Docs update tracker

Updates from: 04/20/2022 01:30:55

Category	Microsoft Docs article	Related commit history on GitHub	Change details
admin	Activity Reports	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/activity-reports/activity-reports.md	Global administrators can revert this change for their tenant and show identifia 3. Uncheck the statement Display concealed user, group, and site names in all reports, and then save your changes. -It'll take a few minutes for these changes to take effect on the reports in the reports dashboard. This setting also applies to the Microsoft 365 usage reports in [Microsoft Graph](/graph/api/resources/report) and [Power BI](/microsoft-365/admin/usage-analytics/usage-analytics) and [the usage reports in Microsoft Teams Admin center](/microsoftteams/teams-analytics-and-reports/teams-reporting-reference). Showing identifiable user information is a logged event in the Microsoft 365 compliance center audit log. +It'll take a few minutes for these changes to take effect on the reports in the reports dashboard. This setting also applies to the Microsoft 365 usage reports in [Microsoft Graph](/graph/api/resources/report) and [Power BI](/microsoft-365/admin/usage-analytics/usage-analytics) and [the usage reports in Microsoft Teams Admin center](/microsoftteams/teams-analytics-and-reports/teams-reporting-reference). Showing identifiable user information is a logged event in the Microsoft Purview compliance portal audit log. ## What happens to usage data when a user account is closed?
admin	About Admin Roles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/about-admin-roles.md	You'll probably only need to assign the following roles in your organization. By \|Office Apps admin \| Assign the Office Apps admin role to users who need to do the following: <br> - Use the Office cloud policy service to create and manage cloud-based policies for Office <br> - Create and manage service requests <br> - Manage the What's New content that users see in their Office apps <br> - Monitor service health \| \|Password admin \| Assign the Password admin role to a user who needs to reset passwords for non-administrators and Password Administrators. \| \|Message center reader \| Assign the Message center reader role to users who need to do the following: <br> - Monitor message center notifications <br> - Get weekly email digests of message center posts and updates <br> - Share message center posts <br> - Have read-only access to Azure AD services, such as users and groups\| -\|Power Platform admin \| Assign the Power Platform admin role to users who need to do the following: <br> - Manage all admin features for Power Apps, Power Automate, and data loss prevention <br> - Create and manage service requests <br> - Monitor service health \| +\|Power Platform admin \| Assign the Power Platform admin role to users who need to do the following: <br> - Manage all admin features for Power Apps, Power Automate, and Microsoft Purview Data Loss Prevention <br> - Create and manage service requests <br> - Monitor service health \| \|Reports reader \| Assign the Reports reader role to users who need to do the following: <br> - View usage data and the activity reports in the Microsoft 365 admin center <br> - Get access to the Power BI adoption content pack <br> - Get access to sign-in reports and activity in Azure AD <br> - View data returned by Microsoft Graph reporting API\| \|Service Support admin \| Assign the Service Support admin role as an additional role to admins or users who need to do the following in addition to their usual admin role: <br> - Open and manage service requests <br> - View and share message center posts <br> - Monitor service health \| \|SharePoint admin \| Assign the SharePoint admin role to users who need to access and manage the SharePoint Online admin center. <br><br>SharePoint admins can also: <br> - Create and delete sites <br> - Manage site collections and global SharePoint settings \|
admin	What Is Microsoft 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/what-is-microsoft-365.md	When you sign up for Microsoft 365 Business Premium, you get all the same produc \| Protect against threats \| Microsoft 365 Business Premium helps protect you against threats with advanced threat protection capabilities. These capabilities include safe attachments and safe links protection. <br/><br/>Check out [Overview of Microsoft Defender for Business](../../security/defender-business/mdb-overview.md) (preview!) for additional security and threat protection capabilities. \| \| Secure business data \| Your personal data is protected on personal devices with PIN access, and restricted copy and saving. You can also add information protection to make sure that only authorized people can access sensitive information. \| \| Secure your devices \| You can protect your work files on devices by restricting mobile access, such as copy and paste. You can also selectively wipe business data from enrolled mobile devices if they are lost or stolen. \| -\| Additional security features \| Advanced features in Microsoft 365 Business Premium are available to help you protect your business against cyber-threats and safeguard sensitive information. The capabilities include Microsoft Defender for Office 365 Plan 1, Data loss prevention policies (DLP), Exchange Online archiving, Azure Information Protection, and Intune. \| +\| Additional security features \| Advanced features in Microsoft 365 Business Premium are available to help you protect your business against cyber-threats and safeguard sensitive information. The capabilities include Microsoft Defender for Office 365 Plan 1, Microsoft Purview Data Loss Prevention policies (DLP), Exchange Online archiving, Azure Information Protection, and Intune. \| If you have Microsoft Business Premium, the quickest way to setup security and begin collaborating safely is to follow the guidance in this library: [Microsoft 365 for smaller businesses and campaigns](../../business-premium/index.md). This guidance was developed in partnership with the Microsoft Defending Democracy team to protect all small business customers against cyber threats launched by sophisticated hackers.
admin	Capabilities	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/capabilities.md	You can set these additional policy settings by using PowerShell cmdlets: ## Remotely wipe a mobile device -If a device is lost or stolen, you can remove sensitive organizational data and help prevent access to your Microsoft 365 organization resources by doing a wipe from Security & Compliance center > Data loss prevention > Device management. You can do a selective wipe to remove only organizational data or a full wipe to delete all information from a device and restore it to its factory settings. +If a device is lost or stolen, you can remove sensitive organizational data and help prevent access to your Microsoft 365 organization resources by doing a wipe from Microsoft Purview compliance portal > Data loss prevention > Device management. You can do a selective wipe to remove only organizational data or a full wipe to delete all information from a device and restore it to its factory settings. For more information, see [Wipe a mobile device in Basic Mobility and Security](wipe-mobile-device.md).
admin	Manage Device Access Settings	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/manage-device-access-settings.md	Use these steps: > [!IMPORTANT] > If this is the first time you're using Basic Mobility and Security for Microsoft 365 Business Standard, activate it here: [Activate Basic Security and Mobility](https://admin.microsoft.com/EAdmin/Device/IntuneInventory.aspx). After you've activated it, manage your devices with [Office 365 Security & Compliance](https://protection.office.com/). -3. Go to Data loss prevention > Device management > Device policies, and select Manage organization-wide device access settings. +3. Go toΓÇ»Data loss preventionΓÇ»>ΓÇ»Device managementΓÇ»>ΓÇ»Device policies,ΓÇ»and selectΓÇ»Manage organization-wide device access settings. 4. Select Block.
admin	Manage Enrolled Devices	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/manage-enrolled-devices.md	description: "Basic Mobility and Security can help you secure and manage your or The built-in mobile device management for Microsoft 365 helps you secure and manage your users' mobile devices like iPhones, iPads, Androids, and Windows phones. The first step is to sign in to Microsoft 365 and set up Basic Mobility and Security. For more info, see [Set up Basic Mobility and Security](set-up.md). -After you've set it up, the people in your organization must enroll their devices in the service. For more info, see [Enroll your mobile device using Basic Mobility and Security](enroll-your-mobile-device.md). Then you can use Basic Mobility and Security to help manage devices in your organization. For example, you can use device security policies to help limit email access or other services, view devices reports, and remotely wipe a device. You'll typically go to the Security & Compliance Center to do these tasks. For more info, see [Microsoft 365 compliance center](../../compliance/microsoft-365-compliance-center.md). +After you've set it up, the people in your organization mustΓÇ»enroll their devices in the service. For more info, see [Enroll your mobile device using Basic Mobility and Security](enroll-your-mobile-device.md).ΓÇ»Then you can use Basic Mobility and Security to help manage devices in your organization. For example, you can use device security policies to help limit email access or other services, view devices reports, and remotely wipe a device. You'll typically go to theΓÇ»Security & Compliance Center to do these tasks. For more info, see [Microsoft Purview compliance portal](../../compliance/microsoft-365-compliance-center.md). ## Device management tasks
admin	About Shared Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/about-shared-mailboxes.md	Before you [create a shared mailbox](create-a-shared-mailbox.md), here are some > [!NOTE] -> To access a shared mailbox, a user must have an Exchange Online license, but the shared mailbox doesn't require a separate license. Every shared mailbox has a corresponding user account. Notice how you weren't asked to provide a password when you created the shared mailbox? The account has a password, but it's system-generated (unknown). You shouldn't use the account to log in to the shared mailbox. Without a license, shared mailboxes are limited to 50 GB. To increase the size limit to 100 GB, the shared mailbox must be assigned an Exchange Online Plan 2 license. The Exchange Online Plan 1 license with an Exchange Online Archiving add-on license will only increase the size of the archive mailbox. This will also let you enable auto-expanding archiving for additional archive storage capacity. Similarly, if you want to place a shared mailbox on litigation hold, the shared mailbox must have an Exchange Online Plan 2 license or an Exchange Online Plan 1 license with an Exchange Online Archiving add-on license. If you want to apply advanced features such as Microsoft Defender for Office 365, Advanced eDiscovery, or automatic retention policies, the shared mailbox must be licensed for those features. +> To access a shared mailbox, a user must have an Exchange Online license, but the shared mailbox doesn't require a separate license. Every shared mailbox has a corresponding user account. Notice how you weren't asked to provide a password when you created the shared mailbox? The account has a password, but it's system-generated (unknown). You shouldn't use the account to log in to the shared mailbox. Without a license, shared mailboxes are limited to 50 GB. To increase the size limit to 100 GB, the shared mailbox must be assigned an Exchange Online Plan 2 license. The Exchange Online Plan 1 license with an Exchange Online Archiving add-on license will only increase the size of the archive mailbox. This will also let you enable auto-expanding archiving for additional archive storage capacity. Similarly, if you want to place a shared mailbox on litigation hold, the shared mailbox must have an Exchange Online Plan 2 license or an Exchange Online Plan 1 license with an Exchange Online Archiving add-on license. If you want to apply advanced features such as Microsoft Defender for Office 365, eDiscovery (Premium), or automatic retention policies, the shared mailbox must be licensed for those features. ## Related content
admin	Manage Office Scripts Settings	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/manage-office-scripts-settings.md	description: "Learn how to manage Office Scripts settings for users in your orga ## Next steps -Because Office Scripts works with Power Automate, we recommend that you review your existing data loss prevention (DLP) policies to ensure your organization's data remains protected while users use Office Scripts. For more information, see [Data loss prevention (DLP) policies](/power-automate/prevent-data-loss). +Because Office Scripts works with Power Automate, we recommend that you review your existing Microsoft Purview Data Loss Prevention (DLP) policies to ensure your organization's data remains protected while users use Office Scripts. For more information, see [Data loss prevention (DLP) policies](/power-automate/prevent-data-loss). ## Related content
admin	Message Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/message-center.md	Here's a quick overview of the information you'll see in each column. - Compliance administrator - Conditional access administrator-- Customer LockBox access approver +- Customer Lockbox access approver - Device administrators - Directory readers - Directory synchronization accounts
admin	Remove Licenses From Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/remove-licenses-from-users.md	When you use the Active users page to unassign licenses, you unassign produc - When a license is removed from a user, Exchange online data that is associated with that account is held for 30 days. After the 30-day grace period, the data is deleted and can't be recovered. - Files saved in OneDrive for Business aren't deleted unless the user is deleted from the Microsoft 365 admin center or is removed through Active Directory synchronization. For more information, see [OneDrive retention and deletion](/onedrive/retention-and-deletion).-- When the license is removed, the user's mailbox is no longer searchable by using an eDiscovery tool such as Content Search or Advanced eDiscovery. For more information, see "Searching disconnected or de-licensed mailboxes" in [Content Search in Microsoft 365](../../compliance/content-search.md). +- When the license is removed, the user's mailbox is no longer searchable by using an eDiscovery tool such as Content Search or eDiscovery (Premium). For more information, see "Searching disconnected or de-licensed mailboxes" in [Content Search in Microsoft 365](../../compliance/content-search.md). - If you have an Enterprise subscription, like Office 365 Enterprise E3, Exchange Online lets you preserve the mailbox data of a deleted user account by using [inactive mailboxes](../../compliance/inactive-mailboxes-in-office-365.md). For more information, see [Create and manage inactive mailboxes in Exchange Online](../../compliance/create-and-manage-inactive-mailboxes.md). - To learn how to block a user's access to Microsoft 365 data after their license is removed, and how to get access to the data afterwards, see [Remove a former employee](../add-users/remove-former-employee.md). - If you remove a user's license and they still have Office apps installed, they see [Unlicensed Product and activation errors in Office](https://support.microsoft.com/office/0d23d3c0-c19c-4b2f-9845-5344fedc4380) when they use Office apps.
admin	Gdpr Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/security-and-compliance/gdpr-compliance.md	As another example, you may manage lists of individual customers to send them notices about special offers, if they have consented to this. #### Microsoft 365 features that can help -[Microsoft Information Protection in Microsoft 365](/microsoft-365/compliance/information-protection) can help you discover, classify, and protect sensitive information in your company. You can use trainable classifiers to help you identify and label document types that contain personal data. +[Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) can help you discover, classify, and protect sensitive information in your company. You can use trainable classifiers to help you identify and label document types that contain personal data. ### Step 2: Inform your customers, employees, and other individuals when you need to collect their personal data
admin	Secure Your Business Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/security-and-compliance/secure-your-business-data.md	Microsoft recommends that you complete the tasks listed in the following table t \| 4 \| [Protect against malware](#4-protect-against-malware) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(protection for email) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(increased protection for email and devices) \| \| 5 \| [Protect against ransomware](#5-protect-against-ransomware) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(protection for email and cloud storage) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(increased protection for devices, email, and cloud storage) \| \| 6 \| [Stop auto-forwarding for email](#6-stop-auto-forwarding-for-email) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| -\| 7 \| [Use encryption](#7-use-office-message-encryption) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| +\| 7 \| [Use message encryption](#7-use-microsoft-purview-message-encryption) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) \| \| 8 \| [Protect your email from phishing attacks](#8-protect-your-email-from-phishing-attacks) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(antiphishing protection) \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(advanced antiphishing protection) \| \| 9 \| [Protect against malicious attachments, files, and URLs in email and Office files](#9-protect-against-malicious-attachments-files-and-urls) \| \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(Safe Links and Safe Attachments) \| \| 10 \| [Increase protection for your organization's devices](#10-increase-protection-for-your-organizations-devices) \| \| ![Included.](../../media/d238e041-6854-4a78-9141-049224df0795.png) <br/>(enterprise-grade device protection) \| To create a mail transport rule: \|Do the following ...\|Block the message . . . reject the message and include an explanation.\| \|Provide message text\|Auto-forwarding email outside this organization is prevented for security reasons.\| -## 7: Use Office Message Encryption +## 7: Use Microsoft Purview Message Encryption -Office Message Encryption is included with Microsoft 365. It's already set up. With Office Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Office 365 Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content. +Microsoft Purview Message Encryption is included with Microsoft 365. It's already set up. With Microsoft Purview Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Microsoft Purview Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content. -Office Message Encryption provides two protection options when sending mail: +Microsoft Purview Message Encryption provides two protection options when sending mail: - Do not forward
admin	Parity Between Azure Information Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/services-in-china/parity-between-azure-information-protection.md	The following list includes the existing gaps between AIP for Office 365 operate To configure AIP for customers in China: 1. [Enable Rights Management for the tenant](#step-1-enable-rights-management-for-the-tenant). -1. [Add the Microsoft Information Protection Sync Service service principal](#step-2-add-the-microsoft-information-protection-sync-service-service-principal). +1. [Add the Microsoft Purview Information Protection Sync Service service principal](#step-2-add-the-microsoft-purview-information-protection-sync-service-service-principal). 1. [Configure DNS encryption](#step-3-configure-dns-encryption). For the encryption to work correctly, RMS must be enabled for the tenant. 2. If the functional state is `Disabled`, run `Enable-AipService`. -### Step 2: Add the Microsoft Information Protection Sync Service service principal +### Step 2: Add the Microsoft Purview Information Protection Sync Service service principal -The Microsoft Information Protection Sync Service service principal is not available in Azure China tenants by default, and is required for Azure Information Protection. Create this service principal manually via the Azure Az PowerShell module. +The Microsoft Purview Information Protection Sync Service service principal is not available in Azure China tenants by default, and is required for Azure Information Protection. Create this service principal manually via the Azure Az PowerShell module. 1. If you don't have the Azure Az module installed, install it or use a resource where the Azure Az module comes preinstalled, such as [Azure Cloud Shell](/azure/cloud-shell/overview). For more information, see [Install the Azure Az PowerShell module](/powershell/azure/install-az-ps). The Microsoft Information Protection Sync Service service principal is not a Connect-azaccount -environmentname azurechinacloud ``` -1. Create the Microsoft Information Protection Sync Service service principal manually using the [New-AzADServicePrincipal](/powershell/module/az.resources/new-azadserviceprincipal) cmdlet and the `870c4f2e-85b6-4d43-bdda-6ed9a579b725` application ID for the Microsoft Information Protection Sync Service: +1. Create the Microsoft Purview Information Protection Sync Service service principal manually using the [New-AzADServicePrincipal](/powershell/module/az.resources/new-azadserviceprincipal) cmdlet and the `870c4f2e-85b6-4d43-bdda-6ed9a579b725` application ID for the Microsoft Purview Information Protection Sync Service: ```powershell New-AzADServicePrincipal -ApplicationId 870c4f2e-85b6-4d43-bdda-6ed9a579b725
admin	Services In China	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/services-in-china/services-in-china.md	To learn more about configuring a hybrid deployment with Office 365 tenants host \|Calendar sharing\|Exchange 2013 SP1 and greater supports manually configuring Internet calendar sharing with other on-premises Exchange or Exchange Online organizations. For more details about configuring this feature manually, see [Enable Internet Calendar Publishing](/exchange/enable-internet-calendar-publishing-exchange-2013-help).\| Sharing Exchange contact data on Apple mobile devices to the Apple iCloud.\|This setting/feature is enabled by default. Administrators should turn this feature off to help prevent users from sharing Exchange data outside of your organization.\| \|Exchange Hosted Email Encryption\|Not available.\| -\|Office 365 Message Encryption\|Coming soon.\| +\|Microsoft Purview Message Encryption\|Coming soon.\| ## Office
admin	Business Set Up	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/business-set-up.md	The policies you set up in the wizard are applied automatically to a [Security g ![Screenshot of Increase protection page.](../../media/increasetreatprotection.png) -2. On the Prevent leaks of sensitive data page, accept the defaults to turn on Office 365 Data Loss Prevention (DLP) to track sensitive data in Office apps and prevent the accidental sharing of these outside your organization. +2. On the Prevent leaks of sensitive data page, accept the defaults to turn on Microsoft Purview Data Loss Prevention to track sensitive data in Office apps and prevent the accidental sharing of these outside your organization. 3. On the Protect data in Office for mobile page, leave mobile app management on, expand the settings and review them, and then select Create mobile app management policy.
admin	Enable Usage Analytics	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/usage-analytics/enable-usage-analytics.md	Global administrators can revert this change for their tenant and show identifia 3. Uncheck the statement In all reports, display de-identified names for users, groups, and sites, and then save your changes. -It'll take a few minutes for these changes to take effect. Showing identifiable user information is a logged event in the Microsoft 365 compliance center audit log. +It'll take a few minutes for these changes to take effect. Showing identifiable user information is a logged event in the Microsoft Purview compliance portal audit log. ## Related content
admin	Whats New In Preview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/whats-new-in-preview.md	And if you'd like to know what's new with other Microsoft cloud - [What's new in Azure Active Directory](/azure/active-directory/fundamentals/whats-new) - [What's new in the Exchange admin center](/Exchange/whats-new) - [What's new in Microsoft Intune](/mem/intune/fundamentals/whats-new)-- [What's new in the Microsoft 365 compliance center](/Office365/SecurityCompliance/whats-new) +- [What's new in the Microsoft Purview compliance portal](/Office365/SecurityCompliance/whats-new) - [What's new in Microsoft 365 Defender](../security/mtp/whats-new.md) - [What's new in the SharePoint admin center](/sharepoint/what-s-new-in-admin-center) - [Office updates](/OfficeUpdates/)
business-premium	M365bp Set Up Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-set-up-compliance.md	To learn more, see [Get started with the roles page](../admin/add-users/admin-ro :::image type="content" source="./media/m365bp-compliancemanager.png" alt-text="Screenshot of Compliance Manager in Microsoft 365 Business Premium."::: -Microsoft 365 Business Premium includes Compliance Manager, which can help you get started setting up your compliance features. Such features include data loss prevention, information governance, and insider risk management, to name a few. Compliance Manager can save you time by highlighting recommendations, a compliance score, and ways to improve your score. +Microsoft 365 Business Premium includes Compliance Manager, which can help you get started setting up your compliance features. Such features include data loss prevention, data lifecycle management, and insider risk management, to name a few. Compliance Manager can save you time by highlighting recommendations, a compliance score, and ways to improve your score. Here's how to get started: Here's how to get started: Follow the information on the screen to set up your DLP policy. -For more information about compliance features in Microsoft 365 for business, see [Microsoft 365 compliance documentation](../compliance/index.yml). +For more information about compliance features in Microsoft 365 for business, see [Microsoft Purview documentation](../compliance/index.yml). ## Use sensitivity labels
business-premium	Send Encrypted Email	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/send-encrypted-email.md	You can learn all about setting up email encryption at [Email encryption in Micr Admins can create mail flow rules to automatically protect email messages that are sent and received from your campaign. Set up rules to encrypt any outgoing email messages, and remove encryption from encrypted messages coming from inside your organization or from replies to encrypted messages sent from your organization. -You create mail flow rules to encrypt email messages with the new Office 365 Message Encryption (OME) capabilities. Define mail flow rules for triggering message encryption with the new OME capabilities by using the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center (EAC)</a>. +You create mail flow rules to encrypt email messages with Microsoft Purview Message Encryption. Define mail flow rules for triggering message encryption by using the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center (EAC)</a>. 1. In a web browser, using a work or school account that has been granted global administrator permissions, sign in. 2. Choose the Admin tile.
compliance	Acknowledge Hold Notification	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/acknowledge-hold-notification.md	f1.keywords: Previously updated : Last updated : 04/05/2022 audience: Admin search.appverid: ms.assetid: - seo-marvel-apr2020 -description: Learn how to use Advanced eDiscovery to send and follow up on legal hold notifications through email, as well as monitor obligation status. +description: Learn how to use eDiscovery (Premium) to send and follow up on legal hold notifications through email, as well as monitor obligation status. # Acknowledge a hold notification When responding to a regulatory request or investigation, you may be required to inform custodians of their obligation to preserve electronically stored information (ESI) and any material that may be relevant to an active or imminent legal matter. Once sent, legal teams must know that each custodian has received, read, understood, and agreed to follow the given instructions. -To help reduce the time, cost, and effort of following up with your custodians, Advanced eDiscovery allows you to send and follow up on legal hold notifications through email. In addition to email notices, each custodian will have access to an individualized Compliance Portal, allowing custodians to be kept informed of changes to their obligation status. +To help reduce the time, cost, and effort of following up with your custodians, eDiscovery (Premium) allows you to send and follow up on legal hold notifications through email. In addition to email notices, each custodian will have access to an individualized Compliance Portal, allowing custodians to be kept informed of changes to their obligation status. ## Email notifications
compliance	Add Custodians To Case	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-custodians-to-case.md	Title: Add custodians to an Advanced eDiscovery case + Title: Add custodians to an eDiscovery (Premium) case f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to use the built-in custodian management tool in Advanced eDiscovery to coordinate your workflows and identify relevant data sources in a case." +description: "Learn how to use the built-in custodian management tool in Microsoft Purview eDiscovery (Premium) to coordinate your workflows and identify relevant data sources in a case." -# Add custodians to an Advanced eDiscovery case +# Add custodians to an eDiscovery (Premium) case -Use the built-in custodian management tool in Advanced eDiscovery to coordinate your workflows around managing custodians and identifying relevant, custodial data sources associated with a case. When you add a custodian, the system can automatically identify and place a hold on their Exchange mailbox and OneDrive for Business account. During the discovery process of your investigation, you might also identify other data sources (such as mailboxes, sites, or Teams) that a custodian accessed or contributed to. In this situation, you can use the custodian management tool to associate those data sources will a specific custodian. After you add custodians to a case and associate other data source with them, you can quickly preserve data and search the custodial data. +Use the built-in custodian management tool in Microsoft Purview eDiscovery (Premium) to coordinate your workflows around managing custodians and identifying relevant, custodial data sources associated with a case. When you add a custodian, the system can automatically identify and place a hold on their Exchange mailbox and OneDrive for Business account. During the discovery process of your investigation, you might also identify other data sources (such as mailboxes, sites, or Teams) that a custodian accessed or contributed to. In this situation, you can use the custodian management tool to associate those data sources will a specific custodian. After you add custodians to a case and associate other data source with them, you can quickly preserve data and search the custodial data. -You can add and manage custodians in Advanced eDiscovery cases in four steps: +You can add and manage custodians in eDiscovery (Premium) cases in four steps: 1. Identify the custodians. To add custodians to a case, you must be a member of the eDiscovery Manager role 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in with a user account that has been assigned the appropriate eDiscovery permissions. -2. In the left navigation pane of the Microsoft 365 compliance center, select eDiscovery > Advanced eDiscovery, and select the [Cases](https://go.microsoft.com/fwlink/p/?linkid=2173764) tab. +2. In the left navigation pane of the Microsoft Purview compliance portal, select eDiscovery > eDiscovery (Premium), and select the [Cases](https://go.microsoft.com/fwlink/p/?linkid=2173764)┬átab. 3. Select the case that you want to add custodians to. To associate other mailboxes, sites, Teams, or Yammer groups to a specific custo > [!NOTE] > You can use the Exchange and SharePoint location pickers to associate any mailbox or site in your organization to a custodian. , This includes associating the mailbox and site for a Microsoft Team or Yammer group that a custodian is not a member of. To do this, you have to add both the mailbox and site associated with each team or Yammer group. -2. You can view the total number of mailboxes, sites, Teams, and Yammer groups assigned to each custodian by expanding each custodian in the table. When you've finalized the assigned data locations for each custodian, these associations will be maintained and used during the collection, processing, and review stages in the Advanced eDiscovery workflow. +2. You can view the total number of mailboxes, sites, Teams, and Yammer groups assigned to each custodian by expanding each custodian in the table. When you've finalized the assigned data locations for each custodian, these associations will be maintained and used during the collection, processing, and review stages in the eDiscovery (Premium) workflow. 3. After adding custodians and configuring their data locations, click Next to go to the Hold settings page.
compliance	Add Data To Review Set From Another Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set-from-another-review-set.md	Title: "Add data from one review set to another review set" + Title: "Add data from one review set to another" f1.keywords: - NOCSH Previously updated : Last updated : 04/05/2022 audience: Admin search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to select documents from one review set and work with them individually in another set in an Advanced eDiscovery case." +description: "Learn how to select documents from one review set and work with them individually in another set in an Microsoft Purview eDiscovery (Premium) case." - seo-marvel-mar2020 - seo-marvel-apr2020
compliance	Add Data To Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set.md	search.appverid: ms.assetid: - seo-marvel-apr2020 -description: Learn how to add search results or samples of those search results to an Advanced eDiscovery case review set. +description: Learn how to add search results or samples of those search results to an eDiscovery (Premium) case review set. # Add search results to a review set When you add the results of a search to a review set (the review sets in a case - All items (including the content and metadata) are reindexed so that all data in the review set is fully searchable during the review of the case data. Reindexing the data results in thorough and fast searches when you search the data in the review set during the case investigation. -- A file encrypted with a [Microsoft encryption technology](encryption.md) and is attached to an email message that's returned in the search results is decrypted when the email message and attached file are added to the review set. You can review and query the decrypted file in the review set. You have to be assigned the RMS Decrypt role to add decrypted email attachments to a review set. For more information, see [Decryption in Microsoft 365 eDiscovery tools](ediscovery-decryption.md). +- A file encrypted with a [Microsoft encryption technology](encryption.md) and is attached to an email message that's returned in the search results is decrypted when the email message and attached file are added to the review set. You can review and query the decrypted file in the review set. You have to be assigned the RMS Decrypt role to add decrypted email attachments to a review set. For more information, see [Decryption in Microsoft Purview eDiscovery tools](ediscovery-decryption.md). To add data to a review set, click a search on the Searches tab, and then click Add results to review set on the flyout page. When you add the content of a search to an existing or new review set, you have - Include versions from SharePoint (beta): Use this option to enable the collection of all version of a SharePoint document per the version limits and search parameters of the collection. Selecting this option will significantly increase the size of items that are added to the review set. -- Conversation retrieval options: Items added to the review set are enabled for threaded conversations to help review content in context of the back and forth conversation. For more information, see [Review conversations in Advanced eDiscovery](conversation-review-sets.md). +- Conversation retrieval options: Items added to the review set are enabled for threaded conversations to help review content in context of the back and forth conversation. For more information, see [Review conversations in eDiscovery (Premium)](conversation-review-sets.md). -- Enable retrieval for modern attachments: Use this option to include modern attachments or linked files in the collection for further review. For more information about the searchable properties related to modern attachments, see [Document metadata fields in Advanced eDiscovery](document-metadata-fields-in-Advanced-eDiscovery.md). +- Enable retrieval for modern attachments: Use this option to include modern attachments or linked files in the collection for further review. For more information about the searchable properties related to modern attachments, see [Document metadata fields in eDiscovery (Premium)](document-metadata-fields-in-Advanced-eDiscovery.md). ## Add a sample to a review set After selecting and configuring one of the previous options, choose a review set ## Optical character recognition -When you add search results to a review set, optical character recognition (OCR) functionality in Advanced eDiscovery automatically extracts text from images, and includes the image text with the data that's added to a review set. You can view the extracted text in the Text viewer of the selected image file in the review set. This lets you conduct further review and analysis on text in images. OCR is supported for loose files, email attachments, and embedded images. For a list of image file formats that are supported for OCR, see [Supported file types in Advanced eDiscovery](supported-filetypes-ediscovery20.md#image). +When you add search results to a review set, optical character recognition (OCR) functionality in eDiscovery (Premium) automatically extracts text from images, and includes the image text with the data that's added to a review set. You can view the extracted text in the Text viewer of the selected image file in the review set. This lets you conduct further review and analysis on text in images. OCR is supported for loose files, email attachments, and embedded images. For a list of image file formats that are supported for OCR, see [Supported file types in eDiscovery (Premium)](supported-filetypes-ediscovery20.md#image). -You have to enable OCR functionality for each case that you create in Advanced eDiscovery. For more information, see [Configure search and analytics settings](configure-search-and-analytics-settings-in-advanced-ediscovery.md#optical-character-recognition-ocr). +You have to enable OCR functionality for each case that you create in eDiscovery (Premium). For more information, see [Configure search and analytics settings](configure-search-and-analytics-settings-in-advanced-ediscovery.md#optical-character-recognition-ocr).
compliance	Add Or Remove Members From A Case In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-or-remove-members-from-a-case-in-advanced-ediscovery.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to add or remove the members who can access a case when managing an Advanced eDiscovery case." +description: "Learn how to add or remove the members who can access a case when managing an eDiscovery (Premium) case." # Add or remove members from a case -You can add or remove members to manage who can access the case. However, before a member can access an Advanced eDiscovery case (and perform tasks in the case), you must add the user to the eDiscovery Manager role group on the Permissions page in the Microsoft 365 compliance center. For more information, see [Assign eDiscovery permissions](./assign-ediscovery-permissions.md). +You can add or remove members to manage who can access the case. However, before a member can access an eDiscovery (Premium) case (and perform tasks in the case), you must add the user to the eDiscovery Manager role group on the Permissions page in the Microsoft Purview compliance portal. For more information, see [Assign eDiscovery permissions](./assign-ediscovery-permissions.md). -1. On the Advanced eDiscovery page, go to the case that you want to add a member to. +1. On the eDiscovery (Premium) page, go to the case that you want to add a member to. 2. Click the Settings tab and then click Select in the Access & permissions tile.
compliance	Add Your Organization Brand To Encrypted Messages	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-your-organization-brand-to-encrypted-messages.md	Title: "Add your organization brand to your encrypted messages" + Title: "Add your brand to encrypted messages" f1.keywords: - NOCSH description: Learn how Office 365 global administrators can apply your organizat # Add your organization's brand to your Microsoft 365 for business Message Encryption encrypted messages + You can apply your company branding to customize the look of your organization's email messages and the encryption portal. You'll need to apply global administrator permissions to your work or school account before you can get started. Once you have these permissions, use the Get-OMEConfiguration and Set-OMEConfiguration Windows PowerShell cmdlets to customize these parts of encrypted email messages: - Introductory text You can apply your company branding to customize the look of your organization's You can also revert back to the default look and feel at any time. -If you'd like more control, use Office 365 Advanced Message Encryption to create multiple templates for encrypted emails originating from your organization. Use these templates to control parts of the end-user experience. For example, specify whether recipients can use Google, Yahoo, and Microsoft Accounts to sign in to the encryption portal. Use templates to fulfill several use cases, such as: +If you'd like more control, use Microsoft Purview Advanced Message Encryption to create multiple templates for encrypted emails originating from your organization. Use these templates to control parts of the end-user experience. For example, specify whether recipients can use Google, Yahoo, and Microsoft Accounts to sign in to the encryption portal. Use templates to fulfill several use cases, such as: - Individual departments, such as Finance, Sales, and so on. - Different products If you'd like more control, use Office 365 Advanced Message Encryption to create - Whether you want to allow emails to be revoked - Whether you want emails sent to external recipients to expire after a specified number of days. -Once you've created the templates, you can apply them to encrypted emails by using Exchange mail flow rules. If you have Office 365 Advanced Message Encryption, you can revoke any email that you've branded by using these templates. +Once you've created the templates, you can apply them to encrypted emails by using Exchange mail flow rules. If you have Microsoft Purview Advanced Message Encryption, you can revoke any email that you've branded by using these templates. ## Work with OME branding templates Use Windows PowerShell to modify one branding template at a time. If you have Ad ## Create an OME branding template (Advanced Message Encryption) -If you have Office 365 Advanced Message Encryption, you can create custom branding templates for your organization by using the [New-OMEConfiguration](/powershell/module/exchange/new-omeconfiguration) cmdlet. Once you've created the template, you modify the template by using the Set-OMEConfiguration cmdlet as described in [Modify an OME branding template](#modify-an-ome-branding-template). You can create multiple templates. +If you have Microsoft Purview Advanced Message Encryption, you can create custom branding templates for your organization by using the [New-OMEConfiguration](/powershell/module/exchange/new-omeconfiguration) cmdlet. Once you've created the template, you modify the template by using the Set-OMEConfiguration cmdlet as described in [Modify an OME branding template](#modify-an-ome-branding-template). You can create multiple templates. To create a new custom branding template: To remove a custom branding template: After you've either modified the default template or created new branding templates, you can create Exchange mail flow rules to apply your custom branding based on certain conditions. Such a rule will apply custom branding in the following scenarios: - If the email was manually encrypted by the end user using Outlook or Outlook on the web, formerly Outlook Web App-- If the email was automatically encrypted by an Exchange mail flow rule or Data Loss Prevention policy +- If the email was automatically encrypted by an Exchange mail flow rule or Microsoft Purview Data Loss Prevention policy For information on how to create an Exchange mail flow rule that applies encryption, see [Define mail flow rules to encrypt email messages in Office 365](define-mail-flow-rules-to-encrypt-email.md). For information on how to create an Exchange mail flow rule that applies encrypt 8. (Optional) You can configure the mail flow rule to apply encryption and custom branding. From Do the following, select Modify the message security, and then choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save, and then choose OK. - The list of templates includes default templates and options and any custom templates you create. If the list is empty, ensure that you have set up Office 365 Message Encryption with the new capabilities. For instructions, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt only option, see [Encrypt Only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). + The list of templates includes default templates and options and any custom templates you create. If the list is empty, ensure that you have set up Microsoft Purview Message Encryption. For instructions, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt only option, see [Encrypt Only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). Choose add action if you want to specify another action.
