https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-limits.md
@@ -0,0 +1,77 @@
+
+ Title: "Limits for retention policies and retention label policies"
+f1.keywords:
+- NOCSH
+++ Last updated :
+audience: Admin
++
+localization_priority: Priority
+
+- M365-security-compliance
+- SPO_Content
+search.appverid:
+- MOE150
+- MET150
+description: "Understand the maximum number of policies and items per policy for retention policies and retention label policies"
++
+# Limits for retention policies and retention label policies
+
+>*[Microsoft 365 licensing guidance for security & compliance](https://aka.ms/ComplianceSD).*
+
+When you use [retention policies and retention label policies](retention.md#retention-policies-and-retention-labels) to automatically retain or delete data for your organization, there are some maximum numbers to be aware of.
+
+## Maximum number of policies per tenant
+
+A single tenant can have a maximum of 10,000 policies (any configuration). This maximum number includes the different policies for retention and other policies for compliance, such as DLP policies.
+
+Maximum number of policies for retention per workload:
+
+- Exchange Online (any configuration): 1,800
+- SharePoint or OneDrive: (all sites automatically included): 13
+- SharePoint or OneDrive (specific locations included or excluded): 2,600
+
+## Maximum number of items per policy
+
+If you use the optional configuration to scope your retention settings to specific users, specific Microsoft 365 groups, or specific sites, there are some limits per policy to be aware of:
+
+Maximum numbers of items per policy for retention:
+
+ - 1,000 mailboxes (user mailboxes or group mailboxes)
+ - 1,000 Microsoft 365 groups
+ - 1,000 users for Teams private chats
+ - 100 sites (OneDrive or SharePoint)
+
+Because these limitations are per policy, if you need to use specific inclusions or exclusions that result in going over these numbers, you can create additional policies that have the same retention settings. See the next section for some [example scenarios and solutions](#examples-of-using-multiple-policies-to-avoid-exceeding-maximum-numbers) that use multiple retention policies for this reason.
+
+However, multiple policies result in higher administrative overheads, so always confirm whether you really need inclusions and exclusions. Remember that the default configuration that applies to the entire location doesn't have any limitations, and this configuration choice might be a better solution than creating and maintaining multiple policies.
+
+> [!TIP]
+> If do you need to create and maintain multiple policies for this scenario, consider using [PowerShell](retention.md#powershell-cmdlets-for-retention-policies-and-retention-labels) for more efficient configuration.
+
+### Examples of using multiple policies to avoid exceeding maximum numbers
+
+The following examples provide some design solutions for when you can't specify just the location for a retention policy, and must take into account the maximum number of items documented in the previous section.
+
+Exchange example:
+
+- **Requirement**: In an organization that has over 40,000 user mailboxes, most users must have their email retained for 7 years but a subset of identified users (425) must have their email retained for only 5 years.
+
+- **Solution**: Create one retention policy for Exchange email with a retention period of 7 years and exclude the subset of users. Then create a second retention policy for Exchange email with a retention period of 5 years and include the subset of users.
+
+ In both cases, the number included and excluded is below the maximum number of specified mailboxes for a single policy, and the subset of users must be explicitly excluded from the first policy because it has a [longer retention period](retention.md#the-principles-of-retention-or-what-takes-precedence) than the second policy. If the subset of users required a longer retention policy, you wouldn't need to exclude them from the first policy.
+
+ With this solution, if anybody new joins the organization, their mailbox is automatically included in the first policy for 7 years and there is no impact to the maximum numbers supported. However, new users that require the 5-year retention period add to the include and exclude numbers, and this limit would be reached at 1,000.
+
+SharePoint example:
+
+- **Requirement**: An organization has several thousand SharePoint sites but only 2,000 sites require a retention period of 10 years, and 8,000 sites require a retention period of 4 years.
+
+- **Solution**: Create 20 retention policies for SharePoint with a retention period of 10 years that includes 100 specific sites, and create 80 retention policies for SharePoint with a retention period of 4 years that includes 100 specific sites.
+
+ Because you don't need to retain all SharePoint sites, you must create retention policies that specify the specific sites. Because a retention policy doesn't support more than 100 specified sites, you must create multiple policies for the two retention periods. These retention policies have the maximum number of included sites, so the next new site that needs retaining would require a new retention policy, irrespective of the retention period.
+
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies-teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md
@@ -50,7 +50,6 @@ These mailboxes are, listed by their RecipientTypeDetails attribute:
- **UserMailbox**: These mailboxes store messages for Teams users who have an Exchange Online mailbox. - **MailUser**: These mailboxes store messages for Teams users who have a mailbox for an on-premises Exchange server and not Exchange Online.-- **User**: These mailboxes store messages for Teams users who donΓÇÖt have a mailbox for Exchange Online or on-premise Exchange servers. - **GroupMailbox**: These mailboxes store messages for Teams channels. Other mailbox types, such as RoomMailbox that is used for Teams conference rooms, are not supported for Teams retention policies.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitive-information-type-entity-definitions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-entity-definitions.md
@@ -953,6 +953,10 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- Passnummer - reisepässe
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
## Austria social security number
@@ -1988,6 +1992,10 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- Passnummer - reisepass kein
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
## Belgium value added tax number This sensitive information type is only available for use in:
@@ -6460,25 +6468,41 @@ No
### Definition
+A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The regular expression `Regex_finland_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keyword_finland_passport_number` is found.
+- The regular expression `Regex_eu_passport_date1` finds date in the format DD.MM.YYYY or a keyword from `Keywords_eu_passport_date` is found
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression Regex_finland_passport_number finds content that matches the pattern.-- A keyword from Keywords_eu_passport_number_common or Keyword_finland_passport_number is found.
+- The regular expression `Regex_finland_passport_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keyword_finland_passport_number` is found.
```xml
-<!-- Finland Passport Number -->
-<Entity id="d1685ac3-1d3a-40f8-8198-32ef5669c7a5" recommendedConfidence="75" patternsProximity="300">
+ <!-- Finland Passport Number -->
+ <Entity id="d1685ac3-1d3a-40f8-8198-32ef5669c7a5" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Regex_finland_passport_number" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keyword_finland_passport_number" />
+ </Any>
+ <Any minMatches="1">
+ <Match idRef="Regex_eu_passport_date1" />
+ <Match idRef="Keywords_eu_passport_date" />
+ </Any>
+ </Pattern>
<Pattern confidenceLevel="75"> <IdMatch idRef="Regex_finland_passport_number" /> <Any minMatches="1">
- <Match idRef="Keywords_eu_passport_number_common" />
+ <Match idRef="Keywords_eu_passport_number" />
<Match idRef="Keyword_finland_passport_number" /> </Any> </Pattern>
-</Entity>
+ </Entity>
``` ### Keywords
-#### Keywords_eu_passport_number_common
+#### Keywords_eu_passport_number
- passport# - passport #
@@ -6501,6 +6525,10 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- passi# - passi number
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
## France driver's license number
@@ -6782,46 +6810,79 @@ No
### Definition
+A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function `Func_fr_passport` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_france_eu_passport_number` is found.
+- The regular expression `Regex_eu_passport_date3` finds date in the format DD MM YYYY or a keyword from `Keywords_eu_passport_date` is found
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function Func_fr_passport finds content that matches the pattern.-- A keyword from Keyword_passport is found.
+- The function `Func_fr_passport` finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_france_eu_passport_number` is found.
+ ```xml
-<!-- France Passport Number -->
-<Entity id="3008b884-8c8c-4cd8-a289-99f34fc7ff5d" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="75">
- <IdMatch idRef="Func_fr_passport" />
- <Match idRef="Keyword_passport" />
- </Pattern>
-</Entity>
+ <!-- France Passport Number -->
+ <Entity id="3008b884-8c8c-4cd8-a289-99f34fc7ff5d" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Func_fr_passport" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keywords_france_eu_passport_number" />
+ </Any>
+ <Any minMatches="1">
+ <Match idRef="Regex_eu_passport_date3" />
+ <Match idRef="Keywords_eu_passport_date" />
+ </Any>
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Func_fr_passport" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keywords_france_eu_passport_number" />
+ </Any>
+ </Pattern>
+ </Entity>
``` ### Keywords
-#### Keyword_passport
+#### Keywords_eu_passport_number
-- Passport Number-- Passport No-- Passport #-- Passport#-- PassportID-- Passportno
+- passport#
+- passport #
+- passportid
+- passports
+- passportno
+- passport no
- passportnumber-- パスポート-- パスポート番号-- パスポートのNum-- パスポート # -- Numéro de passeport-- Passeport n °-- Passeport Non-- Passeport #-- Passeport#-- PasseportNon-- Passeportn °
+- passport number
+- passportnumbers
+- passport numbers
+
+#### Keywords_france_eu_passport_number
+
+- numéro de passeport
+- passeport n °
+- passeport non
+- passeport #
+- passeport#
+- passeportnon
+- passeportn °
+- passeport français
+- passeport livre
+- passeport carte
+- numéro passeport
+- passeport n°
+- n° du passeport
+- n° passeport
+
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
+
-
## France social security number (INSEE) or equivalent identification
-This sensitive information type entity is included in the EU Social Security Number and Equivalent ID sensitive information type. It's available as a stand-alone sensitive information type entity.
### Format
@@ -6840,61 +6901,62 @@ Yes
### Definition
-A DLP policy is 95% confident that it's detected this type of sensitive information if, within a proximity of 300 characters:
-- The function Func_french_insee or Func_fr_insee finds content that matches the pattern.
+A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function `Func_french_insee` finds content that matches the pattern.
- A keyword from Keyword_fr_insee is found. - The checksum passes.
-A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
- The function Func_french_insee or Func_fr_insee finds content that matches the pattern.-- No keyword from Keyword_fr_insee is found. - The checksum passes. ```xml
-<!-- France INSEE -->
-<Entity id="71f62b97-efe0-4aa1-aa49-e14de253619d" patternsProximity="300" recommendedConfidence="85">
- <Pattern confidenceLevel="95">
- <IdMatch idRef="Func_french_insee" />
- <Match idRef="Func_fr_insee" />
- <Any minMatches="1">
- <Match idRef="Keyword_fr_insee" />
- </Any>
- </Pattern>
- <Pattern confidenceLevel="85">
+ <!-- France INSEE -->
+ <Entity id="71f62b97-efe0-4aa1-aa49-e14de253619d" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="75">
<IdMatch idRef="Func_french_insee" />
- <Match idRef="Func_fr_insee" />
<Any minMatches="0" maxMatches="0"> <Match idRef="Keyword_fr_insee" /> </Any>
- </Pattern>
-</Entity>
+ </Pattern>
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Func_french_insee" />
+ <Match idRef="Keyword_fr_insee" />
+ </Pattern>
+ </Entity>
``` ### Keywords #### Keyword_fr_insee
+- code sécu
+- d'identité nationale
- insee-- securité sociale-- securite sociale-- national id-- national identification-- numéro d'identité-- no d'identité-- no. d'identité-- numero d'identite-- no d'identite-- no. d'identite-- social security number-- social security code-- social insurance number-- le numéro d'identification nationale-- d'identité nationale-- numéro de sécurité sociale-- le code de la sécurité sociale-- numéro d'assurance sociale-- numéro de sécu-- code sécu
+- fssn#
+- le numéro d'identification nationale
+- le code de la sécurité sociale
+- national id
+- national identification
+- no d'identité
+- no. d'identité
+- numéro d'assurance
+- numéro d'identité
+- numero d'identite
+- numéro de sécu
+- numéro de sécurité sociale
+- no d'identite
+- no. d'identite
+- ssn
+- ssn#
+- sécurité sociale
+- securité sociale
+- securite sociale
+- socialsecuritynumber
+- social security number
+- social security code
+- social insurance number
+ ## France tax identification number
@@ -8311,6 +8373,11 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- Útlevelek száma - útlevél szám
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
+ ## Hungary social security number (TAJ)
@@ -9333,23 +9400,145 @@ No
### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The regular expression Regex_italy_drivers_license_number finds content that matches the pattern.-- A keyword from Keyword_italy_drivers_license_number is found.