compliance	Advanced Audit	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-audit.md	Title: "Advanced Audit in Microsoft 365" + Title: "Microsoft Purview Audit (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Advanced Audit in Microsoft 365 provides new auditing capabilities to help your organization with forensic and compliance investigations." +description: "Microsoft Purview Audit (Premium) provides new auditing capabilities to help your organization with forensic and compliance investigations." -# Advanced Audit in Microsoft 365 +# Microsoft Purview Audit (Premium) -The [Audit functionality](search-the-audit-log-in-security-and-compliance.md) in Microsoft 365 provides organizations with visibility into many types of audited activities across many different services in Microsoft 365. Advanced Audit helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events (by using Audit log search in the Microsoft 365 compliance center and the Office 365 Management Activity API) that help determine scope of compromise, and faster access to Office 365 Management Activity API. +The [Audit functionality](search-the-audit-log-in-security-and-compliance.md) in Microsoft Purview provides organizations with visibility into many types of audited activities across many different services in Microsoft 365. Microsoft Purview Audit (Premium) helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events (by using Audit log search in the Microsoft Purview compliance portal and the Office 365 Management Activity API) that help determine scope of compromise, and faster access to Office 365 Management Activity API. > [!NOTE] -> Advanced Audit is available for organizations with an Office 365 E5/A5/G5 or Microsoft 365 Enterprise E5/A5/G5 subscription. A Microsoft 365 E5/A5/G5 Compliance or E5/A5/G5 eDiscovery and Audit add-on license should be assigned to users for Advanced Audit features such as long-term retention of audit logs and the generation of Advanced Audit events for investigations. For more information about licensing, see:<br/>- [Advanced Audit licensing requirements](auditing-solutions-overview.md#licensing-requirements)<br/>- [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#advanced-audit). +> Audit (Premium) is available for organizations with an Office 365 E5/A5/G5 or Microsoft 365 Enterprise E5/A5/G5 subscription. A Microsoft 365 E5/A5/G5 Compliance or E5/A5/G5 eDiscovery and Audit add-on license should be assigned to users for Audit (Premium) features such as long-term retention of audit logs and the generation of Audit (Premium) events for investigations. For more information about licensing, see:<br/>- [Audit (Premium) licensing requirements](auditing-solutions-overview.md#licensing-requirements)<br/>- [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#advanced-audit). -This article provides an overview of Advanced Audit capabilities and shows you how to set up users for Advanced Audit. +This article provides an overview of Audit (Premium) capabilities and shows you how to set up users for Audit (Premium). ## Long-term retention of audit logs -Advanced Audit retains all Exchange, SharePoint, and Azure Active Directory audit records for one year. This is accomplished by a default audit log retention policy that retains any audit record that contains the value of Exchange, SharePoint, or AzureActiveDirectory for the Workload property (which indicates the service in which the activity occurred) for one year. Retaining audit records for longer periods can help with on-going forensic or compliance investigations. For more information, see the "Default audit log retention policy" section in [Manage audit log retention policies](audit-log-retention-policies.md#default-audit-log-retention-policy). +Audit (Premium) retains all Exchange, SharePoint, and Azure Active Directory audit records for one year. This is accomplished by a default audit log retention policy that retains any audit record that contains the value of Exchange, SharePoint, or AzureActiveDirectory for the Workload property (which indicates the service in which the activity occurred) for one year. Retaining audit records for longer periods can help with on-going forensic or compliance investigations. For more information, see the "Default audit log retention policy" section in [Manage audit log retention policies](audit-log-retention-policies.md#default-audit-log-retention-policy). -In addition to the one-year retention capabilities of Advanced Audit, we have also released the capability to retain audit logs for 10 years. The 10-year retention of audit logs helps support long running investigations and respond to regulatory, legal, and internal obligations. +In addition to the one-year retention capabilities of Audit (Premium), we have also released the capability to retain audit logs for 10 years. The 10-year retention of audit logs helps support long running investigations and respond to regulatory, legal, and internal obligations. > [!NOTE] -> Retaining audit logs for 10 years will require an additional per-user add-on license. After this license is assigned to a user and an appropriate 10-year audit log retention policy is set for that user, audit logs covered by that policy will start to be retained for the 10-year period. This policy is not retroactive and can't retain audit logs that were generated before the 10-year audit log retention policy was created. For more information, see the [FAQs for Advanced Audit](#faqs-for-advanced-audit) section in this article. +> Retaining audit logs for 10 years will require an additional per-user add-on license. After this license is assigned to a user and an appropriate 10-year audit log retention policy is set for that user, audit logs covered by that policy will start to be retained for the 10-year period. This policy is not retroactive and can't retain audit logs that were generated before the 10-year audit log retention policy was created. For more information, see the [FAQs for Audit (Premium)](#faqs-for-audit-premium) section in this article. ### Audit log retention policies All audit records generated in other services that aren't covered by the default You can also specify how long to retain audit records that match the policy and a priority level so that specific policies will take priority over other policies. Also note that any custom audit log retention policy will take precedence over the default audit retention policy in case you need retain Exchange, SharePoint, or Azure Active Directory audit records for less than a year (or for 10 years) for some or all users in your organization. For more information, see [Manage audit log retention policies](audit-log-retention-policies.md). -## Advanced Audit events +## Audit (Premium) events -Advanced Audit helps organizations to conduct forensic and compliance investigations by providing access to important events such as when mail items were accessed, when mail items were replied to and forwarded, and when and what a user searched for in Exchange Online and SharePoint Online. These events can help you investigate possible breaches and determine the scope of compromise. In addition to these events in Exchange and SharePoint, there are events in other Microsoft 365 services that are considered important events and require that users are assigned the [appropriate Advanced Audit license](auditing-solutions-overview.md#licensing-requirements). Users must be assigned an Advanced Audit license so that audit logs will be generated when users perform these events. +Audit (Premium) helps organizations to conduct forensic and compliance investigations by providing access to important events such as when mail items were accessed, when mail items were replied to and forwarded, and when and what a user searched for in Exchange Online and SharePoint Online. These events can help you investigate possible breaches and determine the scope of compromise. In addition to these events in Exchange and SharePoint, there are events in other Microsoft 365 services that are considered important events and require that users are assigned the [appropriate Audit (Premium) license](auditing-solutions-overview.md#licensing-requirements). Users must be assigned an Audit (Premium) license so that audit logs will be generated when users perform these events. -Advanced Audit provides the following events: +Audit (Premium) provides the following events: - [MailItemsAccessed](#mailitemsaccessed) Advanced Audit provides the following events: - [SearchQueryInitiatedSharePoint](#searchqueryinitiatedsharepoint) -- [Other Advanced Audit events in Microsoft 365](#other-advanced-audit-events-in-microsoft-365) +- [Other Audit (Premium) events in Microsoft 365](#other-audit-premium-events-in-microsoft-365) ### MailItemsAccessed The MailItemsAccessed event replaces MessageBind in mailbox auditing logging in - MessageBind actions would trigger the creation of multiple audit records when the same email message was accessed, which resulted in auditing "noise". In contrast, MailItemsAccessed events are aggregated into fewer audit records. -For information about audit records for MailItemsAccessed activities, see [Use Advanced Audit to investigate compromised accounts](mailitemsaccessed-forensics-investigations.md). +For information about audit records for MailItemsAccessed activities, see [Use Audit (Premium) to investigate compromised accounts](mailitemsaccessed-forensics-investigations.md). -To search for MailItemsAccessed audit records, you can search for the Accessed mailbox items activity in the Exchange mailbox activities drop-down list in the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft 365 compliance center. +To search for MailItemsAccessed audit records, you can search for the Accessed mailbox items activity in the Exchange mailbox activities drop-down list in the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the compliance portal. ![Searching for MailItemsAccessed actions in the audit log search tool.](../media/AdvAudit_MailItemsAccessed.png) The Send event is also a mailbox auditing action and is triggered when a user pe Investigators can use the Send event to identify email sent from a compromised account. The audit record for a Send event contains information about the message, such as when the message was sent, the InternetMessage ID, the subject line, and if the message contained attachments. This auditing information can help investigators identify information about email messages sent from a compromised account or sent by an attacker. Additionally, investigators can use a Microsoft 365 eDiscovery tool to search for the message (by using the subject line or message ID) to identify the recipients the message was sent to and the actual contents of the sent message. -To search for Send audit records, you can search for the Sent message activity in the Exchange mailbox activities drop-down list in the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft 365 compliance center. +To search for Send audit records, you can search for the Sent message activity in the Exchange mailbox activities drop-down list in the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the compliance portal. ![Searching for Sent message actions in the audit log search tool.](../media/AdvAudit_SentMessage.png) To search for SearchQueryInitiatedExchange audit records, you can search for the You can also run the [Search-UnifiedAuditLog -Operations SearchQueryInitiatedExchange](/powershell/module/exchange/search-unifiedauditlog) in Exchange Online PowerShell. > [!NOTE] -> You must enable SearchQueryInitiatedExchange to be logged so you can search for this event in the audit log. For instructions, see [Set up Advanced Audit](set-up-advanced-audit.md#step-2-enable-advanced-audit-events). +> You must enable SearchQueryInitiatedExchange to be logged so you can search for this event in the audit log. For instructions, see [Set up Audit (Premium)](set-up-advanced-audit.md#step-2-enable-audit-premium-events). ### SearchQueryInitiatedSharePoint To search for SearchQueryInitiatedSharePoint audit records, you can search for t You can also run the [Search-UnifiedAuditLog -Operations SearchQueryInitiatedSharePoint](/powershell/module/exchange/search-unifiedauditlog) in Exchange Online PowerShell. > [!NOTE] -> You must enable SearchQueryInitiatedSharePoint to be logged so you can search for this event in the audit log. For instructions, see [Set up Advanced Audit](set-up-advanced-audit.md#step-2-enable-advanced-audit-events). +> You must enable SearchQueryInitiatedSharePoint to be logged so you can search for this event in the audit log. For instructions, see [Set up Audit (Premium)](set-up-advanced-audit.md#step-2-enable-audit-premium-events). -### Other Advanced Audit events in Microsoft 365 +### Other Audit (Premium) events in Microsoft 365 -In addition to the events in Exchange Online and SharePoint Online, there are events in other Microsoft 365 services that are logged when users are assigned the appropriate Advanced Audit licensing. The following Microsoft 365 services provide Advanced Audit events. Select the corresponding link to go to an article that identifies and describes these events. +In addition to the events in Exchange Online and SharePoint Online, there are events in other Microsoft 365 services that are logged when users are assigned the appropriate Audit (Premium) licensing. The following Microsoft 365 services provide Audit (Premium) events. Select the corresponding link to go to an article that identifies and describes these events. - [Microsoft Forms](search-the-audit-log-in-security-and-compliance.md#microsoft-forms-activities) In addition to the events in Exchange Online and SharePoint Online, there are ev Organizations that access auditing logs through the Office 365 Management Activity API were restricted by throttling limits at the publisher level. This means that for a publisher pulling data on behalf of multiple customers, the limit was shared by all those customers. -With the release of Advanced Audit, we're moving from a publisher-level limit to a tenant-level limit. The result is that each organization will get their own fully allocated bandwidth quota to access their auditing data. The bandwidth is not a static, predefined limit but is modeled on a combination of factors including the number of seats in the organization and that E5/A5/G5 organizations will get more bandwidth than non-E5/A5/G5 organizations. +With the release of Audit (Premium), we're moving from a publisher-level limit to a tenant-level limit. The result is that each organization will get their own fully allocated bandwidth quota to access their auditing data. The bandwidth is not a static, predefined limit but is modeled on a combination of factors including the number of seats in the organization and that E5/A5/G5 organizations will get more bandwidth than non-E5/A5/G5 organizations. All organizations are initially allocated a baseline of 2,000 requests per minute. This limit will dynamically increase depending on an organization's seat count and their licensing subscription. E5/A5/G5 organizations will get about twice as much bandwidth as non-E5/A5/G5 organizations. There will also be a cap on the maximum bandwidth to protect the health of the service. For more information, see the "API throttling" section in [Office 365 Management Activity API reference](/office/office-365-management-api/office-365-management-activity-api-reference#api-throttling). -## FAQs for Advanced Audit +## FAQs for Audit (Premium) -Does every user need an E5/A5/G5 license to benefit from Advanced Audit? +Does every user need an E5/A5/G5 license to benefit from Audit (Premium)? -To benefit from user-level Advanced Audit capabilities, a user needs to be assigned an E5/A5/G5 license. There are some capabilities that will check for the appropriate license to expose the feature for the user. For example, if you're trying to retain the audit records for a user who isn't assigned the appropriate license for longer than 90 days, the system will return an error message. +To benefit from user-level Audit (Premium) capabilities, a user needs to be assigned an E5/A5/G5 license. There are some capabilities that will check for the appropriate license to expose the feature for the user. For example, if you're trying to retain the audit records for a user who isn't assigned the appropriate license for longer than 90 days, the system will return an error message. -My organization has an E5/A5/G5 subscription, do I need to do anything to get access to audit records for Advanced Audit events? +My organization has an E5/A5/G5 subscription, do I need to do anything to get access to audit records for Audit (Premium) events? -For eligible customers and users assigned the appropriate E5/A5/G5 license, there is no action needed to get access to Advanced Audit events, except for enabling the SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint events (as previously described in this article). Advanced Audit events will only be generated for users with E5/A5/G5 licenses once those licenses have been assigned. +For eligible customers and users assigned the appropriate E5/A5/G5 license, there is no action needed to get access to Audit (Premium) events, except for enabling the SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint events (as previously described in this article). Audit (Premium) events will only be generated for users with E5/A5/G5 licenses once those licenses have been assigned. -Are the new events in Advanced Audit available in the Office 365 Management Activity API? +Are the new events in Audit (Premium) available in the Office 365 Management Activity API? Yes. As long as audit records are generated for users with the appropriate license, you'll be able to access these records via the Office 365 Management Activity API.
compliance	Advanced Ediscovery Cloud Attachments	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-cloud-attachments.md	Title: "Collect cloud attachments in Advanced eDiscovery" + Title: "Collect cloud attachments in eDiscovery (Premium)" f1.keywords: - NOCSH Previously updated : Last updated : 04/05/2022 audience: Admin search.appverid: - MOE150 - MET150 -description: "Use collections in Advanced eDiscovery to collect cloud attachments for review in an investigation or case." +description: "Use collections in Microsoft Purview eDiscovery (Premium) to collect cloud attachments for review in an investigation or case." -# Collect cloud attachments in Advanced eDiscovery (preview) +# Collect cloud attachments in Microsoft Purview eDiscovery (Premium) (preview) -Cloud attachments are links to documents that are typically stored in SharePoint site and OneDrive. So instead of attaching an actual copy of a document in an email message or a Teams chat conversation, you have the option of sharing a link to the file. Cloud attachments are an effective way to share documents and collaborate with other people in your organization. But cloud attachments present challenges during the eDiscovery workflow because only the cloud attachment link and not the actual content in the shared document are returned in an eDiscovery search. To address this challenge, Advanced eDiscovery provides two solutions for collecting cloud attachments: +Cloud attachments are links to documents that are typically stored in SharePoint site and OneDrive. So instead of attaching an actual copy of a document in an email message or a Teams chat conversation, you have the option of sharing a link to the file. Cloud attachments are an effective way to share documents and collaborate with other people in your organization. But cloud attachments present challenges during the eDiscovery workflow because only the cloud attachment link and not the actual content in the shared document are returned in an eDiscovery search. To address this challenge, eDiscovery (Premium) provides two solutions for collecting cloud attachments: - Collecting the live version of a document that is linked to in a cloud attachment. Cloud attachments are links to documents that are typically stored in SharePoint ## Collecting cloud attachments -When you create a draft collection and the search results contain items that include cloud attachments, you have to the option of collecting the target of the cloud attachment when you commit the draft collection to a review set. When you select this option, Advanced eDiscovery adds the documents that are linked to in the cloud attachment to the review set. This allows you to review the target documents and determine if the document is relevant to your case or investigation. +When you create a draft collection and the search results contain items that include cloud attachments, you have to the option of collecting the target of the cloud attachment when you commit the draft collection to a review set. When you select this option, eDiscovery (Premium) adds the documents that are linked to in the cloud attachment to the review set. This allows you to review the target documents and determine if the document is relevant to your case or investigation. The following screenshot shows the option to include the targets of cloud attachments when you commit a collection to a review set. ![The option to include cloud attachments when committing a collection to a review set](../media/CollectCloudAttachments1.png) > [!NOTE] ->- If you use the [new case format](advanced-ediscovery-new-case-format.md) in Advanced eDiscovery, the option to include cloud attachments in the review set is selected by default and can't be unselected.<br/> +>- If you use the [new case format](advanced-ediscovery-new-case-format.md) in eDiscovery (Premium), the option to include cloud attachments in the review set is selected by default and can't be unselected.<br/> >- You also have the option to include all versions (in addition to the version that was shared) of cloud attachments in the review set. For instructions committing a collection to a review set, see [Commit a draft collection to a review set](commit-draft-collection.md). ## Collecting the version shared in a cloud attachment -The Advanced eDiscovery workflow for collecting cloud attachments only includes adding the most current version of a cloud attachment to a review set. This means the version that's collected and added to a review set could be different than the version that was originally shared in the cloud attachment. So it's possible that content that was present in the cloud attachment at the time it was shared might have been removed and doesn't exist in the current version that's added to the review set. +The eDiscovery (Premium) workflow for collecting cloud attachments only includes adding the most current version of a cloud attachment to a review set. This means the version that's collected and added to a review set could be different than the version that was originally shared in the cloud attachment. So it's possible that content that was present in the cloud attachment at the time it was shared might have been removed and doesn't exist in the current version that's added to the review set. Organizations now have the option to use Microsoft 365 retention labels to preserve the version of a document at the time when it was shared as a cloud attachment. To do this, your organization can create a retention label, choose the option apply the label to cloud attachments, and then automatically apply the label to documents stored in SharePoint and OneDrive. After you set up this configuration, a copy of a document is created at the time when the file is shared. Also, if the document is modified and shared again as a cloud attachment, the modified version is also preserved. If the file is modified and shared again, a new copy of the file as a new version is preserved.
compliance	Advanced Ediscovery Communications Library	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-communications-library.md	Title: "Manage custodian communications templates in the Communications library in Advanced eDiscovery" + Title: "Manage custodian communications templates in the Communications library in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "You can add custodian communications templates (such as a template for hold notification) in Advanced eDiscovery so they can be used in any case in your organization." +description: "You can add custodian communications templates (such as a template for hold notification) in eDiscovery (Premium) so they can be used in any case in your organization." -# Manage custodian communications templates in Advanced eDiscovery +# Manage custodian communications templates in eDiscovery (Premium) -When you or other users create a hold notification or other types of custodian communications, you had to create the communication document from scratch by using the communications editor on the Communications tab in an Advanced eDiscovery case. Now, we've released a new feature that lets you create communications templates that can be used to create communications in any case in your organization. After communication templates are created, they're available to be used in a case. This means that paralegals or other users who create custodian communications don't have to start from scratch to build a notification. Instead, they can select a template to build the notification that is sent to a custodian. +When you or other users create a hold notification or other types of custodian communications, you had to create the communication document from scratch by using the communications editor on the Communications tab in an eDiscovery (Premium) case. Now, we've released a new feature that lets you create communications templates that can be used to create communications in any case in your organization. After communication templates are created, they're available to be used in a case. This means that paralegals or other users who create custodian communications don't have to start from scratch to build a notification. Instead, they can select a template to build the notification that is sent to a custodian. -This article explains how to create organization-wide communications templates and select them when creating a new custodian notification for a specific Advanced eDiscovery case. +This article explains how to create organization-wide communications templates and select them when creating a new custodian notification for a specific eDiscovery (Premium) case. ## Before you create templates in the Communications library -- You must be an eDiscovery Administrator in your organization to add or remove templates in the Communications library in Advanced eDiscovery. For more information, see [Assign eDiscovery permissions in the Microsoft 365 compliance center](assign-ediscovery-permissions.md) +- You must be an eDiscovery Administrator in your organization to add or remove templates in the Communications library in eDiscovery (Premium). For more information, see [Assign eDiscovery permissions in the Microsoft Purview compliance portal](assign-ediscovery-permissions.md) - Your organization can have a maximum of 50 templates in the Communications library. ## Create a communications template -1. In the Microsoft 365 compliance center, go to [Advanced eDiscovery](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click Advanced eDiscovery settings. +1. In the compliance portal, go to [eDiscovery (Premium)](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click eDiscovery (Premium) settings. - ![Select Advanced eDiscovery settings](..\media\HistoricalVersions1.png) + ![Select eDiscovery (Premium) settings](..\media\HistoricalVersions1.png) 2. On the Settings page, select the Communications library tab. After one or more communications templates are created in the Communications lib To select a template: -1. In the Microsoft 365 compliance center, go to eDiscovery > Advanced to display the list of cases in your organization. +1. In the compliance portal, go to eDiscovery > Advanced to display the list of cases in your organization. 2. Select a case, click the Communications tab, and then click New communication.
compliance	Advanced Ediscovery Dashboard	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-dashboard.md	Title: "Advanced eDiscovery dashboard for review sets" + Title: "eDiscovery (Premium) dashboard for review sets" f1.keywords: - NOCSH Previously updated : Last updated : 04/05/2022 audience: Admin search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use the Advanced eDiscovery dashboard for review sets to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy." +description: "Use the Microsoft Purview eDiscovery (Premium) dashboard for review sets to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy." -# Advanced eDiscovery dashboard for review sets +# eDiscovery (Premium) dashboard for review sets -For some cases in Advanced eDiscovery, you may have a large volume of documents and email messages that need to be reviewed. Before you start the review process, you may want to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy. To do this, you can use the Advanced eDiscovery dashboard for review sets to quickly analyze your corpus. +For some cases in Microsoft Purview eDiscovery (Premium), you may have a large volume of documents and email messages that need to be reviewed. Before you start the review process, you may want to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy. To do this, you can use the eDiscovery (Premium) dashboard for review sets to quickly analyze your corpus. ## Step 1: Create a widget on the review set dashboard -1. In the Microsoft 365 compliance center, go to eDiscovery > Advanced eDiscovery to display the list of cases in your organization. +1. In the Microsoft Purview compliance portal, go to eDiscovery > eDiscovery (Premium) to display the list of cases in your organization. 2. Select an existing case. For some cases in Advanced eDiscovery, you may have a large volume of documents a. Type a name for the widget, which is displayed in the widget title bar. Naming a widget is required, but it's helpful to identify the widget data. - b. Select a property in the Choose pivot dropdown list that will be used for the widget data. The items in this list are the searchable properties for the items in the review set. For a description of these properties, see [Document metadata fields in Advanced eDiscovery](document-metadata-fields-in-Advanced-eDiscovery.md). The pivot options for the widget are listed in the Searchable field name column in this topic. + b. Select a property in the Choose pivot dropdown list that will be used for the widget data. The items in this list are the searchable properties for the items in the review set. For a description of these properties, see [Document metadata fields in eDiscovery (Premium)](document-metadata-fields-in-Advanced-eDiscovery.md). The pivot options for the widget are listed in the Searchable field name column in this topic. c. Select a chart type to display the data from the selected pivot property.
compliance	Advanced Ediscovery Historical Versions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-historical-versions.md	Title: "Set up historical versions in Advanced eDiscovery" + Title: "Set up historical versions in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use historical versions in Advanced eDiscovery to collect content from all versions of documents stored in SharePoint and OneDrive." +description: "Use historical versions in eDiscovery (Premium) to collect content from all versions of documents stored in SharePoint and OneDrive." -# Set up historical versions in Advanced eDiscovery (preview) +# Set up historical versions in eDiscovery (Premium) (preview) -The historical versions feature in Advanced eDiscovery lets eDiscovery managers in your organization search for and collect content from all versions of documents stored in SharePoint Online and OneDrive for Business. Then you can add that content to a review set for analysis and review. This helps you find and review content from a specific version of a document that may be relevant to a case or investigation, even if the latest version of the same document doesn't contain the relevant information. +The historical versions feature in eDiscovery (Premium) lets eDiscovery managers in your organization search for and collect content from all versions of documents stored in SharePoint Online and OneDrive for Business. Then you can add that content to a review set for analysis and review. This helps you find and review content from a specific version of a document that may be relevant to a case or investigation, even if the latest version of the same document doesn't contain the relevant information. -To support the historical versions capability in Advanced eDiscovery, SharePoint administrators must enable versioning for sites in their organization. Then, when users modify documents in SharePoint or OneDrive, implicit regular versions are created when document is saved (or autosaved). SharePoint versioning allows for tracking of the activity performed on SharePoint items (including documents, events, and tasks). This versioning capability leaves an audit trail that can provide evidence in legal investigations. These older versions of a document are available to the organization, who may be required to share such versions that have sensitive or relevant content during court discovery in a legal matter. +To support the historical versions capability in eDiscovery (Premium), SharePoint administrators must enable versioning for sites in their organization. Then, when users modify documents in SharePoint or OneDrive, implicit regular versions are created when document is saved (or autosaved). SharePoint versioning allows for tracking of the activity performed on SharePoint items (including documents, events, and tasks). This versioning capability leaves an audit trail that can provide evidence in legal investigations. These older versions of a document are available to the organization, who may be required to share such versions that have sensitive or relevant content during court discovery in a legal matter. -After an eDiscovery administrator turns on historical versions for the organization and then activates it for specific SharePoint sites, the SharePoint content push service crawls all major and minor versions of documents on the activated sites and then sends those versions for indexing. After the crawling and indexing process is complete, documents and their versions are available for eDiscovery search. As long as a specific version can be accessed (by version history), then that version will be discoverable in an Advanced eDiscovery collection search. +After an eDiscovery administrator turns on historical versions for the organization and then activates it for specific SharePoint sites, the SharePoint content push service crawls all major and minor versions of documents on the activated sites and then sends those versions for indexing. After the crawling and indexing process is complete, documents and their versions are available for eDiscovery search. As long as a specific version can be accessed (by version history), then that version will be discoverable in an eDiscovery (Premium) collection search. ## Set up historical versions -To enable historical versions in Advanced eDiscovery, your organization has to turn it on and then activate specific sites so that all versions of documents stored on those sites are indexed for search. Before you set up Advanced eDiscovery for historical versions, you have to enable versioning support in SharePoint. +To enable historical versions in eDiscovery (Premium), your organization has to turn it on and then activate specific sites so that all versions of documents stored on those sites are indexed for search. Before you set up eDiscovery (Premium) for historical versions, you have to enable versioning support in SharePoint. ### Step 1: Turn on versioning in SharePoint The first step is to turn on versioning in SharePoint Online so that all version ### Step 2: Turn on historical versions -The next step is to turn on historical versions in Advanced eDiscovery. To turn on historical versions for your organization, a person must be a global administrator or an eDiscovery Administrator (a member of the eDiscovery Administrator subgroup in the eDiscovery Manager role group). After historical versions is turned on, it will apply to your entire organization. +The next step is to turn on historical versions in eDiscovery (Premium). To turn on historical versions for your organization, a person must be a global administrator or an eDiscovery Administrator (a member of the eDiscovery Administrator subgroup in the eDiscovery Manager role group). After historical versions is turned on, it will apply to your entire organization. > [!IMPORTANT] > After you turn on historical versions, you won't be able to turn it off during the public preview. You will be able to turn it off after historical versions is released for general availability. -1. In the Microsoft 365 compliance center, go to [Advanced eDiscovery](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click Advanced eDiscovery settings. +1. In the Microsoft Purview compliance portal, go to [eDiscovery (Premium)](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click eDiscovery (Premium) settings. - ![Select Advanced eDiscovery settings](..\media\HistoricalVersions1.png) + ![Select eDiscovery (Premium) settings](..\media\HistoricalVersions1.png) 2. On the Settings page, select the Historical versions (preview) tab, and then switch the Historical versions tenant control toggle to on. After you turn on historical versions for your organization, the last step is to > [!NOTE] > There is a limit of 100 site activations per organization during the public preview of historical versions. An activation is counted against this limit whenever you enable or disable a site for historical versions. If you enable multiple sites, each site is counted as a single activation. The total number of activations is displayed on the Historical versions tab. -1. On the Historical versions tab on the Advanced eDiscovery Settings page, click Enable to activate sites for historical versions. +1. On the Historical versions tab on the eDiscovery (Premium) Settings page, click Enable to activate sites for historical versions. ![Click Enable to activate sites for historical versions](..\media\HistoricalVersions3.png) After you turn on historical versions for your organization, the last step is to How are historical versions different that the option to "collect all versions" when you commit a draft collection to a review set? -Currently, only the latest version of documents is indexed for search. That means when you run a draft collection, only the latest versions of documents are searched. If a document matches the keyword query for the collection, it is returned in the collection results. However, if the latest version of a document doesn't match a search query, the document won't be returned event if older versions of the document contain the keyword. To help mitigate this situation, Advanced eDiscovery gives you the ability to collect all versions of the document when you [commit a collection to a review set](commit-draft-collection.md#commit-a-draft-collection-to-a-review-set). That means any older version that may contain the keyword will be added to the review set. +Currently, only the latest version of documents is indexed for search. That means when you run a draft collection, only the latest versions of documents are searched. If a document matches the keyword query for the collection, it is returned in the collection results. However, if the latest version of a document doesn't match a search query, the document won't be returned event if older versions of the document contain the keyword. To help mitigate this situation, eDiscovery (Premium) gives you the ability to collect all versions of the document when you [commit a collection to a review set](commit-draft-collection.md#commit-a-draft-collection-to-a-review-set). That means any older version that may contain the keyword will be added to the review set. Historical versions are different and more efficient than "collecting all versions" because when you activate a site, all versions of a document (and not just the last version) are indexed for search. The result is that if an older version of a document contains a keyword that matches the search query, it will be returned by the collection.
compliance	Advanced Ediscovery Issuing Officers	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-issuing-officers.md	Title: "Manage issuing officers in Advanced eDiscovery" + Title: "Manage issuing officers in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "You can add organization-wide issuing officers in Advanced eDiscovery so they can be added to any custodial communication in any case in your organization." +description: "You can add organization-wide issuing officers in eDiscovery (Premium) so they can be added to any custodial communication in any case in your organization." -# Manage issuing officers in Advanced eDiscovery +# Manage issuing officers in eDiscovery (Premium) When you or others create a hold notification or other type of communication that is sent to a user who is a custodian in case, you have to specify an issuing officer. The notification is sent to the custodian on behalf of the specified issuing officer. For example, a paralegal in your organization might be responsible for creating and sending hold notifications to custodians in a case. In this scenario, the paralegal can specify an attorney in the organization as the issuing officer. Who can be specified as an issuing officer? There are two types of users who can be selected as an issuing officer for a custodian communication: This article explains how to add and remove users to the list of organization-wi ## Before you add an issuing officer -- You must be an eDiscovery Administrator in your organization to add or remove issuing officers. For more information, see [Assign eDiscovery permissions in the Microsoft 365 compliance center](assign-ediscovery-permissions.md) +- You must be an eDiscovery Administrator in your organization to add or remove issuing officers. For more information, see [Assign eDiscovery permissions in the Microsoft Purview compliance portal](assign-ediscovery-permissions.md) - The user who is added as an issuing officer must have an active mailbox in your Microsoft 365 organization. -- Your organization can have a maximum of 15 issuing officers. Members of a case who can be specified as an issuing officer aren't counted toward this limit. This limit only applies to the number of users that can be added to the Issuing officers page in Advanced eDiscovery. +- Your organization can have a maximum of 15 issuing officers. Members of a case who can be specified as an issuing officer aren't counted toward this limit. This limit only applies to the number of users that can be added to the Issuing officers page in eDiscovery (Premium). ## Add an issuing officer -1. In the Microsoft 365 compliance center, go to [Advanced eDiscovery](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click Advanced eDiscovery settings. +1. In the compliance portal, go to [eDiscovery (Premium)](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click eDiscovery (Premium) settings. - ![Select Advanced eDiscovery settings](..\media\HistoricalVersions1.png) + ![Select eDiscovery (Premium) settings](..\media\HistoricalVersions1.png) 2. On the Settings page, select the Issuing officers tab to display the Manage issuing officers page. After you add users as issuing officers, you or other users will be able to spec ## Remove an issuing officer -1. In the Microsoft 365 compliance center, go to [Advanced eDiscovery](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click Advanced eDiscovery settings. +1. In the compliance portal, go to [eDiscovery (Premium)](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click eDiscovery (Premium) settings. 2. On the Settings page, select the Issuing officers tab.
compliance	Advanced Ediscovery New Case Format	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-new-case-format.md	Title: "New case format in Advanced eDiscovery" + Title: "New case format in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Use the new case format in Advanced eDiscovery so you can add more items to review sets and take advantage of other increased limits and new functionality." +description: "Use the new case format in eDiscovery (Premium) so you can add more items to review sets and take advantage of other increased limits and new functionality." -# Use the new case format in Advanced eDiscovery +# Use the new case format in eDiscovery (Premium) -More organizations are using the Advanced eDiscovery solution in Microsoft 365 for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation. As usage of Advanced eDiscovery increases, a common customer requirement is to expand the total amount of content that can be managed in a single Advanced eDiscovery case. To help accommodate significant increases in case size, both for total data volume and the total number of items, you can now choose the new case format when you create an Advanced eDiscovery case. +More organizations are using the eDiscovery (Premium) solution in Microsoft Purview for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation. As usage of eDiscovery (Premium) increases, a common customer requirement is to expand the total amount of content that can be managed in a single eDiscovery (Premium) case. To help accommodate significant increases in case size, both for total data volume and the total number of items, you can now choose the new case format when you create an eDiscovery (Premium) case. ## Create a case -To create an Advanced eDiscovery case using the new case format: +To create an eDiscovery (Premium) case using the new case format: 1. Go to <https://compliance.microsoft.com> and sign in. -2. In the left navigation pane of the Microsoft 365 compliance center, click eDiscovery > Advanced. +2. In the left navigation pane of the Microsoft Purview compliance portal, click eDiscovery > Advanced. -3. On the Advanced eDiscovery page, click the Cases tab, and then click Create a case. +3. On the eDiscovery (Premium) page, click the Cases tab, and then click Create a case. The New eDiscovery case flyout page is displayed. The Case format section provides the option to create a case using the new format. To create an Advanced eDiscovery case using the new case format: The new case format allows you to manage cases that contain over 40 million items. This capability helps you effectively manage large volumes of case data through the entire eDiscovery workflow. -Here's a list of other benefits of large cases in Advanced eDiscovery workflow. +Here's a list of other benefits of large cases in eDiscovery (Premium) workflow. - Collection: In the new case format, you can collect up to 1 TB of data for a single collection. For each case, the collection settings will default to collect cloud Attachments and contextual Teams and Yammer content. These settings help to collect the full picture of digital communications within an investigation. For Teams and Yammer contextual conversations, the new case format will convert time-based snapshots of 1:1, 1: N and Channel conversations into HTML transcripts to help provide context of conversations and reduce the total number of items produced by chat-based content. -- Review: Each review set will support up to 1 TB of pre-expansion content. Additional metadata will be available for filters and queries including Team name, channel name and conversation name for Teams content. Each transcript will include time-based content for before and after the responsive item. For Channel conversations, the root post and all replies will be collected for responsive content. For more information, see [Advanced eDiscovery workflow for content in Microsoft Teams (preview)](teams-workflow-in-advanced-ediscovery.md) +- Review: Each review set will support up to 1 TB of pre-expansion content. Additional metadata will be available for filters and queries including Team name, channel name and conversation name for Teams content. Each transcript will include time-based content for before and after the responsive item. For Channel conversations, the root post and all replies will be collected for responsive content. For more information, see [eDiscovery (Premium) workflow for content in Microsoft Teams (preview)](teams-workflow-in-advanced-ediscovery.md) - Export: You can export large sets of content in a single export job. The new case format lets you can export 5 million documents or 500 GB, whichever is smaller in an export job. Additionally, the new case format includes an updated user interface that displays the total size of each review set in the case. Review set sizes are displayed in a column on the Review sets tab. -![New review set statistics in Advanced eDiscovery user interface.](..\media\LargeCaseUI.png) +![New review set statistics in eDiscovery (Premium) user interface.](..\media\LargeCaseUI.png) ## Frequently asked questions Use review set filters to filter by message kind or to exclude cloud attachments When exporting chat conversation transcripts, will the load file contain all of the expanded metadata and a single item for each transcript? -All metadata for a conversation is embedded in the HTML transcript file. Many of the common fields are available in the load file. For more information about exported metadata, see [Document metadata fields in Advanced eDiscovery](document-metadata-fields-in-Advanced-eDiscovery.md). +All metadata for a conversation is embedded in the HTML transcript file. Many of the common fields are available in the load file. For more information about exported metadata, see [Document metadata fields in eDiscovery (Premium)](document-metadata-fields-in-Advanced-eDiscovery.md).
compliance	Alert Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/alert-policies.md	- seo-marvel-apr2020 - admindeeplinkCOMPLIANCE - admindeeplinkDEFENDER -description: "Create alert policies in the Microsoft 365 compliance center or the Microsoft 365 Defender portal to monitor potential threats, data loss, and permissions issues." +description: "Create alert policies in the Microsoft Purview compliance portal or the Microsoft 365 Defender portal to monitor potential threats, data loss, and permissions issues." # Alert policies in Microsoft 365 -You can use alert policies and the alert dashboard in the Microsoft 365 compliance center or the Microsoft 365 Defender portal to create alert policies and then view the alerts generated when users perform activities that match the conditions of an alert policy. There are several default alert policies that help you monitor activities such as assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing. +You can use alert policies and the alert dashboard in the Microsoft Purview compliance portal or the Microsoft 365 Defender portal to create alert policies and then view the alerts generated when users perform activities that match the conditions of an alert policy. There are several default alert policies that help you monitor activities such as assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing. > [!TIP] > Go to the [Default alert policies](#default-alert-policies) section in this article for a list and description of the available alert policies. Here's a quick overview of how alert policies work and the alerts that are trigg ![Overview of how alert policies work.](../media/M365ComplianceDefender-AlertPolicies-Overview.png) -1. An admin in your organization creates, configures, and turns on an alert policy by using the Alert policies page in the Microsoft 365 compliance center or the Microsoft 365 Defender portal. You can also create alert policies by using the [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert) cmdlet in Security & Compliance Center PowerShell. +1. An admin in your organization creates, configures, and turns on an alert policy by using the Alert policies page in the compliance portal or the Microsoft 365 Defender portal. You can also create alert policies by using the [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert) cmdlet in Security & Compliance Center PowerShell. - To create alert policies, you have to be assigned the Manage Alerts role or the Organization Configuration role in the Microsoft 365 compliance center or the Defender portal. + To create alert policies, you have to be assigned the Manage Alerts role or the Organization Configuration role in the compliance portal or the Defender portal. > [!NOTE] > It takes up to 24 hours after creating or updating an alert policy before alerts can be triggered by the policy. This is because the policy has to be synced to the alert detection engine. 2. A user performs an activity that matches the conditions of an alert policy. In the case of malware attacks, infected email messages sent to users in your organization trigger an alert. -3. Microsoft 365 generates an alert that's displayed on the Alerts page in Microsoft 365 compliance center or Defender portal. Also, if email notifications are enabled for the alert policy, Microsoft sends a notification to a list of recipients. The alerts that an admin or other users can see that on the Alerts page is determined by the roles assigned to the user. For more information, see [RBAC permissions required to view alerts](#rbac-permissions-required-to-view-alerts). +3. Microsoft 365 generates an alert that's displayed on the Alerts page in compliance portal or Defender portal. Also, if email notifications are enabled for the alert policy, Microsoft sends a notification to a list of recipients. The alerts that an admin or other users can see that on the Alerts page is determined by the roles assigned to the user. For more information, see [RBAC permissions required to view alerts](#rbac-permissions-required-to-view-alerts). 4. An admin manages alerts in the compliance center. Managing alerts consists of assigning an alert status to help track and manage any investigation. An alert policy consists of a set of rules and conditions that define the user o To view and create alert policies: -### Microsoft 365 compliance center +### Microsoft Purview compliance portal -Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, and then select Policies > Alert > Alert policies. +Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>, and then select Policies > Alert > Alert policies. ![In the compliance center, select Policies,and under Alert, select Alert policies to view and create alert policies.](../media/LaunchAlertPoliciesMCC.png) The table also indicates the Office 365 Enterprise and Office 365 US Government \|Unusual increase in email reported as phish\|Generates an alert when there's a significant increase in the number of people in your organization using the Report Message add-in in Outlook to report messages as phishing mail. This policy has a Medium severity setting. For more information about this add-in, see [Use the Report Message add-in](https://support.office.com/article/b5caa9f1-cdf3-4443-af8c-ff724ea719d2).\|Threat management\|No\|E5/G5 or Defender for Office 365 P2 add-on subscription\| \|User impersonation phish delivered to inbox/folder<sup>1,</sup><sup>2</sup>\|Generates an alert when Microsoft detects that an admin or user override has allowed the delivery of a user impersonation phishing message to the inbox (or other user-accessible folder) of a mailbox. Examples of overrides include an inbox or mail flow rule that allows messages from a specific sender or domain, or an anti-spam policy that allows messages from specific senders or domains. This policy has a Medium severity setting.\|Threat management\|No\|E5/G5 or Defender for Office 365 P2 add-on subscription\| \|User requested to release a quarantined message\|Generates an alert when a user requests release for a quarantined message. To request the release of quarantined messages, the Allow recipients to request a message to be released from quarantine (_PermissionToRequestRelease_) permission is required in the quarantine policy (for example, from the Limited access preset permissions group). For more information, see [Allow recipients to request a message to be released from quarantine permission](../security/office-365-security/quarantine-policies.md#allow-recipients-to-request-a-message-to-be-released-from-quarantine-permission). This policy has an Informational severity setting.\|Threat management\|No\|E1/F1/G1, E3/F3/G3, or E5/G5\| -\|User restricted from sending email\|Generates an alert when someone in your organization is restricted from sending outbound mail. This typically results when an account is compromised, and the user is listed on the Restricted Users page in the Microsoft 365 compliance center. (To access this page, go to Threat management > Review > Restricted Users). This policy has a High severity setting. For more information about restricted users, see [Removing a user, domain, or IP address from a block list after sending spam email](/office365/securitycompliance/removing-user-from-restricted-users-portal-after-spam).\|Threat management\|Yes\|E1/F1/G1, E3/F3/G3, or E5/G5\| +\|User restricted from sending email\|Generates an alert when someone in your organization is restricted from sending outbound mail. This typically results when an account is compromised, and the user is listed on the Restricted Users page in the compliance portal. (To access this page, go to Threat management > Review > Restricted Users). This policy has a High severity setting. For more information about restricted users, see [Removing a user, domain, or IP address from a block list after sending spam email](/office365/securitycompliance/removing-user-from-restricted-users-portal-after-spam).\|Threat management\|Yes\|E1/F1/G1, E3/F3/G3, or E5/G5\| \|User restricted from sharing forms and collecting responses\|Generates an alert when someone in your organization has been restricted from sharing forms and collecting responses using Microsoft Forms due to detected repeated phishing attempt behavior. This policy has a High severity setting.\|Threat management\|No\|E1, E3/F3, or E5\| > [!NOTE] When an activity performed by users in your organization matches the settings of To view alerts: -### Microsoft 365 compliance center +### Microsoft Purview compliance portal Go to <https://compliance.microsoft.com> and then select Alerts. Alternatively, you can go directly to <https://compliance.microsoft.com/compliancealerts>. -![In the Microsoft 365 compliance center, select Alerts.](../media/ViewAlertsMCC.png) +![In the compliance portal, select Alerts.](../media/ViewAlertsMCC.png) ### Microsoft 365 Defender portal Keep the following things in mind about alert aggregation: ## RBAC permissions required to view alerts -The Role Based Access Control (RBAC) permissions assigned to users in your organization determine which alerts a user can see on the Alerts page. How is this accomplished? The management roles assigned to users (based on their membership in role groups in the Microsoft 365 compliance center or the Microsoft 365 Defender portal) determine which alert categories a user can see on the Alerts page. Here are some examples: +The Role Based Access Control (RBAC) permissions assigned to users in your organization determine which alerts a user can see on the Alerts page. How is this accomplished? The management roles assigned to users (based on their membership in role groups in the compliance portal or the Microsoft 365 Defender portal) determine which alert categories a user can see on the Alerts page. Here are some examples: - Members of the Records Management role group can view only the alerts that are generated by alert policies that are assigned the Information governance category. The Role Based Access Control (RBAC) permissions assigned to users in your organ This design (based on RBAC permissions) lets you determine which alerts can be viewed (and managed) by users in specific job roles in your organization. -The following table lists the roles that are required to view alerts from the six different alert categories. The first column in the tables lists all roles in the Microsoft 365 compliance center or the Microsoft 365 Defender portal. A check mark indicates that a user who is assigned that role can view alerts from the corresponding alert category listed in the top row. +The following table lists the roles that are required to view alerts from the six different alert categories. The first column in the tables lists all roles in the compliance portal or the Microsoft 365 Defender portal. A check mark indicates that a user who is assigned that role can view alerts from the corresponding alert category listed in the top row. To see which category a default alert policy is assigned to, see the table in [Default alert policies](#default-alert-policies). To see which category a default alert policy is assigned to, see the table in [D > $RoleGroups \| foreach {Write-Output -InputObject `r`n,$_.Name,"--"; Get-RoleGroup $_.Identity \| Select-Object -ExpandProperty Roles} > ``` > -> You can also view the roles assigned to a role group in the Microsoft 365 compliance center or the Microsoft 365 Defender portal. Go to the Permissions page, and select a role group. The assigned roles are listed on the flyout page. +> You can also view the roles assigned to a role group in the compliance portal or the Microsoft 365 Defender portal. Go to the Permissions page, and select a role group. The assigned roles are listed on the flyout page. <a name="manage-alerts"></a> Here are some tasks you can perform to manage alerts. Alerts that are triggered by Office 365 Cloud App Security policies are now displayed on the Alerts page in the compliance center. This includes alerts that are triggered by activity policies and alerts that are triggered by anomaly detection policies in Office 365 Cloud App Security. This means you can view all alerts in the compliance center. Office 365 Cloud App Security is only available for organizations with an Office 365 Enterprise E5 or Office 365 US Government G5 subscription. For more information, see [Overview of Defender for Cloud Apps](/cloud-app-security/what-is-cloud-app-security). -Organizations that have Microsoft Defender for Cloud Apps as part of an Enterprise Mobility + Security E5 subscription or as a standalone service can also view Defender for Cloud Apps alerts that are related to Microsoft 365 apps and services in the Microsoft 365 compliance center or the Microsoft 365 Defender portal. +Organizations that have Microsoft Defender for Cloud Apps as part of an Enterprise Mobility + Security E5 subscription or as a standalone service can also view Defender for Cloud Apps alerts that are related to Microsoft 365 apps and services in the compliance portal or the Microsoft 365 Defender portal. To display only Defender for Cloud Apps alerts in the compliance center or the Defender portal, use the Source filter and select Defender for Cloud Apps.
compliance	Analyzing Data In Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/analyzing-data-in-review-set.md	Title: "Analyze data in a review set in Advanced eDiscovery" + Title: "Analyze data in a review set in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: Learn about the tools available to organize document sets when analyzing an Advanced eDiscovery case. +description: Learn about the tools available to organize document sets when analyzing an Microsoft Purview eDiscovery (Premium) case. -# Analyze data in a review set in Advanced eDiscovery +# Analyze data in a review set in eDiscovery (Premium) -When the number of collected documents is large, it can be difficult to review them all. Advanced eDiscovery provides a number of tools to analyze the documents to reduce the volume of documents to be reviewed without any loss in information, and to help you organize the documents in a coherent manner. To learn more about these capabilities, see: +When the number of collected documents is large, it can be difficult to review them all. Microsoft Purview eDiscovery (Premium) provides a number of tools to analyze the documents to reduce the volume of documents to be reviewed without any loss in information, and to help you organize the documents in a coherent manner. To learn more about these capabilities, see: - [Near duplicate detection](near-duplicate-detection-in-advanced-ediscovery.md) The following list describes the result of the filter query in terms of what con - Teams conversations. All Teams (and Yammer) conversations in the review set are displayed. -For more information about inclusive types and document uniqueness, see [Email threading in Advanced eDiscovery](email-threading-in-advanced-ediscovery.md). +For more information about inclusive types and document uniqueness, see [Email threading in eDiscovery (Premium)](email-threading-in-advanced-ediscovery.md). > [!NOTE] -> During the public preview of [the new case format](advanced-ediscovery-new-case-format.md) in Advanced eDiscovery, the For Review filter query did not return Teams or Yammer conversations for review sets (in cases that use the large case format) created before November 4, 2021. This issue has been resolved. That means if you reapply the For Review query to a review set in a case that uses the large case format, more items that match the filter query may be displayed because all Teams or Yammer conversations are included. +> During the public preview of [the new case format](advanced-ediscovery-new-case-format.md) in eDiscovery (Premium), the For Review filter query did not return Teams or Yammer conversations for review sets (in cases that use the large case format) created before November 4, 2021. This issue has been resolved. That means if you reapply the For Review query to a review set in a case that uses the large case format, more items that match the filter query may be displayed because all Teams or Yammer conversations are included. ## Analytics report
compliance	Apply Irm To A List Or Library	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-irm-to-a-list-or-library.md	Title: "Apply Information Rights Management (IRM) to a list or library" + Title: "Apply IRM to a list or library" f1.keywords: - NOCSH # Apply Information Rights Management (IRM) to a list or library + You can use Information Rights Management (IRM) to help control and protect files that are downloaded from lists or libraries. This feature is only supported in the Microsoft global cloud. IRM is not supported for SharePoint lists and libraries in national cloud deployments. ## Administrator preparations before applying IRM
compliance	Apply Retention Labels Automatically	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md	Title: "Automatically apply a retention label to retain or delete content" + Title: "Automatically apply a retention label" f1.keywords: - NOCSH description: Create auto-labeling retention policies so you can automatically ap # Automatically apply a retention label to retain or delete content + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] Use the following instructions for the two admin steps. ## Before you begin -The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see the permissions information for [records management](get-started-with-records-management.md#permissions) or [information governance](get-started-with-information-governance.md#permissions-for-retention-policies-and-retention-labels), depending on the solution you're using. +The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see the permissions information for [records management](get-started-with-records-management.md#permissions) or [data lifeycle management](get-started-with-data-lifecycle-management.md#permissions-for-retention-policies-and-retention-labels), depending on the solution you're using. Make sure you have [created the retention labels](file-plan-manager.md#create-retention-labels) you want to apply to items. Decide before you create your retention label policy whether it will be adapti When you create an auto-apply policy, you select a retention label to automatically apply to content, based on the conditions that you specify. -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com/), navigate to one of the following locations: +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), navigate to one of the following locations: - If you are using records management: - Solutions > Records management > > Label policies tab > Auto-apply a label - - If you are using information governance: - - Solutions > Information governance > Label policies tab > Auto-apply a label + - If you are using data lifeycle management: + - Solutions > Data lifeycle management > Label policies tab > Auto-apply a label Don't immediately see your solution in the navigation pane? First select Show all. Additionally, SharePoint items that are in draft or that have never been publish > > Although group mailboxes would usually be included by selecting the Microsoft 365 Groups location, for this specific policy configuration, the groups location includes only SharePoint sites connected to a Microsoft 365 group. -When you create auto-apply retention label policies for sensitive information, you see the same list of policy templates as when you create a data loss prevention (DLP) policy. Each template is preconfigured to look for specific types of sensitive information. In the following example, the sensitive info types are from the Privacy category, and U.S Personally Identifiable Information (PII) Data template: +When you create auto-apply retention label policies for sensitive information, you see the same list of policy templates as when you create a Microsoft Purview Data Loss Prevention (DLP) policy. Each template is preconfigured to look for specific types of sensitive information. In the following example, the sensitive info types are from the Privacy category, and U.S Personally Identifiable Information (PII) Data template: ![Policy templates with sensitive information types.](../media/sensitive-info-configuration.png) When you auto-apply retention labels based on sensitive information, keywords or ![Diagram of when auto-apply labels take effect.](../media/retention-labels-autoapply-timings.png) -If the expected labels don't appear after seven days, check the Status of the auto-apply policy by selecting it from the Label policies page in the compliance center. If you see the status of Off (Error) and in the details for the locations see a message that it's taking longer than expected to deploy the policy (for SharePoint) or to try redeploying the policy (for OneDrive), try running the [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: +If the expected labels don't appear after seven days, check the Status of the auto-apply policy by selecting it from the Label policies page in the Microsoft Purview compliance portal. If you see the status of Off (Error)** and in the details for the locations see a message that it's taking longer than expected to deploy the policy (for SharePoint) or to try redeploying the policy (for OneDrive), try running the [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: 1. [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell).
compliance	Apply Sensitivity Label Automatically	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-sensitivity-label-automatically.md	Title: "Automatically apply a sensitivity label to content in Microsoft 365" + Title: "Automatically apply a sensitivity label in Microsoft 365" f1.keywords: - NOCSH description: "When you create a sensitivity label, you can automatically assign # Apply a sensitivity label to content automatically + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] -> For information about automatically applying a sensitivity label in Azure Purview, see [Labeling in Azure Purview](/azure/purview/create-sensitivity-label). +> For information about automatically applying a sensitivity label in Microsoft Purview Data Map, see [Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label). When you create a sensitivity label, you can automatically assign that label to files and emails when it matches conditions that you specify. There are two different methods for automatically applying a sensitivity label t Specific to auto-labeling for Exchange: - Unlike manual labeling or auto-labeling with Office apps, PDF attachments as well as Office attachments are also scanned for the conditions you specify in your auto-labeling policy. When there's a match, the email is labeled but not the attachment. - - For PDF files, if the label applies encryption, these files are encrypted by using [Office 365 Message Encryption (OME)](ome.md) when your tenant is [enabled for PDF attachments](ome-faq.yml#are-pdf-file-attachments-supported-). - - For these Office files, Word, PowerPoint, and Excel are supported. If the label applies encryption, they're encrypted by using [Office 365 Message Encryption (OME)](ome.md). - - If you have Exchange mail flow rules or data loss prevention (DLP) policies that apply IRM encryption: When content is identified by these rules or policies and an auto-labeling policy, the label is applied. If that label applies encryption, the IRM settings from the Exchange mail flow rules or DLP policies are ignored. However, if that label doesn't apply encryption, the IRM settings from the mail flow rules or DLP policies are applied in addition to the label. + - For PDF files, if the label applies encryption, these files are encrypted by using [Message encryption](ome.md) when your tenant is [enabled for PDF attachments](ome-faq.yml#are-pdf-file-attachments-supported-). + - For these Office files, Word, PowerPoint, and Excel are supported. If the label applies encryption, they're encrypted by using [Message encryption](ome.md). + - If you have Exchange mail flow rules or Microsoft Purview Data Loss Prevention (DLP) policies that apply IRM encryption: When content is identified by these rules or policies and an auto-labeling policy, the label is applied. If that label applies encryption, the IRM settings from the Exchange mail flow rules or DLP policies are ignored. However, if that label doesn't apply encryption, the IRM settings from the mail flow rules or DLP policies are applied in addition to the label. - Email that has IRM encryption with no label will be replaced by a label with any encryption settings when there's a match by using auto-labeling. - Incoming email is labeled when there is a match with your auto-labeling conditions. If this label is configured for [encryption](encryption-sensitivity-labels.md), that encryption is always applied when the sender is from your organization. By default, that encryption isn't applied when the sender is outside your organization but can be applied by configuring Additional settings for email and specifying a Rights Management owner. - When the label applies encryption, the [Rights Management issuer and Rights Management owner](/azure/information-protection/configure-usage-rights#rights-management-issuer-and-rights-management-owner) is the person who sends the email when the sender is from your own organization. When the sender is outside your organization, you can specify a Rights Management owner for incoming email that's labeled and encrypted by your policy. Use the following table to help you identify the differences in behavior for the \|Assign a Rights Management owner for emails sent from another organization \|No \|Yes\| \|For emails, replace existing label that has same or lower priority \|No \|Yes (configurable)\| -\* Auto-labeling isn't currently available in all regions because of a backend Azure dependency. If your tenant can't support this functionality, the Auto-labeling tab isn't visible in the compliance center. For more information, see [Azure dependency availability by country](/troubleshoot/azure/general/dependency-availability-by-country). +\* Auto-labeling isn't currently available in all regions because of a backend Azure dependency. If your tenant can't support this functionality, the Auto-labeling tab isn't visible in the Microsoft Purview compliance portal. For more information, see [Azure dependency availability by country](/troubleshoot/azure/general/dependency-availability-by-country). ## How multiple conditions are evaluated when they apply to more than one label Default behavior whether automatic labeling will override an existing label: - Automatic labeling will replace a [lower priority sensitivity label](sensitivity-labels.md#label-priority-order-matters) that was automatically applied, but not a higher priority label. > [!TIP] - > For example, the sensitivity label at the top of the list in the compliance center is named Public with an order number (priority) of 0, and the sensitivity label at the bottom of the list is named Highly Confidential with an order number (priority of 4). The Highly Confidential label can override the Public label but not the other way around. + > For example, the sensitivity label at the top of the list in the Microsoft Purview compliance portal is named Public with an order number (priority) of 0, and the sensitivity label at the bottom of the list is named Highly Confidential with an order number (priority of 4). The Highly Confidential label can override the Public label but not the other way around. For email auto-labeling policies only, you can select a setting to always override an existing sensitivity label, regardless of how it was applied. Finally, you can use simulation mode to provide an approximation of the time nee ### Creating an auto-labeling policy -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, navigate to sensitivity labels: +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, navigate to sensitivity labels: - Solutions > Information protection
compliance	Archive 17A 4 Blackberry Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-blackberry-data.md	description: "Learn how to set up and use a 17a-4 BlackBerry DataParser connecto Use the [BlackBerry DataParser](https://www.17a-4.com/BlackBerry-dataparser/) from 17a-4 LLC to import and archive BlackBerry enterprise data to user mailboxes in your Microsoft 365 organization. The DataParser includes a BlackBerry connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The BlackBerry DataParser connector converts BlackBerry data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After BlackBerry data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a BlackBerry connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After BlackBerry data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a BlackBerry connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving BlackBerry data The following overview explains the process of using a data connector to archive 2. On a regular basis, BlackBerry items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The BlackBerry DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The BlackBerry DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named BlackBerry DataParser is created in the user mailboxes, and the BlackBerry items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every BlackBerry item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the BlackBerry DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the BlackBerry DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a BlackBerry DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for BlackBerry data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for BlackBerry data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > BlackBerry DataParser. The BlackBerry DataParser connector will automatically map users to their Micros ## Step 4: Monitor the BlackBerry DataParser connector -After you create a BlackBerry DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a BlackBerry DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Bloomberg Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-bloomberg-data.md	description: "Learn how to set up and use a 17a-4 Bloomberg DataParser connector Use the [Bloomberg DataParser](https://www.17a-4.com/Bloomberg-dataparser/) from 17a-4 LLC to import and archive data from Bloomberg to user mailboxes in your Microsoft 365 organization. The DataParser includes a Bloomberg connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Bloomberg DataParser connector converts Bloomberg data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Bloomberg data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Bloomberg data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Bloomberg data The following overview explains the process of using a data connector to archive 2. On a regular basis, Bloomberg items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Bloomberg DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Bloomberg DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Bloomberg DataParser is created in the user mailboxes, and the Bloomberg items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Bloomberg item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Bloomberg DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Bloomberg DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Bloomberg DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Bloomberg data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Bloomberg data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Bloomberg DataParser. The Bloomberg DataParser connector will automatically map users to their Microso ## Step 4: Monitor the Bloomberg DataParser connector -After you create a Bloomberg DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Bloomberg DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Cisco Jabber Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-cisco-jabber-data.md	description: "Learn how to set up and use a 17a-4 Cisco Jabber DataParser connec Use the [Cisco Jabber DataParser](https://www.17a-4.com/jabber-dataparser/) from 17a-4 LLC to import and archive data from Cisco Jabber to user mailboxes in your Microsoft 365 organization. The DataParser includes a Cisco Jabber connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Cisco Jabber DataParser connector converts Cisco Jabber data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Cisco Jabber data The following overview explains the process of using a data connector to archive 2. On a regular basis, Cisco Jabber items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Cisco Jabber DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Cisco Jabber DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Cisco Jabber DataParser is created in the user mailboxes, and the Cisco Jabber items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Cisco Jabber item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Cisco Jabber DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Cisco Jabber DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Cisco Jabber DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Cisco Jabber data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Cisco Jabber data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Cisco Jabber DataParser. The Cisco Jabber DataParser connector will automatically map users to their Micr ## Step 4: Monitor the Cisco Jabber DataParser connector -After you create a Cisco Jabber DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Cisco Jabber DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Factset Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-factset-data.md	description: "Learn how to set up and use a 17a-4 FactSet DataParser connector t Use the [FactSet DataParser](https://www.17a-4.com/factset-dataparser/) from 17a-4 LLC to import and archive data from the FactSet platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a FactSet connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The FactSet DataParser connector converts FactSet data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After FactSet data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FactSet connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After FactSet data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FactSet connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving FactSet data The following overview explains the process of using a data connector to archive 2. On a regular basis, FactSet items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The FactSet DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The FactSet DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named FactSet DataParser is created in the user mailboxes, and the FactSet items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every FactSet item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the FactSet DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the FactSet DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a FactSet DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for FactSet data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for FactSet data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > FactSet DataParser. The FactSet DataParser connector will automatically map users to their Microsoft ## Step 4: Monitor the FactSet DataParser connector -After you create a FactSet DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a FactSet DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Fuze Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fuze-data.md	description: "Learn how to set up and use a 17a-4 Fuze DataParser connector to i Use the [Fuze DataParser](https://www.17a-4.com/fuze-dataparser/) from 17a-4 LLC to import and archive data from Fuze to user mailboxes in your Microsoft 365 organization. The DataParser includes a Fuze connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Fuze DataParser connector converts Fuze data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Fuze data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Fuze connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Fuze data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Fuze connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Fuze data The following overview explains the process of using a data connector to archive 2. On a regular basis, Fuze items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Fuze DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Fuze DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Fuze DataParser is created in the user mailboxes, and the Fuze items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Fuze item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Fuze DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Fuze DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Fuze DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Fuze data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Fuze data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Fuze DataParser. The Fuze DataParser connector will automatically map users to their Microsoft 36 ## Step 4: Monitor the Fuze DataParser connector -After you create a Fuze DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Fuze DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Fxconnect Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fxconnect-data.md	description: "Learn how to set up and use a 17a-4 FX Connect DataParser connecto Use the [FX Connect DataParser](https://www.17a-4.com/dataparser-roadmap/) from 17a-4 LLC to import and archive data from FX Connect to user mailboxes in your Microsoft 365 organization. The DataParser includes a FX Connect connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The FX Connect DataParser connector converts FX Connect data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After FX Connect data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After FX Connect data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving FX Connect data The following overview explains the process of using a data connector to archive 2. On a regular basis, FX Connect items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The FX Connect DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The FX Connect DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named FX Connect DataParser is created in the user mailboxes, and the FX Connect items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every FX Connect item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the FX Connect DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the FX Connect DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a FX Connect DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for FX Connect data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for FX Connect data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > FX Connect DataParser. The FX Connect DataParser connector will automatically map users to their Micros ## Step 4: Monitor the FX Connect DataParser connector -After you create a FX Connect DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a FX Connect DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Ice Im Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-ice-im-data.md	description: "Learn how to set up and use a 17a-4 ICE Connect Chat DataParser co Use the [ICE DataParser](https://www.17a-4.com/ice-dataparser/) from 17a-4 LLC to import and archive data from ICE Connect Chat to user mailboxes in your Microsoft 365 organization. The DataParser includes an ICE Chat connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The ICE DataParser connector converts ICE Connect Chat data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After ICE Connect Chat data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an ICE DataParser connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After ICE Connect Chat data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an ICE DataParser connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving ICE Chat data The following overview explains the process of using a data connector to archive 2. On a regular basis, ICE Connect Chat items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The ICE DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The ICE DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named ICE DataParser is created in the user mailboxes, and the ICE Connect Chat items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every ICE Connect Chat item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the ICE DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the ICE DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up an ICE DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for ICE Connect Chat data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for ICE Connect Chat data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > ICE DataParser. The ICE DataParser connector will automatically map users to their Microsoft 365 ## Step 4: Monitor the ICE DataParser connector -After you create an ICE DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create an ICE DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Investedge Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-investedge-data.md	description: "Learn how to set up and use a 17a-4 InvestEdge DataParser connecto Use the [InvestEdge DataParser](https://www.17a-4.com/investedge-dataparser/) from 17a-4 LLC to import and archive data from InvestEdge to user mailboxes in your Microsoft 365 organization. The DataParser includes a InvestEdge connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The InvestEdge DataParser connector converts InvestEdge data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After InvestEdge data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a InvestEdge connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After InvestEdge data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a InvestEdge connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving InvestEdge data The following overview explains the process of using a data connector to archive 2. On a regular basis, InvestEdge items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The InvestEdge DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The InvestEdge DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named InvestEdge DataParser is created in the user mailboxes, and the InvestEdge items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every InvestEdge item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the InvestEdge DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the InvestEdge DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a InvestEdge DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for InvestEdge data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for InvestEdge data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > InvestEdge DataParser. The InvestEdge DataParser connector will automatically map users to their Micros ## Step 4: Monitor the InvestEdge DataParser connector -After you create a InvestEdge DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a InvestEdge DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Liveperson Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-liveperson-data.md	description: "Learn how to set up and use a 17a-4 LivePerson Conversational Clou Use the [LivePerson Conversational Cloud DataParser](https://www.17a-4.com/liveperson-dataparser/) from 17a-4 LLC to import and archive data from LivePerson Conversational Cloud to user mailboxes in your Microsoft 365 organization. The DataParser includes a LivePerson Conversational Cloud connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The LivePerson Conversational Cloud DataParser connector converts data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a LivePerson Conversational Cloud connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a LivePerson Conversational Cloud connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving LivePerson Conversational Cloud data The following overview explains the process of using a data connector to archive 2. On a regular basis, LivePerson Conversational Cloud items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The LivePerson Conversational Cloud DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The LivePerson Conversational Cloud DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named LivePerson Conversational Cloud DataParser is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the LivePerson Conversational Cloud DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the LivePerson Conversational Cloud DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a LivePerson Conversational Cloud DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for LivePerson Conversational Cloud data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for LivePerson Conversational Cloud data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > LivePerson Conversational Cloud DataParser. The LivePerson Conversational Cloud DataParser connector will automatically map ## Step 4: Monitor the LivePerson Conversational Cloud DataParser connector -After you create a LivePerson Conversational Cloud DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a LivePerson Conversational Cloud DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Quip Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-quip-data.md	description: "Learn how to set up and use a 17a-4 Quip DataParser connector to i Use the [Quip DataParser](https://www.17a-4.com/quip-dataparser/) from 17a-4 LLC to import and archive data from Quip to user mailboxes in your Microsoft 365 organization. The DataParser includes a Quip connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Quip DataParser connector converts Quip data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Quip data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Quip connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Quip data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Quip connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Quip data The following overview explains the process of using a data connector to archive 2. On a regular basis, Quip items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Quip DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Quip DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Quip DataParser is created in the user mailboxes, and the Quip items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Quip item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Quip DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Quip DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Quip DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Quip data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Quip data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Quip DataParser. The Quip DataParser connector will automatically map users to their Microsoft 36 ## Step 4: Monitor the Quip DataParser connector -After you create a Quip DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Quip DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Refinitiv Messenger Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-refinitiv-messenger-data.md	description: "Learn how to set up and use a 17a-4 Refinitiv Eikon Messenger Data Use the [Refinitiv Eikon Messenger DataParser](https://www.17a-4.com/refinitiv-messenger-dataparser/) from 17a-4 LLC to import and archive data from Refinitiv Eikon Messenger to user mailboxes in your Microsoft 365 organization. The DataParser includes a Refinitiv Eikon Messenger connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Refinitiv Eikon Messenger DataParser connector converts Refinitiv Eikon Messenger data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Refinitiv Eikon Messenger data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Refinitiv Eikon Messenger connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Refinitiv Eikon Messenger data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Refinitiv Eikon Messenger connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Refinitiv Eikon Messenger data The following overview explains the process of using a data connector to archive 2. Regularly, Refinitiv Eikon Messenger items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Refinitiv Eikon Messenger DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Refinitiv Eikon Messenger DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Refinitiv Eikon Messenger DataParser is created in the user mailboxes, and the Refinitiv Eikon Messenger items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Refinitiv Eikon Messenger item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do create an account, contact [17a-4 LLC](https://www.17a-4.com/contact/). You will need to sign into this account when you create the connector in Step 1. -- The user who creates the Refinitiv Eikon Messenger DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Refinitiv Eikon Messenger DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP-compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP-compliant. ## Step 1: Set up a Refinitiv Eikon Messenger DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Refinitiv Eikon Messenger data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Refinitiv Eikon Messenger data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Refinitiv Eikon Messenger DataParser. The Refinitiv Eikon Messenger DataParser connector will automatically map users ## Step 4: Monitor the Refinitiv Eikon Messenger DataParser connector -After you create a Refinitiv Eikon Messenger DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Refinitiv Eikon Messenger DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Servicenow Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-servicenow-data.md	description: "Learn how to set up and use a 17a-4 ServiceNow DataParser connecto Use the [ServiceNow DataParser](https://www.17a-4.com/dataparser/) from 17a-4 LLC to import and archive data from ServiceNow to user mailboxes in your Microsoft 365 organization. The DataParser includes a ServiceNow connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The ServiceNow DataParser connector converts ServiceNow data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After ServiceNow data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After ServiceNow data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving ServiceNow data The following overview explains the process of using a data connector to archive 2. On a regular basis, ServiceNow items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The ServiceNow DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The ServiceNow DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named ServiceNow DataParser is created in the user mailboxes, and the ServiceNow items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every ServiceNow item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the ServiceNow DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the ServiceNow DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a ServiceNow DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for ServiceNow data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for ServiceNow data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > ServiceNow DataParser. The ServiceNow DataParser connector will automatically map users to their Micros ## Step 4: Monitor the ServiceNow DataParser connector -After you create a ServiceNow DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a ServiceNow DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Skype For Business Server Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-skype-for-business-server-data.md	description: "Learn how to set up and use a 17a-4 Skype for Business Server Data Use the [Skype Server DataParser](https://www.17a-4.com/skype-server-dataparser/) from 17a-4 LLC to import and archive data from a Skype for Business Server to user mailboxes in your Microsoft 365 organization. The DataParser includes a Skype for Business connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Skype for Business Server DataParser connector converts Skype for Business Server data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Skype for Business Server data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Skype for Business Server connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Skype for Business Server data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Skype for Business Server connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Skype for Business Server data The following overview explains the process of using a data connector to archive 2. On a regular basis, Skype for Business Server items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Skype for Business Server DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Skype for Business Server DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Skype for Business Server DataParser is created in the user mailboxes, and the Skype for Business Server items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Skype for Business Server item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Skype for Business Server DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Skype for Business Server DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Skype for Business Server DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Skype for Business Server data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Skype for Business Server data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Skype for Business Server DataParser. The Skype for Business Server DataParser connector will automatically map users ## Step 4: Monitor the Skype for Business Server DataParser connector -After you create a Skype for Business Server DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Skype for Business Server DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Slack Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-slack-data.md	description: "Learn how to set up and use a 17a-4 Slack DataParser connector to Use [DataParser from 17a-4 LLC](https://www.17a-4.com/slack-dataparser/) to import and archive data from the Slack platform to user mailboxes in your Microsoft 365 organization. DataParser includes a Slack connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Slack DataParser connector converts Slack data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Slack data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Slack data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Slack data The following overview explains the process of using a data connector to archive 2. On a regular basis, Slack items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Slack DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Slack DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Slack DataParser is created in the user mailboxes, and the Slack items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Slack item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Slack DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Slack DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Slack DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Slack data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Slack data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Slack DataParser. The Slack DataParser connector will automatically map users to their Microsoft 3 ## Step 4: Monitor the Slack DataParser connector -After you create a Slack DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Slack DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Sql Database Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-sql-database-data.md	description: "Learn how to set up and use a 17a-4 SQL DataParser connector to im Use the [SQL DataParser](https://www.17a-4.com/sql-dataparser/) from 17a-4 LLC to import and archive data from a SQL database to user mailboxes in your Microsoft 365 organization. The DataParser includes a SQL connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The SQL DataParser connector converts SQL data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After SQL data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a SQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After SQL data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a SQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving SQL data The following overview explains the process of using a data connector to archive 2. On a regular basis, SQL items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The SQL DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The SQL DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named SQL DataParser is created in the user mailboxes, and the SQL items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every SQL item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the SQL DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the SQL DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a SQL DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for SQL data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for SQL data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > SQL DataParser. The SQL DataParser connector will automatically map users to their Microsoft 365 ## Step 4: Monitor the SQL DataParser connector -After you create a SQL DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a SQL DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Symphony Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-symphony-data.md	description: "Learn how to set up and use a 17a-4 Symphony DataParser connector Use the [Symphony DataParser](https://www.17a-4.com/Symphony-dataparser/) from 17a-4 LLC to import and archive Symphony communications data to user mailboxes in your Microsoft 365 organization. The DataParser includes a Symphony connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Symphony DataParser connector converts Symphony data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Symphony data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Symphony data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Symphony data The following overview explains the process of using a data connector to archive 2. On a regular basis, Symphony items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Symphony DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Symphony DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Symphony DataParser is created in the user mailboxes, and the Symphony items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Symphony item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Symphony DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Symphony DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Symphony DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Symphony data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Symphony data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Symphony DataParser. The Symphony DataParser connector will automatically map users to their Microsof ## Step 4: Monitor the Symphony DataParser connector -After you create a Symphony DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Symphony DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Webex Teams Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-webex-teams-data.md	description: "Learn how to set up and use a 17a-4 Cisco Webex DataParser connect Use the [Cisco Webex DataParser](https://www.17a-4.com/webex-dataparser/) from 17a-4 LLC to import and archive data from the Cisco Cisco Webex platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a Cisco Webex connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Cisco Webex DataParser connector converts Cisco Webex data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Cisco Webex data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Webex connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Cisco Webex data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Webex connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Cisco Webex data The following overview explains the process of using a data connector to archive 2. On a regular basis, Cisco Webex items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Cisco Webex DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Cisco Webex DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Cisco Webex DataParser is created in the user mailboxes, and the Cisco Webex items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Cisco Webex item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Cisco Webex DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Cisco Webex DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Cisco Webex DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Cisco Webex data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Cisco Webex data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Cisco Webex DataParser. The Cisco Webex DataParser connector will automatically map users to their Micro ## Step 4: Monitor the Cisco Webex DataParser connector -After you create a Cisco Webex DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Cisco Webex DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive 17A 4 Zoom Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-zoom-data.md	description: "Learn how to set up and use a 17a-4 Zoom DataParser connector to i Use the [Zoom DataParser](https://www.17a-4.com/dataparser/) from 17a-4 LLC to import and archive data from the Zoom platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a Zoom connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Zoom DataParser connector converts Zoom data to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Zoom data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Zoom data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Zoom data The following overview explains the process of using a data connector to archive 2. On a regular basis, Zoom items are collected by the DataParser. The DataParser also converts the content of a message to an email message format. -3. The Zoom DataParser connector that you create in the Microsoft 365 compliance center connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Zoom DataParser connector that you create in the Microsoft Purview compliance portal connects to DataParser and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. A subfolder in the Inbox folder named Zoom DataParser is created in the user mailboxes, and the Zoom items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Zoom item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a data connector to archive - Create a DataParser account for Microsoft connectors. To do this, contact [17a-4 LLC](https://www.17a-4.com/contact/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Zoom DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Zoom DataParser connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This 17a-4 data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up a Zoom DataParser connector -The first step is to access to the Data connectors page in the Microsoft 365 compliance center and create a 17a-4 connector for Zoom data. +The first step is to access to the Data connectors page in the compliance portal and create a 17a-4 connector for Zoom data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Zoom DataParser. The Zoom DataParser connector will automatically map users to their Microsoft 36 ## Step 4: Monitor the Zoom DataParser connector -After you create a Zoom DataParser connector, you can view the connector status in the Microsoft 365 compliance center. +After you create a Zoom DataParser connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive Android Archiver Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-android-archiver-data.md	description: "Admins can set up a TeleMessage connector to import and archive SM # Set up a connector to archive Android mobile data -Use a TeleMessage connector in the Microsoft 365 compliance center to import and archive SMS, MMS, voice calls, and call logs from Android mobile phones. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage Android Archiver to mailboxes in Microsoft 365. +Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS, MMS, voice calls, and call logs from Android mobile phones. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage Android Archiver to mailboxes in Microsoft 365. -After data from Android mobile phones is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Android Archiver data. For example, you can search Android Archiver mobile communication using Content Search or associate the mailbox that contains the Android Archiver connector data with a custodian in an Advanced eDiscovery case. Using an Android Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After data from Android mobile phones is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Android Archiver data. For example, you can search Android Archiver mobile communication using Content Search or associate the mailbox that contains the Android Archiver connector data with a custodian in an eDiscovery (Premium) case. Using an Android Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Android mobile data The following overview explains the process of using a connector to archive Andr 2. In real time, SMS, MMS, voice calls, and call logs from your organization's Android mobile phones are copied to the TeleMessage site. -3. The Android Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the Android data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the Android data to an email message format. +3. The Android Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the Android data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the Android data to an email message format. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Android Archiver is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the User's Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. In addition to automatic user mapping using the value of the User's Email address property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain the mobile number and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every email item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile number, the connector will use the user's email address property of the email item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the User's email address property of the email item, the item won't be imported. Some of the implementation steps required to archive Android communication data - Install and activate the TeleMessage Android Archiver app on the mobile phones of your employees. -- The user who creates a Android Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Android Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create an Android Archiver connector -The last step is to create an Android Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer Android communication to the corresponding user mailbox boxes in Microsoft 365. +The last step is to create an Android Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer Android communication to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors > Android Archiver.