+- The regular expression `Regex_italy_drivers_license_number` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` or `Keyword_italy_drivers_license_number` is found.
```xml
-<!-- Italy Driver's license Number -->
-<Entity id="97d6244f-9157-41bd-8e0c-9d669a5c4d71" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="75">
+ <!-- Italy Driver's license Number -->
+ <Entity id="97d6244f-9157-41bd-8e0c-9d669a5c4d71" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="75">
<IdMatch idRef="Regex_italy_drivers_license_number" />
- <Any minMatches="1">
- <Match idRef="Keyword_italy_drivers_license_number" />
- </Any>
- </Pattern>
-</Entity>
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_driver's_license_number" />
+ <Match idRef="Keyword_italy_drivers_license_number" />
+ </Any>
+ </Pattern>
+ </Entity>
``` ### Keywords
+#### Keywords_eu_driver's_license_number
+
+- driverlic
+- driverlics
+- driverlicense
+- driverlicenses
+- driverlicence
+- driverlicences
+- driver lic
+- driver lics
+- driver license
+- driver licenses
+- driver licence
+- driver licences
+- driverslic
+- driverslics
+- driverslicence
+- driverslicences
+- driverslicense
+- driverslicenses
+- drivers lic
+- drivers lics
+- drivers license
+- drivers licenses
+- drivers licence
+- drivers licences
+- driver'lic
+- driver'lics
+- driver'license
+- driver'licenses
+- driver'licence
+- driver'licences
+- driver' lic
+- driver' lics
+- driver' license
+- driver' licenses
+- driver' licence
+- driver' licences
+- driver'slic
+- driver'slics
+- driver'slicense
+- driver'slicenses
+- driver'slicence
+- driver'slicences
+- driver's lic
+- driver's lics
+- driver's license
+- driver's licenses
+- driver's licence
+- driver's licences
+- dl#
+- dls#
+- driverlic#
+- driverlics#
+- driverlicense#
+- driverlicenses#
+- driverlicence#
+- driverlicences#
+- driver lic#
+- driver lics#
+- driver license#
+- driver licenses#
+- driver licences#
+- driverslic#
+- driverslics#
+- driverslicense#
+- driverslicenses#
+- driverslicence#
+- driverslicences#
+- drivers lic#
+- drivers lics#
+- drivers license#
+- drivers licenses#
+- drivers licence#
+- drivers licences#
+- driver'lic#
+- driver'lics#
+- driver'license#
+- driver'licenses#
+- driver'licence#
+- driver'licences#
+- driver' lic#
+- driver' lics#
+- driver' license#
+- driver' licenses#
+- driver' licence#
+- driver' licences#
+- driver'slic#
+- driver'slics#
+- driver'slicense#
+- driver'slicenses#
+- driver'slicence#
+- driver'slicences#
+- driver's lic#
+- driver's lics#
+- driver's license#
+- driver's licenses#
+- driver's licence#
+- driver's licences#
+- driving licence 
+- driving license
+- dlno#
+- driv lic
+- driv licen
+- driv license
+- driv licenses
+- driv licence
+- driv licences
+- driver licen
+- drivers licen
+- driver's licen
+- driving lic
+- driving licen
+- driving licenses
+- driving licence
+- driving licences
+- driving permit
+- dl no
+- dlno
+- dl number
+ #### Keyword_italy_drivers_license_number - numero di patente
@@ -9358,6 +9547,7 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- patenti di guida - patenti guida + ## Italy fiscal code This sensitive information type is only available for use in: - data loss prevention policies
@@ -12854,28 +13044,75 @@ Yes
### Definition A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function Func_polish_passport_number finds content that matches the pattern.-- A keyword from Keyword_polish_national_id_passport_number is found.
+- The function `Func_polish_passport_number_v2` finds content that matches the pattern.
+- The checksum passes.
+- A keyword from `Keywords_eu_passport_number` or `Keyword_polish_national_passport_number` is found.
+- A keyword from `Keywords_eu_passport_date` is found.
+
+A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function `Func_polish_passport_number_v2` finds content that matches the pattern.
+- The checksum passes.
+- A keyword from `Keywords_eu_passport_number` or `Keyword_polish_national_passport_number` is found.
+
+A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function `Func_polish_passport_number_v2` finds content that matches the pattern.
- The checksum passes. ```xml
-<!-- Poland Passport Number -->
-<Entity id="03937FB5-D2B6-4487-B61F-0F8BFF7C3517" patternsProximity="300" recommendedConfidence="85">
- <Pattern confidenceLevel="85">
- <IdMatch idRef="Func_polish_passport_number" />
- <Match idRef="Keyword_polish_national_id_passport_number" />
- </Pattern>
-</Entity>
-</Version>
+ <!-- Poland Passport Number -->
+ <Entity id="03937FB5-D2B6-4487-B61F-0F8BFF7C3517" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Func_polish_passport_number_v2" />
+ <Match idRef="Keywords_eu_passport_date" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keyword_polish_national_passport_number" />
+ </Any>
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Func_polish_passport_number_v2" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keyword_polish_national_passport_number" />
+ </Any>
+ </Pattern>
+ <Pattern confidenceLevel="65">
+ <IdMatch idRef="Func_polish_passport_number_v2" />
+ </Pattern>
+ </Entity>
``` ### Keywords
-#### Keyword_poland_national_id_passport_number
+#### Keywords_eu_passport_number
+
+- passport#
+- passport #
+- passportid
+- passports
+- passportno
+- passport no
+- passportnumber
+- passport number
+- passportnumbers
+- passport numbers
+
+#### Keyword_polish_national_passport_number
+
+- numer paszportu
+- numery paszportów
+- numery paszportowe
+- nr paszportu
+- nr. paszportu
+- nr paszportów
+- n° passeport
+- passeport n°
+
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
-- Numer paszportu-- Nr. Paszportu-- Paszport ## Poland REGON number This sensitive information type is only available for use in:
@@ -15163,7 +15400,6 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
## Spain social security number (SSN)
-This sensitive information type entity is included in the EU Social Security Number or Equivalent ID sensitive information type. It's available as a stand-alone sensitive information type entity.
### Format
@@ -15187,19 +15423,35 @@ Yes
A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_spanish_social_security_number finds content that matches the pattern. - The checksum passes.++
+A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function Func_spanish_social_security_number finds content that matches the pattern.
+- The checksum passes.
```xml
-<!-- Spain SSN -->
-<Entity id="5df987c0-8eae-4bce-ace7-b316347f3070" patternsProximity="300" recommendedConfidence="85">
- <Pattern confidenceLevel="85">
- <IdMatch idRef="Func_spanish_social_security_number" />
- </Pattern>
-</Entity>
+ <!-- Spain SSN -->
+ <Entity id="5df987c0-8eae-4bce-ace7-b316347f3070" patternsProximity="300" recommendedConfidence="85" relaxProximity="true" >
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Func_spanish_social_security_number" />
+ <Match idRef="Keywords_spain_eu_ssn_or_equivalent" />
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Func_spanish_social_security_number" />
+ </Pattern>
+ </Entity>
``` ### Keywords
-None
+#### Keywords_spain_eu_passport_number
+
+- ssn
+- ssn#
+- socialsecurityno
+- social security no
+- social security number
+- n├║mero de la seguridad social
## Spain tax identification number This sensitive information type is only available for use in:
@@ -15628,7 +15880,6 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- skatteidentifikationsnummer ## Sweden passport number
-This sensitive information type entity is included in the EU Passport Number sensitive information type and is available as a stand alone sensitive information type entity.
### Format
@@ -15644,59 +15895,82 @@ No
### Definition
+A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- the regular expression Regex_sweden_passport_number finds content that matches the pattern.
+- a keyword from `Keywords_eu_passport_number` or `Keyword_sweden_passport` is found.
+- the regular expression `Regex_sweden_eu_passport_date` finds a date in the format DD MMM/MMM YY (01 JAN/JAN 12) or a keyword from `Keywords_eu_passport_date` is found.
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - the regular expression Regex_sweden_passport_number finds content that matches the pattern.-- one of the following is true:
- - a keyword from Keyword_passport is found.
- - a keyword from Keyword_sweden_passport is found.
+- a keyword from `Keywords_eu_passport_number` or `Keyword_sweden_passport` is found.
+ ```xml
-<!-- Sweden Passport Number -->
-<Entity id="ba4e7456-55a9-4d89-9140-c33673553526" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="75">
- <IdMatch idRef="Regex_sweden_passport_number" />
- <Any minMatches="1">
- <Match idRef="Keyword_passport" />
- <Match idRef="Keyword_sweden_passport" />
- </Any>
- </Pattern>
-</Entity>
+ <!-- Sweden Passport Number -->
+ <Entity id="ba4e7456-55a9-4d89-9140-c33673553526" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Regex_sweden_passport_number" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keyword_sweden_passport" />
+ </Any>
+ <Any minMatches="1">
+ <Match idRef="Regex_sweden_eu_passport_date" />
+ <Match idRef="Keywords_eu_passport_date" />
+ </Any>
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Regex_sweden_passport_number" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keyword_sweden_passport" />
+ </Any>
+ </Pattern>
+ </Entity>
``` ### Keywords
+#### Keywords_eu_passport_number
+
+- passport#
+- passport #
+- passportid
+- passports
+- passportno
+- passport no
+- passportnumber
+- passport number
+- passportnumbers
+- passport numbers
+ #### Keyword_sweden_passport -- visa requirements -- Alien Registration Card -- Schengen visas -- Schengen visa -- Visa Processing -- Visa Type -- Single Entry -- Multiple Entry -- G3 Processing Fees
+- alien registration card
+- g3 processing fees
+- multiple entry
+- Numéro de passeport
+- passeport n °
+- passeport non
+- passeport #
+- passeport#
+- passeportnon
+- passeportn °
+- passnummer
+- pass nr
+- schengen visa
+- schengen visas
+- single entry
+- sverige pass
+- visa requirements
+- visa processing
+- visa type
-#### Keyword_passport
+#### Keywords_eu_passport_date
+
+- date of issue
+- date of expiry
-- Passport Number -- Passport No -- Passport # -- Passport# -- PassportID -- Passportno -- passportnumber -- パスポート -- パスポート番号 -- パスポートのNum -- パスポート# -- Numéro de passeport -- Passeport n ° -- Passeport Non -- Passeport # -- Passeport# -- PasseportNon -- Passeportn ° ## Sweden social security number or equivalent identification This sensitive information type entity is only available in the EU Social Security Number or Equivalent ID sensitive information type.
@@ -16239,7 +16513,6 @@ A DLP policy has medium confidence that it's detected this type of sensitive inf
- Vatandaşlık no ## U.K. driver's license number
-This sensitive information type entity is included in the EU Driver's License Number sensitive information type. It's available as a stand-alone sensitive information type entity.
### Format
@@ -16261,39 +16534,150 @@ Yes
### Definition A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:-- The function Func_uk_drivers_license finds content that matches the pattern.-- A keyword from Keyword_uk_drivers_license is found.
+- The function `Func_uk_drivers_license` finds content that matches the pattern.
+- A keyword from `Keywords_eu_driver's_license_number` is found.
+- The checksum passes.
+
+A DLP policy has low confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function `Func_uk_drivers_license` finds content that matches the pattern.