compliance	Archive Att Network Archiver Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-att-network-archiver-data.md	ms.localizationpriority: medium -description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the AT&T Mobile Network. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." +description: "Admins can set up a TeleMessage connector to import and archive SMS and MMS data from the AT&T Mobile Network. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." # Set up a connector to archive AT&T SMS/MMS data -Use a TeleMessage connector in the Microsoft 365 compliance center to import and archive SMS and MMS data from AT&T Mobile Network. After you set up and configure a connector, it connects to your organization's AT&T Network once every day, and imports SMS and MMS data to mailboxes in Microsoft 365. +Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS and MMS data from AT&T Mobile Network. After you set up and configure a connector, it connects to your organization's AT&T Network once every day, and imports SMS and MMS data to mailboxes in Microsoft Purview. -After SMS and MMS messages are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to AT&T Network data. For example, you can search AT&T Network data using Content Search or associate the mailbox that contains the AT&T Network connector data with a custodian in an Advanced eDiscovery case. Using a AT&T Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After SMS and MMS messages are stored in user mailboxes, you can apply Microsoft 365 Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to AT&T Network data. For example, you can search AT&T Network data using Content Search or associate the mailbox that contains the AT&T Network connector data with a custodian in an eDiscovery (Premium) case. Using a AT&T Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving AT&T Network data The following overview explains the process of using a connector to archive AT&T 2. In real time, SMS and MMS messages from your organization's AT&T Network are copied to the TeleMessage site. -3. The AT&T Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. +3. The AT&T Network connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. 4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named AT&T SMS/MMS Network Archiver is created in the user's mailbox and the items are imported to it. The connector does this mapping by using the value of the User's Email address property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message. Some of the implementation steps required to archive AT&T Network data are exter - Your employees must have corporate-owned and corporate-liable mobile phones on the AT&T mobile network. Archiving messages in Microsoft 365 isn't available for employee-owned or "Bring Your Own Devices (BYOD) devices. -- The user who creates a AT&T Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a AT&T Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a AT&T Network connector -After you've completed the prerequisites described in the previous section, you can create an AT&T Network connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create an AT&T Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors \ AT&T Network.
compliance	Archive Bell Network Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bell-network-data.md	description: "Admins can set up a TeleMessage connector to import and archive SM # Set up a connector to archive Bell Network data -Use a TeleMessage connector in the Microsoft 365 compliance center to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages from the Bell Network. After you set up and configure a connector, it connects to your organization's Bell Network once every day, and imports SMS and MMS messages to mailboxes in Microsoft 365. +Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages from the Bell Network. After you set up and configure a connector, it connects to your organization's Bell Network once every day, and imports SMS and MMS messages to mailboxes in Microsoft 365. -After the SMS and MMS messages are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Bell Network data. For example, you can search Bell Network SMS/MMS using Content Search or associate the mailbox that contains the Bell Network connector data with a custodian in an Advanced eDiscovery case. Using a Bell Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After the SMS and MMS messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Bell Network data. For example, you can search Bell Network SMS/MMS using Content Search or associate the mailbox that contains the Bell Network connector data with a custodian in an eDiscovery (Premium) case. Using a Bell Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Bell Network data The following overview explains the process of using a connector to archive Bell 2. In real time, SMS and MMS messages from your organization's Bell Network are copied to the TeleMessage site. -3. The Bell Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. +3. The Bell Network connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. 4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named Bell SMS/MMS Network Archiver is created in a specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the User's Email address property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message. Some of the implementation steps required to archive Bell Network data are exter - Your employees must have corporate-owned and corporate-liable mobile phones on the Bell mobile network. Archiving messages in Microsoft 365 isn't available for employee-owned or "Bring Your Own Devices (BYOD) devices. -- The user who creates a Bell Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Bell Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a Bell Network connector -The last step is to create a Bell Network connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS/ MMS messages to the corresponding user mailbox boxes in Microsoft 365. +The last step is to create a Bell Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS/ MMS messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click Data connectors > Bell SMS/MMS Network Archiver.
compliance	Archive Bloomberg Message Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bloomberg-message-data.md	description: "Administrators can set up a data connector to import and archive d # Set up a connector to archive Bloomberg Message data -Use a data connector in the Microsoft 365 compliance center to import and archive financial services email data from the [Bloomberg Message](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP (SFTP) site once every day, and imports email items to mailboxes in Microsoft 365. +Use a data connector in the Microsoft Purview compliance portal to import and archive financial services email data from the [Bloomberg Message](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP (SFTP) site once every day, and imports email items to mailboxes in Microsoft 365. -After Bloomberg Message data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation hold, content search, In-place archiving, auditing, Communication compliance, and Microsoft 365 retention policies to Bloomberg Message data. For example, you can search Bloomberg Message emails using the content search tool or associate the mailbox that contains the Bloomberg Message data with a custodian in an Advanced eDiscovery case. Using a Bloomberg Message connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Bloomberg Message data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation hold, content search, In-place archiving, auditing, Communication compliance, and Microsoft 365 retention policies to Bloomberg Message data. For example, you can search Bloomberg Message emails using the content search tool or associate the mailbox that contains the Bloomberg Message data with a custodian in an eDiscovery (Premium) case. Using a Bloomberg Message connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Bloomberg Message data The following overview explains the process of using a connector to archive Bloo 2. Once every 24 hours, email messages from Bloomberg Message are copied to the Bloomberg SFTP site. -3. The Bloomberg Message connector that you create in the Microsoft 365 compliance center connects to the Bloomberg SFTP site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +3. The Bloomberg Message connector that you create in the compliance portal connects to the Bloomberg SFTP site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 4. The connector imports the email message items to the mailbox of a specific user. A new folder named BloombergMessage is created in the specific user's mailbox and the items will be imported to it. Some of the implementation steps required to archive Bloomberg Message data are - The Bloomberg Message connector can import a total of 200,000 items in a single day. If there are more than 200,000 items on the SFTP site, none of those items will be imported to Microsoft 365. -- The user who creates a Bloomberg Message connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Bloomberg Message connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Set up a connector using public keys The next step is to use the PGP and SSH public keys and the IP address that you ### Step 3: Create a Bloomberg Message connector -The last step is to create a Bloomberg Message connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. +The last step is to create a Bloomberg Message connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav. You need to work with Bloomberg customer support to configure your Bloomberg SFT ### Step 2: Create a Bloomberg Message connector -After your Bloomberg SFTP site is configured, the next step is to create a Bloomberg Message connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site. +After your Bloomberg SFTP site is configured, the next step is to create a Bloomberg Message connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive Celltrust Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-celltrust-data.md	description: "Admins can set up a connector to import and archive CellTrust data # Set up a connector to archive CellTrust data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the CellTrust platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [CellTrust](https://globanet.com/celltrust/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content of SMS messages from CellTrust accounts to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the CellTrust platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [CellTrust](https://globanet.com/celltrust/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content of SMS messages from CellTrust accounts to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After CellTrust data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a CellTrust connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After CellTrust data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a CellTrust connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving CellTrust data The following overview explains the process of using a connector to archive Cell 2. Once every 24 hours, CellTrust items are copied to the Veritas Merge1 site. The connector also converts the content of a message to an email message format. -3. The CellTrust connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The CellTrust connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The automatic user mapping as connector imports items to the mailboxes of specific users by using the value of the Email property of the described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named CellTrust is created in the user mailboxes, and the message items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every CellTrust item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a connector to archive Cell - Create a Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the CellTrust connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the CellTrust connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the CellTrust connector -The first step is to access to the Data Connectors in the Microsoft 365 compliance center and create a connector for CellTrust data. +The first step is to access to the Data Connectors in the compliance portal and create a connector for CellTrust data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors \> CellTrust. The first step is to access to the Data Connectors in the Microsoft 365 comp The second step is to configure the CellTrust connector on the Veritas Merge1 site. For information about how to configure the CellTrust connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20CellTrust%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector set up in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector set up in the compliance portal, follow these steps: 1. On the Map CellTrust users to Microsoft 365 users page, enable automatic user mapping. The CellTrust items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector set up in the Microsoft 365 compliance c ## Step 4: Monitor the CellTrust connector -After you create the CellTrust connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the CellTrust connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Ciscojabberonmssql Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonmssql-data.md	description: "Admins can set up a connector to import and archive Cisco Jabber o # Set up a connector to archive Cisco Jabber on MS SQL data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Cisco Jabber](https://globanet.com/jabber/) connector that is configured to capture items from the Jabber's MS SQL Database, such as 1:1 chat messages and group chats and then import those items to Microsoft 365. The connector retrieves data from the Cisco Jabber's MS SQL Database, processes it, and the converts the content from a user's Cisco Jabber account to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Cisco Jabber](https://globanet.com/jabber/) connector that is configured to capture items from the Jabber's MS SQL Database, such as 1:1 chat messages and group chats and then import those items to Microsoft 365. The connector retrieves data from the Cisco Jabber's MS SQL Database, processes it, and the converts the content from a user's Cisco Jabber account to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Cisco Jabber data The following overview explains the process of using a connector to archive Cisc 2. Once every 24 hours, Cisco Jabber items are copied from the MS SQL Database to the Veritas Merge1 site. The connector also converts the content of chat messages to an email message format. -3. The Cisco Jabber connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the items to a secure Azure Storage location in the Microsoft cloud. +3. The Cisco Jabber connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the items to a secure Azure Storage location in the Microsoft cloud. 4. The automatic user mapping as connector imports items to the mailboxes of specific users by using the value of the Email property of the described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Cisco Jabber on MS SQL is created in the user mailboxes, and the message items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Cisco Jabber item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a connector to archive Cisc - Set up an MS SQL Database to retrieve Jabber items from before creating the connector in Step 1. You will specify the connection settings for the MS SQL Database when configuring the Cisco Jabber connector in Step 2. For more information, see the [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20MS%20SQL%20User%20Guide%20.pdf). -- The user who creates the Cisco Jabber connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Cisco Jabber connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Cisco Jabber on MS SQL connector -The first step is to access to the Data Connectors in the Microsoft 365 compliance center and create a connector for Cisco Jabber on MS SQL data. +The first step is to access to the Data Connectors in the compliance portal and create a connector for Cisco Jabber on MS SQL data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/)and then click Data connectors > Cisco Jabber on MS SQL. The first step is to access to the Data Connectors in the Microsoft 365 comp The second step is to configure the Cisco Jabber on MS SQL connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on MS SQL connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20MS%20SQL%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector set up in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector set up in the compliance portal, follow these steps: 1. On the Map Cisco Jabber on MS SQL users to Microsoft 365 users page, enable automatic user mapping. The Cisco Jabber on MS SQL items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector set up in the Microsoft 365 compliance c ## Step 4: Monitor the Cisco Jabber connector -After you create the Cisco Jabber on MS SQL connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Cisco Jabber on MS SQL connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Ciscojabberonoracle Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonoracle-data.md	ms.localizationpriority: medium -description: "Learn how to set up and use a connector in the Microsoft 365 compliance center to import and archive data from Cisco Jabber on Oracle to Microsoft 365." +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on Oracle to Microsoft 365." # Set up a connector to archive Cisco Jabber on Oracle data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Cisco Jabber on Oracle platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on Oracle](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as files and file operations, comments, and shared content from Cisco Jabber on Oracle to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber on Oracle platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on Oracle](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as files and file operations, comments, and shared content from Cisco Jabber on Oracle to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Cisco Jabber on Oracle data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on Oracle connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Cisco Jabber on Oracle data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on Oracle connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Cisco Jabber on Oracle data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Cisco Jabber on Oracle items are copied to the Veritas Merge1 site. The connector also converts Cisco Jabber on Oracle items to an email message format. -3. The Cisco Jabber on Oracle connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the Jabber content to a secure Azure Storage location in the Microsoft cloud. +3. The Cisco Jabber on Oracle connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the Jabber content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Cisco Jabber on Oracle is created in the user mailboxes, and items are imported to that folder. The connector does this by using the value of the Email property. Every Jabber item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Merge1 account for Microsoft connectors. To do this, contact [Veritas Customer Support](https://www.veritas.com/content/support/en_US). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Cisco Jabber on Oracle connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Cisco Jabber on Oracle┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Cisco Jabber on Oracle connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Jabber data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Jabber data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Cisco Jabber on Oracle. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Cisco Jabber on Oracle connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on Oracle connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20Oracle%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Cisco Jabber on Oracle users to Microsoft 365 users page, enable automatic user mapping. The Cisco Jabber on Oracle items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Cisco Jabber on Oracle connector -After you create the Cisco Jabber on Oracle connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Cisco Jabber on Oracle connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Ciscojabberonpostgresql Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonpostgresql-data.md	search.appverid: - MET150 -description: "Learn how to set up and use a connector in the Microsoft 365 compliance center to import and archive data from Cisco Jabber on PostgreSQL to Microsoft 365." +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Cisco Jabber on PostgreSQL to Microsoft 365." # Set up a connector to archive Cisco Jabber on PostgreSQL data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on PostgreSQL](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages, chats, and shared content from Cisco Jabber on PostgreSQL to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on PostgreSQL](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages, chats, and shared content from Cisco Jabber on PostgreSQL to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Cisco Jabber on PostgreSQL data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on PostgreSQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Cisco Jabber on PostgreSQL data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on PostgreSQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Cisco Jabber on PostgreSQL data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Cisco Jabber on PostgreSQL items are copied to the Veritas Merge1 site. The connector also converts Cisco Jabber on PostgreSQL items to an email message format. -3. The Cisco Jabber on PostgreSQL connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day, and transfers the Jabber content to a secure Azure Storage location in the Microsoft cloud. +3. The Cisco Jabber on PostgreSQL connector that you create in the compliance portal, connects to the Veritas Merge1 site every day, and transfers the Jabber content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Cisco Jabber on PostgreSQL is created in the user mailboxes, and items are imported to that folder. The connector does this by using the value of the Email property. Every Jabber item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Merge1 account for Microsoft connectors. To do this, contact [Veritas Customer Support](https://www.veritas.com/content/support/en_US). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Cisco Jabber on PostgreSQL connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Cisco Jabber on PostgreSQL connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Cisco Jabber on PostgreSQL connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Jabber data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Jabber data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Cisco Jabber on PostgreSQL. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Cisco Jabber on PostgreSQL connector on the Veritas Merge1 site. For information about how to configure the Cisco Jabber on PostgreSQL connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Cisco%20Jabber%20on%20PostgreSQL%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Cisco Jabber on PostgreSQL users to Microsoft 365 users page, enable automatic user mapping. The Cisco Jabber on PostgreSQL items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Cisco Jabber on PostgreSQL connector -After you create the Cisco Jabber on PostgreSQL connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Cisco Jabber on PostgreSQL connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Data From Celltrustsl2	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-data-from-celltrustsl2.md	description: "Learn how to set up and use a CellTrust SL2 data connector to impo CellTrust SL2 captures mobile communications data and integrates with the leading archiving technologies to meet the electronic discovery requirements for regulations such as FINRA, HIPAA, FOIA, and TCPA. The SL2 Data Connector imports mobile communication items to Microsoft 365. This article describes the process for integrating SL2 with Microsoft 365 by using the CellTrust SL2 Data Connector for archiving. Completing this process assumes that you have subscribed to CellTrust SL2 service and are familiar with the SL2 architecture. For information about CellTrust SL2, see <https://www.celltrust.com>. -After data is imported to user mailboxes in Microsoft 365, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, Microsoft 365 retention policies, and communication compliance. Using the CellTrust SL2 Data Connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After data is imported to user mailboxes in Microsoft 365, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, Microsoft 365 retention policies, and communication compliance. Using the CellTrust SL2 Data Connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving with the CellTrust SL2 Data Connector CellTrust's SL2 platform captures communication data from multiple sources. SL2 - Obtain the credentials to access the administrator account for your SL2 domain. -- The user who creates the CellTrust SL2 data connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the CellTrust SL2 data connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft Purview compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This CellTrust data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This CellTrust data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Create a CellTrust SL2 connector -The first step is to create a data connector in the Microsoft 365 compliance center. +The first step is to create a data connector in the compliance portal. 1. Go to <https://compliance.microsoft.com> and click Data connectors on the left navigation pane. The next step is to sign into an administrator account for your CellTrust SL2 do ![Enable OUs to archive.](../media/EnableCellTrustOUs.png) -4. When you're finished with your selections, close the browser window and return to the wizard page in Microsoft 365 compliance center. After a few seconds, the wizard automatically advances to the next step of mapping users. +4. When you're finished with your selections, close the browser window and return to the wizard page in compliance portal. After a few seconds, the wizard automatically advances to the next step of mapping users. ## Step 3: Map users and complete the connector setup -The last step is to map users and complete the connector setup in the Microsoft 365 compliance center. +The last step is to map users and complete the connector setup in the compliance portal. 1. On the User mapping page, select Enable automatic user mapping if the email address for users is the same in both SL2 and Microsoft 365. Otherwise, you should manually user email addresses by uploading a CSV file that maps users' SL2 address to their Microsoft 365 address.
compliance	Archive Eml Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-eml-data.md	description: "Admins can set up a connector to import and archive EML data from # Set up a connector to archive EML data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive EML data to user mailboxes in your Microsoft 365 organization. EML is the file extension for an email message saved to a file. The connector converts the content of an item from the source format to an email message format and then imports the item to a user mailbox. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive EML data to user mailboxes in your Microsoft 365 organization. EML is the file extension for an email message saved to a file. The connector converts the content of an item from the source format to an email message format and then imports the item to a user mailbox. -After EML messages are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an EML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After EML messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an EML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving EML data The following overview explains the process of using a connector to archive EML 2. Once every 24 hours, content items from the EML source are copied to the Veritas Merge1 site. During this process, the content of an EML file is converted to an email message format. -3. The EML connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The EML connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted message items to the mailboxes of specific users using the value of the Email property of the automatic user mapping process that's described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). During this process, a subfolder in the Inbox folder named EMLis created in the user mailboxes, and the EML items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every message contains this property, which is populated with the email address of every participant of the content item. The following overview explains the process of using a connector to archive EML - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/ms-connectors-contact). You will sign into this account when you create the connector in Step 1. -- The user who creates the EML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the EML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up an EML Connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for EML data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for EML data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > EML. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the EML connector on the Veritas Merge1 site. For information about configuring the EML connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20EML%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map external users to Microsoft 365 users page, enable automatic user mapping. The EML source items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the EML items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the EML connector -After you create the EML connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the EML connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Enterprise Number Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-enterprise-number-data.md	ms.localizationpriority: medium -description: "Admins can set up a connector to import and archive SMS and MMS data from TeleMessage Enterprise Number Archiver. This lets you archive data from third-party data sources in Microsoft 365 so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." +description: "Admins can set up a connector to import and archive SMS and MMS data from TeleMessage Enterprise Number Archiver. This lets you archive data from third-party data sources in Microsoft Purview so you can use compliance features such as legal hold, content search, and retention policies to manage your organization's third-party data." # Set up a connector to archive Enterprise Number data -Use a TeleMessage connector in the Microsoft 365 compliance center to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages, chat messages, voice call recordings, and voice call logs from the Enterprise Number Archiver. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day and imports the mobile communication data of employees using the TeleMessage Enterprise Number Archiver to mailboxes in Microsoft 365. +Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages, chat messages, voice call recordings, and voice call logs from the Enterprise Number Archiver. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day and imports the mobile communication data of employees using the TeleMessage Enterprise Number Archiver to mailboxes in Microsoft 365. -After the TeleMessage Enterprise Number Archiver connector data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Enterprise Number Archiver data. For example, you can search the TeleMessage Enterprise Number Archiver SMS, MMS, and Voice Call using Content Search or associate the mailbox that contains the Enterprise Number Archiver connector data with a custodian in an Advanced eDiscovery case. Using an Enterprise Number Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After the TeleMessage Enterprise Number Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Enterprise Number Archiver data. For example, you can search the TeleMessage Enterprise Number Archiver SMS, MMS, and Voice Call using Content Search or associate the mailbox that contains the Enterprise Number Archiver connector data with a custodian in an eDiscovery (Premium) case. Using an Enterprise Number Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Enterprise Number data The following overview explains the process of using a connector to archive Ente 1. Your organization works with TeleMessage to set up an Enterprise Number Archiver connector. For more details refer to [here](https://www.telemessage.com/office365-activation-for-enterprise-number-archiver/). -2. The Enterprise Number Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +2. The Enterprise Number Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 3. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Enterprise Number Archiver is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the UserΓÇÖs Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. In addition to automatic user mapping using the value of the UserΓÇÖs Email address property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain UserΓÇÖs mobile Number and the corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every email item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile number, the connector will use the User ΓÇÿs email address property of the email item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the userΓÇÖs email address property of the email item, the item won't be imported. Some of the implementation steps required to archive Enterprise Number Archiver - Install and activate the TeleMessage Enterprise Number Archiver app on the mobile phones of your employees. -- The user who creates a Enterprise Number Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Enterprise Number Archiver connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create an Enterprise Number Archiver connector -After you've completed the prerequisites described in the previous section, you can create an Enterprise Number Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS, MMS, and voice call messages to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create an Enterprise Number Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS, MMS, and voice call messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors \> Enterprise Number Archiver.