- The checksum passes. ```xml
-<!-- U.K. Driver's License Number -->
-<Entity id="f93de4be-d94c-40df-a8be-461738047551" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="75">
- <IdMatch idRef="Func_uk_drivers_license" />
- <Match idRef="Keyword_uk_drivers_license" />
- </Pattern>
-</Entity>
+ <!-- U.K. Driver's License Number -->
+ <Entity id="f93de4be-d94c-40df-a8be-461738047551" patternsProximity="300" recommendedConfidence="75" relaxProximity="true" >
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Func_uk_drivers_license" />
+ <Match idRef="Keywords_eu_driver's_license_number" />
+ </Pattern>
+ <Pattern confidenceLevel="65">
+ <IdMatch idRef="Func_uk_drivers_license" />
+ </Pattern>
+ </Entity>
``` ### Keywords
-#### Keyword_uk_drivers_license
--- DVLA -- light vans -- quadbikes -- motor cars -- 125cc -- sidecar -- tricycles -- motorcycles -- photocard licence -- learner drivers -- licence holder -- licence holders -- driving licences -- driving licence -- dual control car
+#### Keywords_eu_driver's_license_number
+
+- driverlic
+- driverlics
+- driverlicense
+- driverlicenses
+- driverlicence
+- driverlicences
+- driver lic
+- driver lics
+- driver license
+- driver licenses
+- driver licence
+- driver licences
+- driverslic
+- driverslics
+- driverslicence
+- driverslicences
+- driverslicense
+- driverslicenses
+- drivers lic
+- drivers lics
+- drivers license
+- drivers licenses
+- drivers licence
+- drivers licences
+- driver'lic
+- driver'lics
+- driver'license
+- driver'licenses
+- driver'licence
+- driver'licences
+- driver' lic
+- driver' lics
+- driver' license
+- driver' licenses
+- driver' licence
+- driver' licences
+- driver'slic
+- driver'slics
+- driver'slicense
+- driver'slicenses
+- driver'slicence
+- driver'slicences
+- driver's lic
+- driver's lics
+- driver's license
+- driver's licenses
+- driver's licence
+- driver's licences
+- dl#
+- dls#
+- driverlic#
+- driverlics#
+- driverlicense#
+- driverlicenses#
+- driverlicence#
+- driverlicences#
+- driver lic#
+- driver lics#
+- driver license#
+- driver licenses#
+- driver licences#
+- driverslic#
+- driverslics#
+- driverslicense#
+- driverslicenses#
+- driverslicence#
+- driverslicences#
+- drivers lic#
+- drivers lics#
+- drivers license#
+- drivers licenses#
+- drivers licence#
+- drivers licences#
+- driver'lic#
+- driver'lics#
+- driver'license#
+- driver'licenses#
+- driver'licence#
+- driver'licences#
+- driver' lic#
+- driver' lics#
+- driver' license#
+- driver' licenses#
+- driver' licence#
+- driver' licences#
+- driver'slic#
+- driver'slics#
+- driver'slicense#
+- driver'slicenses#
+- driver'slicence#
+- driver'slicences#
+- driver's lic#
+- driver's lics#
+- driver's license#
+- driver's licenses#
+- driver's licence#
+- driver's licences#
+- driving licence 
+- driving license
+- dlno#
+- driv lic
+- driv licen
+- driv license
+- driv licenses
+- driv licence
+- driv licences
+- driver licen
+- drivers licen
+- driver's licen
+- driving lic
+- driving licen
+- driving licenses
+- driving licence
+- driving licences
+- driving permit
+- dl no
+- dlno
+- dl number
+ ## U.K. electoral roll number
@@ -16914,7 +17298,6 @@ A DLP policy is 55% confident that it's detected this type of sensitive informat
- SSID ## U.S. / U.K. passport number
-The U.K. passport number sensitive information type entity is available in the EU Passport Number sensitive information type. It's available as a stand-alone sensitive information type entity.
### Format
@@ -16930,41 +17313,56 @@ No
### Definition
+A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters:
+- The function Func_usa_uk_passport finds content that matches the pattern.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_uk_eu_passport_number` is found.
+- A keyword from `Keywords_eu_passport_date` is found
+ A DLP policy has medium confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_usa_uk_passport finds content that matches the pattern.-- A keyword from Keyword_passport is found.
+- A keyword from `Keywords_eu_passport_number` or `Keywords_uk_eu_passport_number` is found.
```xml
-<Entity id="178ec42a-18b4-47cc-85c7-d62c92fd67f8" patternsProximity="300" recommendedConfidence="75">
- <Pattern confidenceLevel="75">
- <IdMatch idRef="Func_usa_uk_passport" />
- <Match idRef="Keyword_passport" />
- </Pattern>
-</Entity>
+ <!-- U.S. / U.K. Passport Number -->
+ <Entity id="178ec42a-18b4-47cc-85c7-d62c92fd67f8" patternsProximity="300" recommendedConfidence="75">
+ <Pattern confidenceLevel="85">
+ <IdMatch idRef="Func_usa_uk_passport" />
+ <Match idRef="Keywords_eu_passport_date" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keywords_uk_eu_passport_number" />
+ </Any>
+ </Pattern>
+ <Pattern confidenceLevel="75">
+ <IdMatch idRef="Func_usa_uk_passport" />
+ <Any minMatches="1">
+ <Match idRef="Keywords_eu_passport_number" />
+ <Match idRef="Keywords_uk_eu_passport_number" />
+ </Any>
+ </Pattern>
+ </Entity>
``` ### Keywords
-#### Keyword_passport
+#### Keywords_eu_passport_number
+
+- passport#
+- passport #
+- passportid
+- passports
+- passportno
+- passport no
+- passportnumber
+- passport number
+- passportnumbers
+- passport numbers
+
+#### Keywords_uk_eu_passport_number
+
+- british passport
+- uk passport
-- Passport Number -- Passport No -- Passport # -- Passport# -- PassportID -- Passportno -- passportnumber -- パスポート -- パスポート番号 -- パスポートのNum -- パスポート# -- Numéro de passeport -- Passeport n ° -- Passeport Non -- Passeport # -- Passeport# -- PasseportNon -- Passeportn ° ## Ukraine passport domestic This sensitive information type is only available for use in:
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-office-apps https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md
@@ -231,7 +231,7 @@ However, the automatic guest account is not created immediately in this scenario
If your organization has implemented [Azure Active Directory Conditional Access policies](https://docs.microsoft.com/azure/active-directory/conditional-access/overview), check the configuration of those policies. If the policies include Azure Information Protection and the policy extends to external users, those external users must have a guest account in your tenant even if they have an Azure AD account in their own tenant.
-Without this guest account, they can't open the encrypted document and see an error message. The message text might inform them that their account needs to be added as an external user in the tenant, with the incorrect instruction **Sign out and sign in again with a different Azure Active Directory user account**.
+Without this guest account, they can't open the encrypted document and see an error message. The message text might inform them that their account needs to be added as an external user in the tenant, with the incorrect instruction for this scenario to **Sign out and sign in again with a different Azure Active Directory user account**.
If you can't create and configure guest accounts in your tenant for external users who need to open documents that are encrypted by your labels, you must either remove Azure Information Protection from the Conditional Access policies, or exclude external users from the policies.
compliance https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-teams-groups-sites.md
@@ -266,6 +266,7 @@ The following apps and services support sensitivity labels configured for sites
- SharePoint admin center - Azure Active Directory portal
+ - Microsoft 365 admin center
- Microsoft 365 compliance center, Microsoft 365 security center, Security & Compliance Center - User apps and
@@ -275,13 +276,12 @@ The following apps and services support sensitivity labels configured for sites
- Outlook on the web and for Windows, macOS, iOS, and Android - Forms - Stream
- - Planner (rolling out)
+ - Planner
The following apps and services don't currently support sensitivity labels configured for sites and group settings: - Admin centers:
- - Microsoft 365 admin center
- Teams admin center - Exchange admin center
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/connect-to-microsoft-365-powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/connect-to-microsoft-365-powershell.md
@@ -112,7 +112,7 @@ PowerShell Core doesn't support the Microsoft Azure Active Directory Module for
These steps are required only one time on your computer. But you'll likely need to update the software periodically.
-1. If you're not running Windows 10, install the 64-bit version of the Microsoft Online Services Sign-in Assistant: [Microsoft Online Services Sign-in Assistant for IT Professionals RTW](https://go.microsoft.com/fwlink/p/?LinkId=286152).
+1. If you're not running Windows 10, install the 64-bit version of the Microsoft Online Services Sign-in Assistant: [Microsoft Online Services Sign-in Assistant for IT Professionals RTW](https://www.microsoft.com/Download/details.aspx?id=28177).
2. Follow these steps to install the Microsoft Azure Active Directory Module for Windows PowerShell:
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/modern-custom-extensions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/modern-custom-extensions.md
@@ -48,9 +48,10 @@ If an extension is impacting page load time or there are too many extsnions on t
Information available in the results includes: - **Name and ID** shows identifying information that can help you find the extension on the page-- **Total** shows the total time for the extension to initialize and load-- **Module Load** shows the time taken to fetch and load the extension-- **Init** shows the time taken for the extension to initialize
+- **Total** shows the total time for the extension to module load and initialize. It is the total relative time taken by the extension to execute on the page, from beginning to the end.
+- **Module Load** shows the time taken to download, evaluate and load the extensions JavaScript and CSS files. It will then start the Init process.
+- **Init** shows the time taken for the extension to initialize the data.
+ It is an asynchronous call and init time is the calculation of time for the onInit function when the returned promise is resolved.
This information is provided to help designers and developers troubleshoot issues. This information should be provided to your design and development team.
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab.md
@@ -94,7 +94,7 @@ Detailed lab guides take you through multiple deployment and management scenario
[Download the Windows and Office Deployment Lab Kit](https://www.microsoft.com/evalcenter/evaluate-lab-kit).
-* The installed baseline version 2002 can be updated to Version 2010 using and in-console update. Please use a broad bandwidth Internet connection to download this content and allow 30-45 minutes for automatic provisioning. The lab environment requires a minimum of 16 GB of available memory and 150 GB of free disk space. For optimal performance, 32 GB of available memory and 300 GB of free space is recommended. The kit expires February 11, 2021. A new version will be published prior to expiration.
+* The installed baseline version 2002 can be updated to Version 2010 using and in-console update. Please use a broad bandwidth Internet connection to download this content and allow 30-45 minutes for automatic provisioning. The lab environment requires a minimum of 16 GB of available memory and 150 GB of free disk space. For optimal performance, 32 GB of available memory and 300 GB of free space is recommended. The kit expires May 2, 2021. A new version will be published prior to expiration.
## Additional guidance
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/modern-web-part-optimization https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/modern-web-part-optimization.md
@@ -51,13 +51,16 @@ If the **Web parts are impacting page load time** result appears in either the *
Information available in the results includes: -- **Made by** shows whether the web part is custom or Microsoft OOTB-- **Name and ID** shows identifying information that can help you find the web part on the page-- **Total** shows the total time for the web part to load-- **Module Load** shows the time taken to fetch and load the web part components-- **Lazy Load** shows the time for deferred loading of web parts not seen in the main section of the page-- **Init** shows the time taken for web part initialization-- **Render** shows the time taken for the web part to fetch and render results
+- **Made by** shows whether the web part is custom or Microsoft OOTB.
+- **Name and ID** shows identifying information that can help you find the web part on the page.
+- **Total** shows the total time for the web part to module load, initialize and render. It is the total relative time taken by the web part to render on the page, from beginning to the end.
+- **Module Load** shows the time taken to download, evaluate and load the extensions JavaScript and CSS files. It will then start the Init process.
+- **Lazy Load** shows the time for deferred loading of web parts not seen in the main section of the page. There are certain conditions where there are too many web parts to render, and they are queued to render to minimize the page load time.
+- **Init** shows the time taken for the web part to initialize the data.
+ It is an asynchronous call and init time is the calculation of time for the onInit function when the returned promise is resolved.
+- **Render** shows the time taken to render the UI (user interface) once the module load and Init are complete.
+ It is the JavaScript execution time to mount the DOM in the document (page).
+ Rendering of asynchronous resources, for example, images, might take additional time to complete.
This information is provided to help designers and developers troubleshoot issues. This information should be provided to your design and development team.
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/protect-your-global-administrator-accounts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/protect-your-global-administrator-accounts.md
@@ -50,7 +50,7 @@ There are relatively few administrative tasks, such as assigning roles to user a
1. Determine the set of user accounts that have been assigned the global admin role. You can do this in the Microsoft 365 admin center or with the following Azure Active (Azure AD) Directory PowerShell for Graph command: ```powershell
- Get-AzureADDirectoryRole | where { $_.DisplayName -eq "Company Administrator" } | Get-AzureADDirectoryRoleMember | Ft DisplayName
+ Get-AzureADDirectoryRole | where { $_.DisplayName -eq "Global Administrator" } | Get-AzureADDirectoryRoleMember | Ft DisplayName
``` 2. Sign into your Microsoft 365 subscription with a user account that has been assigned the global admin role.
enterprise https://docs.microsoft.com/en-us/microsoft-365/enterprise/remove-licenses-from-user-accounts-with-microsoft-365-powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/remove-licenses-from-user-accounts-with-microsoft-365-powershell.md
@@ -57,30 +57,22 @@ To remove all of the licenses for a specific user account, specify the user sign
```powershell $userUPN="<user sign-in name (UPN)>"
-$licensePlanList = Get-AzureADSubscribedSku
-$userList = Get-AzureADUser -ObjectID $userUPN | Select -ExpandProperty AssignedLicenses | Select SkuID
+$userList = Get-AzureADUser -ObjectID $userUPN
+$Skus = $userList | Select -ExpandProperty AssignedLicenses | Select SkuID
if($userList.Count -ne 0) {
-if($userList -is [array]) {
-for ($i=0; $i -lt $userList.Count; $i++) {
-$license = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense
-$licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses
-$license.SkuId = $userList[$i].SkuId
-$licenses.AddLicenses = $license
-Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
-$Licenses.AddLicenses = @()
-$Licenses.RemoveLicenses = (Get-AzureADSubscribedSku | Where-Object -Property SkuID -Value $userList[$i].SkuId -EQ).SkuID
-Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
+ if($Skus -is [array])
+ {
+ $licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses
+ for ($i=0; $i -lt $Skus.Count; $i++) {
+ $Licenses.RemoveLicenses += (Get-AzureADSubscribedSku | Where-Object -Property SkuID -Value $Skus[$i].SkuId -EQ).SkuID
+ }
+ Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
+ } else {
+ $licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses
+ $Licenses.RemoveLicenses = (Get-AzureADSubscribedSku | Where-Object -Property SkuID -Value $Skus.SkuId -EQ).SkuID
+ Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
+ }
}
-} else {
-$license = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense
-$licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses
-$license.SkuId = $userList.SkuId
-$licenses.AddLicenses = $license
-Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
-$Licenses.AddLicenses = @()
-$Licenses.RemoveLicenses = (Get-AzureADSubscribedSku | Where-Object -Property SkuID -Value $userList.SkuId -EQ).SkuID
-Set-AzureADUserLicense -ObjectId $userUPN -AssignedLicenses $licenses
-}}
``` ## Use the Microsoft Azure Active Directory Module for Windows PowerShell
includes https://docs.microsoft.com/en-us/microsoft-365/includes/microsoft-365-content-updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md
@@ -2,6 +2,317 @@
+## Week of February 08, 2021
++
+| Published On |Topic title | Change |
+|||--|
+| 2/8/2021 | [Paying for your subscription with a billing profile](/microsoft-365/commerce/billing-and-payments/pay-for-subscription-billing-profile?view=o365-21vianet) | added |
+| 2/8/2021 | [Custom roles for role-based access control](/microsoft-365/security/mtp/custom-roles?view=o365-21vianet) | added |
+| 2/8/2021 | [Get started with Microsoft 365 Defender](/microsoft-365/security/mtp/get-started?view=o365-21vianet) | added |
+| 2/8/2021 | [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/mtp/investigate-alerts?view=o365-21vianet) | added |
+| 2/8/2021 | [Investigate users in Microsoft 365 security center](/microsoft-365/security/mtp/investigate-users?view=o365-21vianet) | added |
+| 2/8/2021 | [Microsoft Defender for Endpoint in the Microsoft 365 security center](/microsoft-365/security/mtp/microsoft-365-security-center-mde?view=o365-21vianet) | added |
+| 2/8/2021 | [Microsoft Defender for Office 365 in the Microsoft 365 security center](/microsoft-365/security/mtp/microsoft-365-security-center-mdo?view=o365-21vianet) | added |
+| 2/8/2021 | [Redirecting accounts from Microsoft Defender for Endpoint to the Microsoft 365 security center](/microsoft-365/security/mtp/microsoft-365-security-mde-redirection?view=o365-21vianet) | added |
+| 2/8/2021 | [Understand the analyst report section in threat analytics](/microsoft-365/security/mtp/threat-analytics-analyst-reports?view=o365-21vianet) | added |
+| 2/8/2021 | [Track and respond to emerging threats with threat analytics](/microsoft-365/security/mtp/threat-analytics?view=o365-21vianet) | added |
+| 2/8/2021 | [The Microsoft Defender for Office 365 (MDO) email entity page](/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-21vianet) | added |
+| 2/8/2021 | [Migrate advanced hunting queries from Microsoft Defender for Endpoint](/microsoft-365/security/mtp/advanced-hunting-migrate-from-mdatp?view=o365-21vianet) | modified |
+| 2/8/2021 | [Configure Microsoft 365 Defender pillars for the trial lab or pilot environment](/microsoft-365/security/mtp/config-mtpeval?view=o365-21vianet) | modified |
+| 2/8/2021 | [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/mtp/investigate-incidents?view=o365-21vianet) | modified |
+| 2/8/2021 | [Go to the Action center to view and approve your automated investigation and remediation tasks](/microsoft-365/security/mtp/mtp-action-center?view=o365-21vianet) | modified |
+| 2/8/2021 | [View and manage actions in the Action center](/microsoft-365/security/mtp/mtp-autoir-actions?view=o365-21vianet) | modified |
+| 2/8/2021 | [Handle false positives or false negatives in AIR in Microsoft 365 Defender](/microsoft-365/security/mtp/mtp-autoir-report-false-positives-negatives?view=o365-21vianet) | modified |
+| 2/8/2021 | [Details and results of an automated investigation](/microsoft-365/security/mtp/mtp-autoir-results?view=o365-21vianet) | modified |
+| 2/8/2021 | [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/mtp/mtp-autoir?view=o365-21vianet) | modified |
+| 2/8/2021 | [Configure automated investigation and response capabilities in Microsoft 365 Defender](/microsoft-365/security/mtp/mtp-configure-auto-investigation-response?view=o365-21vianet) | modified |
+| 2/8/2021 | [Turn on Microsoft 365 Defender in the Microsoft 365 security center](/microsoft-365/security/mtp/mtp-enable?view=o365-21vianet) | modified |
+| 2/8/2021 | [Manage access to Microsoft 365 Defender data in the Microsoft 365 security center](/microsoft-365/security/mtp/mtp-permissions?view=o365-21vianet) | modified |
+| 2/8/2021 | [Remediation actions in Microsoft 365 Defender](/microsoft-365/security/mtp/mtp-remediation-actions?view=o365-21vianet) | modified |
+| 2/8/2021 | [Microsoft 365 security center overview](/microsoft-365/security/mtp/overview-security-center?view=o365-21vianet) | modified |
+| 2/8/2021 | [Preview features in Microsoft 365 Defender](/microsoft-365/security/mtp/preview?view=o365-21vianet) | modified |
+| 2/8/2021 | [What's new in Microsoft 365 Defender](/microsoft-365/security/mtp/whats-new?view=o365-21vianet) | modified |
+| 2/8/2021 | [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) | modified |
+| 2/8/2021 | [Remediation actions following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-21vianet) | modified |
+| 2/8/2021 | [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) | modified |
+| 2/8/2021 | [Review and manage remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-review-approve-pending-completed-actions?view=o365-21vianet) | modified |
+| 2/8/2021 | [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) | modified |
+| 2/8/2021 | [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) | modified |
+| 2/8/2021 | [Common identity and device access policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) | modified |
+| 2/8/2021 | [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) | modified |
+| 2/8/2021 | [Isolated SharePoint Online team site dev/test environment](/microsoft-365/security/office-365-security/isolated-sharepoint-online-team-site-dev-test-environment?view=o365-21vianet) | modified |
+| 2/8/2021 | [Isolated SharePoint Online team sites](/microsoft-365/security/office-365-security/isolated-sharepoint-online-team-sites?view=o365-21vianet) | modified |
+| 2/8/2021 | [Manage an isolated SharePoint Online team site](/microsoft-365/security/office-365-security/manage-an-isolated-sharepoint-online-team-site?view=o365-21vianet) | modified |
+| 2/8/2021 | [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) | modified |
+| 2/8/2021 | [Recommended secure document policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) | modified |
+| 2/8/2021 | [SIEM integration with Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/siem-integration-with-office-365-ti?view=o365-21vianet) | modified |
+| 2/8/2021 | [SIEM server integration with Microsoft 365 services and applications](/microsoft-365/security/office-365-security/siem-server-integration?view=o365-21vianet) | modified |
+| 2/8/2021 | [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) | modified |
+| 2/8/2021 | [Manually submit messages to Microsoft for analysis](/microsoft-365/security/office-365-security/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis?view=o365-21vianet) | modified |
+| 2/8/2021 | [Submit malware and non-malware to Microsoft for analysis](/microsoft-365/security/office-365-security/submitting-malware-and-non-malware-to-microsoft-for-analysis?view=o365-21vianet) | modified |
+| 2/8/2021 | [Add support for anonymous inbound email over IPv6](/microsoft-365/security/office-365-security/support-for-anonymous-inbound-email-messages-over-ipv6?view=o365-21vianet) | modified |
+| 2/8/2021 | [Support for validation of Domain Keys Identified Mail (DKIM) signed messages](/microsoft-365/security/office-365-security/support-for-validation-of-dkim-signed-messages?view=o365-21vianet) | modified |
+| 2/8/2021 | [Switch to EOP from another protection service](/microsoft-365/security/office-365-security/switch-to-eop-from-google-postini-the-barracuda-spam-and-virus-firewall-or-cisco?view=o365-21vianet) | modified |
+| 2/8/2021 | [Manage your allows and blocks in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list?view=o365-21vianet) | modified |
+| 2/8/2021 | [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-21vianet) | modified |
+| 2/8/2021 | [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) | modified |
+| 2/8/2021 | [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) | modified |
+| 2/8/2021 | [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) | modified |
+| 2/8/2021 | [Troubleshooting mail sent to Microsoft 365](/microsoft-365/security/office-365-security/troubleshooting-mail-sent-to-office-365?view=o365-21vianet) | modified |
+| 2/8/2021 | [Tune anti-phishing protection](/microsoft-365/security/office-365-security/tuning-anti-phishing?view=o365-21vianet) | modified |
+| 2/8/2021 | [Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/turn-on-atp-for-spo-odb-and-teams?view=o365-21vianet) | modified |
+| 2/8/2021 | [How to use DKIM for email in your custom domain](/microsoft-365/security/office-365-security/use-dkim-to-validate-outbound-email?view=o365-21vianet) | modified |
+| 2/8/2021 | [Use DMARC to validate email](/microsoft-365/security/office-365-security/use-dmarc-to-validate-email?view=o365-21vianet) | modified |
+| 2/8/2021 | [Use mail flow rules to see what your users are reporting to Microsoft](/microsoft-365/security/office-365-security/use-mail-flow-rules-to-see-what-your-users-are-reporting-to-microsoft?view=o365-21vianet) | modified |
+| 2/8/2021 | [Use mail flow rules to the SCL in messages](/microsoft-365/security/office-365-security/use-mail-flow-rules-to-set-the-spam-confidence-level-scl-in-messages?view=o365-21vianet) | modified |
+| 2/8/2021 | [End-user spam notifications in Microsoft 365](/microsoft-365/security/office-365-security/use-spam-notifications-to-release-and-report-quarantined-messages?view=o365-21vianet) | modified |
+| 2/8/2021 | [Remove yourself from the blocked senders list](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-21vianet) | modified |
+| 2/8/2021 | [Use mail flow rules to filter bulk email](/microsoft-365/security/office-365-security/use-transport-rules-to-configure-bulk-email-filtering?view=o365-21vianet) | modified |
+| 2/8/2021 | [User submissions policy](/microsoft-365/security/office-365-security/user-submission?view=o365-21vianet) | modified |
+| 2/8/2021 | [View email security reports in the Security & Compliance Center](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) | modified |
+| 2/8/2021 | [View mail flow reports in the Reports dashboard](/microsoft-365/security/office-365-security/view-mail-flow-reports?view=o365-21vianet) | modified |