compliance	Archive Facebook Data With Sample Connector	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-facebook-data-with-sample-connector.md	search.appverid: - MET150 -description: "Learn how to set up & use a connector in the Microsoft 365 compliance center to import & archive data from Facebook Business pages to Microsoft 365." +description: "Learn how to set up & use a connector in the Microsoft Purview compliance portal to import & archive data from Facebook Business pages to Microsoft 365." # Set up a connector to archive Facebook data (preview) -Use a connector in the Microsoft 365 compliance center to import and archive data from Facebook Business pages to Microsoft 365. After you set up and configure the connector, it connects to the Facebook Business page (on a scheduled basis), converts the content of Facebook items to an email message format, and then imports those items to a mailbox in Microsoft 365. +Use a connector in the Microsoft Purview compliance portal to import and archive data from Facebook Business pages to Microsoft 365. After you set up and configure the connector, it connects to the Facebook Business page (on a scheduled basis), converts the content of Facebook items to an email message format, and then imports those items to a mailbox in Microsoft 365. -After the Facebook data is imported, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to the Facebook data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Facebook data is preserved. You can search third-party data using Content Search or associate the mailbox where the Facebook data is stored with a custodian in an Advanced eDiscovery case. Using a connector to import and archive Facebook data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After the Facebook data is imported, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to the Facebook data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Facebook data is preserved. You can search third-party data using Content Search or associate the mailbox where the Facebook data is stored with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a connector to import and archive Facebook data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Prerequisites for setting up a connector for Facebook Business pages -Complete the following prerequisites before you can set up and configure a connector in the Microsoft 365 compliance center to import and archive data from your organization's Facebook Business pages. +Complete the following prerequisites before you can set up and configure a connector in the compliance portal to import and archive data from your organization's Facebook Business pages. - You need a Facebook account for your organization's business pages (you need to sign in to this account when setting up the connector). Currently, you can only archive data from Facebook Business pages; you can't archive data from individual Facebook profiles. Complete the following prerequisites before you can set up and configure a conne - [Sign up for a Pay-As-You-Go Azure subscription](https://azure.microsoft.com/pricing/purchase-options/pay-as-you-go/) > [!NOTE] - > The [free Azure Active Directory subscription](use-your-free-azure-ad-subscription-in-office-365.md) that's included with your Microsoft 365 subscription doesn't support the connectors in the Microsoft 365 compliance center. + > The [free Azure Active Directory subscription](use-your-free-azure-ad-subscription-in-office-365.md) that's included with your Microsoft 365 subscription doesn't support the connectors in the compliance portal. - The connector for Facebook Business pages can import a total of 200,000 items in a single day. If there are more than 200,000 Facebook Business items in a day, none of those items will be imported to Microsoft 365. -- The user who sets up the custom connector in the Microsoft 365 compliance center (in Step 5) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who sets up the custom connector in the compliance portal (in Step 5) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Step 1: Create an app in Azure Active Directory -The first step is to register a new app in Azure Active Directory (AAD). This app corresponds to the web app resource that you implement in Step 4 and Step 5 for the Facebook connector. +The first step is to register a new app in Azure Active Directory (AAD). This app corresponds to the web app resource that you implement in Step 4 and Step 5 for the Facebook connector. For step-by-step instructions, see [Create an app in Azure Active Directory](deploy-facebook-connector.md#step-1-create-an-app-in-azure-active-directory). During the completion of this step (by using the previous step-by-step instructi ## Step 2: Deploy the connector web service from GitHub to your Azure account -The next step is to deploy the source code for the Facebook Business pages connector app that will use the Facebook API to connect to your Facebook account and extract data so you can import it to Microsoft 365. The Facebook connector that you deploy for your organization will upload the items from your Facebook Business pages to the Azure Storage location that is created in this step. After you create a Facebook business pages connector in the Microsoft 365 compliance center (in Step 5), the Import service will copy the Facebook business pages data from the Azure Storage location to a mailbox in your Microsoft 365 organization. As previous explained in the [Prerequisites](#prerequisites-for-setting-up-a-connector-for-facebook-business-pages) section, you must have a valid Azure subscription to create an Azure Storage account. +The next step is to deploy the source code for the Facebook Business pages connector app that will use the Facebook API to connect to your Facebook account and extract data so you can import it to Microsoft 365. The Facebook connector that you deploy for your organization will upload the items from your Facebook Business pages to the Azure Storage location that is created in this step. After you create a Facebook business pages connector in the compliance portal (in Step 5), the Import service will copy the Facebook business pages data from the Azure Storage location to a mailbox in your Microsoft 365 organization. As previous explained in the [Prerequisites](#prerequisites-for-setting-up-a-connector-for-facebook-business-pages) section, you must have a valid Azure subscription to create an Azure Storage account. For step-by-step instructions, see [Deploy the connector web service from GitHub to your Azure account](deploy-facebook-connector.md#step-2-deploy-the-connector-web-service-from-github-to-your-azure-account). During the completion of this step (by following the step-by-step instructions), - Azure Active Directory application secret (the AAD application secret obtained in Step 1) -## Step 5: Set up a Facebook Business pages connector in the Microsoft 365 compliance center +## Step 5: Set up a Facebook Business pages connector in the compliance portal -The final step is to set up the connector in the Microsoft 365 compliance center that will import data from your Facebook Business pages to a specified mailbox in Microsoft 365. After you complete this step, the Microsoft 365 Import service will start importing data from your Facebook Business pages to Microsoft 365. +The final step is to set up the connector in the compliance portal that will import data from your Facebook Business pages to a specified mailbox in Microsoft 365. After you complete this step, the Microsoft 365 Import service will start importing data from your Facebook Business pages to Microsoft 365. -For step-by-step instructions, see [Step 5: Set up a Facebook connector in the Microsoft 365 compliance center](deploy-facebook-connector.md#step-5-set-up-a-facebook-connector-in-the-microsoft-365-compliance-center). +For step-by-step instructions, see [Step 5: Set up a Facebook connector in the compliance portal](deploy-facebook-connector.md#step-5-set-up-a-facebook-connector-in-the-compliance-portal). During the completion of this step (by following the step-by-step instructions), you provide the following information (that you've copied to a text file after completing the steps). During the completion of this step (by following the step-by-step instructions), - Azure app service URL (obtained in Step 1; for example, https://fbconnector.azurewebsites.net) -- APISecretKey (that you created in Step 2) +- APISecretKey (that you created in Step 2)
compliance	Archive Fxconnect Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-fxconnect-data.md	description: "Admins can set up a connector to import and archive data from Veri # Set up a connector to archive FX Connect data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the FX Connect collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides an [FX Connect](https://globanet.com/fx-connect/) connector that is configured to capture FX Connect items and import those items to Microsoft 365. The connector converts the content from FX Connect, such as trades, messages, and other details from your organization's FX Connect account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the FX Connect collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides an [FX Connect](https://globanet.com/fx-connect/) connector that is configured to capture FX Connect items and import those items to Microsoft 365. The connector converts the content from FX Connect, such as trades, messages, and other details from your organization's FX Connect account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After FX Connect data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After FX Connect data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving FX Connect data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, items from FX Connect accounts are copied to the Veritas Merge1 site. The connector also converts the FX Connect items to an email message format. -3. The FX Connect connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the FX Connect items to a secure Azure Storage location in the Microsoft cloud. +3. The FX Connect connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the FX Connect items to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named FX Connect is created in the user mailboxes, and the items are imported to that folder. The connector does this by using the value of the Email property. Every FX Connect item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/ms-connectors-contact). You will sign into this account when you create the connector in Step 1. -- The user who creates the FX Connect connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the FX Connect connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the FX Connect connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for FX Connect data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for FX Connect data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > FX Connect. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the FX Connect connector on the Merge1 site. For information about how to configure the FX Connect connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20FX%20Connect%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map FX Connect users to Microsoft 365 users page, enable automatic user mapping. The FX Connect items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the FX Connect connector -After you create the FX Connect connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the FX Connect connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Icechat Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-icechat-data.md	description: "Admins can set up a connector to import and archive data from the # Set up a connector to archive ICE Chat data -Use a native connector in the Microsoft 365 compliance center to import and archive financial services chat data from the ICE Chat collaboration tool. After you set up and configure a connector, it connects to your organization's ICE Chat secure FTP (SFTP) site once every day, converts the content of chat messages to an email message format, and then import those items to mailboxes in Microsoft 365. +Use a native connector in the Microsoft Purview compliance portal to import and archive financial services chat data from the ICE Chat collaboration tool. After you set up and configure a connector, it connects to your organization's ICE Chat secure FTP (SFTP) site once every day, converts the content of chat messages to an email message format, and then import those items to mailboxes in Microsoft 365. -After ICE chat data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as litigation hold, eDiscovery, archiving, auditing, communication compliance, and Microsoft 365 retention policies to ICE Chat data. For example, you can search ICE Chat messages using content search or associate the mailbox that contains the ICE Chat data with a custodian in an Advanced eDiscovery case. Using an ICE Chat connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After ICE chat data is stored in user mailboxes, you can apply Microsoft Purview features such as litigation hold, eDiscovery, archiving, auditing, communication compliance, and Microsoft 365 retention policies to ICE Chat data. For example, you can search ICE Chat messages using content search or associate the mailbox that contains the ICE Chat data with a custodian in an eDiscovery (Premium) case. Using an ICE Chat connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving ICE Chat data The following overview explains the process of using a connector to archive ICE 2. Once every 24 hours, chat messages from ICE Chat are copied to your ICE Chat SFTP site. -3. The ICE Chat connector that you create in the Microsoft 365 compliance center connects to the ICE Chat SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of a chat massage to an email message format. +3. The ICE Chat connector that you create in the compliance portal connects to the ICE Chat SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of a chat massage to an email message format. 4. The connector imports chat message items to the mailboxes of specific users. A new folder named ICE Chat is created in the user mailboxes and the chat message items are imported to that folder. The connector does by using the value of the SenderEmail and RecipientEmail properties. Every chat message contains these properties, which are populated with email address of the sender and every recipient/participant of the chat message. Some of the implementation steps required to archive ICE Chat data are external - The ICE Chat connector can import a total of 200,000 items in a single day. If there are more than 200,000 items on the SFTP site, none of those items will be imported to Microsoft 365. -- The admin who creates the ICE Chat connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The admin who creates the ICE Chat connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Set up a connector using public keys The next step is to use the PGP and SSH public keys and the IP address that you ### Step 3: Create an ICE Chat connector -The last step is to create an ICE Chat connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365. +The last step is to create an ICE Chat connector in the compliance portal. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav. You need to work with ICE Chat customer support to configure your ICE Chat SFTP ### Step 2: Create an ICE Chat connector -After your ICE Chat SFTP site is configured, the next step is to create an ICE Chat connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your ICE Chat SFTP site. +After your ICE Chat SFTP site is configured, the next step is to create an ICE Chat connector in the compliance portal. The connector uses the information you provide to connect to the ICE Chat SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your ICE Chat SFTP site. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive Instant Bloomberg Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-instant-bloomberg-data.md	f1.keywords: Previously updated : Last updated : 04/06/2022 audience: Admin description: "Learn how administrators can set up and use a data connector to im # Set up a connector to archive Instant Bloomberg data -Use a native connector in the Microsoft 365 compliance center to import and archive financial services chat data from the [Instant Bloomberg](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP site (SFTP) once every day, converts the content of chat messages to an email message format, and then imports those items to mailboxes in Microsoft 365. +Use a native connector in the Microsoft Purview compliance portal to import and archive financial services chat data from the [Instant Bloomberg](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP site (SFTP) once every day, converts the content of chat messages to an email message format, and then imports those items to mailboxes in Microsoft 365. -After Instant Bloomberg data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Instant Bloomberg data. For example, you can search Instant Bloomberg chat messages using Content Search or associate the mailbox that contains the Instant Bloomberg data with a custodian in an Advanced eDiscovery case. Using an Instant Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Instant Bloomberg data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Instant Bloomberg data. For example, you can search Instant Bloomberg chat messages using Content Search or associate the mailbox that contains the Instant Bloomberg data with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using an Instant Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Instant Bloomberg data The following overview explains the process of using a connector to archive Inst 2. Once every 24 hours, chat messages from Instant Bloomberg are copied to the Bloomberg SFTP site. -3. The Instant Bloomberg connector that you create in the Microsoft 365 compliance center connects to the Bloomberg SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. The connector also converts the content of a chat massage to an email message format. +3. The Instant Bloomberg connector that you create in the compliance portal connects to the Bloomberg SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. The connector also converts the content of a chat massage to an email message format. 4. The connector imports the chat message items to the mailbox of a specific user. A new folder named InstantBloomberg is created in the specific user's mailbox and the items will be imported to it. The connector does this by using the value of the CorporateEmailAddress property. Every chat message contains this property, which is populated with the email address of every participant of the chat message. In addition to automatic user mapping using the value of the CorporateEmailAddress property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain a Bloomberg UUID and the corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every chat item the connector will first look at custom-mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's Bloomberg UUID, the connector will use the CorporateEmailAddress property of the chat item. If the connector doesn't find a valid Microsoft 365 user in either the custom-mapping file or the CorporateEmailAddress property of the chat item, the item won't be imported. Some of the implementation steps required to archive Instant Bloomberg data are - The Instant Bloomberg connector can import a total of 200,000 items in a single day. If there are more than 200,000 items on the SFTP site, none of those items will be imported to Microsoft 365. -- The user who creates an Instant Bloomberg connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates an Instant Bloomberg connector in Step 3 (and who downloads the public keys and IP address in Step 1) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Set up a connector using public keys The next step is to use the PGP and SSH public keys and the IP address that you ### Step 3: Create an Instant Bloomberg connector -The last step is to create an Instant Bloomberg connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365. +The last step is to create an Instant Bloomberg connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer chat messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Instant Bloomberg. You need to work with Bloomberg customer support to configure your Bloomberg SFT ### Step 2: Create an Instant Bloomberg connector -After your Bloomberg SFTP site is configured, the next step is to create an Instant Bloomberg connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site. +After your Bloomberg SFTP site is configured, the next step is to create an Instant Bloomberg connector in the compliance portal. The connector uses the information you provide to connect to the Bloomberg SFTP site and transfer email messages to the corresponding user mailbox boxes in Microsoft 365. To complete this step, be sure to have copies of the same private keys and key passphrases that you used to set up your Bloomberg SFTP site. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Archive Jive Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-jive-data.md	description: "Admins can set up a connector to import and archive Jive data from # Set up a connector to archive Jive data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Jive](https://globanet.com/jive/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts content such as email messages, chats, and attachments from a user's Jive account to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Jive](https://globanet.com/jive/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts content such as email messages, chats, and attachments from a user's Jive account to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Jive data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Jive connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Jive data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Jive connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Jive data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, items from Jive are copied to the Veritas Merge1 site. The connector also converts the content of Jive items to an email message format. -3. The Jive connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. +3. The Jive connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A new subfolder in the Inbox folder named Jive is created in the user mailboxes, and the items are imported to that folder. The connector does this by using the value of the Email property. Every Jive item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create this account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You will sign into this account when you create the connector in Step 1. -- The user who creates the Jive connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Jive connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Jive connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Jive data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Jive data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Jive. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Jive connector on the Merge1 site. For information about how to configure the Jive connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Jive%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow the steps below: +To map users and complete the connector setup in the compliance portal, follow the steps below: 1. On the Map Jive users to Microsoft 365 users page, enable automatic user mapping. The Jive items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Jive connector -After you create the Jive connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Jive connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Linkedin Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-linkedin-data.md	f1.keywords: Previously updated : Last updated : 04/06/2022 audience: Admin description: "Learn how administrators can setup & use a native connector to imp # Set up a connector to archive LinkedIn data -Use a connector in the Microsoft 365 compliance center to import and archive data from LinkedIn Company pages. After you set up and configure a connector, it connects to the account for the specific LinkedIn Company page once every 24 hours. The connector converts the messages posted to the Company page to an email message, and then imports those items to a mailbox in Microsoft 365. +Use a connector in the Microsoft Purview compliance portal to import and archive data from LinkedIn Company pages. After you set up and configure a connector, it connects to the account for the specific LinkedIn Company page once every 24 hours. The connector converts the messages posted to the Company page to an email message, and then imports those items to a mailbox in Microsoft 365. -After the LinkedIn Company page data is stored in a mailbox, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to LinkedIn data. For example, you can search for these items using Content Search or associate the storage mailbox with a custodian in an Advanced eDiscovery case. Creating a connector to import and archive LinkedIn data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After the LinkedIn Company page data is stored in a mailbox, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to LinkedIn data. For example, you can search for these items using Content Search or associate the storage mailbox with a custodian in a Microsoft Purview eDiscovery (Premium) case. Creating a connector to import and archive LinkedIn data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Before you set up a connector -- The user who creates a LinkedIn Company Page connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a LinkedIn Company Page connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). - You must have the sign-in credentials (email address or phone number and password) of a LinkedIn user account that is an admin for the LinkedIn Company Page that you want to archive. You use these credentials to sign into LinkedIn when setting up the connector.
compliance	Archive Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mailboxes.md	Title: "Learn about archive mailboxes for Microsoft 365 Compliance" + Title: "Learn about archive mailboxes for Microsoft Purview" f1.keywords: - NOCSH description: "Learn about archive mailboxes to provide additional mailbox storag # Learn about archive mailboxes -Mailbox archiving in Microsoft 365 (also called In-Place Archiving) provides users with additional mailbox storage space. After you turn on archive mailboxes, a user's current mailbox becomes their primary mailbox and an additional mailbox is created, called the archive mailbox. Both mailboxes are considered a user's mailbox for compliance features such as Content search from the Microsoft 365 compliance center, Microsoft 365 retention, and Litigation Hold. + +Mailbox archiving in Microsoft 365 (also called In-Place Archiving) provides users with additional mailbox storage space. After you turn on archive mailboxes, a user's current mailbox becomes their primary mailbox and an additional mailbox is created, called the archive mailbox. Both mailboxes are considered a user's mailbox for compliance features such as Content search from the Microsoft Purview compliance portal, Microsoft 365 retention, and Litigation Hold. Users can access and store messages in their archive mailboxes by using Outlook and Outlook on the web. Users can also move or copy messages between their primary mailbox and their archive mailbox. They can also recover deleted items from the Recoverable Items folder in their archive mailbox by using the Recover Deleted Items tool. Messages can also be moved to the archive mailbox by the [default Exchange reten You can customize your organization's MRM policy with [retention tags](/exchange/security-and-compliance/messaging-records-management/retention-tags-and-policies). For an example configuration, see [Set up an archive and deletion policy for mailboxes in your organization](set-up-an-archive-and-deletion-policy-for-mailboxes.md). > [!NOTE] -> MRM, like Microsoft 365 retention policies and retention labels, can also automatically delete emails after a specified period. As an older technology than Microsoft 365 retention, MRM continues to work side-by-side with retention policies and retention labels from Microsoft 365 Compliance. For more information, see [Use retention policies and retention labels instead of older features](retention.md#use-retention-policies-and-retention-labels-instead-of-older-features). +> MRM, like Microsoft 365 retention policies and retention labels, can also automatically delete emails after a specified period. As an older technology than Microsoft 365 retention, MRM continues to work side-by-side with retention policies and retention labels from Microsoft Purview. For more information, see [Use retention policies and retention labels instead of older features](retention.md#use-retention-policies-and-retention-labels-instead-of-older-features). ## Auto-expanding archiving For a list of Outlook licenses that support archive mailboxes, see the reference ## Next steps -See [Enable archive mailboxes in the compliance center](enable-archive-mailboxes.md). +See [Enable archive mailboxes in the Microsoft Purview compliance portal](enable-archive-mailboxes.md).
compliance	Archive Mssqldatabaseimporter Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mssqldatabaseimporter-data.md	f1.keywords: Previously updated : Last updated : 04/06/2022 audience: Admin description: "Admins can set up a connector to import and archive data from MS S # Set up a connector to archive data from MS SQL Database -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from MS SQL Database to user mailboxes in your Microsoft 365 organization. Veritas provides you with an MS SQL Database Importer connector that's configured to capture items from a database using an XML configuration file and import those items to Microsoft 365. The connector converts content from MS SQL Database to an email message format and then imports those items to user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from MS SQL Database to user mailboxes in your Microsoft 365 organization. Veritas provides you with an MS SQL Database Importer connector that's configured to capture items from a database using an XML configuration file and import those items to Microsoft 365. The connector converts content from MS SQL Database to an email message format and then imports those items to user mailboxes in Microsoft 365. -After content from MS SQL Database stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using an MS SQL Database connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After content from MS SQL Database stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using an MS SQL Database connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving the MS SQL data The following overview explains the process of using a connector to archive MS S 2. Once every 24 hours, MS SQL Database items are copied to the Veritas Merge1 site. The connector also converts this content to an email message format. -3. The MS SQL Database Importer connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The MS SQL Database Importer connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted MS SQL Database items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named MS SQL Database Importer is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every item from the MS SQL Database contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive MS S - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the MS SQL Database Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the MS SQL Database Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the MS SQL Database Importer connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for the MS SQL Database. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for the MS SQL Database. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click Data connectors > MS SQL Database Importer. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the MS SQL Database Importer connector on the Merge1 site. For information about how to configure the MS SQL Database Importer, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20MS%20SQL%20Database%20Importer%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup To map users and complete the connector setup, follow these steps: ## Step 4: Monitor the MS SQL Database Importer connector -After you create the MS SQL Database Importer connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the MS SQL Database Importer connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive O2 Network Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-o2-network-data.md	f1.keywords: Previously updated : Last updated : 04/06/2022 audience: Admin description: "Admins can set up a TeleMessage connector to import and archive SM # Set up a connector to archive O2 Network data -Use a TeleMessage connector in the Microsoft 365 compliance center to import and archive Short Messaging Service (SMS) messages and voice calls from the O2 mobile network. After you set up and configure a connector, it connects to your organization's O2 Network once every day, and imports SMS and voice calls to mailboxes in Microsoft 365. +Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) messages and voice calls from the O2 mobile network. After you set up and configure a connector, it connects to your organization's O2 Network once every day, and imports SMS and voice calls to mailboxes in Microsoft 365. -After SMS messages and voice calls are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to O2 Network data. For example, you can search O2 Network SMS messages and voice calls using Content Search or associate the mailbox that contains O2 Network data with a custodian in an Advanced eDiscovery case. Using an O2 Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After SMS messages and voice calls are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to O2 Network data. For example, you can search O2 Network SMS messages and voice calls using Content Search or associate the mailbox that contains O2 Network data with a custodian in an eDiscovery (Premium) case. Using an O2 Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving O2 Network data The following overview explains the process of using a connector to archive O2 N 2. Once every 24 hours, SMS messages and voice calls from your organizationΓÇÖs O2 Network are copied to the TeleMessage site. -3. The O2 Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages and voice calls from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages and voice calls to an email message format. +3. The O2 Network connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the SMS messages and voice calls from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages and voice calls to an email message format. 4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named O2 SMS and Voice Network Archiver is created in a specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the UserΓÇÖs Email address property. Every SMS message and voice call contains this property, which is populated with the email address of every participant of the message. Some of the implementation steps required to archive O2 Network data are externa - Your employees must have corporate-owned and corporate-liable mobile phones on the O2 mobile network. Archiving messages in Microsoft 365 isn't available for employee-owned or "Bring Your Own Devices (BYOD) devices. -- The user who creates an O2 Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates an O2 Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create an O2 Network connector -After you've completed the prerequisites described in the previous section, you can create an O2 Network connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages and voice calls to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create an O2 Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages and voice calls to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors \> O2 Network.
compliance	Archive Pivot Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-pivot-data.md	description: "Admins can set up a connector to import and archive Pivot data fro # Set up a connector to archive Pivot data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Pivot platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Pivot](https://globanet.com/pivot/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Pivot is an instant messaging platform that allows collaboration with financial market participants. The connector converts items such as chat messages, from a users' Pivot accounts to an email message format and then imports those items to the user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Pivot platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Pivot](https://globanet.com/pivot/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Pivot is an instant messaging platform that allows collaboration with financial market participants. The connector converts items such as chat messages, from a users' Pivot accounts to an email message format and then imports those items to the user mailboxes in Microsoft 365. -After Pivot data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Pivot connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Pivot data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Pivot connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Pivot data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Pivot items are copied to the Veritas Merge1 site. The connector also converts the Pivot items to an email message format. -3. The Pivot connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the Pivot items to a secure Azure Storage location in the Microsoft cloud. +3. The Pivot connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the Pivot items to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the Pivot items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Pivot is created in the user mailboxes, and the items are imported to that folder. The connector does this by using the value of the Email property. Every Pivot item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create this account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You will sign into this account when you create the connector in Step 1. -- The user who creates the Pivot connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Pivot connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Pivot connector The first step is to access to the Data Connectors page in the Microsoft com The second step is to configure the Pivot connector on the Merge1 site. For information about how to configure the Pivot connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Pivot%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup To map users and complete the connector setup in the Microsoft 356 compliance ce ## Step 4: Monitor the Pivot connector -After you create the Pivot connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Pivot connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Redtailspeak Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-redtailspeak-data.md	description: "Admins can set up a connector to import and archive Red tail Speak # Set up a connector to archive Redtail Speak data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Redtail Speak to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Redtail Speak](https://globanet.com/redtail/) connector that's configured to capture items from your organizationΓÇÖs SFTP server where the items are received from Redtail. The connector converts the content from Redtail Speak to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Redtail Speak to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Redtail Speak](https://globanet.com/redtail/) connector that's configured to capture items from your organizationΓÇÖs SFTP server where the items are received from Redtail. The connector converts the content from Redtail Speak to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Redtail Speak data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Redtail Speak connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Redtail Speak data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Redtail Speak connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving the Redtail Speak data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, the Redtail Speak items are copied to the Veritas Merge1 site. The connector also converts the Redtail Speak items to an email message format. -3. The Redtail Speak connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Redtail Speak connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted Redtail Speak items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Redtail Speak is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Redtail Speak item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - In Step 2, you need to specify your organization's SFTP server. This step is necessary so that Veritas Merge1 can contact it to collect Redtail Speak data via SFTP. -- The user who creates the Redtail Speak Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Redtail Speak Importer connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Redtail Speak connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for the Redtail Speak data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for the Redtail Speak data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select Data connectors > Redtail Speak. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Redtail Speak connector on the Merge1 site. For information about how to configure the Redtail Speak connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Redtail%20Speak%20User%20Guide%20.pdf). -After you select Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you select Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup To map users and complete the connector setup, follow these steps: ## Step 4: Monitor the Redtail Speak connector -After you create the Redtail Speak connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Redtail Speak connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and select Data connectors in the left nav.
compliance	Archive Reutersdealing Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersdealing-data.md	description: "Admins can set up a connector to import and archive Reuters Dealin # Set up a connector to archive Reuters Dealing data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Reuters Dealing platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters Dealing](https://globanet.com/reuters-dealing/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts Dealing communications from the Reuters Dealing account to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters Dealing platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters Dealing](https://globanet.com/reuters-dealing/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts Dealing communications from the Reuters Dealing account to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Reuters Dealing data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Dealing connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Reuters Dealing data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Dealing connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Reuters Dealing data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Reuters Dealing items are copied to the Veritas Merge1 site. The connector also converts the items to an email message format. -3. The Reuters Dealing connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. +3. The Reuters Dealing connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Reuters Dealing is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Reuters Dealing item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/contact-us). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Reuters Dealing connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Reuters Dealing connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Reuters Dealing connector The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Reuters Dealing connector on Veritas the Merge1 site. For information about configuring the Reuters Dealing connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20Dealing%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Reuters Dealing users to Microsoft 365 users page, enable automatic user mapping. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Reuters Dealing connector -After you create the Reuters Dealing connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Reuters Dealing connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Reuterseikon Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reuterseikon-data.md	description: "Admins can set up a connector to import and archive Reuters Eikon # Set up a connector to archive Reuters Eikon data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Reuters Eikon platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Reuters Eikon](https://globanet.com/eikon/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as person-to-person messages, group chats, attachments, and disclaimers from a user's Reuters Eikon account to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters Eikon platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Reuters Eikon](https://globanet.com/eikon/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as person-to-person messages, group chats, attachments, and disclaimers from a user's Reuters Eikon account to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Reuters Eikon data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Eikon connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Reuters Eikon data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Eikon connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Reuters Eikon data The following overview explains the process of using a connector to archive Reut 2. Once every 24 hours, Reuters Eikon items are copied to the Veritas Merge1 site. The connector also converts Reuters Eikon items to an email message format. -3. The Reuters Eikon connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. +3. The Reuters Eikon connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Reuters Eikon is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Reuters Eikon item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive Reut - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/ms-connectors-contact). You will sign into this account when you create the connector in Step 1. -- The user who creates the Reuters Eikon connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Reuters Eikon connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Reuters Eikon connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Reuters Eikon data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Reuters Eikon data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Reuters Eikon. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Reuters Eikon connector on the Merge1 site. For information about how to configure the Reuters Eikon connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20Eikon%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map external users to Microsoft 365 users page, enable automatic user mapping. The Reuters Eikon items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Reuters Eikon connector -After you create the Reuters Eikon connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Reuters Eikon connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Reutersfx Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersfx-data.md	description: "Admins can set up a connector to import and archive Reuters FX dat # Set up a connector to archive Reuters FX data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Reuters FX platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters FX](https://globanet.com/reuters-fx/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts the currencies and FX rates from the Reuters FX account to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters FX platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters FX](https://globanet.com/reuters-fx/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts the currencies and FX rates from the Reuters FX account to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Reuters FX data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters FX connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Reuters FX data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters FX connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Reuters FX data The following overview explains the process of using a connector to archive Reut 2. Once every 24 hours, Reuters FX items are copied to the Veritas Merge1 site. The connector also converts the items to an email message format. -3. The Reuters FX connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. +3. The Reuters FX connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Reuters FX is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Reuters FX item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive Reut - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/contact-us). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Reuters FX connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Reuters FX connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Reuters FX connector The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Reuters FX connector on the Veritas Merge1 site. For information about configuring the Reuters FX connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Reuters%20FX%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow the steps below: +To map users and complete the connector setup in the compliance portal, follow the steps below: 1. On the Map Reuters FX users to Microsoft 365 users page, enable automatic user mapping. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Reuters FX connector -After you create the Reuters FX connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Reuters FX connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Ringcentral Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ringcentral-data.md	description: "Admins can set up a connector to import and archive RingCentral da # Set up a connector to archive RingCentral data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the RingCentral platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [RingCentral](https://www.veritas.com/insights/merge1/ringcentral) connector that is configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from RingCentral to an email message format and then imports those items to the user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the RingCentral platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [RingCentral](https://www.veritas.com/insights/merge1/ringcentral) connector that is configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from RingCentral to an email message format and then imports those items to the user mailboxes in Microsoft 365. -After RingCentral data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a RingCentral connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After RingCentral data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a RingCentral connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving RingCentral data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, RingCentral items are copied to the Veritas Merge1 site. The connector also converts RingCentral items to an email message format. -3. The RingCentral connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day, and transfers the RingCentral content to a secure Azure Storage location in the Microsoft cloud. +3. The RingCentral connector that you create in the compliance portal, connects to the Veritas Merge1 site every day, and transfers the RingCentral content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named RingCentral is created in the user mailboxes, and items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every RingCentral item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a RingCentral application to fetch data from your RingCentral account. For step-by step instructions about creating the application, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20RingCentral%20User%20Guide.pdf). -- The user who creates the RingCentral connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the RingCentral┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the RingCentral connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for RingCentral data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for RingCentral data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > RingCentral. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the RingCentral connector on the Veritas Merge1 site. For information about how to configure the RingCentral connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20RingCentral%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map RingCentral users to Microsoft 365 users page, enable automatic user mapping. The RingCentral items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the RingCentral connector -After you create the RingCentral connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the RingCentral connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Rogers Network Archiver Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-rogers-network-archiver-data.md	description: "Admins can set up a TeleMessage connector to import and archive Ro # Set up a connector to archive Rogers Network data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive SMS and MMS data from the Rogers mobile network. After you set up and configure a [Rogers Network Archiver connector](https://www.telemessage.com/mobile-archiver/network-archiver/rogers/), it connects to your organization's Rogers mobile network, and imports SMS and MMS data to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS and MMS data from the Rogers mobile network. After you set up and configure a [Rogers Network Archiver connector](https://www.telemessage.com/mobile-archiver/network-archiver/rogers/), it connects to your organization's Rogers mobile network, and imports SMS and MMS data to mailboxes in Microsoft 365. -After data from the Rogers mobile network is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content search, and Microsoft 365 retention policies to the data. For example, you can search for SMS and MMS messages from the Rogers mobile network using Content search or a search associated with a Core eDiscovery case. Using a Rogers Network Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. +After data from the Rogers mobile network is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to the data. For example, you can search for SMS and MMS messages from the Rogers mobile network using Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case. Using a Rogers Network Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. ## Overview of archiving Rogers mobile network data The following overview explains the process of using a connector to archive Roge 2. In real time, your organization's Rogers mobile network data is copied to the TeleMessage site. -3. The Rogers Network Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +3. The Rogers Network Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Rogers SMS/MMS Network Archiver will be created in the specific user's mailbox and the items will be imported to it. The connector does the mapping by using the value of the User's Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. The following overview explains the process of using a connector to archive Roge - Obtain the Rogers account and billing contact details for your organization so that you can complete the onboarding forms and order the message archiving service from Rogers. -- The user who creates a Rogers Network Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Rogers Network Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a Rogers Network Archiver connector -After you've completed the prerequisites described in the previous section, you can create the Rogers Network Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer Rogers SMS/MMS data to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create the Rogers Network Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer Rogers SMS/MMS data to the corresponding user mailbox boxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Rogers Network Archiver.
compliance	Archive Salesforcechatter Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-salesforcechatter-data.md	description: "Admins can set up a connector to import and archive Salesforce Cha # Set up a connector to archive Salesforce Chatter data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Salesforce Chatter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Salesforce Chatter](http://globanet.com/chatter/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content such as chats, attachments, and posts from Salesforce Chatter to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Salesforce Chatter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Salesforce Chatter](http://globanet.com/chatter/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content such as chats, attachments, and posts from Salesforce Chatter to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. -After Salesforce Chatter data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Salesforce Chatter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Salesforce Chatter data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Salesforce Chatter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Salesforce Chatter data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Salesforce Chatter items are copied to the Veritas Merge1 site. The connector also Salesforce Chatter items to an email message format. -3. The Salesforce Chatter connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the Chatter content to a secure Azure Storage location in the Microsoft cloud. +3. The Salesforce Chatter connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the Chatter content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Salesforce Chatter is created in the user mailboxes, and items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Chatter item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Salesforce application and acquire a token at [https://salesforce.com](https://salesforce.com). You'll need to log into the Salesforce account as an admin and get a user personal token to import data. Also, triggers need to be published on the Chatter site to capture updates, deletes, and edits. These triggers will create a post on a channel, and Merge1 will capture the information from the channel. For step-by-step instructions about how to create the application and acquire the token, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20SalesForce%20Chatter%20User%20Guide%20.pdf). -- The user who creates the Salesforce Chatter connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Salesforce Chatter┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Salesforce Chatter connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Chatter data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Chatter data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Salesforce Chatter. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Salesforce Chatter connector on the Veritas Merge1 site. For information about how to configure the Salesforce Chatter connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20SalesForce%20Chatter%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Salesforce Chatter users to Microsoft 365 users page, enable automatic user mapping. The Salesforce Chatter items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Salesforce Chatter connector -After you create the Salesforce Chatter connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Salesforce Chatter connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Servicenow Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-servicenow-data.md	description: "Admins can set up a connector to import and archive ServiceNow dat # Set up a connector to archive ServiceNow data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the ServiceNow platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [ServiceNow](https://globanet.com/servicenow/) connector that captures items from the third-party data source and import those items to Microsoft 365. The connector converts the content such as live messages, attachments, and posts from ServiceNow to an email message format and then imports those items to user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the ServiceNow platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [ServiceNow](https://globanet.com/servicenow/) connector that captures items from the third-party data source and import those items to Microsoft 365. The connector converts the content such as live messages, attachments, and posts from ServiceNow to an email message format and then imports those items to user mailboxes in Microsoft 365. -After ServiceNow data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After ServiceNow data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving ServiceNow data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, ServiceNow items are copied to the Veritas Merge1 site. The connector also converts ServiceNow items to an email message format. -3. The ServiceNow connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the ServiceNow content to a secure Azure Storage location in the Microsoft cloud. +3. The ServiceNow connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the ServiceNow content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named ServiceNow is created in the user mailboxes, and items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every ServiceNow item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a ServiceNow application to fetch data from your ServiceNow account. For step-by step instructions about creating the application, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20ServiceNow%20User%20Guide%20.pdf). -- The user who creates the ServiceNow connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the ServiceNow┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the ServiceNow connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for ServiceNow data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for ServiceNow data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > ServiceNow. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the ServiceNow connector on the Veritas Merge1 site. For information about how to configure the ServiceNow connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20ServiceNow%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map ServiceNow users to Microsoft 365 users page, enable automatic user mapping. The ServiceNow items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the ServiceNow connector -After you create the ServiceNow connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the ServiceNow connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Signal Archiver Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-signal-archiver-data.md	description: "Admins can set up a TeleMessage connector to import and archive Si # Set up a connector to archive Signal communications data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive Signal chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage Signal Archiver to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Signal chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage Signal Archiver to mailboxes in Microsoft 365. -After Signal Archiver connector data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Signal communications data. For example, you can search Signal communication using Content search or associate the mailbox that contains the Signal Archiver connector data with a custodian in an Advanced eDiscovery case. Using a Signal Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. +After Signal Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Signal communications data. For example, you can search Signal communication using Content search or associate the mailbox that contains the Signal Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a Signal Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. ## Overview of archiving Signal communications data The following overview explains the process of using a connector to archive Sign 2. In real time, your organization's Signal data is copied to the TeleMessage site. -3. The Signal Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +3. The Signal Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Signal Archiver will be created in the specific user's mailbox and the items will be imported to it. The connector does the mapping by using the value of the User's Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. The following overview explains the process of using a connector to archive Sign - Install the Signal Archiver app on the mobile phones of your employees and activate it. The Signal Archiver app allows them to communicate and chat with other Signal users. -- The user who creates a Signal Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Signal Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a Signal Archiver connector -After you've completed the prerequisites described in the previous section, you can create the Signal Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfers Signal communications data to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create the Signal Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfers Signal communications data to the corresponding user mailbox boxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Signal Archiver.