+| 2/8/2021 | [View Defender for Office 365 reports in the Reports dashboard](/microsoft-365/security/office-365-security/view-reports-for-atp?view=o365-21vianet) | modified |
+| 2/8/2021 | [View the admin audit log in standalone EOP](/microsoft-365/security/office-365-security/view-the-admin-audit-log-eop?view=o365-21vianet) | modified |
+| 2/8/2021 | [Built-in virus protection in SharePoint Online, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/virus-detection-in-spo?view=o365-21vianet) | modified |
+| 2/8/2021 | [Walkthrough - Spoof intelligence insight](/microsoft-365/security/office-365-security/walkthrough-spoof-intelligence-insight?view=o365-21vianet) | modified |
+| 2/8/2021 | [What&apos;s the difference between junk email and bulk email?](/microsoft-365/security/office-365-security/what-s-the-difference-between-junk-email-and-bulk-email?view=o365-21vianet) | modified |
+| 2/8/2021 | [What's new in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/whats-new-in-office-365-atp?view=o365-21vianet) | modified |
+| 2/8/2021 | [Zero-hour auto purge (ZAP)](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-21vianet) | modified |
+| 2/8/2021 | [Import a term set using a SKOS-based format](/microsoft-365/contentunderstanding/import-term-set-skos) | modified |
+| 2/8/2021 | [Push content types to a hub](/microsoft-365/contentunderstanding/push-content-type-to-hub) | modified |
+| 2/8/2021 | [Set up SharePoint Syntex](/microsoft-365/contentunderstanding/set-up-content-understanding) | modified |
+| 2/8/2021 | [Term store reports](/microsoft-365/contentunderstanding/term-store-analytics) | modified |
+| 2/8/2021 | [Migration from Microsoft Cloud Deutschland to Office 365 services in the new German datacenter regions](/microsoft-365/enterprise/ms-cloud-germany-transition?view=o365-21vianet) | modified |
+| 2/8/2021 | [Network connectivity in the Microsoft 365 Admin Center (preview)](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) | modified |
+| 2/8/2021 | [Set up Microsoft Viva Topics](/microsoft-365/knowledge/set-up-topic-experiences) | modified |
+| 2/8/2021 | [AADSignInEventsBeta table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-aadsignineventsbeta-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [AADSpnSignInEventsBeta table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-aadspnsignineventsbeta-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [AlertEvidence table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-alertevidence-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [AppFileEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-appfileevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-deviceevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceFileEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-devicefileevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceImageLoadEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-deviceimageloadevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceInfo table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-deviceinfo-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceLogonEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-devicelogonevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceNetworkEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-devicenetworkevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceProcessEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-deviceprocessevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceRegistryEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-deviceregistryevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [DeviceTvmSecureConfigurationAssessmentKB table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [EmailAttachmentInfo table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-emailattachmentinfo-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [EmailEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-emailevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [EmailPostDeliveryEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-emailpostdeliveryevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [EmailUrlInfo table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-emailurlinfo-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [IdentityLogonEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-identitylogonevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [IdentityQueryEvents table in the advanced hunting schema](/microsoft-365/security/mtp/advanced-hunting-identityqueryevents-table?view=o365-21vianet) | modified |
+| 2/8/2021 | [Understand the analyst report section in threat analytics](/microsoft-365/security/mtp/threat-analytics-analyst-reports?view=o365-21vianet) | modified |
+| 2/8/2021 | [Protect against threats](/microsoft-365/security/office-365-security/protect-against-threats?view=o365-21vianet) | modified |
+| 2/8/2021 | [Insider risk solution](/microsoft-365/compliance/insider-risk-solution-overview?view=o365-21vianet) | modified |
+| 2/8/2021 | [Enable sensitivity labels for Office files in SharePoint and OneDrive](/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files?view=o365-21vianet) | modified |
+| 2/8/2021 | [Plan for Microsoft Viva Topics](/microsoft-365/knowledge/plan-topic-experiences) | modified |
+| 2/8/2021 | [Manage recipients in standalone EOP](/microsoft-365/security/office-365-security/manage-recipients-in-eop?view=o365-21vianet) | modified |
+| 2/8/2021 | [Message trace in the Security & Compliance Center](/microsoft-365/security/office-365-security/message-trace-scc?view=o365-21vianet) | modified |
+| 2/8/2021 | [Auto-forwarded messages insight](/microsoft-365/security/office-365-security/mfi-auto-forwarded-messages-report?view=o365-21vianet) | modified |
+| 2/8/2021 | [Top domain mail flow status insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-domain-mail-flow-status-insight?view=o365-21vianet) | modified |
+| 2/8/2021 | [Mail flow map](/microsoft-365/security/office-365-security/mfi-mail-flow-map-report?view=o365-21vianet) | modified |
+| 2/8/2021 | [Fix possible mail loop insight](/microsoft-365/security/office-365-security/mfi-mail-loop-insight?view=o365-21vianet) | modified |
+| 2/8/2021 | [New domains being forwarded email insight](/microsoft-365/security/office-365-security/mfi-new-domains-being-forwarded-email?view=o365-21vianet) | modified |
+| 2/8/2021 | [New users forwarding email insight](/microsoft-365/security/office-365-security/mfi-new-users-forwarding-email?view=o365-21vianet) | modified |
+| 2/8/2021 | [Non-accepted domain report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-accepted-domain-report?view=o365-21vianet) | modified |
+| 2/8/2021 | [Non-delivery report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-delivery-report?view=o365-21vianet) | modified |
+| 2/8/2021 | [Outbound and inbound mail flow insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-outbound-and-inbound-mail-flow?view=o365-21vianet) | modified |
+| 2/8/2021 | [Queues insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-queue-alerts-and-queues?view=o365-21vianet) | modified |
+| 2/8/2021 | [Fix slow mail flow rules insight](/microsoft-365/security/office-365-security/mfi-slow-mail-flow-rules-insight?view=o365-21vianet) | modified |
+| 2/8/2021 | [SMTP Auth clients insight and report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-smtp-auth-clients-report?view=o365-21vianet) | modified |
+| 2/8/2021 | [Identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) | modified |
+| 2/8/2021 | [Microsoft Security Guidance - Political campaigns & nonprofits](/microsoft-365/security/office-365-security/microsoft-security-guidance-for-political-campaigns-nonprofits-and-other-agile-o?view=o365-21vianet) | modified |
+| 2/8/2021 | [Move domains & settings from one EOP organization to another](/microsoft-365/security/office-365-security/move-domains-and-settings-from-one-eop-organization-to-another-eop-organization?view=o365-21vianet) | modified |
+| 2/8/2021 | [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-atp?view=o365-21vianet) | modified |
+| 2/8/2021 | [Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2](/microsoft-365/security/office-365-security/office-365-ti?view=o365-21vianet) | modified |
+| 2/8/2021 | [Security Incident Response](/microsoft-365/security/office-365-security/office365-security-incident-response-overview?view=o365-21vianet) | modified |
+| 2/8/2021 | [Outbound spam protection](/microsoft-365/security/office-365-security/outbound-spam-controls?view=o365-21vianet) | modified |
+| 2/8/2021 | [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) | modified |
+| 2/8/2021 | [Permissions in the Microsoft 365 security and compliance centers](/microsoft-365/security/office-365-security/permissions-microsoft-365-compliance-security?view=o365-21vianet) | modified |
+| 2/8/2021 | [Preset security policies](/microsoft-365/security/office-365-security/preset-security-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Migrate Google files to Microsoft 365 for business ](/microsoft-365/business-video/moveto-microsoft-365/mover-migrate-files?view=o365-worldwide) | modified |
+| 2/9/2021 | [Learn about retention for Teams](/microsoft-365/compliance/retention-policies-teams?view=o365-21vianet) | modified |
+| 2/9/2021 | [Learn about sensitive information types](/microsoft-365/compliance/sensitive-information-type-learn-about?view=o365-21vianet) | modified |
+| 2/9/2021 | [Disabling TLS 1.0 and 1.1 in Office 365 GCC High and DoD](/microsoft-365/compliance/tls-1-2-in-office-365-gcc?view=o365-21vianet) | modified |
+| 2/9/2021 | [Microsoft 365 for enterprise for the Contoso Corporation](/microsoft-365/enterprise/contoso-case-study?view=o365-21vianet) | modified |
+| 2/9/2021 | [Microsoft Defender for Endpoint in the Microsoft 365 security center](/microsoft-365/security/mtp/microsoft-365-security-center-mde?view=o365-21vianet) | modified |
+| 2/9/2021 | [Microsoft 365 security center overview](/microsoft-365/security/mtp/overview-security-center?view=o365-21vianet) | modified |
+| 2/9/2021 | [Preview features in Microsoft 365 Defender](/microsoft-365/security/mtp/preview?view=o365-21vianet) | modified |
+| 2/9/2021 | [Understand the analyst report section in threat analytics](/microsoft-365/security/mtp/threat-analytics-analyst-reports?view=o365-21vianet) | modified |
+| 2/9/2021 | [What's new in Microsoft 365 Defender](/microsoft-365/security/mtp/whats-new?view=o365-21vianet) | modified |
+| 2/9/2021 | [Protection features in Azure Information Protection rolling out to existing tenants](/microsoft-365/security/office-365-security/azure-ip-protection-features?view=o365-21vianet) | modified |
+| 2/9/2021 | [Backscatter in EOP](/microsoft-365/security/office-365-security/backscatter-messages-and-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Best practices for configuring EOP](/microsoft-365/security/office-365-security/best-practices-for-configuring-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Bulk complaint level values](/microsoft-365/security/office-365-security/bulk-complaint-level-values?view=o365-21vianet) | modified |
+| 2/9/2021 | [Campaign Views in Microsoft Defender for Office 365 Plan](/microsoft-365/security/office-365-security/campaigns?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configuration analyzer for security policies](/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure anti-malware policies](/microsoft-365/security/office-365-security/configure-anti-malware-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure anti-phishing policies in EOP](/microsoft-365/security/office-365-security/configure-anti-phishing-policies-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-atp-anti-phishing-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure global settings for Safe Links settings in Defender for Office 365](/microsoft-365/security/office-365-security/configure-global-settings-for-safe-links?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure groups & users - Political campaign dev/test environment](/microsoft-365/security/office-365-security/configure-groups-and-users-for-a-political-campaign-dev-test-environment?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure junk email settings on Exchange Online mailboxes](/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure S/MIME settings - Exchange Online for Outlook on web](/microsoft-365/security/office-365-security/configure-s-mime-settings-for-outlook-web-app?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure the default connection filter policy](/microsoft-365/security/office-365-security/configure-the-connection-filter-policy?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure outbound spam filtering](/microsoft-365/security/office-365-security/configure-the-outbound-spam-policy?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure spam filter policies](/microsoft-365/security/office-365-security/configure-your-spam-filter-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Create blocked sender lists](/microsoft-365/security/office-365-security/create-block-sender-lists-in-office-365?view=o365-21vianet) | modified |
+| 2/9/2021 | [Create safe sender lists](/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365?view=o365-21vianet) | modified |
+| 2/9/2021 | [Create team sites - Political campaign dev environment](/microsoft-365/security/office-365-security/create-team-sites-in-a-political-campaign-dev-test-environment?view=o365-21vianet) | modified |
+| 2/9/2021 | [Deploy an isolated SharePoint Online team site](/microsoft-365/security/office-365-security/deploy-an-isolated-sharepoint-online-team-site?view=o365-21vianet) | modified |
+| 2/9/2021 | [Design an isolated SharePoint Online team site](/microsoft-365/security/office-365-security/design-an-isolated-sharepoint-online-team-site?view=o365-21vianet) | modified |
+| 2/9/2021 | [Detect and Remediate Illicit Consent Grants](/microsoft-365/security/office-365-security/detect-and-remediate-illicit-consent-grants?view=o365-21vianet) | modified |
+| 2/9/2021 | [Email authentication in Microsoft 365](/microsoft-365/security/office-365-security/email-validation-and-authentication?view=o365-21vianet) | modified |
+| 2/9/2021 | [Enable the Report Message add-in](/microsoft-365/security/office-365-security/enable-the-report-message-add-in?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure EOP to junk spam in hybrid environments](/microsoft-365/security/office-365-security/ensure-that-spam-is-routed-to-each-user-s-junk-email-folder?view=o365-21vianet) | modified |
+| 2/9/2021 | [EOP features](/microsoft-365/security/office-365-security/eop-features?view=o365-21vianet) | modified |
+| 2/9/2021 | [EOP general FAQ](/microsoft-365/security/office-365-security/eop-general-faq?view=o365-21vianet) | modified |
+| 2/9/2021 | [EOP queued, deferred, and bounced messages FAQ](/microsoft-365/security/office-365-security/eop-queued-deferred-and-bounced-messages-faq?view=o365-21vianet) | modified |
+| 2/9/2021 | [Exchange admin center in standalone EOP](/microsoft-365/security/office-365-security/exchange-admin-center-in-exchange-online-protection-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configuring and controlling external email forwarding, Automatic forwarding, 5.7.520 Access Denied, disable external forwarding, Your administrator has disabled external forwarding, outbound anti-spam policy](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) | modified |
+| 2/9/2021 | [Feature permissions in EOP](/microsoft-365/security/office-365-security/feature-permissions-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-21vianet) | modified |
+| 2/9/2021 | [Give users access to the Security & Compliance Center](/microsoft-365/security/office-365-security/grant-access-to-the-security-and-compliance-center?view=o365-21vianet) | modified |
+| 2/9/2021 | [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Outbound delivery pools](/microsoft-365/security/office-365-security/high-risk-delivery-pool-for-outbound-messages?view=o365-21vianet) | modified |
+| 2/9/2021 | [How Sender Policy Framework (SPF) prevents spoofing](/microsoft-365/security/office-365-security/how-office-365-uses-spf-to-prevent-spoofing?view=o365-21vianet) | modified |
+| 2/9/2021 | [How EOP validates the From address to prevent phishing](/microsoft-365/security/office-365-security/how-office-365-validates-the-from-address?view=o365-21vianet) | modified |
+| 2/9/2021 | [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-21vianet) | modified |
+| 2/9/2021 | [Office 365 Security, Microsoft Defender for Office 365, EOP, MSDO](/microsoft-365/security/office-365-security/index?view=o365-21vianet) | modified |
+| 2/9/2021 | [Use Microsoft Defender for Office 365 together with Microsoft Defender for Endpoint](/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp?view=o365-21vianet) | modified |
+| 2/9/2021 | [Investigate malicious email that was delivered in Office 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) | modified |
+| 2/9/2021 | [Install and use the Junk Email Reporting add-in for Microsoft Outlook](/microsoft-365/security/office-365-security/junk-email-reporting-add-in-for-microsoft-outlook?view=o365-21vianet) | modified |
+| 2/9/2021 | [Configure spoof intelligence](/microsoft-365/security/office-365-security/learn-about-spoof-intelligence?view=o365-21vianet) | modified |
+| 2/9/2021 | [Mail flow in EOP](/microsoft-365/security/office-365-security/mail-flow-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Mail flow insights in the Mail flow dashboard](/microsoft-365/security/office-365-security/mail-flow-insights-v2?view=o365-21vianet) | modified |
+| 2/9/2021 | [Mail flow intelligence](/microsoft-365/security/office-365-security/mail-flow-intelligence-in-office-365?view=o365-21vianet) | modified |
+| 2/9/2021 | [Mail flow rules in EOP](/microsoft-365/security/office-365-security/mail-flow-rules-transport-rules-0?view=o365-21vianet) | modified |
+| 2/9/2021 | [Manage role groups in EOP](/microsoft-365/security/office-365-security/manage-admin-role-group-permissions-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Manage groups in EOP](/microsoft-365/security/office-365-security/manage-groups-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Manage mail users in standalone EOP](/microsoft-365/security/office-365-security/manage-mail-users-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/manage-quarantined-messages-and-files?view=o365-21vianet) | modified |
+| 2/9/2021 | [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-email-messages?view=o365-21vianet) | modified |
+| 2/9/2021 | [Quarantined messages FAQ](/microsoft-365/security/office-365-security/quarantine-faq?view=o365-21vianet) | modified |
+| 2/9/2021 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365-atp?view=o365-21vianet) | modified |
+| 2/9/2021 | [Recover from a ransomware attack](/microsoft-365/security/office-365-security/recover-from-ransomware?view=o365-21vianet) | modified |
+| 2/9/2021 | [Use mail flow rules to block messages with executable attachments](/microsoft-365/security/office-365-security/reducing-malware-threats-through-file-attachment-blocking-in-exchange-online-pro?view=o365-21vianet) | modified |
+| 2/9/2021 | [Reference Policies, practices, and guidelines](/microsoft-365/security/office-365-security/reference-policies-practices-and-guidelines?view=o365-21vianet) | modified |
+| 2/9/2021 | [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) | modified |
+| 2/9/2021 | [Remove blocked users from the Restricted Users portal](/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam?view=o365-21vianet) | modified |
+| 2/9/2021 | [Report junk and phishing email in Outlook for iOS and Android](/microsoft-365/security/office-365-security/report-junk-email-and-phishing-scams-in-outlook-for-ios-and-android?view=o365-21vianet) | modified |
+| 2/9/2021 | [Report junk and phishing email in Outlook on the web](/microsoft-365/security/office-365-security/report-junk-email-and-phishing-scams-in-outlook-on-the-web-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Report spam, non-spam, and phishing messages to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-21vianet) | modified |
+| 2/9/2021 | [Reporting and message trace](/microsoft-365/security/office-365-security/reporting-and-message-trace-in-exchange-online-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Smart reports, insights - Microsoft 365 Security & Compliance Center](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) | modified |
+| 2/9/2021 | [Responding to a Compromised Email Account](/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-21vianet) | modified |
+| 2/9/2021 | [Run an administrator role group report in standalone EOP](/microsoft-365/security/office-365-security/run-an-administrator-role-group-report-in-eop-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Safe Documents in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-docs?view=o365-21vianet) | modified |
+| 2/9/2021 | [Safety tips in email messages](/microsoft-365/security/office-365-security/safety-tips-in-office-365?view=o365-21vianet) | modified |
+| 2/9/2021 | [Sample script for EOP settings - multiple tenants](/microsoft-365/security/office-365-security/sample-script-for-applying-eop-settings-to-multiple-tenants?view=o365-21vianet) | modified |
+| 2/9/2021 | [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) | modified |
+| 2/9/2021 | [Secure email recommended policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Security recommendations for priority accounts in Microsoft 365, priority accounts, priority accounts in Office 365, priority accounts in Microsoft 365](/microsoft-365/security/office-365-security/security-recommendations-for-priority-accounts?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Set up Safe Attachments policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/set-up-atp-safe-attachments-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Set up Safe Links policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/set-up-atp-safe-links-policies?view=o365-21vianet) | modified |
+| 2/9/2021 | [Set up SPF to help prevent spoofing](/microsoft-365/security/office-365-security/set-up-spf-in-office-365-to-help-prevent-spoofing?view=o365-21vianet) | modified |
+| 2/9/2021 | [Set up your standalone EOP service](/microsoft-365/security/office-365-security/set-up-your-eop-service?view=o365-21vianet) | modified |
+| 2/9/2021 | [SIEM server integration with Microsoft 365 services and applications](/microsoft-365/security/office-365-security/siem-server-integration?view=o365-21vianet) | modified |
+| 2/9/2021 | [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) | modified |
+| 2/9/2021 | [Test Lab Guides for solutions and scenarios](/microsoft-365/solutions/test-lab-guides-overview-solutions?view=o365-21vianet) | modified |
+| 2/9/2021 | [Create a custom sensitive information type using PowerShell](/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell?view=o365-21vianet) | modified |
+| 2/9/2021 | [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) | modified |
+| 2/9/2021 | [Use a script to add users to a hold in a Core eDiscovery case](/microsoft-365/compliance/use-a-script-to-add-users-to-a-hold-in-ediscovery?view=o365-21vianet) | modified |
+| 2/9/2021 | [Address compromised user accounts with automated investigation and response](/microsoft-365/security/office-365-security/address-compromised-users-quickly?view=o365-21vianet) | modified |
+| 2/9/2021 | [Admin submissions](/microsoft-365/security/office-365-security/admin-submission?view=o365-21vianet) | modified |
+| 2/9/2021 | [ASF settings in EOP](/microsoft-365/security/office-365-security/advanced-spam-filtering-asf-options?view=o365-21vianet) | modified |
+| 2/9/2021 | [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) | modified |
+| 2/9/2021 | [Remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-21vianet) | modified |
+| 2/9/2021 | [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) | modified |
+| 2/9/2021 | [Review and manage remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-review-approve-pending-completed-actions?view=o365-21vianet) | modified |
+| 2/9/2021 | [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) | modified |
+| 2/9/2021 | [Alerts in the Security & Compliance Center](/microsoft-365/security/office-365-security/alerts?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-malware protection FAQ](/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-phishing protection](/microsoft-365/security/office-365-security/anti-phishing-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spam and anti-malware protection](/microsoft-365/security/office-365-security/anti-spam-and-anti-malware-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spam message headers](/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spam protection FAQ](/microsoft-365/security/office-365-security/anti-spam-protection-faq?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spam protection](/microsoft-365/security/office-365-security/anti-spam-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spoofing protection FAQ](/microsoft-365/security/office-365-security/anti-spoofing-protection-faq?view=o365-21vianet) | modified |
+| 2/9/2021 | [Anti-spoofing protection](/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-21vianet) | modified |
+| 2/9/2021 | [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams?view=o365-21vianet) | modified |
+| 2/9/2021 | [Safe Attachments](/microsoft-365/security/office-365-security/atp-safe-attachments?view=o365-21vianet) | modified |
+| 2/9/2021 | [Safe Links](/microsoft-365/security/office-365-security/atp-safe-links?view=o365-21vianet) | modified |
+| 2/9/2021 | [Attack Simulator in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/attack-simulator?view=o365-21vianet) | modified |
+| 2/9/2021 | [Auditing reports in standalone EOP](/microsoft-365/security/office-365-security/auditing-reports-in-eop?view=o365-21vianet) | modified |
+| 2/9/2021 | [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) | modified |
+| 2/10/2021 | [Terms of use for the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/defender-for-office-365-trial-terms-and-conditions?view=o365-21vianet) | added |
+| 2/10/2021 | [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) | modified |
+| 2/10/2021 | [Microsoft 365 Reports in the admin center - Microsoft Teams user activity](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) | modified |