compliance	Archive Skypeforbusiness Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-skypeforbusiness-data.md	ms.localizationpriority: medium -description: "Learn how to set up and use a connector in the Microsoft 365 compliance center to import and archive data from Skype for Business to Microsoft 365." +description: "Learn how to set up and use a connector in the Microsoft Purview compliance portal to import and archive data from Skype for Business to Microsoft 365." # Set up a connector to archive Skype for Business data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Skype for Business platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Skype for Business](https://www.veritas.com/en/au/insights/merge1/skype-for-business) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages between users, persistent chats, and conference messages from Skype for Business to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Skype for Business platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Skype for Business](https://www.veritas.com/en/au/insights/merge1/skype-for-business) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages between users, persistent chats, and conference messages from Skype for Business to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. -After Skype for Business data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Skype for Business connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Skype for Business data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Skype for Business connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Skype for Business data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Skype for Business items are copied to the Veritas Merge1 site. The connector also converts Skype for Business items to an email message format. -3. The Skype for Business connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day, and transfers the Skype for Business content to a secure Azure Storage location in the Microsoft cloud. +3. The Skype for Business connector that you create in the compliance portal, connects to the Veritas Merge1 site every day, and transfers the Skype for Business content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Skype for Business is created in the user mailboxes, and items are imported to that folder. The connector does this by using the value of the Email property. Every Skype for Business item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Merge1 account for Microsoft connectors. To do this, contact [Veritas Customer Support](https://www.veritas.com/form/requestacall/ms-connectors-contact.html). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Skype for Business connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Skype for Business┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Skype for Business connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Skype for Business data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Skype for Business data. 1. Go to <https://compliance.microsoft.com> and click Data connectors > Skype for Business. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Skype for Business connector on the Veritas Merge1 site. For information about how to configure the Skype for Business connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Skype%20for%20Business%20%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Skype for Business users to Microsoft 365 users page, enable automatic user mapping. The Skype for Business items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Skype for Business connector -After you create the Skype for Business connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Skype for Business connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Slack Data Microsoft	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data-microsoft.md	description: "Learn how to set up and use a Slack eDiscovery data connector prov # Set up a connector to archive Slack eDiscovery data (preview) -The Slack eDiscovery data connector provided by Microsoft helps you to import and archive instant messaging data (such as messages, attachments, links, and revisions) from your organization's Slack workspaces to Microsoft 365. The data connector pulls data from the Slack API, converts it to an email message format, and then imports those items to user mailboxes in Microsoft 365. After the Slack data is imported, you can apply compliance solutions, such as Litigation hold, Advanced eDiscovery, Communication compliance, and retention settings to the Slack content. Using a Slack eDiscovery data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +The Slack eDiscovery data connector provided by Microsoft helps you to import and archive instant messaging data (such as messages, attachments, links, and revisions) from your organization's Slack workspaces to Microsoft 365. The data connector pulls data from the Slack API, converts it to an email message format, and then imports those items to user mailboxes in Microsoft 365. After the Slack data is imported, you can apply compliance solutions, such as Litigation hold, Microsoft Purview eDiscovery (Premium), Communication compliance, and retention settings to the Slack content. Using a Slack eDiscovery data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Slack eDiscovery data The following overview explains the process of using a Microsoft data connector - Obtain the username and password for your organization's Slack enterprise account. You use these credentials to sign into this account when you create the data connector. It's also recommended that you have automated user provisioning in your Slack organization configured to use single sign-on (SSO). [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) -- The user who creates the Slack eDiscovery connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Slack eDiscovery connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft Purview compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Step 1: Create a Slack eDiscovery connector Select one of the following options to specify which users whose Slack eDiscover ## Step 5: Monitor the Slack eDiscovery connector -After you create the Slack eDiscovery connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Slack eDiscovery connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Slack Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data.md	description: "Admins can set up a connector to import and archive data from Veri # Set up a connector to archive Slack eDiscovery data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive third-party data from social media, instant messaging, and document collaboration platforms to mailboxes in your Microsoft 365 organization. Veritas provides a [Slack](https://globanet.com/slack/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Slack pulls messages and files from the Slack API and converts them to an email message format and then imports the item to user mailboxes. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive third-party data from social media, instant messaging, and document collaboration platforms to mailboxes in your Microsoft 365 organization. Veritas provides a [Slack](https://globanet.com/slack/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Slack pulls messages and files from the Slack API and converts them to an email message format and then imports the item to user mailboxes. -After Slack eDiscovery data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Slack eDiscovery data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Slack eDiscovery data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, chat messages from Slack eDiscovery are copied to the Veritas Merge1 site. The connector also converts the content of a chat message to an email message format. -3. The Slack eDiscovery connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the chat messages to a secure Azure Storage location in the Microsoft cloud. +3. The Slack eDiscovery connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the chat messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted chat message items to the mailboxes of specific users using the value of the Email property and automatic user mapping, as described in Step 3. A new subfolder in the Inbox folder named Slack eDiscovery is created in the user mailboxes, and the chat message items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every chat message contains this property, which is populated with the email address of every participant of the chat message. The following overview explains the process of using a connector to archive the - Obtain the username and password for your organization's Slack enterprise account. You'll need to sign into this account in Step 2 when you configure Slack. -- The user who creates the Slack eDiscovery connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Slack eDiscovery connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Slack eDiscovery connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Slack data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Slack data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Slack eDiscovery. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Slack eDiscovery connector on the Merge1 site. For more information about how to configure the Slack eDiscovery connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Slack%20eDiscovery%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup After you click Save & Finish, the User mapping page in the connector wi ## Step 4: Monitor the Slack eDiscovery connector -After you create the Slack eDiscovery connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Slack eDiscovery connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Symphony Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-symphony-data.md	description: "Admins can set up a connector to import and archive data from Veri # Set up a connector to archive Symphony data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive Symphony data to user mailboxes in your Microsoft 365 organization. Symphony is a messaging and collaboration platform used in the financial services industry. Veritas provides a [Symphony](https://globanet.com/symphony) data connector in the Microsoft 365 compliance center that you can configure to capture items from the third-party data source (on a regular basis) and then import those items to user mailboxes. The connector converts the content of an item from the Symphony account to an email message format and then imports the item to a mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive Symphony data to user mailboxes in your Microsoft 365 organization. Symphony is a messaging and collaboration platform used in the financial services industry. Veritas provides a [Symphony](https://globanet.com/symphony) data connector in the compliance portal that you can configure to capture items from the third-party data source (on a regular basis) and then import those items to user mailboxes. The connector converts the content of an item from the Symphony account to an email message format and then imports the item to a mailbox in Microsoft 365. -After Symphony communications are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Symphony communications are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Symphony data The following overview explains the process of using a data connector to archive 2. Once every 24 hours, chat messages from Symphony are copied to the Veritas Merge1 site. The connector also converts the content of a chat message to an email message format. -3. The Symphony connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Symphony connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted message items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in Step 3. A new subfolder in the Inbox folder named Symphony is created in the user mailboxes, and the message items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every chat message contains this property, which is populated with the email address for every participant. The following overview explains the process of using a data connector to archive - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://globanet.com/ms-connectors-contact). You will sign into this account when you create the connector in Step 1. -- The user who creates the Symphony connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Symphony connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Symphony connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Symphony data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Symphony data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Symphony. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Symphony connector on the Merge1 site. For information about configuring the Symphony connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Symphony%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map external users to Microsoft 365 users page, enable automatic user mapping. The Symphony items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Symphony connector -After you create the Symphony connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Symphony connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Telegram Archiver Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telegram-archiver-data.md	description: "Admins can set up a TeleMessage connector to import and archive Te # Set up a connector to archive Telegram communications data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive Telegram chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the Telegram Archiver to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Telegram chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the Telegram Archiver to mailboxes in Microsoft 365. -After Telegram Archiver connector data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Telegram communication data. For example, you can search Telegram communication using Content Search or associate the mailbox that contains the Telegram Archiver connector data with a custodian in an Advanced eDiscovery case. Using a Telegram Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. +After Telegram Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Telegram communication data. For example, you can search Telegram communication using Content Search or associate the mailbox that contains the Telegram Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a Telegram Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. ## Overview of archiving Telegram communications data The following overview explains the process of using a connector to archive Tele 2. In real time, your organization's Telegram data is copied to the TeleMessage site. -3. The Telegram Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +3. The Telegram Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Telegram Archiver will be created in the specific user's mailbox and the items will be imported to it. The connector does this mapping by using the value of the User's Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. The following overview explains the process of using a connector to archive Tele - Install the Telegram Archiver app on the mobile phones of your employees and activate it. The Telegram Archiver app allows them to communicate and chat with other Telegram users. -- The user who creates a Telegram Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Telegram Archiver connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a Telegram Archiver connector -After you've completed the prerequisites described in the previous section, you can create the Telegram Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfers Telegram communications data to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create the Telegram Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfers Telegram communications data to the corresponding user mailbox boxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Telegram Archiver.
compliance	Archive Telus Network Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telus-network-data.md	description: "Admins can set up a TeleMessage connector to import and archive SM # Set up a connector to archive TELUS Network data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive Short Messaging Service (SMS) data from your organization's TELUS Network. After you set up and configure a connector, it connects to your organization's TELUS Network once every day, and imports SMS data to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) data from your organization's TELUS Network. After you set up and configure a connector, it connects to your organization's TELUS Network once every day, and imports SMS data to mailboxes in Microsoft 365. -After SMS messages are stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to TELUS data. For example, you can search TELUS SMS messages using Content Search or associate the mailbox that contains the TELUS data with a custodian in an Advanced eDiscovery case. Using a TELUS Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After SMS messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to TELUS data. For example, you can search TELUS SMS messages using Content Search or associate the mailbox that contains the TELUS data with a custodian in an eDiscovery (Premium) case. Using a TELUS Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving TELUS Network data The following overview explains the process of using a connector to archive TELU 2. In real time, SMS messages from your organization's TELUS Network are copied to the TeleMessage site. -3. The TELUS Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages to an email message format. +3. The TELUS Network connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the SMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages to an email message format. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named TELUS SMS Network Archiver is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the User's Email address property. Every SMS message contains this property, which is populated with the email address of every participant of the SMS message. Some of the implementation steps required to archive TELUS Network data are exte - Your employees must have corporate-owned and corporate-liable mobile phones on theTELUS mobile network. Archiving messages in Microsoft 365 isn't available for employee-owned or Bring Your Own Devices (BYOD) devices. -- The user who creates a TELUS Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a TELUS Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a TELUS Network connector -After you've completed the prerequisites described in the previous section, you can create TELUS Network connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create TELUS Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > TELUS Network.
compliance	Archive Text Delimited Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-text-delimited-data.md	description: "Admins can set up a connector to import and archive text-delimited # Set up a connector to archive text-delimited data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive text-delimited data to user mailboxes in your Microsoft 365 organization. Veritas provides a [text-delimited connector](https://globanet.com/text-delimited) that's configured to capture items from a third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts content from the text-delimited data source to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive text-delimited data to user mailboxes in your Microsoft 365 organization. Veritas provides a [text-delimited connector](https://globanet.com/text-delimited) that's configured to capture items from a third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts content from the text-delimited data source to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After text-delimited data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a text-delimited data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After text-delimited data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a text-delimited data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving the text-delimited data The following overview explains the process of using a connector to archive text 2. Once every 24 hours, chat messages from the text-delimited source are copied to the Veritas Merge1 site. The connector also converts the content to an email message format. -3. The text-delimited connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The text-delimited connector that you create in the compliance portal connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted message items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in Step 3. A new subfolder in the Inbox folder named Text- Delimited is created in the user mailboxes, and the message items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every message contains this property, which is populated with the email address of every participant. The following overview explains the process of using a connector to archive text - Create a Veritas Merge1 account for Microsoft connectors. To create this account, contact [Veritas Customer Support](https://globanet.com/ms-connectors-contact). You will sign into this account when you create the connector in Step 1. -- The user who creates the text-delimited connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the text-delimited connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the text-delimited connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for text-delimited data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for text-delimited data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Text-Delimited. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the text-delimited connector on the Merge1 site. For information about configuring the text-delimited connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20text-delimited%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map external users to Microsoft 365 users page, enable automatic user mapping. The Text- Delimited source items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the text-delimited connector -After you create the Text- Delimited connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Text- Delimited connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Twitter Data With Sample Connector	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-twitter-data-with-sample-connector.md	f1.keywords: Previously updated : Last updated : 04/08/2022 audience: Admin description: "Learn how administrators can set up and use a native connector to # Set up a Microsoft connector to archive Twitter data (preview) -Use a connector in the Microsoft 365 compliance center to import and archive data from Twitter to Microsoft 365. After you set up and configure the connector, it connects to your organization's Twitter account (on a scheduled basis), converts the content of an item to an email message format, and then imports those items to a mailbox in Microsoft 365. +Use a connector in the Microsoft Purview compliance portal to import and archive data from Twitter to Microsoft 365. After you set up and configure the connector, it connects to your organization's Twitter account (on a scheduled basis), converts the content of an item to an email message format, and then imports those items to a mailbox in Microsoft 365. -After the Twitter data is imported, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to the Twitter data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Twitter data is preserved. You can search third-party data using Content Search or associate the mailbox where the Twitter data is stored with a custodian in an Advanced eDiscovery case. Using a connector to import and archive Twitter data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After the Twitter data is imported, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to the Twitter data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Twitter data is preserved. You can search third-party data using Content Search or associate the mailbox where the Twitter data is stored with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a connector to import and archive Twitter data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. -After Twitter data is imported, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to the data stored in the mailbox. For example, you can search Twitter data using Content Search or associate the mailbox where the data is stored with a custodian in an Advanced eDiscovery case. Using a connector to import and archive Twitter data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Twitter data is imported, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to the data stored in the mailbox. For example, you can search Twitter data using Content Search or associate the mailbox where the data is stored with a custodian in an eDiscovery (Premium) case. Using a connector to import and archive Twitter data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Before you set up a connector -Complete the following prerequisites before you can set up and configure a connector in the Microsoft 365 compliance center to import and archive data from your organization's Twitter account. +Complete the following prerequisites before you can set up and configure a connector in the compliance portal to import and archive data from your organization's Twitter account. - You need a Twitter account for your organization; you need to sign in to this account when setting up the connector. Complete the following prerequisites before you can set up and configure a conne - [Sign up for a Pay-As-You-Go Azure subscription](https://azure.microsoft.com/pricing/purchase-options/pay-as-you-go/) > [!NOTE] - > The [free Azure Active Directory subscription](use-your-free-azure-ad-subscription-in-office-365.md) that's included with your Microsoft 365 subscription doesn't support the connectors in the Microsoft 365 compliance center. + > The [free Azure Active Directory subscription](use-your-free-azure-ad-subscription-in-office-365.md) that's included with your Microsoft 365 subscription doesn't support the connectors in the compliance portal. - The Twitter connector can import a total of 200,000 items in a single day. If there are more than 200,000 Twitter items in a day, none of those items will be imported to Microsoft 365. -- The user who sets up the Twitter connector in the Microsoft 365 compliance center (in Step 5) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who sets up the Twitter connector in the compliance portal (in Step 5) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Step 1: Create an app in Azure Active Directory During the completion of this step (by following the step-by-step instructions), ## Step 2: Deploy connector web service from GitHub repository to your Azure account -The next step is to deploy the source code for the Twitter connector app that will use Twitter API to connect to your Twitter account and extract data so you can import it to Microsoft 365. The Twitter connector that you deploy for your organization will upload the items from your organization's Twitter account to the Azure Storage location that is created in this step. After you create a Twitter connector in the Microsoft 365 compliance center (in Step 5), the Microsoft 365 Import service will copy the Twitter data from the Azure Storage location to a mailbox in Microsoft 365. As previous explained in the [Before you set up a connector](#before-you-set-up-a-connector) section, you must have a valid Azure subscription to create an Azure Storage account. +The next step is to deploy the source code for the Twitter connector app that will use Twitter API to connect to your Twitter account and extract data so you can import it to Microsoft 365. The Twitter connector that you deploy for your organization will upload the items from your organization's Twitter account to the Azure Storage location that is created in this step. After you create a Twitter connector in the compliance portal (in Step 5), the Microsoft 365 Import service will copy the Twitter data from the Azure Storage location to a mailbox in Microsoft 365. As previous explained in the [Before you set up a connector](#before-you-set-up-a-connector) section, you must have a valid Azure subscription to create an Azure Storage account. To deploy the source code for the Twitter connector app: During the completion of this step (by following the step-by-step instructions), - Azure Active Directory application secret (the AAD application secret obtained in Step 1) -## Step 5: Set up a Twitter connector in the Microsoft 365 compliance center +## Step 5: Set up a Twitter connector in the compliance portal -The final step is to set up the Twitter connector in the Microsoft 365 compliance center that will import data from your organization's Twitter account to a specified mailbox in Microsoft 365. After you complete this step, the Microsoft 365 Import service will start importing data from your organization's Twitter account to Microsoft 365. +The final step is to set up the Twitter connector in the compliance portal that will import data from your organization's Twitter account to a specified mailbox in Microsoft 365. After you complete this step, the Microsoft 365 Import service will start importing data from your organization's Twitter account to Microsoft 365. -For step-by-step instructions, see [Set up a Twitter connector in the Microsoft 365 compliance center](deploy-twitter-connector.md#step-5-set-up-a-twitter-connector-in-the-microsoft-365-compliance-center). +For step-by-step instructions, see [Set up a Twitter connector in the Microsoft Purview compliance portal](deploy-twitter-connector.md#step-5-set-up-a-twitter-connector-in-the-compliance-portal). During the completion of this step (by following the step-by-step instructions), you'll provide the following information (that you've copied to a text file after completing the steps).
compliance	Archive Veritas Twitter Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-veritas-twitter-data.md	description: "Admins can set up a connector to import and archive Twitter data f # Set up a connector to archive Twitter data (preview) -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Twitter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Twitter](https://www.veritas.com/insights/merge1/twitter) connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as tweets, retweets, and comments from Twitter to an email message format and then imports those items to the user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Twitter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Twitter](https://www.veritas.com/insights/merge1/twitter) connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as tweets, retweets, and comments from Twitter to an email message format and then imports those items to the user mailboxes in Microsoft 365. -After Twitter data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Twitter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Twitter data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Twitter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Twitter data The following overview explains the process of using a connector to archive Twit 2. Once every 24 hours, Twitter items are copied to the Veritas Merge1 site. The connector also converts Twitter items to an email message format. -3. The Twitter connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day, and transfers the Twitter content to a secure Azure Storage location in the Microsoft cloud. +3. The Twitter connector that you create in the compliance portal connects to the Veritas Merge1 site every day, and transfers the Twitter content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Twitter is created in the user mailboxes, and items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Twitter item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive Twit - Create a Twitter application at <https://developer.twitter.com> to fetch data from your Twitter account. For step-by step instructions about creating the application, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Twitter%20User%20Guide.pdf). -- The user who creates the YouTube connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the YouTube┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Twitter connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Twitter data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Twitter data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > Twitter. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Twitter connector on the Veritas Merge1 site. For information about how to configure the Twitter connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Twitter%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Twitter users to Microsoft 365 users page, enable automatic user mapping. The Twitter items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Twitter connector -After you create the Twitter connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Twitter connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Verizon Network Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-verizon-network-data.md	description: "Admins can set up a TeleMessage connector to import and archive SM # Set up a connector to archive Verizon Network data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) data from Verizon Network. After you set up and configure a connector, it connects to your organization's Verizon Network once every day and imports SMS and MMS data to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) data from Verizon Network. After you set up and configure a connector, it connects to your organization's Verizon Network once every day and imports SMS and MMS data to mailboxes in Microsoft 365. -After Verizon Network connector data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Verizon data. For example, you can search Verizon SMS and MMS messages using Content Search or associate the mailbox that contains Verizon Network data with a custodian in an Advanced eDiscovery case. Using a Verizon Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Verizon Network connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Verizon data. For example, you can search Verizon SMS and MMS messages using Content Search or associate the mailbox that contains Verizon Network data with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a Verizon Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Verizon Network data The following overview explains the process of using a connector to archive Veri 2. Once every 24 hours, SMS and MMS messages from your organizationΓÇÖs Verizon Network are copied to the TeleMessage site. -3. The Verizon Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. +3. The Verizon Network connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Verizon SMS/MMS Network Archiver is created in the specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the UserΓÇÖs Email address property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message. Some of the implementation steps required to archive Verizon Network data are ex - Your employees must have corporate-owned and corporate-liable mobile phones on the Verizon mobile network. Archiving messages in Microsoft 365 isn't available for employee-owned or Bring Your Own Devices (BYOD) devices. -- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a Verizon Network connector -After you've completed the prerequisites described in the previous section, you can create Verizon Network connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create Verizon Network connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer SMS and MMS messages to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and then click Data connectors > Verizon Network.
compliance	Archive Webexteams Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webexteams-data.md	description: "Admins can set up a connector to import and archive data from Veri # Set up a connector to archive Webex Teams data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from Webex Teams to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webex Teams](https://globanet.com/webex-teams/) connector that is configured to capture Webex Teams communication items and import them to Microsoft 365. The connector converts content from Webex Teams, such as 1:1 chats, group conversations, channel conversations, and attachments from your organization's Webex Teams account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Webex Teams to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webex Teams](https://globanet.com/webex-teams/) connector that is configured to capture Webex Teams communication items and import them to Microsoft 365. The connector converts content from Webex Teams, such as 1:1 chats, group conversations, channel conversations, and attachments from your organization's Webex Teams account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. -After Webex Teams data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Webex Teams connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Webex Teams data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Webex Teams connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Webex Teams data The following overview explains the process of using a connector to archive Webe 2. Once every 24 hours, Webex Teams items are copied to the Veritas Merge1 site. The connector also converts the Webex Teams items to an email message format. -3. The Webex Teams connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 every day, and transfers the Webex Teams items to a secure Azure Storage location in the Microsoft cloud. +3. The Webex Teams connector that you create in the compliance portal, connects to the Veritas Merge1 every day, and transfers the Webex Teams items to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Webex Teams is created in the user mailboxes, and the items are imported to that folder. The connector does this by using the value of the Email property. Every Webex Teams item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive Webe When you create this application, the Webex platform generates a set of unique credentials. These credentials are used in Step 2 when you configure the Webex Teams connector on the Global Merge1 site. -- The user who creates the Webex Teams connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Webex Teams connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Webex Teams connector The first step is to gain access to the Data Connectors and set up the [Webe The second step is to configure the Webex Teams connector on the Merge1 site. For information about how to configure the Webex Teams connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Webex%20Teams%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map Webex Teams users to Microsoft 365 users page, enable automatic user mapping. The Webex Teams items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Webex Teams connector -After you create the Webex Teams connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Webex Teams connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Webpagecapture Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webpagecapture-data.md	description: "Admins can set up a connector to import and archive Webpage Captur # Set up a connector to archive webpage data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from webpages to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webpage Capture](https://globanet.com/webpage-capture) connector that captures specific webpages (and any links on those pages) in a specific website or an entire domain. The connector converts the webpage content to a PDF, PNG, or custom file format and then attaches the converted files to an email message and then imports those email items to user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from webpages to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webpage Capture](https://globanet.com/webpage-capture) connector that captures specific webpages (and any links on those pages) in a specific website or an entire domain. The connector converts the webpage content to a PDF, PNG, or custom file format and then attaches the converted files to an email message and then imports those email items to user mailboxes in Microsoft 365. -After webpage content is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a Webpage Capture connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After webpage content is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a Webpage Capture connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving webpage data The following overview explains the process of using a connector to archive webp 2. Once every 24 hours, the webpage sources items are copied to the Veritas Merge1 site. The connector also converts and attaches the content of a webpage to an email message. -3. The Webpage Capture connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the webpage items to a secure Azure Storage location in the Microsoft cloud. +3. The Webpage Capture connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the webpage items to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted webpage items to the mailboxes of specific users by using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Webpage Capture is created in the user mailboxes, and the webpage items are imported to that folder. The connector does this by using the value of the Email property. Every webpage item contains this property, which is populated with the email addresses provided when you configure the Webpage Capture connector in [Step 2](#step-2-configure-the-webpage-capture-connector-on-the-veritas-merge1-site). The following overview explains the process of using a connector to archive webp - You need to work with Veritas support to set up a custom file format to convert the webpage items to. For more information, see the [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Web%20Page%20Capture%20User%20Guide%20.pdf). -- The user who creates the Webpage Capture connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Webpage Capture connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Webpage Capture connector The first step is to access to the Data Connectors and create a connector fo The second step is to configure the Webpage Capture connector on the Veritas Merge1 site. For information about how to configure the Webpage Capture connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Web%20Page%20Capture%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow the steps below: +To map users and complete the connector setup in the compliance portal, follow the steps below: 1. On the Map Webpage Capture users to Microsoft 365 users page, enable automatic user mapping. The Webpage Capture items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Webpage Capture connector -After you create the Webpage Capture connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Webpage Capture connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Wechat Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-wechat-data.md	ms.localizationpriority: medium -description: "Set up and use a connector in the Microsoft 365 compliance center to import and archive WeChat data in Microsoft 365." +description: "Set up and use a connector in the Microsoft Purview compliance portal to import and archive WeChat data in Microsoft 365." # Set up a connector to archive WeChat data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive WeChat and WeCom calls, chats, attachments, files, and recalled messages. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage WeChat Archiver to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive WeChat and WeCom calls, chats, attachments, files, and recalled messages. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage WeChat Archiver to mailboxes in Microsoft 365. -After WeChat Archiver connector data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to WeChat communication data. For example, you can search WeChat communication using Content Search or associate the mailbox that contains the WeChat Archiver connector data with a custodian in an Advanced eDiscovery case. Using a WeChat Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. +After WeChat Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to WeChat communication data. For example, you can search WeChat communication using Content Search or associate the mailbox that contains the WeChat Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a WeChat Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies. ## Overview of archiving WeChat communication data The following overview explains the process of using a connector to archive WeCh 2. In real time, your organization's WeChat data is copied to the TeleMessage site. -3. The WeChat Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. +3. The WeChat Archiver connector that you create in the compliance portal connects to the TeleMessage site every day and transfers the email messages from the previous 24 hours to a secure Azure Storage area in the Microsoft Cloud. 4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named WeChat Archiver will be created in the specific user's mailbox and the items will be imported to it. The connector does mapping by using the value of the User's Email address property. Every email message contains this property, which is populated with the email address of every participant of the email message. In addition to automatic user mapping using the value of the User's Email address property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain User's mobile Number and the corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every email item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile number, the connector will use the User ΓÇÿs email address property of the email item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the user's email address property of the email item, the item won't be imported. The following overview explains the process of using a connector to archive WeCh - You'll need to install the Tencent WeCom app on the mobile phones of users in your organization and activate it. The WeCom app lets users communicate and chat with other WeChat and WeCom users. -- The user who creates a WeChat Archiver connector in the Microsoft 365 compliance center must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a WeChat Archiver connector in the compliance portal must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a WeChat Archiver connector -Follow the steps in this section to create a WeChat Archiver connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer WeChat communications data to the corresponding user mailboxes in Microsoft 365. +Follow the steps in this section to create a WeChat Archiver connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer WeChat communications data to the corresponding user mailboxes in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > WeChat Archiver.
compliance	Archive Whatsapp Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-whatsapp-data.md	description: "Admins can set up a TeleMessage connector to import and archive Wh # Set up a connector to archive WhatsApp data -Use the TeleMessage connector in the Microsoft 365 compliance center to import and archive WhatsApp calls, chats, attachments, files, and deleted messages. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage WhatsApp Phone Archiver or TeleMessage WhatsApp Cloud Archiver to mailboxes in Microsoft 365. +Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive WhatsApp calls, chats, attachments, files, and deleted messages. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage WhatsApp Phone Archiver or TeleMessage WhatsApp Cloud Archiver to mailboxes in Microsoft 365. -After WhatsApp data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, Content search, and Microsoft 365 retention policies to WhatsApp data. For example, you can search WhatsApp messages using Content search or associate the mailbox that contains WhatsApp messages with a custodian in an Advanced eDiscovery case. Using a WhatsApp connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After WhatsApp data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to WhatsApp data. For example, you can search WhatsApp messages using Content search or associate the mailbox that contains WhatsApp messages with a custodian in an eDiscovery (Premium) case. Using a WhatsApp connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving WhatsApp data The following overview explains the process of using a connector to archive What 2. In real time, your organization's WhatsApp data is copied to the TeleMessage site. -3. The WhatsApp connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers WhatsApp data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content WhatsApp data to an email message format. +3. The WhatsApp connector that you create in the compliance portal connects to the TeleMessage site every day and transfers WhatsApp data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content WhatsApp data to an email message format. 4. The connector imports WhatsApp data to the mailbox of a specific user. A new folder named WhatsApp Archiver is created in the specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the UserΓÇÖs Email address property. Every WhatsApp message contains this property, which is populated with the email address of every participant of the message. Some of the implementation steps required to archive WhatsApp communication data - Install the TeleMessage [WhatsApp Phone Archiver app](https://www.telemessage.com/mobile-archiver/whatsapp-phone-archiver-2/) on the mobile phones of your employees and activate it. Alternatively, you can install the regular WhatsApp or WhatsApp Business apps on the mobile phones of your employees and activate the WhatsApp Cloud Archiver service by scanning a QR code on the TeleMessage website. For more information, see [WhatsApp Cloud Archiver](https://www.telemessage.com/mobile-archiver/whatsapp-archiver/whatsapp-cloud-archiver/). -- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates a Verizon Network connector must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This TeleMessage data connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Create a WhatsApp Archiver connector -After you've completed the prerequisites described in the previous section, you can create the WhatsApp connector in the Microsoft 365 compliance center. The connector uses the information you provide to connect to the TeleMessage site and transfer the WhatsApp data to the corresponding user mailbox boxes in Microsoft 365. +After you've completed the prerequisites described in the previous section, you can create the WhatsApp connector in the compliance portal. The connector uses the information you provide to connect to the TeleMessage site and transfer the WhatsApp data to the corresponding user mailbox boxes in Microsoft 365. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > WhatsApp Archiver.
compliance	Archive Workplacefromfacebook Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-workplacefromfacebook-data.md	description: "Admins can set up a connector to import and archive data from Work # Set up a connector to archive Workplace from Facebook data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from Workplace from Facebook to user mailboxes in your Microsoft 365 organization. Veritas provides a [Workplace from Facebook](https://globanet.com/workplace/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as chats, attachments, posts, and videos from Workplace to an email message format and then imports those items to user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Workplace from Facebook to user mailboxes in your Microsoft 365 organization. Veritas provides a [Workplace from Facebook](https://globanet.com/workplace/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as chats, attachments, posts, and videos from Workplace to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Workplace data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using Workplace from Facebook connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Workplace data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using Workplace from Facebook connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Workplace from Facebook data The following overview explains the process of using a connector to archive Work 2. Once every 24 hours, items from Workplace are copied to the Veritas Merge1 site. The connector also converts the content of these items to an email message format. -3. The Workplace from Facebook connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 every day, and transfers the Workplace items to a secure Azure Storage location in the Microsoft cloud. +3. The Workplace from Facebook connector that you create in the compliance portal, connects to the Veritas Merge1 every day, and transfers the Workplace items to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in Step 3. A subfolder in the Inbox folder named Workplace from Facebook is created, and the Workplace items are imported to that folder. The connector does this by using the value of the Email property. Every Workplace item contains this property, which is populated with the email address of every chat or post participant. The following overview explains the process of using a connector to archive Work When creating the integration, the Workplace platform generates a set of unique credentials used to generate tokens that are used for authentication. These tokens are used in the Workplace from Facebook connector configuration wizard in Step 2. For step-by step instructions about how to create the applications, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Workplace%20from%20Facebook%20User%20Guide%20.pdf). -- The user who creates the Workplace from Facebook connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Workplace from Facebook connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Workplace from Facebook connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for Workplace data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for Workplace data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Workplace from Facebook. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Workplace from Facebook connector on the Merge1 site. For information about how to configure the Workplace from Facebook connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Workplace%20from%20Facebook%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map external users to Microsoft 365 users page, enable automatic user mapping. The Workplace items include a property called Email that contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the Workplace from Facebook connector -After you create the Workplace from Facebook connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Workplace from Facebook connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Xip Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xip-data.md	description: "Admins can set up a connector to import and archive XIP source dat # Set up a connector to archive XIP source data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the XIP source platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [XIP](https://globanet.com/xip/) connector that allows using an XIP file to import items to Microsoft 365. An XIP file is similar to a ZIP file, but allows for a digital signature to be used. The digital signature is verified by Veritas Merge 1 before the XIP source file is extracted. The connector converts the content from the XIP source file to an email message format and then imports those items to the user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the XIP source platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [XIP](https://globanet.com/xip/) connector that allows using an XIP file to import items to Microsoft 365. An XIP file is similar to a ZIP file, but allows for a digital signature to be used. The digital signature is verified by Veritas Merge 1 before the XIP source file is extracted. The connector converts the content from the XIP source file to an email message format and then imports those items to the user mailboxes in Microsoft 365. -After XIP source data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an XIP connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After XIP source data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an XIP connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving the XIP source data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, XIP source items are copied to the Veritas Merge1 site. The connector also converts the content to an email message format. -3. The XIP connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The XIP connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted message items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named XIP is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every source item contains this property, which is populated with the email address of every participant. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the XIP connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the XIP connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the XIP connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for the XIP source data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for the XIP source data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors \> XIP. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the XIP connector on the Merge1 site. For information about how to configure the XIP connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20XIP%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup To map users and complete the connector setup, follow these steps: ## Step 4: Monitor the XIP connector -After you create the XIP connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the XIP connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Xslt Xml Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xslt-xml-data.md	description: "Admins can set up a connector to import and archive XSLT/XML data # Set up a connector to archive XSLT/XML data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Web page source to user mailboxes in your Microsoft 365 organization. Veritas provides you with an [XSLT/XML connector](https://globanet.com/xslt-xml) that allows the rapid development of files created by using XSLT (Extensible Style sheet Language Transformations) to transform XML files into other file formats (such as HTML or text) that can be imported to Microsoft 365. The connector converts the content of an item from the XSLT/XML source to an email message format and then imports the converted item to Microsoft 365 mailboxes. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Web page source to user mailboxes in your Microsoft 365 organization. Veritas provides you with an [XSLT/XML connector](https://globanet.com/xslt-xml) that allows the rapid development of files created by using XSLT (Extensible Style sheet Language Transformations) to transform XML files into other file formats (such as HTML or text) that can be imported to Microsoft 365. The connector converts the content of an item from the XSLT/XML source to an email message format and then imports the converted item to Microsoft 365 mailboxes. -After XSLT/XML data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an XSLT/XML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After XSLT/XML data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an XSLT/XML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving XSLT/XML data The following overview explains the process of using a connector to archive XSLT 2. Once every 24 hours, chat messages from the XSLT/XML source are copied to the Veritas Merge1 site. The connector also converts the content to an email message format. -3. The XSLT/XML connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The XSLT/XML connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted message items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in Step 3. A new subfolder in the Inbox folder named XSLT/XML is created in the user mailboxes, and the message items are imported to that folder. The connector does this by using the value of the Email property. Every message contains this property, which is populated with the email address of every participant of the message. The following overview explains the process of using a connector to archive XSLT - Create a Veritas Merge1 account for Microsoft connectors. To create this account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You will sign into this account when you create the connector in Step 1. -- The user who creates the XSLT/XML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the XSLT/XML connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up an XSLT/XML connector -The first step is to access to the Data Connectors in the Microsoft 365 compliance center and create a connector for XSLT/XML data. +The first step is to access to the Data Connectors in the compliance portal and create a connector for XSLT/XML data. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > XSLT/XML. The first step is to access to the Data Connectors in the Microsoft 365 comp The second step is to configure the XSLT/XML connector on the Merge1 site. For information about how to configure the XSLT/XML connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20XSLT-XML%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -1. To map users and complete the connector setup in the Microsoft 365 compliance center, follow the steps below: +1. To map users and complete the connector setup in the compliance portal, follow the steps below: 2. On the Map XSLT/XML users to Microsoft 365 users page, enable automatic user mapping. The XSLT/XML items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that userΓÇÖs mailbox. After you click Save & Finish, the User mapping page in the connector wi ## Step 4: Monitor the XSLT/XML connector -After you create the XSLT/XML connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the XSLT/XML connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archive Yieldbroker Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-yieldbroker-data.md	description: "Admins can set up a connector to import and archive Yieldbroker da # Set up a connector to archive Yieldbroker data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from the Yieldbroker to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Yieldbroker](https://globanet.com/yieldbroker/) connector that's configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts the content from Yieldbroker to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Yieldbroker to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Yieldbroker](https://globanet.com/yieldbroker/) connector that's configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts the content from Yieldbroker to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. -After Yieldbroker is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Yieldbroker connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Yieldbroker is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Yieldbroker connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Yieldbroker data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, Yieldbroker items are copied to the Veritas Merge1 site. The connector also converts the content to an email message format. -3. The Yieldbroker connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. +3. The Yieldbroker connector that you create in the compliance portal, connects to the Veritas Merge1 site every day and transfers the messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted Yieldbroker items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named Yieldbroker is created in the user mailboxes, and the items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every Yieldbroker contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a Veritas Merge1 account for Microsoft connectors. To create an account, contact [Veritas Customer Support](https://www.veritas.com/content/support/). You need to sign into this account when you create the connector in Step 1. -- The user who creates the Yieldbroker connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Yieldbroker connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Yieldbroker connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for the Yieldbroker. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for the Yieldbroker. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Yieldbroker. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the Yieldbroker connector on the Merge1 site. For information about how to configure the Yieldbroker, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Yieldbroker%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup To map users and complete the connector setup, follow these steps: ## Step 4: Monitor the Yieldbroker connector -After you create the Yieldbroker connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Yieldbroker connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and click Data connectors in the left nav.
compliance	Archive Youtube Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-youtube-data.md	description: "Admins can set up a connector to import and archive YouTube data f # Set up a connector to archive YouTube data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from YouTube to user mailboxes in your Microsoft 365 organization. Veritas provides a connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from YouTube to an email message format and then imports those items to the user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from YouTube to user mailboxes in your Microsoft 365 organization. Veritas provides a connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from YouTube to an email message format and then imports those items to the user mailboxes in Microsoft 365. -After YouTube data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a YouTube connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After YouTube data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a YouTube connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving YouTube data The following overview explains the process of using a connector to archive the 2. Once every 24 hours, YouTube items are copied to the Veritas Merge1 site. The connector also converts YouTube items to an email message format. -3. The YouTube connector that you create in the Microsoft 365 compliance center connects to the Veritas Merge1 site every day, and transfers the YouTube content to a secure Azure Storage location in the Microsoft cloud. +3. The YouTube connector that you create in the compliance portal connects to the Veritas Merge1 site every day, and transfers the YouTube content to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted items to the mailboxes of specific users using the value of the Email property of the automatic user mapping as described in [Step 3](#step-3-map-users-and-complete-the-connector-setup). A subfolder in the Inbox folder named YouTube is created in the user mailboxes, and items are imported to that folder. The connector determines which mailbox to import items to by using the value of the Email property. Every YouTube item contains this property, which is populated with the email address of every participant of the item. The following overview explains the process of using a connector to archive the - Create a YouTube application to fetch data from your YouTube account. For step-by step instructions about creating the application, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20YouTube%20User%20Guide.pdf). -- The user who creates the YouTube connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the YouTube┬áconnector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). ## Step 1: Set up the YouTube connector -The first step is to access to the Data Connectors page in the Microsoft 365 compliance center and create a connector for YouTube data. +The first step is to access to the Data Connectors page in the compliance portal and create a connector for YouTube data. 1. Go to <https://compliance.microsoft.com> and then click Data connectors > YouTube. The first step is to access to the Data Connectors page in the Microsoft 365 The second step is to configure the YouTube connector on the Veritas Merge1 site. For information about how to configure the YouTube connector, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20YouTube%20User%20Guide.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup -To map users and complete the connector setup in the Microsoft 365 compliance center, follow these steps: +To map users and complete the connector setup in the compliance portal, follow these steps: 1. On the Map YouTube users to Microsoft 365 users page, enable automatic user mapping. The YouTube items include a property called Email, which contains email addresses for users in your organization. If the connector can associate this address with a Microsoft 365 user, the items are imported to that user's mailbox. To map users and complete the connector setup in the Microsoft 365 compliance ce ## Step 4: Monitor the YouTube connector -After you create the YouTube connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the YouTube connector, you can view the connector status in the compliance portal. 1. Go to <https://compliance.microsoft.com/> and click Data connectors in the left nav.
compliance	Archive Zoommeetings Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-zoommeetings-data.md	description: "Admins can set up a connector to import and archive data from Veri # Set up a connector to archive Zoom Meetings data -Use a Veritas connector in the Microsoft 365 compliance center to import and archive data from Zoom Meetings to user mailboxes in your Microsoft 365 organization. Veritas provides a [Zoom Meetings](https://globanet.com/zoom/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content of the meetings (including chats, recorded files, and metadata) from the Zoom Meetings account to an email message format and then imports those items to user mailboxes in Microsoft 365. +Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Zoom Meetings to user mailboxes in your Microsoft 365 organization. Veritas provides a [Zoom Meetings](https://globanet.com/zoom/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content of the meetings (including chats, recorded files, and metadata) from the Zoom Meetings account to an email message format and then imports those items to user mailboxes in Microsoft 365. -After Zoom Meetings data is stored in user mailboxes, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom Meetings connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. +After Zoom Meetings data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom Meetings connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Zoom Meetings data The following overview explains the process of using a connector to archive Zoom 2. Once every 24 hours, meeting items from Zoom Meetings are copied to the Veritas Merge1 site. The connector also converts the content of the meetings to an email message format. -3. The Zoom Meetings connector that you create in the Microsoft 365 compliance center, connects to the Veritas Merge1 every day, and transfers the meeting messages to a secure Azure Storage location in the Microsoft cloud. +3. The Zoom Meetings connector that you create in the compliance portal, connects to the Veritas Merge1 every day, and transfers the meeting messages to a secure Azure Storage location in the Microsoft cloud. 4. The connector imports the converted meeting items to the mailboxes of specific users using the value of the Email property and automatic user mapping, as described in Step 3. A new subfolder in the Inbox folder named Zoom Meetings is created in user mailboxes, and the meeting items are imported to that folder. The connector does this by using the value of the Email property. Every meeting item contains this property, which is populated with the email address of every participant of the meeting. The following overview explains the process of using a connector to archive Zoom For step-by step instructions on how to create the OAuth and JWT applications, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Zoom%20Meetings%20User%20Guide%20.pdf). -- The user who creates the Zoom Meetings connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Zoom Meetings connector in Step 1 (and completes it in Step 3) must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). -- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This Veritas data connector is in public preview in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Set up the Zoom Meetings connector -The first step is to access the Data Connectors in the Microsoft 365 compliance center and create a Zoom Meetings connector. +The first step is to access the Data Connectors in the compliance portal and create a Zoom Meetings connector. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com/) and then click Data connectors > Zoom Meetings. The first step is to access the Data Connectors in the Microsoft 365 complia The second step is to configure the Zoom Meetings connector on the Merge1 site. For more information about how to configure the Zoom Meetings connector on the Veritas Merge1 site, see [Merge1 Third-Party Connectors User Guide](https://docs.ms.merge1.globanetportal.com/Merge1%20Third-Party%20Connectors%20Zoom%20Meetings%20User%20Guide%20.pdf). -After you click Save & Finish, the User mapping page in the connector wizard in the Microsoft 365 compliance center is displayed. +After you click Save & Finish, the User mapping page in the connector wizard in the compliance portal is displayed. ## Step 3: Map users and complete the connector setup After you click Save & Finish, the User mapping page in the connector wi ## Step 4: Monitor the Zoom Meetings connector -After you create the Zoom Meetings connector, you can view the connector status in the Microsoft 365 compliance center. +After you create the Zoom Meetings connector, you can view the connector status in the compliance portal. 1. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and click Data connectors in the left nav.
compliance	Archiving Third Party Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archiving-third-party-data.md	description: "Learn how to import and archive third-party data from social media # Learn about connectors for third-party data -Microsoft 365 lets administrators use data connectors to import and archive non-Microsoft, third-party data from social media platforms, instant messaging platforms, and document collaboration platforms, to mailboxes in your Microsoft 365 organization. One primary benefit of using data connectors to import and archive third-party data in Microsoft 365 is that you can apply various Microsoft 365 compliance solutions to the data after it's been imported. This helps you ensure that your organization's non-Microsoft data is in compliance with the regulations and standards that affect your organization. +Microsoft 365 lets administrators use data connectors to import and archive non-Microsoft, third-party data from social media platforms, instant messaging platforms, and document collaboration platforms, to mailboxes in your Microsoft 365 organization. One primary benefit of using data connectors to import and archive third-party data in Microsoft 365 is that you can apply various Microsoft Purview solutions to the data after it's been imported. This helps you ensure that your organization's non-Microsoft data is in compliance with the regulations and standards that affect your organization. Watch this interactive guide that demonstrates how to create data connectors to import and archive third-party data and examples of applying compliance solutions to data after it's imported to Microsoft 365. Watch this interactive guide that demonstrates how to create data connectors to ## Third-party data connectors -The Microsoft 365 compliance center provides native third-party data connectors from Microsoft to import data from various data sources, such as LinkedIn, Instant Bloomberg, and Twitter and data connectors that support the Insider risk management solution. In addition to these data connectors, Microsoft works with the following partners to provide many more third part data connectors in the Microsoft 365 compliance center. Your organization works with these partners to set up their archiving service before creating a corresponding data connector in the Microsoft 365 compliance center. +The Microsoft Purview compliance portal provides native third-party data connectors from Microsoft to import data from various data sources, such as LinkedIn, Instant Bloomberg, and Twitter and data connectors that support the Insider risk management solution. In addition to these data connectors, Microsoft works with the following partners to provide many more third part data connectors in the compliance portal. Your organization works with these partners to set up their archiving service before creating a corresponding data connector in the compliance portal. - [Veritas](#veritas-data-connectors) The Microsoft 365 compliance center provides native third-party data connectors - [CellTrust](#celltrust-data-connectors) -The third-party data listed in the next sections (except for HR data and physical badging data that is used for the Microsoft 365 Insider risk management solution) is imported into user mailboxes. The Microsoft 365 compliance solutions that support third-party data are applied to the user mailbox where the data is stored. +The third-party data listed in the next sections (except for HR data and physical badging data that is used for the Microsoft 365 Insider risk management solution) is imported into user mailboxes. The Microsoft Purview solutions that support third-party data are applied to the user mailbox where the data is stored. ### Microsoft data connectors -The following table lists the native third-party data connectors available in the Microsoft 365 compliance center. The table also summarizes the compliance solutions that you can apply after you import and archive third-party data in Microsoft 365. See the [Overview of compliance solutions that support third-party data](#overview-of-compliance-solutions-that-support-third-party-data) section for a more detailed description of each compliance solution and how it supports third-party data. +The following table lists the native third-party data connectors available in the compliance portal. The table also summarizes the compliance solutions that you can apply after you import and archive third-party data in Microsoft 365. See the [Overview of compliance solutions that support third-party data](#overview-of-compliance-solutions-that-support-third-party-data) section for a more detailed description of each compliance solution and how it supports third-party data. Click the link in the Third-party data column to go the step-by-step instructions for creating a connector for that data type. The CellTrust SL2 data connector is also available in GCC environments in the Mi ## Overview of compliance solutions that support third-party data -The following sections describe some of the things that the Microsoft 365 compliance solutions can help you to manage the third-party data listed in the previous table. +The following sections describe some of the things that the Microsoft Purview solutions can help you to manage the third-party data listed in the previous table. ### Litigation hold You place a [Litigation hold](create-a-litigation-hold.md) on a user mailbox to ### eDiscovery -The three primary eDiscovery tools in Microsoft 365 are Content search, Core eDiscovery, and Advanced eDiscovery. +The three primary eDiscovery tools in Microsoft 365 are Content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium). - [Content search](content-search.md). You can use the content search tool to search mailboxes for third-party data that you imported. You can use search queries and conditions to narrow your search results, and the export the search results. -- [Core eDiscovery](get-started-core-ediscovery.md). This tool builds on the basic search and export functionality by enabling you to create cases that let you control who can access case data, place a hold on user mailboxes or mailbox content that matches search criteria. That means you can place an eDiscovery hold on the third-party data that was imported to user mailboxes. +- [eDiscovery (Standard)](get-started-core-ediscovery.md). This tool builds on the basic search and export functionality by enabling you to create cases that let you control who can access case data, place a hold on user mailboxes or mailbox content that matches search criteria. That means you can place an eDiscovery hold on the third-party data that was imported to user mailboxes. -- [Advanced eDiscovery](overview-ediscovery-20.md). This powerful tool expands the case functionality of Core eDiscovery by letting you add custodians to a case, placing custodian's data on hold, and then loading a custodian's third-party data into a review for further analysis such as themes and duplicate detection. After you load third-party data into a review set, you can query and filter it to a narrow result set. +- [eDiscovery (Premium)](overview-ediscovery-20.md). This powerful tool expands the case functionality of eDiscovery (Standard) by letting you add custodians to a case, placing custodian's data on hold, and then loading a custodian's third-party data into a review for further analysis such as themes and duplicate detection. After you load third-party data into a review set, you can query and filter it to a narrow result set. - Both Core eDiscovery and Advanced eDiscovery let you manage third-party data that may be relevant to your organization's legal or internal investigations. + Both eDiscovery (Standard) and eDiscovery (Premium) let you manage third-party data that may be relevant to your organization's legal or internal investigations. ### Retention settings Signals from third-party data, like selective HR data, can be used by the [Insid ## Using eDiscovery tools to search for third-party data -After you use data connectors to import and archive third-party data in user mailboxes, you can use Microsoft 365 eDiscovery tools to search for third-party data. You can also eDiscovery tools to create query-based holds associated with Core eDiscovery and Advanced eDiscovery cases to preserve third-party data. For more information about eDiscovery tools, see [eDiscovery solutions in Microsoft 365](ediscovery.md). +After you use data connectors to import and archive third-party data in user mailboxes, you can use Microsoft 365 eDiscovery tools to search for third-party data. You can also eDiscovery tools to create query-based holds associated with eDiscovery (Standard) and eDiscovery (Premium) cases to preserve third-party data. For more information about eDiscovery tools, see [eDiscovery solutions in Microsoft 365](ediscovery.md). To search for (or place a hold on) any type of third-party data that you've imported to user mailboxes using a data connector, you can use the following search query. Be sure to scope the search to user mailboxes. To search for (or place a hold on) any type of third-party data that you've impo kind:externaldata ``` -You can use this query in the Keywords box for a Content search, a search associated with a Core eDiscovery case, or a collection in Advanced eDiscovery. +You can use this query in the Keywords box for a Content search, a search associated with a eDiscovery (Standard) case, or a collection in eDiscovery (Premium). ![Query to search for third-party data.](..\media\SearchThirdPartyData1.png)
compliance	Assessment In Relevance In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assessment-in-relevance-in-advanced-ediscovery.md	Title: "Understand Assessment in Relevance in Advanced eDiscovery" + Title: "Understand Assessment in Relevance in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: 1d33d4fb-91ed-41c0-b72e-5a26eca3a2a7 -description: "Get an overview of the Assessment stage and its role in determining the richness of issues during Relevance training in Microsoft 365 Advanced eDiscovery." +description: "Get an overview of the Assessment stage and its role in determining the richness of issues during Relevance training in Microsoft Purview eDiscovery (Premium)." -# Assessment in the Relevance module in Advanced eDiscovery +# Assessment in the Relevance module in eDiscovery (Premium) -Advanced eDiscovery enables early assessment, for example, for the defined issues and the data imported for a case. Advanced eDiscovery lets the expert make decisions about an adopted approach and to apply these decisions to the document review project. +Microsoft Purview eDiscovery (Premium) enables early assessment, for example, for the defined issues and the data imported for a case. eDiscovery (Premium) lets the expert make decisions about an adopted approach and to apply these decisions to the document review project. ## Understanding assessment -In Assessment, the expert reviews a random set of at least 500 files, which are used to determine the richness of the issues and to produce statistics that reflect the training results. Assessment is successful when enough relevant files are found to reach a statistical level that will help Advanced eDiscovery Relevance to provide accurate statistics and to effectively determine the stabilization point in the training process. +In Assessment, the expert reviews a random set of at least 500 files, which are used to determine the richness of the issues and to produce statistics that reflect the training results. Assessment is successful when enough relevant files are found to reach a statistical level that will help eDiscovery (Premium) Relevance to provide accurate statistics and to effectively determine the stabilization point in the training process. The higher the number of relevant files in the assessment set, the more accurate the statistics and the effectiveness of the stability algorithm. The number of relevant files within the assessment files depends on the richness of the issue. Richness is the estimated percent of relevant files in the set relevant to an issue. Issues with higher richness will reach a higher number of relevant files more quickly than issues with lower richness. Issues with extremely low richness (for example, 2% or less) will require a very large assessment set to reach a significant number of Relevant files.
compliance	Assign Ediscovery Permissions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assign-ediscovery-permissions.md	Title: "Assign eDiscovery permissions in the Microsoft 365 compliance center" + Title: "Assign eDiscovery permissions in the Microsoft Purview compliance portal" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: 5b9a067b-9d2e-4aa5-bb33-99d8c0d0b5d7 -description: "Assign the permissions required to perform eDiscovery-related tasks using the Microsoft 365 compliance center." +description: "Assign the permissions required to perform eDiscovery-related tasks using the Microsoft Purview compliance portal." - seo-marvel-apr2020 - admindeeplinkCOMPLIANCE -# Assign eDiscovery permissions in the Microsoft 365 compliance center +# Assign eDiscovery permissions in the compliance portal -If you want people to use any of the [eDiscovery-related tools](ediscovery.md) in the Microsoft 365 compliance center, you have to assign them the appropriate permissions. The easiest way to do this is to add the person the appropriate role group on the Permissions page in the compliance center. This topic describes the permissions required to perform eDiscovery tasks. +If you want people to use any of the [eDiscovery-related tools](ediscovery.md) in the Microsoft Purview compliance portal, you have to assign them the appropriate permissions. The easiest way to do this is to add the person the appropriate role group on the Permissions page in the compliance center. This topic describes the permissions required to perform eDiscovery tasks. -The primary eDiscovery-related role group in Microsoft 365 compliance center is called eDiscovery Manager. There are two subgroups within this role group. +The primary eDiscovery-related role group in compliance portal is called eDiscovery Manager. There are two subgroups within this role group. -- eDiscovery Manager - An eDiscovery Manager can use eDiscovery search tools to search content locations in the organization, and perform various search-related actions such as preview and export search results. Members can also create and manage cases in Core eDiscovery and Advanced eDiscovery, add and remove members to a case, create case holds, run searches associated with a case, and access case data. eDiscovery Managers can only access and manage the cases they create. They can't access or manage cases created by other eDiscovery Managers. +- eDiscovery Manager - An eDiscovery Manager can use eDiscovery search tools to search content locations in the organization, and perform various search-related actions such as preview and export search results. Members can also create and manage cases in Microsoft Purview eDiscovery (Standard) and Microsoft Purview eDiscovery (Premium), add and remove members to a case, create case holds, run searches associated with a case, and access case data. eDiscovery Managers can only access and manage the cases they create. They can't access or manage cases created by other eDiscovery Managers. - eDiscovery Administrator - An eDiscovery Administrator is a member of the eDiscovery Manager role group, and can perform the same content search and case management-related tasks that an eDiscovery Manager can perform. Additionally, an eDiscovery Administrator can: - - Access all cases that are listed on the Core eDiscovery and Advanced eDiscovery pages in the Microsoft 365 compliance center. + - Access all cases that are listed on the eDiscovery (Standard) and eDiscovery (Premium) pages in the compliance portal. - - Access case data in Advanced eDiscovery for any case in the organization. + - Access case data in eDiscovery (Premium) for any case in the organization. - Manage any eDiscovery case after they add themselves as a member of the case. The primary eDiscovery-related role group in Microsoft 365 compliance center is For reasons why you might want eDiscovery Administrators in your organization, see [More information](#more-information). > [!NOTE] -> To analyze a user's data using Advanced eDiscovery, the user (the custodian of the data) must be assigned an Office 365 E5 or Microsoft 365 E5 license. Alternatively, users with an Office 365 E1 or a Office 365 or Microsoft 365 E3 license can be assigned a Microsoft 365 E5 Compliance or Microsoft 365 eDiscovery and Audit add-on license. Administrators, compliance officers, or legal personnel who are assigned to cases as members and use Advanced eDiscovery to collect, view, and analyze data don't need an E5 license. For more information about Advanced eDiscovery licensing, see [Subscriptions and licensing in Advanced eDiscovery](overview-ediscovery-20.md#subscriptions-and-licensing). +> To analyze a user's data using eDiscovery (Premium), the user (the custodian of the data) must be assigned an Office 365 E5 or Microsoft 365 E5 license. Alternatively, users with an Office 365 E1 or a Office 365 or Microsoft 365 E3 license can be assigned a Microsoft 365 E5 Compliance or Microsoft 365 eDiscovery and Audit add-on license. Administrators, compliance officers, or legal personnel who are assigned to cases as members and use eDiscovery (Premium) to collect, view, and analyze data don't need an E5 license. For more information about eDiscovery (Premium) licensing, see [Subscriptions and licensing in eDiscovery (Premium)](overview-ediscovery-20.md#subscriptions-and-licensing). ## Before you assign permissions -- You have to be a member of the Organization Management role group or be assigned the Role Management role to assign eDiscovery permissions in the Microsoft 365 compliance center. +- You have to be a member of the Organization Management role group or be assigned the Role Management role to assign eDiscovery permissions in the compliance portal. - You can use the [Add-RoleGroupMember](/powershell/module/exchange/Add-RoleGroupMember) cmdlet in Security & Compliance Center PowerShell to add a mail-enabled security group as a member of the eDiscovery Managers subgroup in the eDiscovery Manager role group. However, you can't add a mail-enabled security group to the eDiscovery Administrators subgroup. For details, see [More information](#more-information). ## Assign eDiscovery permissions -1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using an account that can assign permissions. +1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a> and sign in using an account that can assign permissions. 2. In the left pane, select Permissions. The primary eDiscovery-related role group in Microsoft 365 compliance center is To make a user an eDiscovery Administrator: Next to eDiscovery Administrator, select Edit. On the Choose eDiscovery Administrator page, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) Add. Select the user (or users) you want to add as an eDiscovery Administrator, and then Add. When you're finished adding users, select Done. Then, on the Editing Choose eDiscovery Administrator wizard page, select Save to save the changes to the eDiscovery Administrator membership. > [!NOTE] -> You can also use the Add-eDiscoveryCaseAdmin cmdlet to make a user an eDiscovery Administrator. However, the user must be assigned the Case Management role before you can use this cmdlet to make them an eDiscovery Administrator. For more information, see [Add-eDiscoveryCaseAdmin](/powershell/module/exchange/add-ediscoverycaseadmin). +> You can also use the Add-eDiscoveryCaseAdmin cmdlet to make a user an eDiscovery Administrator. However, the user must be assigned the Case Management role before you can use this cmdlet to make them an eDiscovery Administrator. For more information, see [Add-eDiscoveryCaseAdmin](/powershell/module/exchange/add-ediscoverycaseadmin). -On the Permissions page in the Microsoft 365 compliance center, you can also assign users eDiscovery-related permissions by adding them to the Compliance Administrator, Organization Management, and Reviewer role groups. For a description of the eDiscovery-related RBAC roles assigned to each of these role groups, see [RBAC roles related to eDiscovery](#rbac-roles-related-to-ediscovery). +On the Permissions page in the compliance portal, you can also assign users eDiscovery-related permissions by adding them to the Compliance Administrator, Organization Management, and Reviewer role groups. For a description of the eDiscovery-related RBAC roles assigned to each of these role groups, see [RBAC roles related to eDiscovery](#rbac-roles-related-to-ediscovery). ## RBAC roles related to eDiscovery -The following table lists the eDiscovery-related RBAC roles in the Microsoft 365 compliance center, and indicates the built-in role groups that each role is assigned to by default. +The following table lists the eDiscovery-related RBAC roles in the compliance portal, and indicates the built-in role groups that each role is assigned to by default. \| Role \| Compliance Administrator \| eDiscovery Manager & Administrator \| Organization Management \| Reviewer \| \|:--\|:--:\|:--:\|:--:\|:--:\| The following sections describe each of the eDiscovery-related RBAC roles listed ### Case Management -This role lets users create, edit, delete, and control access to Core eDiscovery and Advanced eDiscovery cases in the Microsoft 365 compliance center. As previously explained, a user must be assigned the Case Management role before you can use the Add-eDiscoveryCaseAdmin cmdlet to make them an eDiscovery Administrator. +This role lets users create, edit, delete, and control access to eDiscovery (Standard) and eDiscovery (Premium) cases in the compliance portal. As previously explained, a user must be assigned the Case Management role before you can use the Add-eDiscoveryCaseAdmin cmdlet to make them an eDiscovery Administrator. For more information, see: -- [Get started with Core eDiscovery](get-started-core-ediscovery.md) +- [Get started with eDiscovery (Standard)](get-started-core-ediscovery.md) -- [Get started with Advanced eDiscovery](get-started-with-advanced-ediscovery.md) +- [Get started with eDiscovery (Premium)](get-started-with-advanced-ediscovery.md) ### Communication -This role lets users manage all communications with the custodians identified in an Advanced eDiscovery case. This includes creating hold notifications, hold reminders, and escalations to management. The user can also track custodian acknowledgment of hold notifications and manage access to the custodian portal that is used by each custodian to track communications for the cases where they were identified as a custodian. +This role lets users manage all communications with the custodians identified in an eDiscovery (Premium) case. This includes creating hold notifications, hold reminders, and escalations to management. The user can also track custodian acknowledgment of hold notifications and manage access to the custodian portal that is used by each custodian to track communications for the cases where they were identified as a custodian. -For more information, see [Work with communications in Advanced eDiscovery](managing-custodian-communications.md). +For more information, see [Work with communications in eDiscovery (Premium)](managing-custodian-communications.md). ### Compliance Search -This role lets users run the Content Search tool in the Microsoft 365 compliance center to search mailboxes and public folders, SharePoint Online sites, OneDrive for Business sites, Skype for Business conversations, Microsoft 365 groups, and Microsoft Teams, and Yammer groups. This role allows a user to get an estimate of the search results and create export reports, but other roles are needed to initiate content search actions such as previewing, exporting, or deleting search results. +This role lets users run the Content Search tool in the compliance portal to search mailboxes and public folders, SharePoint Online sites, OneDrive for Business sites, Skype for Business conversations, Microsoft 365 groups, and Microsoft Teams, and Yammer groups. This role allows a user to get an estimate of the search results and create export reports, but other roles are needed to initiate content search actions such as previewing, exporting, or deleting search results. -In Content search and Core eDiscovery, users who are assigned the Compliance Search role but don't have the Preview role can preview the results of a search in which the preview action has been initiated by a user who is assigned the Preview role. The user without the Preview role can preview results for up to two weeks after the initial preview action was created. +In Content search and eDiscovery (Standard), users who are assigned the Compliance Search role but don't have the Preview role can preview the results of a search in which the preview action has been initiated by a user who is assigned the Preview role. The user without the Preview role can preview results for up to two weeks after the initial preview action was created. -Similarly, users in Content search and Core eDiscovery who are assigned the Compliance Search role but don't have the Export role can download the results of a search in which the export action was initiated by a user who is assigned the Export role. The user without the Export role can download the results of a search for up to two weeks after the initial export action was created. After that, they can't download the results unless someone with the Export role restarts the export. +Similarly, users in Content search and eDiscovery (Standard) who are assigned the Compliance Search role but don't have the Export role can download the results of a search in which the export action was initiated by a user who is assigned the Export role. The user without the Export role can download the results of a search for up to two weeks after the initial export action was created. After that, they can't download the results unless someone with the Export role restarts the export. -The two-week grace period for previewing and exporting search results (without the corresponding search and export roles) doesn't apply to Advanced eDiscovery. Users must be assigned the Preview and Export roles to preview and export content in Advanced eDiscovery. +The two-week grace period for previewing and exporting search results (without the corresponding search and export roles) doesn't apply to eDiscovery (Premium). Users must be assigned the Preview and Export roles to preview and export content in eDiscovery (Premium). ### Custodian -This role lets users identify and manage custodians for Advanced eDiscovery cases and use the information from Azure Active Directory and other sources to find data sources associated with custodians. The user can associate other data sources such as mailboxes, SharePoint sites, and Teams with custodians in a case. The user can also place a legal hold on the data sources associated with custodians to preserve content in the context of a case. +This role lets users identify and manage custodians for eDiscovery (Premium) cases and use the information from Azure Active Directory and other sources to find data sources associated with custodians. The user can associate other data sources such as mailboxes, SharePoint sites, and Teams with custodians in a case. The user can also place a legal hold on the data sources associated with custodians to preserve content in the context of a case. -For more information, see [Work with custodians in Advanced eDiscovery](managing-custodians.md). +For more information, see [Work with custodians in eDiscovery (Premium)](managing-custodians.md). ### Export -The role lets users export the results of a Content Search to a local computer. It also lets them prepare search results for analysis in Advanced eDiscovery. +The role lets users export the results of a Content Search to a local computer. It also lets them prepare search results for analysis in eDiscovery (Premium). -For more information about exporting search results, see [Export search results from Microsoft 365 compliance center](export-search-results.md). +For more information about exporting search results, see [Export search results from Microsoft Purview compliance portal](export-search-results.md). ### Hold This role lets users place content on hold in mailboxes, public folders, sites, For more information about holds, see: -- [Create a hold in Core eDiscovery](create-ediscovery-holds.md) +- [Create a hold in eDiscovery (Standard)](create-ediscovery-holds.md) -- [Create a hold in Advanced eDiscovery](add-custodians-to-case.md) +- [Create a hold in eDiscovery (Premium)](add-custodians-to-case.md) ### Preview This role lets users view a list of items that were returned from a Content Sear ### Review -This role lets users access review sets in [Advanced eDiscovery](overview-ediscovery-20.md). Users who are assigned this role can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft 365 compliance center that they're members of. After the user accesses an Advanced eDiscovery case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Users with this role can only access the data in a review set. +This role lets users access review sets in [eDiscovery (Premium)](overview-ediscovery-20.md). Users who are assigned this role can see and open the list of cases on the eDiscovery > Advanced page in the compliance portal that they're members of. After the user accesses an eDiscovery (Premium) case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Users with this role can only access the data in a review set. ### RMS Decrypt -This role lets users view rights-protected email messages when previewing search results and export decrypted rights-protected email messages. This role also lets users view (and export) a file that's encrypted with a [Microsoft encryption technology](encryption.md) when the encrypted file is attached to an email message that's included in the results of an eDiscovery search. Additionally, this role lets users review and query encrypted email attachments that are added to a review set in Advanced eDiscovery. For more information about decryption in eDiscovery, see [Decryption in Microsoft 365 eDiscovery tools](ediscovery-decryption.md). +This role lets users view rights-protected email messages when previewing search results and export decrypted rights-protected email messages. This role also lets users view (and export) a file that's encrypted with a [Microsoft encryption technology](encryption.md) when the encrypted file is attached to an email message that's included in the results of an eDiscovery search. Additionally, this role lets users review and query encrypted email attachments that are added to a review set in eDiscovery (Premium). For more information about decryption in eDiscovery, see [Decryption in Microsoft 365 eDiscovery tools](ediscovery-decryption.md). ### Search And Purge This role lets users perform bulk removal of data matching the criteria of a con ## Adding role groups as members of eDiscovery cases -You can add role groups as members of Core eDiscovery and Advanced eDiscovery cases so that members of the role groups can access and perform tasks in the assigned cases. The roles assigned to the role group define what members of the role group can do. Then adding a role group as a member of the case lets members access and perform those tasks in a specific case. For more information about adding role groups as members of cases, see: +You can add role groups as members of eDiscovery (Standard) and eDiscovery (Premium) cases so that members of the role groups can access and perform tasks in the assigned cases. The roles assigned to the role group define what members of the role group can do. Then adding a role group as a member of the case lets members access and perform those tasks in a specific case. For more information about adding role groups as members of cases, see: -- [Get started with Core eDiscovery](get-started-core-ediscovery.md#step-4-optional-add-members-to-a-core-ediscovery-case) +- [Get started with eDiscovery (Standard)](get-started-core-ediscovery.md#step-4-optional-add-members-to-a-ediscovery-standard-case) -- [Add or remove members from an Advanced eDiscovery case](add-or-remove-members-from-a-case-in-advanced-ediscovery.md) +- [Add or remove members from an eDiscovery (Premium) case](add-or-remove-members-from-a-case-in-advanced-ediscovery.md) With this in mind, it's important to know that if a role is added or removed from a role group, then that role group will be automatically removed as a member of any case the role group is a member of. The reason for this is to protect your organization from inadvertently providing additional permissions to members of a case. Similarly, if a role group is deleted, it will be removed from all cases it was a member of. Before you add or remove roles to a role group that may be a member of an eDiscovery case, you can run the following commands in [Security & Compliance PowerShell](/powershell/exchange/connect-to-scc-powershell) to get a list of cases the role group is a member of. After you update the role group, you add the role group back as a member of those cases. -### Get a list of Core eDiscovery cases a role group is assigned to +### Get a list of eDiscovery (Standard) cases a role group is assigned to ```powershell Get-ComplianceCase -RoleGroup "Name of role group" ``` -### Get a list of Advanced eDiscovery cases a role group is assigned to +### Get a list of eDiscovery (Premium) cases a role group is assigned to ```powershell Get-ComplianceCase -RoleGroup "Name of role group" -CaseType AdvancedEdiscovery Get-ComplianceCase -RoleGroup "Name of role group" -CaseType AdvancedEdiscovery - If a person who is the only member of an eDiscovery case leaves your organization, no one (including members of the Organization Management role group or another member of the eDiscovery Manager role group) can access that eDiscovery case because they aren't a member of a case. In this situation, there would be no way to access the data in the case. But because an eDiscovery Administrator can access all eDiscovery cases in the organization, they can view the case and add themselves or another eDiscovery manager as a member of the case. - - Because an eDiscovery Administrator can view and access all Core eDiscovery and Advanced eDiscovery cases, they can audit and oversee all cases and associated compliance searches. This can help to prevent any misuse of compliance searches or eDiscovery cases. And because eDiscovery Administrators can access potentially sensitive information in the results of a compliance search, you should limit the number of people who are eDiscovery Administrators. + - Because an eDiscovery Administrator can view and access all eDiscovery (Standard) and eDiscovery (Premium) cases, they can audit and oversee all cases and associated compliance searches. This can help to prevent any misuse of compliance searches or eDiscovery cases. And because eDiscovery Administrators can access potentially sensitive information in the results of a compliance search, you should limit the number of people who are eDiscovery Administrators. - Can I add a group as a member of the eDiscovery Manager role group? As previously explained, you can add a mail-enabled security group as a member of the eDiscovery Managers subgroup in the eDiscovery Manager role group by using the Add-RoleGroupMember cmdlet in Security & Compliance Center PowerShell. For example, you can run the following command to add a mail-enabled security group to the eDiscovery Manager role group.