+| 2/10/2021 | [Microsoft 365 Reports in the admin center - SharePoint site usage](/microsoft-365/admin/activity-reports/sharepoint-site-usage-ww?view=o365-21vianet) | modified |
+| 2/10/2021 | [Manage and monitor priority accounts](/microsoft-365/admin/setup/priority-accounts?view=o365-21vianet) | modified |
+| 2/10/2021 | [Access on-premises resources from an Azure AD-joined device in Microsoft 365 Business](/microsoft-365/business/access-resources?view=o365-21vianet) | modified |
+| 2/10/2021 | [Get started with Microsoft Compliance Manager](/microsoft-365/compliance/compliance-manager-setup?view=o365-21vianet) | modified |
+| 2/10/2021 | [Microsoft Managed Desktop technologies](/microsoft-365/managed-desktop/intro/technologies?view=o365-21vianet) | modified |
+| 2/10/2021 | [About the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/about-defender-for-office-365-trial?view=o365-21vianet) | modified |
+| 2/10/2021 | [Remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-21vianet) | modified |
+| 2/10/2021 | Terms of use for the Microsoft Defender for Office 365 trial | removed |
+| 2/10/2021 | [Microsoft OneDrive](/microsoft-365/managed-desktop/get-started/onedrive?view=o365-21vianet) | added |
+| 2/10/2021 | [Upgrade your Office 2010 to Microsoft 365 - Microsoft 365 admin](/microsoft-365/admin/setup/upgrade-users-to-latest-office-client?view=o365-21vianet) | modified |
+| 2/10/2021 | [Use a PowerShell script to search the audit log](/microsoft-365/compliance/audit-log-search-script?view=o365-21vianet) | modified |
+| 2/10/2021 | [Enable archive mailboxes in the Security & Compliance Center](/microsoft-365/compliance/enable-archive-mailboxes?view=o365-21vianet) | modified |
+| 2/10/2021 | [Set up compliance boundaries for eDiscovery investigations](/microsoft-365/compliance/set-up-compliance-boundaries?view=o365-21vianet) | modified |
+| 2/10/2021 | [Attack Simulator in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/attack-simulator?view=o365-21vianet) | modified |
+| 2/10/2021 | [Collaborate with guests in a team](/microsoft-365/solutions/collaborate-as-team?view=o365-21vianet) | modified |
+| 2/10/2021 | [Limit sharing in Microsoft 365](/microsoft-365/solutions/microsoft-365-limit-sharing?view=o365-21vianet) | modified |
+| 2/11/2021 | [Cancel your subscription](/microsoft-365/commerce/subscriptions/cancel-your-subscription?view=o365-21vianet) | modified |
+| 2/11/2021 | [Apply Information Rights Management (IRM) to a list or library](/microsoft-365/compliance/apply-irm-to-a-list-or-library?view=o365-21vianet) | modified |
+| 2/11/2021 | [Preparing for TLS 1.2 in Office 365 and Office 365 GCC](/microsoft-365/compliance/prepare-tls-1.2-in-office-365?view=o365-21vianet) | modified |
+| 2/11/2021 | [Technical reference details about encryption](/microsoft-365/compliance/technical-reference-details-about-encryption?view=o365-21vianet) | modified |
+| 2/11/2021 | [Disabling TLS 1.0 and 1.1 in Office 365 GCC High and DoD](/microsoft-365/compliance/tls-1-2-in-office-365-gcc?view=o365-21vianet) | modified |
+| 2/11/2021 | [Disabling TLS 1.0 and 1.1 for Microsoft 365](/microsoft-365/compliance/tls-1.0-and-1.1-deprecation-for-office-365?view=o365-21vianet) | modified |
+| 2/11/2021 | [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) | modified |
+| 2/11/2021 | [Identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) | modified |
+| 2/11/2021 | [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) | modified |
+| 2/11/2021 | [Insider risk solution](/microsoft-365/compliance/insider-risk-solution-overview?view=o365-21vianet) | modified |
+| 2/11/2021 | [Use sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) | modified |
+| 2/11/2021 | [What's new in Microsoft 365 compliance](/microsoft-365/compliance/whats-new?view=o365-21vianet) | modified |
+| 2/11/2021 | [Identity and device access prerequisites for cloud only in your Microsoft 365 test environment](/microsoft-365/enterprise/cloud-only-prereqs-m365-test-environment?view=o365-21vianet) | modified |
+| 2/11/2021 | [Identity and device access for your Microsoft 365 test environment](/microsoft-365/enterprise/identity-device-access-m365-test-environment?view=o365-21vianet) | modified |
+| 2/11/2021 | [Identity and device access prerequisites for password hash synchronization in your Microsoft 365 test environment](/microsoft-365/enterprise/phs-prereqs-m365-test-environment?view=o365-21vianet) | modified |
+| 2/11/2021 | [Identity and device access prerequisites for pass-through authentication in your Microsoft 365 test environment](/microsoft-365/enterprise/pta-prereqs-m365-test-environment?view=o365-21vianet) | modified |
+| 2/11/2021 | [Set up secure collaboration with Microsoft 365](/microsoft-365/solutions/setup-secure-collaboration-with-teams?view=o365-21vianet) | modified |
+| 2/11/2021 | [Communication compliance feature reference](/microsoft-365/compliance/communication-compliance-feature-reference?view=o365-21vianet) | modified |
+| 2/12/2021 | [Microsoft Defender for Endpoint in the Microsoft 365 security center](/microsoft-365/security/mtp/mssp-access?view=o365-21vianet) | added |
+| 2/12/2021 | [Use sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) | modified |
+| 2/12/2021 | [Migration phases actions and impacts for the migration from Microsoft Cloud Deutschland (advanced)](/microsoft-365/enterprise/ms-cloud-germany-transition-add-experience?view=o365-21vianet) | modified |
+| 2/12/2021 | [Pre-work for the migration from Microsoft Cloud Deutschland](/microsoft-365/enterprise/ms-cloud-germany-transition-add-pre-work?view=o365-21vianet) | modified |
+| 2/12/2021 | [Migration phases actions and impacts for the migration from Microsoft Cloud Deutschland (general)](/microsoft-365/enterprise/ms-cloud-germany-transition-phases?view=o365-21vianet) | modified |
+| 2/12/2021 | [Microsoft Defender for Endpoint in the Microsoft 365 security center](/microsoft-365/security/mtp/microsoft-365-security-center-mde?view=o365-21vianet) | modified |
+| 2/12/2021 | [Use a QR code to sign-in to the Outlook mobile apps](/microsoft-365/admin/manage/use-qr-code-download-outlook?view=o365-21vianet) | modified |
+| 2/12/2021 | [Advanced Audit in Microsoft 365](/microsoft-365/compliance/advanced-audit?view=o365-21vianet) | modified |
+| 2/12/2021 | [Customer Key for Microsoft 365 at the tenant level (public preview)](/microsoft-365/compliance/customer-key-tenant-level?view=o365-21vianet) | modified |
+| 2/12/2021 | [Get started with sensitivity labels](/microsoft-365/compliance/get-started-with-sensitivity-labels?view=o365-21vianet) | modified |
+| 2/12/2021 | [Learn about retention policies & labels to automatically retain or delete content](/microsoft-365/compliance/retention?view=o365-21vianet) | modified |
+| 2/12/2021 | [Manage sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) | modified |
+| 2/12/2021 | [Apply a retention label to a model](/microsoft-365/contentunderstanding/apply-a-retention-label-to-a-model) | modified |
+| 2/12/2021 | [Create a classifier](/microsoft-365/contentunderstanding/create-a-classifier) | modified |
+| 2/12/2021 | [Create an extractor](/microsoft-365/contentunderstanding/create-an-extractor) | modified |
+| 2/12/2021 | [Document understanding overview](/microsoft-365/contentunderstanding/document-understanding-overview) | modified |
+| 2/12/2021 | [Explanation types](/microsoft-365/contentunderstanding/explanation-types-overview) | modified |
+| 2/12/2021 | [Form processing overview](/microsoft-365/contentunderstanding/form-processing-overview) | modified |
+| 2/12/2021 | [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) | modified |
+| 2/12/2021 | [Create a new topic in Microsoft Viva Topics](/microsoft-365/knowledge/create-a-topic) | modified |
+| 2/12/2021 | [Introduction to Microsoft Viva Topics](/microsoft-365/knowledge/index) | modified |
+| 2/12/2021 | [Get ready for enrollment in Microsoft Managed Desktop](/microsoft-365/managed-desktop/get-ready/index?view=o365-21vianet) | modified |
++ ## Week of February 01, 2021
knowledge https://docs.microsoft.com/en-us/microsoft-365/knowledge/set-up-topic-experiences https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/knowledge/set-up-topic-experiences.md
@@ -20,6 +20,8 @@ It is important to plan the best way to set up and configure topics in your envi
You must be [subscribed to Viva Topics](https://www.microsoft.com/microsoft-viva/topics) and be a global administrator or SharePoint administrator to access the Microsoft 365 admin center and set up Topics.
+If you have configured SharePoint to [require managed devices](https://docs.microsoft.com/sharepoint/control-access-from-unmanaged-devices), be sure to set up Topics from a managed device.
+ ## Video demonstration This video shows the process for setting up Topics in Microsoft 365.
security https://docs.microsoft.com/en-us/microsoft-365/security/includes/microsoft-defender-for-office https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/includes/microsoft-defender-for-office.md
@@ -7,5 +7,4 @@
> [!IMPORTANT]
-> The improved [Microsoft 365 security center](https://security.microsoft.com) is now available in public preview. This new experience brings Defender for Endpoint, Defender for Office, 365 Microsoft 365 Defender, and more into the Microsoft 365 security center. [Learn what's new](https://docs.microsoft.com/microsoft-365/security/mtp/overview-security-center). This topic might apply to both Microsoft Defender for Office 365 and Microsoft 365 Defender. Refer to the **Applies To** section and look for specific call outs in this article where there might be differences.
-
+> The improved [Microsoft 365 security center](https://security.microsoft.com) is now available in public preview. This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 security center. [Learn what's new](https://docs.microsoft.com/microsoft-365/security/mtp/overview-security-center). This topic might apply to both Microsoft Defender for Office 365 and Microsoft 365 Defender. Refer to the **Applies To** section and look for specific call-outs in this article where there might be differences.
security https://docs.microsoft.com/en-us/microsoft-365/security/mtp/preview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/mtp/preview.md
@@ -26,8 +26,8 @@ ms.technology: m365d
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender.md)]
->[!IMPORTANT]
->The preview versions are provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
+> [!IMPORTANT]
+> The preview versions are provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
**Applies to:** - Microsoft 365 Defender
@@ -38,22 +38,29 @@ Learn about new features in the Microsoft 365 Defender preview release and be am
For more information on new capabilities that are generally available, see [What's new in Microsoft 365 Defender](whats-new.md).
+## Required permissions
+
+Accounts assigned the following Azure Active Directory (Azure AD) roles can turn on Microsoft 365 Defender Preview features:
+
+- Global administrator
+- Security administrator
+- Security Operator
+ ## Turn on preview features+ You'll have access to upcoming features that you can provide feedback on to help improve the overall experience before features are generally available. Turn on the preview experience setting to be among the first to try upcoming features. 1. In the navigation pane, select **Settings**.- 2. Select **Microsoft 365 Defender**.- 3. Select **Preview features** > **Turn on preview features**. - 4. Select **Save**. You'll know you have preview features turned on when you see that the **Turn on preview features** check box is selected. ## Preview features+ The following features and enhancements are currently available on preview: ### Improved Microsoft 365 security center
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-safe-attachments https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/atp-safe-attachments.md
@@ -50,7 +50,7 @@ The following table describes scenarios for Safe Attachments in Microsoft 365 an
Safe Attachments scanning takes place in the same region where your Microsoft 365 data resides. For more information about datacenter geography, see [Where is your data located?](https://products.office.com/where-is-your-data-located?geo=All) > [!NOTE]
-> The following features are located in the global settings are of Safe Attachments policies in the Security & Compliance Center, but these settings are enabled or disabled globally, and don't require Safe Attachments policies:
+> The following features are located in the global settings of Safe Attachments policies in the Security & Compliance Center. But, these settings are enabled or disabled globally, and don't require Safe Attachments policies:
> > - [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](atp-for-spo-odb-and-teams.md). >
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/atp-safe-links https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/atp-safe-links.md
@@ -88,7 +88,7 @@ The following table describes scenarios for Safe Links in Microsoft 365 and Offi
Safe Links scans incoming email for known malicious hyperlinks. Scanned URLs are rewritten using the Microsoft standard URL prefix: `https://nam01.safelinks.protection.outlook.com`. After the link is rewritten, it's analyzed for potentially malicious content.
-After Safe Links rewrites a URL, the URL remains rewritten, even if the message is forwarded or replied to. Additional links that are added to the forwarded or replied to message are not rewritten.
+After Safe Links rewrites a URL, the URL remains rewritten even if the message is *manually* forwarded or replied to (both to internal and external recipients). Additional links that are added to the forwarded or replied to message are not rewritten. However, in the case of *automatic* forwarding by Inbox rules or SMTP forwarding, the URL will not be rewritten in the message that's intended for the final recipient *unless* that recipient is also protected by Safe Links or the URL had already been rewritten in a previous communication.
The settings in Safe Links policies that apply to email messages are described in the following list:
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/azure-ip-protection-features https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/azure-ip-protection-features.md
@@ -56,7 +56,8 @@ Office 365 Message Encryption leverages the protection capabilities in Azure Inf
If your organization has purchased an eligible Office 365 license, then your tenant will be impacted by this change.
- **IMPORTANT!** If you're using Active Directory Rights Management Services (AD RMS) in your on-premises environment, you must either opt-out of this change immediately or migrate to Azure Information Protection before we roll out this change within the next 30 days. For information on how to opt-out, see "I use AD RMS, how do I opt out?" later in this article. If you prefer to migrate, see [Migrating from AD RMS to Azure Information Protection.](https://docs.microsoft.com/azure/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms)
+> [!IMPORTANT]
+> If you're using Active Directory Rights Management Services (AD RMS) in your on-premises environment, you must either opt-out of this change immediately or migrate to Azure Information Protection before we roll out this change within the next 30 days. For information on how to opt-out, see "I use AD RMS, how do I opt out?" later in this article. If you prefer to migrate, see [Migrating from AD RMS to Azure Information Protection.](https://docs.microsoft.com/azure/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms).
## Can I use Azure Information Protection with Active Directory Rights Management Services (AD RMS)?
@@ -68,9 +69,9 @@ Use these instructions from [Preparing the environment for Azure Rights Manageme
1. Although optional, most AD RMS deployments publish the service connection point (SCP) to Active Directory so that domain computers can discover the AD RMS cluster.
-Use ADSI Edit to see whether you have an SCP published in Active Directory: CN=Configuration [server name], CN=Services, CN=RightsManagementServices, CN=SCP
+ Use ADSI Edit to see whether you have an SCP published in Active Directory: CN=Configuration [server name], CN=Services, CN=RightsManagementServices, CN=SCP
-2. If you are not using an SCP, Windows computers that connect to an AD RMS cluster must be configured for client-side service discovery or licensing redirection by using the Windows registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSIPC\ServiceLocation or HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\MSIPC\ServiceLocation
+2. If you are not using an SCP, Windows computers that connect to an AD RMS cluster must be configured for client-side service discovery or licensing redirection by using the Windows registry: `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSIPC\ServiceLocation or HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\MSIPC\ServiceLocation`.
For more information about these registry configurations, see [Enabling client-side service discovery by using the Windows registry](https://docs.microsoft.com/azure/information-protection/rms-client/client-deployment-notes#enabling-client-side-service-discovery-by-using-the-windows-registry) and [Redirecting licensing server traffic](https://docs.microsoft.com/azure/information-protection/rms-client/client-deployment-notes#redirecting-licensing-server-traffic).
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/external-email-forwarding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/external-email-forwarding.md
@@ -68,8 +68,8 @@ Remote domain settings and mail flow rules are independent of the settings in ou
This feature independence allows you to (for example) allow automatic forwarding in outbound spam filter policies, but use remote domains to control the external domains that users can forward messages to.
-## The blocked email forwarding message
+## Blocked email forwarding messages
-When a message is detected as automatically forwarded, and the organizational policy *blocks* that activity, the message is returned to the sender in an NDR that contains the following information:
+When a message is detected as automatically forwarded, and the [outbound spam filter](configure-the-outbound-spam-policy.md) policy *blocks* that activity, the message is returned to the sender in an NDR that contains the following information:
`5.7.520 Access denied, Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555)`
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/install-app-guard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/install-app-guard.md
@@ -24,15 +24,13 @@ ms.prod: m365-security
**Applies to:** Word, Excel, and PowerPoint for Microsoft 365, Windows 10 Enterprise
-Microsoft Defender Application Guard for Office (Application Guard for Office) helps prevent untrusted files from accessing trusted resources, keeping your enterprise safe from new and emerging attacks. This article walks admins through setting up devices for a preview of Application Guard for Office. It provides
-information about system requirements and installation steps to enable Application Guard for Office on a device.
+Microsoft Defender Application Guard for Office (Application Guard for Office) helps prevent untrusted files from accessing trusted resources, keeping your enterprise safe from new and emerging attacks. This article walks admins through setting up devices for a preview of Application Guard for Office. It provides information about system requirements and installation steps to enable Application Guard for Office on a device.
## Prerequisites ### Minimum hardware requirements
-* **CPU**: 64-bit, 4 cores (physical or virtual), virtualization extensions
- (Intel VT-x OR AMD-V), Core i5 equivalent or higher recommended
+* **CPU**: 64-bit, 4 cores (physical or virtual), virtualization extensions (Intel VT-x OR AMD-V), Core i5 equivalent or higher recommended
* **Physical memory**: 8-GB RAM * **Hard disk**: 10 GB of free space on the system drive (SSD recommended)
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data.md
@@ -28,7 +28,7 @@ ms.prod: m365-security
There are many tools that can be used to monitor the use and transport of personal data. This topic describes three tools that work well.
-![Tools to monitor the use and transport of personaal data](../../media/Monitor-for-leaks-of-personal-data-image1.png)
+![Tools to monitor the use and transport of personal data](../../media/Monitor-for-leaks-of-personal-data-image1.png)
In the illustration:
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam.md
@@ -55,8 +55,9 @@ Admins can remove users from the Restricted Senders portal in the Security & Com
For more information, see [Permissions in the Security & Compliance Center](permissions-in-the-security-and-compliance-center.md). > [!NOTE]
- >
+ >
> - Adding users to the corresponding Azure Active Directory role in the Microsoft 365 admin center gives users the required permissions in the Security & Compliance Center _and_ permissions for other features in Microsoft 365. For more information, see [About admin roles](https://docs.microsoft.com/microsoft-365/admin/add-users/about-admin-roles).
+ >
> - The **View-Only Organization Management** role group in [Exchange Online](https://docs.microsoft.com/Exchange/permissions-exo/permissions-exo#role-groups) also gives read-only access to the feature. - A sender exceeding the outbound email limits is an indicator of a compromised account. Before you remove the user from the Restricted Users portal, be sure to follow the required steps to regain control of their account. For more information, see [Responding to a compromised email account in Office 365](responding-to-a-compromised-email-account.md).
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/set-up-anti-phishing-policies.md
@@ -202,9 +202,11 @@ The following impersonation settings are only available in anti-phishing policie
- **Impersonated domains**: The From address contains a protected domain. - **Unusual characters**: The From address contains unusual character sets (for example, mathematical symbols and text or a mix of uppercase and lowercase letters) in a protected sender or domain. + > [!IMPORTANT] >
- > Even when the impersonation safety tips are turned off, **we recommended** that you use a mail flow rule (also known as a transport rule) to add a message header named **X-MS-Exchange-EnableFirstContactSafetyTip** with value **enable** to messages. A safety tip will notify recipients the first time they get a message from the sender or if they don't often get messages from the sender.
+ > **Recommendation for enabling a safety tip that will appear during the first-time contact between the sender and recipient(s)**:
+ > Even when the impersonation safety tips are turned off, **we recommend** that you use a mail flow rule (also known as a transport rule) to add a message header named **X-MS-Exchange-EnableFirstContactSafetyTip** with value **enable** to messages. A safety tip will notify recipients the first time they get a message from the sender or if they don't often get messages from the sender. This capability adds an extra layer of security protection against potential impersonation attacks.
> :::image type="content" source="../../media/safety-tip-first-contact-multiple-recipients.png" alt-text="The text of the safety tip for impersonation protection with multiple recipients."::: - **Mailbox intelligence**: Enables or disables artificial intelligence (AI) that determines user email patterns with their frequent contacts. This setting helps the AI distinguish between legitimate and spoofed email from those contacts. Mailbox intelligence is only available for Exchange Online mailboxes.
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list.md
@@ -79,7 +79,7 @@ For details about the syntax for URL entries, see the [URL syntax for the Tenant
1. In the Security & Compliance Center, go to **Threat management** \> **Policy** \> **Tenant Allow/Block Lists**.
-2. On the **Tenant Allow/Block List** page, verify that the **URLs** tab is selected, and then click **Add**
+2. On the **Tenant Allow/Block List** page, verify that the **URLs** tab is selected, and then click **Block**
3. In the **Block URLs** flyout that appears, configure the following settings:
@@ -101,7 +101,7 @@ For details about the syntax for URL entries, see the [URL syntax for the Tenant
1. In the Security & Compliance Center, go to **Threat management** \> **Policy** \> **Tenant Allow/Block Lists**.
-2. On the **Tenant Allow/Block List** page, select **Files** tab, and then click **Add**.
+2. On the **Tenant Allow/Block List** page, select **Files** tab, and then click **Block**.
3. In the **Add files to block** flyout that appears, configure the following settings:
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/view-reports-for-atp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/view-reports-for-atp.md
@@ -318,6 +318,9 @@ If you click **View details table**, the report provides a near-real-time view o
If you click **Filters** in the details table view, you can filter by the same criteria as in the report view, and also by **Domains** or **Recipients** separated by commas.
+> [!NOTE]
+> The **Domains** filter refers to the URL domain listed in the report results.
+ To get back to the reports view, click **View report**. ## Additional reports to view
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/virus-detection-in-spo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/virus-detection-in-spo.md
@@ -70,6 +70,8 @@ OneDrive sync clients will not download files that contain viruses. The sync cli
Microsoft 365 organizations that have [Microsoft Defender for Office 365](office-365-atp.md) included in their subscription or purchased as an add-on can enable Safe Attachments for SharePoint, OneDrive, and Microsoft Teams for enhanced reporting and protection. For more information, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](atp-for-spo-odb-and-teams.md).
-## More information
+## Related Articles
+
+[Malware and ransomware protection in Microsoft 365](https://docs.microsoft.com/compliance/assurance/assurance-malware-and-ransomware-protection)
For more information about anti-virus in SharePoint Online, OneDrive, and Microsoft Teams, see [Protect against threats](protect-against-threats.md) and [Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](turn-on-atp-for-spo-odb-and-teams.md).
security https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/whats-new-in-office-365-atp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/whats-new-in-office-365-atp.md
@@ -40,6 +40,7 @@ This article lists new features in the latest release of Microsoft Defender for
## December 2020 - [Secure by default in Office 365](secure-by-default.md)
+- Automated investigation improvements to: general alerts for manually triggered email investigations, treat mailbox changes as a separate entity category, remove redundant URL block actions, and create outbound email clusters for user compromised investigations.
## November 2020
solutions https://docs.microsoft.com/en-us/microsoft-365/solutions/collaborate-with-people-outside-your-organization https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/collaborate-with-people-outside-your-organization.md
@@ -31,7 +31,7 @@ Collaborating with people outside your organization consists of two major compon
## Enable sharing
-By default, in Microsoft 365, sharing with people outside your organization is enabled for SharePoint and OneDrive, but disabled for Teams. Many SharePoint and OneDrive external sharing scenarios work without further configuration. To confirm the settings for a scenario that you're using, or enable a new one, choose from the following options:
+By default, in Microsoft 365, sharing with people outside your organization is enabled. Many external sharing scenarios work without further configuration. To confirm the settings for a scenario that you're using, or enable a new one, choose from the following options:
- [Collaborate on documents](collaborate-on-documents.md) - Learn how to configure Microsoft 365 to allow sharing and collaboration with people outside your organization (both guests and unauthenticated users) on files and folders. - [Collaborate in a site](collaborate-in-site.md) - Learn how to configure Microsoft 365 to enable sharing SharePoint sites with guests.