compliance	Attorney Privilege Detection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/attorney-privilege-detection.md	Title: "Set up attorney-client privilege detection in Advanced eDiscovery" + Title: "Set up attorney-client privilege detection in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use the attorney-client privilege detection model to use the machine learning-based detection of privileged content when reviewing content in an Advanced eDiscovery case." +description: "Use the attorney-client privilege detection model to use the machine learning-based detection of privileged content when reviewing content in a Microsoft Purview eDiscovery (Premium) case." -# Set up attorney-client privilege detection in Advanced eDiscovery +# Set up attorney-client privilege detection in eDiscovery (Premium) -A major and costly aspect of the review phase of any eDiscovery process is reviewing documents for privileged content. Advanced eDiscovery provides machine learning-based detection of privileged content to make this process more efficient. This feature is called attorney-client privilege detection. +A major and costly aspect of the review phase of any eDiscovery process is reviewing documents for privileged content. Microsoft Purview eDiscovery (Premium) provides machine learning-based detection of privileged content to make this process more efficient. This feature is called attorney-client privilege detection. ## How does it work? To enable the attorney-client privilege detection model, your organization has t ### Step 1: Turn on attorney-client privilege detection -A person who is an eDiscovery Administrator in your organization (a member of the eDiscovery Administrator subgroup in the eDiscovery Manager role group) must make the model available in your Advanced eDiscovery cases. +A person who is an eDiscovery Administrator in your organization (a member of the eDiscovery Administrator subgroup in the eDiscovery Manager role group) must make the model available in your eDiscovery (Premium) cases. -1. In the Microsoft 365 compliance center, go to [Advanced eDiscovery](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click Advanced eDiscovery settings. +1. In the Microsoft Purview compliance portal, go to [eDiscovery (Premium)](https://go.microsoft.com/fwlink/p/?linkid=2173764), and then click eDiscovery (Premium) settings. - ![Select Advanced eDiscovery settings](..\media\HistoricalVersions1.png) + ![Select eDiscovery (Premium) settings](..\media\HistoricalVersions1.png) 2. On the Settings page, select the Analytics tab, and then switch the Attorney-client privilege detection toggle to on. To upload an attorney list for use by the attorney-client privilege detection mo 1. Create a .csv file (without a header row) and add the email address for each appropriate person on a separate line. Save this file to your local computer. -2. On the Advanced eDiscovery Settings page, select the Analytics tab. +2. On the eDiscovery (Premium) Settings page, select the Analytics tab. The Attorney-client privilege page is displayed, and the Attorney-client privilege detection toggle is turned on. Follow the steps in this section to use attorney-client privilege detection for ### Step 1: Create a smart tag group with attorney-client privilege detection model -One of the primary ways to see the results of attorney-client privilege detection in your review process is by using a smart tag group. A smart tag group indicates the results of the attorney-client privilege detection and shows the results in-line next to the tags in a smart tag group. This lets you quickly identify potentially privileged documents during document review. Additionally, you can also use the tags in the smart tag group to tag documents as privileged or non-privileged. For more information about smart tags, see [Set up smart tags in Advanced eDiscovery](smart-tags.md). +One of the primary ways to see the results of attorney-client privilege detection in your review process is by using a smart tag group. A smart tag group indicates the results of the attorney-client privilege detection and shows the results in-line next to the tags in a smart tag group. This lets you quickly identify potentially privileged documents during document review. Additionally, you can also use the tags in the smart tag group to tag documents as privileged or non-privileged. For more information about smart tags, see [Set up smart tags in eDiscovery (Premium)](smart-tags.md). 1. In the review set that contains the documents that you analyzed in Step 1, select Manage review set and then select Manage tags. One of the primary ways to see the results of attorney-client privilege detectio ### Step 2: Analyze a review set -When you analyze the documents in a review set, the attorney-client privilege detection model will also run and the corresponding properties (described in [How does it work?](#how-does-it-work)) will be added to every document in the review set. For more information about analyzing data in review set, see [Analyze data in a review set in Advanced eDiscovery](analyzing-data-in-review-set.md). +When you analyze the documents in a review set, the attorney-client privilege detection model will also run and the corresponding properties (described in [How does it work?](#how-does-it-work)) will be added to every document in the review set. For more information about analyzing data in review set, see [Analyze data in a review set in eDiscovery (Premium)](analyzing-data-in-review-set.md). ### Step 3: Use the smart tag group for review of privileged content
compliance	Audit Log Retention Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-retention-policies.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Audit log retention policies are part of the new Advanced Audit capabilities in Microsoft 365. An audit log retention policy lets you specify how long to retain audit logs in your organization." +description: "Audit log retention policies are part of the new Microsoft Purview Audit (Premium) capabilities. An audit log retention policy lets you specify how long to retain audit logs in your organization." # Manage audit log retention policies -You can create and manage audit log retention policies in the Microsoft 365 compliance center. Audit log retention policies are part of the new Advanced Audit capabilities in Microsoft 365. An audit log retention policy lets you specify how long to retain audit logs in your organization. You can retain audit logs for up to 10 years. You can create policies based on the following criteria: +You can create and manage audit log retention policies in the Microsoft Purview compliance portal. Audit log retention policies are part of the new Microsoft Purview Audit (Premium) capabilities. An audit log retention policy lets you specify how long to retain audit logs in your organization. You can retain audit logs for up to 10 years. You can create policies based on the following criteria: - All activities in one or more Microsoft 365 services - Specific activities (in a Microsoft 365 service) performed by all users or by specific users You can create and manage audit log retention policies in the Microsoft 365 comp ## Default audit log retention policy -Advanced Audit in Microsoft 365 provides a default audit log retention policy for all organizations. This policy retains all Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory audit records for one year. This default policy retains audit records that contain the value of Exchange, SharePoint, OneDrive, AzureActiveDirectory for the Workload property (which is the service in which the activity occurred). The default policy can't be modified. See the [More information](#more-information) section in this article for a list of record types for each workload that are included in the default policy. +Audit (Premium) in Microsoft 365 provides a default audit log retention policy for all organizations. This policy retains all Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory audit records for one year. This default policy retains audit records that contain the value of Exchange, SharePoint, OneDrive, AzureActiveDirectory for the Workload property (which is the service in which the activity occurred). The default policy can't be modified. See the [More information](#more-information) section in this article for a list of record types for each workload that are included in the default policy. > [!NOTE] > The default audit log retention policy only applies to audit records for activity performed by users who are assigned an Office 365 or Microsoft 365 E5 license or have a Microsoft 365 E5 Compliance or E5 eDiscovery and Audit add-on license. If you have non-E5 users or guest users in your organization, their corresponding audit records are retained for 90 days. ## Before you create an audit log retention policy -- You have to be assigned the Organization Configuration role in the Microsoft 365 compliance center to create or modify an audit retention policy. +- You have to be assigned the Organization Configuration role in the compliance portal to create or modify an audit retention policy. - You can have a maximum of 50 audit log retention policies in your organization. Advanced Audit in Microsoft 365 provides a default audit log retention policy fo ## Create an audit log retention policy -1. Go to <https://compliance.microsoft.com> and sign in with a user account that's assigned the Organization Configuration role on the Permissions page in the Microsoft 365 compliance center. +1. Go to <https://compliance.microsoft.com> and sign in with a user account that's assigned the Organization Configuration role on the Permissions page in the compliance portal. -2. In the left pane of the Microsoft 365 compliance center, click Audit. +2. In the left pane of the compliance portal, click Audit. 3. Click the Audit retention policies tab. Advanced Audit in Microsoft 365 provides a default audit log retention policy fo The new policy is displayed in the list on the Audit retention policies tab. -## Manage audit log retention policies in the Microsoft 365 compliance center +## Manage audit log retention policies in the compliance portal Audit log retention policies are listed on the Audit retention policies tab (also called the dashboard). You can use the dashboard to view, edit, and delete audit retention policies.
compliance	Audit Log Search Script	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-search-script.md	Security, compliance, and auditing have become a top priority for IT administrat - [The Office 365 Management Activity API](/office/office-365-management-api/office-365-management-activity-api-reference) -- The [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft 365 compliance center +- The [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft Purview compliance portal - The [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) cmdlet in Exchange Online PowerShell -If you need to retrieve audit logs on a regular basis, you should consider a solution that uses the Office 365 Management Activity API because it that can provide large organizations with the scalability and performance to retrieve millions of audit records on an ongoing basis. Using the audit log search tool in Microsoft 365 compliance center is a good way to quickly find audit records for specific operations that occur in shorter time range. Using longer time ranges in the audit log search tool, especially for large organizations, might return too many records to easily manage or export. +If you need to retrieve audit logs on a regular basis, you should consider a solution that uses the Office 365 Management Activity API because it that can provide large organizations with the scalability and performance to retrieve millions of audit records on an ongoing basis. Using the audit log search tool in compliance portal is a good way to quickly find audit records for specific operations that occur in shorter time range. Using longer time ranges in the audit log search tool, especially for large organizations, might return too many records to easily manage or export. When there are situations where you need to manually retrieve auditing data for a specific investigation or incident, particularly for longer date ranges in larger organizations, using the Search-UnifiedAuditLog cmdlet may be the best option. This article includes a PowerShell script that uses the cmdlet that can retrieve 50,000 audit records (each time you run the cmdlet) and then export them to a CSV file that you can format using Power Query in Excel to help with your review. Using the script in this article also minimizes the chance that large audit log searches will time out in the service.
compliance	Auditing Solutions Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-solutions-overview.md	Title: "Microsoft 365 auditing solutions" + Title: "Microsoft Purview auditing solutions" f1.keywords: - NOCSH description: "Learn how to audit the activities of users and administrators in y -# Auditing solutions in Microsoft 365 +# Auditing solutions in Microsoft Purview -Microsoft 365 auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization. +Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization. -## Microsoft 365 auditing solutions +## Microsoft Purview auditing solutions -Microsoft 365 provides two auditing solutions: Basic Audit and Advanced Audit. +Microsoft Purview provides two auditing solutions: Audit (Standard) and Audit (Premium). -![Key capabilities of Basic Audit and Advanced Audit.](..\media\AuditingSolutionsComparison.png) +![Key capabilities of Audit (Standard) and Audit (Premium).](..\media\AuditingSolutionsComparison.png) -### Basic Audit +### Audit (Standard) -Basic Audit provides with you with the ability to log and search for audited activities and power your forensic, IT, compliance, and legal investigations. +Microsoft Purview Audit (Standard) provides with you with the ability to log and search for audited activities and power your forensic, IT, compliance, and legal investigations. -- Enabled by default. Basic Audit is turned on by default for all organizations with the appropriate subscription. That means records for audited activities will be captured and searchable. The only setup that required is to assign the necessary permissions to access the audit log search tool (and the corresponding cmdlet) and make sure that user's are assigned the right license for Advanced Audit features. +- Enabled by default. Audit (Standard) is turned on by default for all organizations with the appropriate subscription. That means records for audited activities will be captured and searchable. The only setup that required is to assign the necessary permissions to access the audit log search tool (and the corresponding cmdlet) and make sure that user's are assigned the right license for Microsoft Purview Audit (Premium) features. - Thousands of searchable audit events. You can search for a wide-range of audited activities that occur is most of the Microsoft 365 services in your organization. For a partial list of the activities you can search for, see [Audited activities](search-the-audit-log-in-security-and-compliance.md#audited-activities). For a list of the services and features that support audited activities, see [Audit log record type](/office/office-365-management-api/office-365-management-activity-api-schema#auditlogrecordtype).-- Audit search tool in the Microsoft 365 compliance center. Use the Audit log search tool in the Microsoft 365 compliance center to search for audit records. You can search for specific activities, for activities performed by specific users, and activities that occurred with a date range. Here's a screenshot of the Audit search tool in the compliance center. +- Audit search tool in the Microsoft Purview compliance portal. Use the Audit log search tool in the compliance portal to search for audit records. You can search for specific activities, for activities performed by specific users, and activities that occurred with a date range. Here's a screenshot of the Audit search tool in the compliance center. - ![Audit log search tool in the Microsoft 365 compliance center.](../media/AuditLogSearchToolMCC.png) + ![Audit log search tool in the compliance portal.](../media/AuditLogSearchToolMCC.png) - Search-UnifiedAuditLog cmdlet. You can also use the Search-UnifiedAuditLog cmdlet in Exchange Online PowerShell (the underlying cmdlet for the search tool) to search for audit events or to use in a script. For more information, see: Basic Audit provides with you with the ability to log and search for audited act - Access to audit logs via Office 365 Management Activity API. A third method for accessing and retrieving audit records is to use the Office 365 Management Activity API. This lets organizations retain auditing data for longer periods than the default 90 days and lets them import their auditing data to a SIEM solution. For more information, see [Office 365 Management Activity API reference](/office/office-365-management-api/office-365-management-activity-api-reference). -- 90-day audit log retention. When an audited activity is performed by a user or admin, an audit record is generated and stored in the audit log for your organization. In Basic Audit, records are retained for 90 days, which means you can search for activities that occurred within the past three months. +- 90-day audit log retention. When an audited activity is performed by a user or admin, an audit record is generated and stored in the audit log for your organization. In Audit (Standard), records are retained for 90 days, which means you can search for activities that occurred within the past three months. -### Advanced Audit +### Audit (Premium) -Advanced Audit builds on the capabilities of Basic Audit by providing audit log retention policies, longer retention of audit records, high-value crucial events, and higher bandwidth access to the Office 365 Management Activity API. +Audit (Premium) builds on the capabilities of Audit (Standard) by providing audit log retention policies, longer retention of audit records, high-value crucial events, and higher bandwidth access to the Office 365 Management Activity API. - Audit log retention policies. You can create customized audit log retention policies to retain audit records for longer periods of time up to one year (and up to 10 years for users with required add-on license). You can create a policy to retain audit records based the service where the audited activities occur, specific audited activities, or the user who performs an audited activity. - Longer retention of audit records. Exchange, SharePoint, and Azure Active Directory audit records are retained for one year by default. Audit records for all other activities are retained for 90 days by default, or you can use audit log retention policies to configure longer retention periods. -- High-value, crucial Advanced Audit events. Audit records for crucial events can help your organization conduct forensic and compliance investigations by providing visibility to events such as when mail items were accessed, or when mail items were replied to and forwarded, or when and what a user searched for in Exchange Online and SharePoint Online. These crucial events can help you investigate possible breaches and determine the scope of compromise. +- High-value, crucial Audit (Premium) events. Audit records for crucial events can help your organization conduct forensic and compliance investigations by providing visibility to events such as when mail items were accessed, or when mail items were replied to and forwarded, or when and what a user searched for in Exchange Online and SharePoint Online. These crucial events can help you investigate possible breaches and determine the scope of compromise. -- Higher bandwidth to the Office 365 Management Activity API. Advanced Audit provides organizations with more bandwidth to access auditing logs through the Office 365 Management Activity API. Although all organizations (that have Basic Audit or Advanced Audit) are initially allocated a baseline of 2,000 requests per minute, this limit will dynamically increase depending on an organization's seat count and their licensing subscription. This results in organizations with Advanced Audit getting about twice the bandwidth as organizations with Basic Audit. +- Higher bandwidth to the Office 365 Management Activity API. Audit (Premium) provides organizations with more bandwidth to access auditing logs through the Office 365 Management Activity API. Although all organizations (that have Audit (Standard) or Audit (Premium)) are initially allocated a baseline of 2,000 requests per minute, this limit will dynamically increase depending on an organization's seat count and their licensing subscription. This results in organizations with Audit (Premium) getting about twice the bandwidth as organizations with Audit (Standard). -For more detailed information about Advanced Audit features, see [Advanced Audit in Microsoft 365](advanced-audit.md). +For more detailed information about Audit (Premium) features, see [Audit (Premium) in Microsoft 365](advanced-audit.md). ## Comparison of key capabilities -The following table compares the key capabilities available in Basic Audit and Advanced Audit. All Basic Audit functionality is included in Advanced Audit. +The following table compares the key capabilities available in Audit (Standard) and Audit (Premium). All Audit (Standard) functionality is included in Audit (Premium). -\|Capability\|Basic Audit\|Advanced Audit\| +\|Capability\|Audit (Standard)\|Audit (Premium)\| \|:\|:-\|:-\| \|Enabled by default\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| \|Thousands of searchable audit events\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| -\|Audit search tool in the Microsoft 365 compliance center\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| +\|Audit search tool in the compliance portal\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| \|Search-UnifiedAuditLog cmdlet\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| \|Export audit records to CSV file\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| \|Access to audit logs via Office 365 Management Activity API <sup>1</sup>\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)</sup>\| The following table compares the key capabilities available in Basic Audit and A \|High-value, crucial events\|\|![Supported](../media/check-mark.png)\| \|\|\|\| > [!NOTE] -> <sup>1</sup> Advanced Audit includes higher bandwidth access to the Office 365 Management Activity API, which provides faster access to audit data.<br/><sup>2</sup> In addition to the required licensing for Advanced Audit (described in the next section), a user must be assigned a 10-Year Audit Log Retention add on license to retain their audit records for 10 years. +> <sup>1</sup> Audit (Premium) includes higher bandwidth access to the Office 365 Management Activity API, which provides faster access to audit data.<br/><sup>2</sup> In addition to the required licensing for Audit (Premium) (described in the next section), a user must be assigned a 10-Year Audit Log Retention add on license to retain their audit records for 10 years. ## Licensing requirements -The following sections identify the licensing requirements for Basic Audit and Advanced Audit. Basic Audit functionality is included with Advanced Auditing. +The following sections identify the licensing requirements for Audit (Standard) and Audit (Premium). Audit (Standard) functionality is included with Audit (Premium). -### Basic Audit +### Audit (Standard) - Microsoft 365 Business Basic subscription - Microsoft 365 Apps for Business subscription The following sections identify the licensing requirements for Basic Audit and A - Office 365 Education A1 subscription - Office 365 Education A3 subscription -### Advanced Audit +### Audit (Premium) - Microsoft 365 Enterprise E5 subscription - Microsoft 365 Enterprise E3 subscription + the Microsoft 365 E5 Compliance add-on The following sections identify the licensing requirements for Basic Audit and A - Office 365 Enterprise E5 subscription - Office 365 Education A5 subscription -## Set up Microsoft 365 auditing solutions +## Set up Microsoft Purview auditing solutions -To get started using the auditing solutions in Microsoft 365, see the following setup guidance. +To get started using the auditing solutions in Microsoft Purview, see the following setup guidance. -### Set up Basic Audit +### Set up Audit (Standard) -The first step is to set up Basic Audit and then start running audit log searches. +The first step is to set up Audit (Standard) and then start running audit log searches. -![Workflow to set up Basic Audit.](../media/BasicAuditingWorkflow.png) +![Workflow to set up Audit (Standard).](../media/BasicAuditingWorkflow.png) -1. Verify that your organization has a subscription that supports Basic Audit and if applicable, a subscription that supports Advanced Audit. +1. Verify that your organization has a subscription that supports Audit (Standard) and if applicable, a subscription that supports Audit (Premium). -2. Assign permissions in Exchange Online to people in your organization who will use the audit log search tool in the Microsoft 365 compliance center or use the Search-UnifiedAuditLog cmdlet. Specifically, users must be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online. +2. Assign permissions in Exchange Online to people in your organization who will use the audit log search tool in the compliance portal or use the Search-UnifiedAuditLog cmdlet. Specifically, users must be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online. 3. Search the audit log. After completing step 1 and step 2, users in your organization can use the audit log search tool (or corresponding cmdlet) to search for audited activities. -For more detailed instructions, see [Set up Basic Audit](set-up-basic-audit.md). +For more detailed instructions, see [Set up Audit (Standard)](set-up-basic-audit.md). -### Set up Advanced Audit +### Set up Audit (Premium) -If your organization has a subscription that supports Advanced Audit, perform the following steps to set up and use the additional capabilities in Advanced Audit. +If your organization has a subscription that supports Audit (Premium), perform the following steps to set up and use the additional capabilities in Audit (Premium). -![Workflow to set up Advanced Audit.](../media/AdvancedAuditWorkflow.png) +![Workflow to set up Audit (Premium).](../media/AdvancedAuditWorkflow.png) -1. Set up Advanced Audit for users. This step consists of the following tasks: +1. Set up Audit (Premium) for users. This step consists of the following tasks: - - Verifying that users are assigned the appropriate license or add-on license for Advanced Audit. + - Verifying that users are assigned the appropriate license or add-on license for Audit (Premium). - - Turning on the Advanced Audit app/service plan must be for those users. + - Turning on the Audit (Premium) app/service plan must be for those users. - Enabling the auditing of crucial events and then turning on the Advanced Auditing app/service plan for those users. -2. Enable Advanced Audit events to be logged when users perform searches in Exchange Online and SharePoint Online. +2. Enable Audit (Premium) events to be logged when users perform searches in Exchange Online and SharePoint Online. 3. Set up audit log retention policies. In additional to the default policy that retains Exchange, SharePoint, and Azure AD audit records for one year, you can create additional audit log retention policies to meet the requirements of your organization's security operations, IT, and compliance teams. -4. Search for crucial Advanced Audit events and other activities when conducting forensic investigations. After completing step 1 and step 2, you can search the audit log for Advanced Audit events and other activities during forensic investigations of compromised accounts and other types of security or compliance investigations. +4. Search for crucial Audit (Premium) events and other activities when conducting forensic investigations. After completing step 1 and step 2, you can search the audit log for Audit (Premium) events and other activities during forensic investigations of compromised accounts and other types of security or compliance investigations. -For more detailed instructions, see [Set up Advanced Audit](set-up-advanced-audit.md). +For more detailed instructions, see [Set up Audit (Premium)](set-up-advanced-audit.md). ## Training -Training your security operations team, IT administrators, and compliance investigators team in the fundamentals for Basic Audit and Advanced Audit can help your organization get started more quickly using auditing to help with your investigations. Microsoft 365 provides the following resource to help these users in your organization getting started with auditing: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365). +Training your security operations team, IT administrators, and compliance investigators team in the fundamentals for Audit (Standard) and Audit (Premium) can help your organization get started more quickly using auditing to help with your investigations. Microsoft 365 provides the following resource to help these users in your organization getting started with auditing: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance	Auditing Troubleshooting Scenarios	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-troubleshooting-scenarios.md	This article describes how to use the audit log search tool to help you investig ## Using the audit log search tool -Each of the troubleshooting scenarios described in this article is based on using the audit log search tool in the Microsoft 365 compliance center. This section lists the permissions required to search the audit log and describes the steps to access and run audit log searches. Each scenario section explains how to configure an audit log search query and what to look for in the detailed information in the audit records that match the search criteria. +Each of the troubleshooting scenarios described in this article is based on using the audit log search tool in the Microsoft Purview compliance portal. This section lists the permissions required to search the audit log and describes the steps to access and run audit log searches. Each scenario section explains how to configure an audit log search query and what to look for in the detailed information in the audit records that match the search criteria. ### Permissions required to use the audit log search tool
compliance	Auto Apply Retention Labels Scenario	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auto-apply-retention-labels-scenario.md	Title: "Use retention labels to manage the lifecycle of documents stored in SharePoint" + Title: "Use retention labels to manage SharePoint document lifecycle" f1.keywords: - NOCSH description: "How you can use retention labels to manage the lifecycle of docume # Use retention labels to manage the lifecycle of documents stored in SharePoint + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). This article describes how you can manage the lifecycle of documents that are stored in SharePoint by using automatically applied retention labels and event-based retention. The manufacturing company's compliance and data governance policies dictate how \| All other types of documents \| Don't actively retain \| Delete when document is older than 3 years <br /><br /> A document is considered older than 3 years if it hasn't been modified within the last 3 years. \| \|\|\| -We use the Microsoft 365 compliance center to create the following [retention labels](retention.md#retention-labels): +We use the Microsoft Purview compliance portal to create the following [retention labels](retention.md#retention-labels): - Product Specification Here's the [file plan](file-plan-manager.md) for the Product Specification reten - File plan descriptors: For simplifying the scenario, no optional file descriptors are provided. -The following screenshot shows the settings when you create the Product Specification retention label in the Microsoft 365 compliance center. You can create the Product Cessation event type when you create the retention label. See the procedure in the following section. +The following screenshot shows the settings when you create the Product Specification retention label in the Microsoft Purview compliance portal. You can create the Product Cessation event type when you create the retention label. See the procedure in the following section. ![Retention settings for the Product Specification label.](../media/SPRetention5.png) Now in the search box, type RefinableString00:"Product Specification" AND Refi Now that we've verified that the KQL query is working, let's create an auto-apply label policy that uses a KQL query to automatically apply the Product Specification retention label to the appropriate documents. -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, go to Records management > Label policies > Auto-apply a label. +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, go to Records management > Label policies > Auto-apply a label. [ ![Select "Auto-apply a label" on the Labels page](../media/SPRetention16.png) ](../media/SPRetention16.png#lightbox) Now that we've verified that the KQL query is working, let's create an auto-appl ### Verify that the retention label was automatically applied -After 7 days, use [activity explorer](data-classification-activity-explorer.md) in the compliance center to verify that the auto-apply label policy that we created did automatically apply the retention labels to the product documents. +After 7 days, use [activity explorer](data-classification-activity-explorer.md) in the Microsoft Purview compliance portal to verify that the auto-apply label policy that we created did automatically apply the retention labels to the product documents. Also look at the properties of the documents in the Document Library. In the information panel, you can see that the retention label is applied to a selected document. Because the retention labels were auto-applied to documents, those documents are Now that the retention labels are applied, let's focus on the event that will indicate the end of production for a particular product. This event triggers the beginning of the retention period that's defined in the retention labels. For example, for product specification documents, the 5-year retention period begins when the "end of production" event is triggered. -You can manually create the event in the Microsoft 365 compliance center by going to Records Managements > Events. You would choose the event type, set the correct asset IDs, and enter a date for the event. For more information, see [Start retention when an event occurs](event-driven-retention.md). +You can manually create the event in the Microsoft Purview compliance portal by going to Records Managements > Events. You would choose the event type, set the correct asset IDs, and enter a date for the event. For more information, see [Start retention when an event occurs](event-driven-retention.md). But for this scenario, we'll automatically generate the event from an external production system. The system is a simple SharePoint list that indicates whether a product is in production. A [Power Automate](/power-automate/getting-started) flow that's associated with the list will trigger the event. In a real-world scenario, you could use various systems to generate the event, such as an HR or CRM system. Power Automate contains many ready-to-use interactions and building block for Microsoft 365 workloads, such as Microsoft Exchange, SharePoint, Teams, and Dynamics 365, plus third-party apps such as Twitter, Box, Salesforce, and Workdays. This feature makes it easy to integrate Power Automate with various systems. For more information, see [Automate event-driven retention](./event-driven-retention.md#automate-events-by-using-a-rest-api). To create this flow, start from a SharePoint connector and select the When an This list describes the parameters in the Body property of the action that must be configured for this scenario: -- Name: This parameter specifies the name of the event that will be created in the Microsoft 365 compliance center. For this scenario, the name is "Cessation Production xxx", where xxx is the value of the ProductName managed property that we created earlier. +- Name: This parameter specifies the name of the event that will be created in the Microsoft Purview compliance portal. For this scenario, the name is "Cessation Production xxx", where xxx is the value of the ProductName managed property that we created earlier. - EventType: The value for this parameter corresponds to the event type that the created event will apply to. This event type was defined when you created the retention label. For this scenario, the event type is "Product Cessation." - SharePointAssetIdQuery: This parameter defines the asset ID for the event. Event-based retention needs a unique identifier for the document. We can use asset IDs to identify the documents that a particular event applies to or, as in this scenario, the metadata column Product Name. To do this, we need to create a new ProductName managed property that can be used in the KQL query. (Alternatively, we could use RefinableString00 instead of creating a new managed property). We also need to map this new managed property to the ows_Product_x0020_Name crawled property. Here's a screenshot of this managed property. This list describes the parameters in the Body property of the action that m ### Putting it all together -Now the retention label is created and auto-applied, and the flow is configured and created. When the value in the In Production column for the Spinning Widget product in the Products list is changed from *Yes* to *No, the flow is triggered to create the event. To see this event in the compliance center, go to Records management* > Events. +Now the retention label is created and auto-applied, and the flow is configured and created. When the value in the In Production column for the Spinning Widget product in the Products list is changed from *Yes* to *No, the flow is triggered to create the event. To see this event in the Microsoft Purview compliance portal, go to Records management* > Events. -[ ![The event that was triggered by the flow is displayed on the Events page in the compliance center.](../media/SPRetention28.png) ](../media/SPRetention28.png#lightbox) +[ ![The event that was triggered by the flow is displayed on the Events page in the Microsoft Purview compliance portal.](../media/SPRetention28.png) ](../media/SPRetention28.png#lightbox) Select the event to view the details on the flyout page. Notice that even though the event is created, the event status shows that no SharePoint sites or documents have been processed. Instead of using the default Asset Id property as we do in this scenario, yo ### Using advanced search in SharePoint -In the previous screenshot, you can see that there's another managed property related to retention labels called ComplianceTag that's mapped to a crawled property. The ComplianceAssetId managed property is also mapped to a crawled property. This means that you can use these managed properties in advanced search to retrieve all documents that have been tagged with a retention label. +In the previous screenshot, you can see that there's another managed property related to retention labels called ComplianceTag that's mapped to a crawled property. The ComplianceAssetId managed property is also mapped to a crawled property. This means that you can use these managed properties in advanced search to retrieve all documents that have been tagged with a retention label.
compliance	Autoexpanding Archiving	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/autoexpanding-archiving.md	description: "Learn about auto-expanding archiving, which provides additional ar # Learn about auto-expanding archiving + In Office 365, archive mailboxes provide users with additional mailbox storage space. After a user's archive mailbox is enabled, up to 100 GB of additional storage is available. In the past, when the 100-GB storage quota was reached, organizations had to contact Microsoft to request additional storage space for an archive mailbox. That's no longer the case. The archiving feature in Microsoft 365 (called auto-expanding archiving) provides up to 1.5 TB of additional storage in archive mailboxes. When the storage quota in the archive mailbox is reached, Microsoft 365 automatically (and incrementally) increases the size of the archive until the archive mailbox reaches 1.5 TB. This section explains the functionality between auto-expanding archiving and oth - eDiscovery: When you use an eDiscovery tool, such as Content Search or In-Place eDiscovery, the additional storage areas in an auto-expanded archive are also searched. -- Retention: When you put a mailbox on hold by using tools such as Litigation Hold in Exchange Online or eDiscovery case holds and retention policies in the security and compliance center, content located in an auto-expanded archive is also placed on hold. +- Retention: When you put a mailbox on hold by using tools such as Litigation Hold in Exchange Online or eDiscovery case holds and retention policies in the Microsoft Purview compliance portal, content located in an auto-expanded archive is also placed on hold. - Messaging records management (MRM): If you use MRM deletion policies in Exchange Online to permanently delete expired mailbox items, expired items located in the auto-expanded archive will also be deleted.
compliance	Building Search Queries	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/building-search-queries.md	Title: Build search queries in Advanced eDiscovery + Title: Build search queries in eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Use keywords and conditions to narrow the scope of the search when searching for data using Advanced eDiscovery in Microsoft 365." +description: "Use keywords and conditions to narrow the scope of the search when searching for data using eDiscovery (Premium) in Microsoft 365." -# Build search queries for collections in Advanced eDiscovery +# Build search queries for collections in eDiscovery (Premium) -When configuring the search query when creating a [collection](collections-overview.md) in an Advanced eDiscovery case, you can use keywords to find specific content and conditions to narrow the scope of the search to return items that are most relevant to your legal investigation. +When configuring the search query when creating a [collection](collections-overview.md) in an eDiscovery (Premium) case, you can use keywords to find specific content and conditions to narrow the scope of the search to return items that are most relevant to your legal investigation. ![Use keywords and conditions to narrow the results of a search.](../media/SearchQueryBox.png) Type a keyword query in the Keywords box in the search query. You can specif ## Keyword list -Alternatively, you can select the Show keyword list check box and the type a keyword or keyword phrase in each row. The keywords in each row are connected by a logical operator (which is represented as c:s in the search query syntax) that is similar in functionality to the OR operator in the search query that's created. This means items that contain any keyword in any row are in the search results. You can add up to 180 rows in the keyword list in Advanced eDiscovery search queries. +Alternatively, you can select the Show keyword list check box and the type a keyword or keyword phrase in each row. The keywords in each row are connected by a logical operator (which is represented as c:s in the search query syntax) that is similar in functionality to the OR operator in the search query that's created. This means items that contain any keyword in any row are in the search results. You can add up to 180 rows in the keyword list in eDiscovery (Premium) search queries. ![Use the keyword list to get statistics on each keyword in the query.](../media/KeywordListSearch.png)
compliance	Bulk Add Custodians	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-add-custodians.md	Title: "Import custodians to an Advanced eDiscovery case" + Title: "Import custodians to an eDiscovery (Premium) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Use the bulk-import tool to quickly add multiple custodians and their associated data sources to a case in Advanced eDiscovery." +description: "Use the bulk-import tool to quickly add multiple custodians and their associated data sources to a case in Microsoft Purview eDiscovery (Premium)." -# Import custodians to an Advanced eDiscovery case +# Import custodians to an eDiscovery (Premium) case -For Advanced eDiscovery cases that involve many custodians, you can import multiple custodians at once by using a CSV file that contains the information necessary to add them to a case. The import custodians tool will also validate the CSV file before the import job is created. This means you can fix any errors in the CSV file instead of having to wait until the import job is complete before learning there are errors that prevent a custodian from being added to the case. +For Microsoft Purview eDiscovery (Premium) cases that involve many custodians, you can import multiple custodians at once by using a CSV file that contains the information necessary to add them to a case. The import custodians tool will also validate the CSV file before the import job is created. This means you can fix any errors in the CSV file instead of having to wait until the import job is complete before learning there are errors that prevent a custodian from being added to the case. ## Before you import custodians For Advanced eDiscovery cases that involve many custodians, you can import multi ## Import custodians -1. Open the Advanced eDiscovery case and select the Data sources tab. +1. Open the eDiscovery (Premium) case and select the Data sources tab. 2. Click Add data source > Import custodians. For Advanced eDiscovery cases that involve many custodians, you can import multi 7. Once the CSV file has been successfully validated, click Next and then click Import to start the import job. -After you start the import job, Advanced eDiscovery does the following things: +After you start the import job, eDiscovery (Premium) does the following things: - Creates a job named BulkAddCustodian on the Jobs tab of the case. After you download the CSV custodian template, you can add custodians and their \|\|\| > [!NOTE] -> <sup>1</sup> If you put more than 1,000 mailboxes or 100 sites on hold in a case, the system will automatically scale the eDiscovery hold as needed. This means the system automatically adds data locations to multiple hold policies, instead of adding them to a single policy. However, the limit of 10,000 case hold policies per organization still applies. For more information about hold limits, see [Limits in Advanced eDiscovery](limits-ediscovery20.md#hold-limits). +> <sup>1</sup> If you put more than 1,000 mailboxes or 100 sites on hold in a case, the system will automatically scale the eDiscovery hold as needed. This means the system automatically adds data locations to multiple hold policies, instead of adding them to a single policy. However, the limit of 10,000 case hold policies per organization still applies. For more information about hold limits, see [Limits in eDiscovery (Premium)](limits-ediscovery20.md#hold-limits). <br> > <sup>2</sup> When you include TeamsMailbox and YammerMailbox workloads in the CSV file, the group site (TeamSite and YammerSite) are automatically added by default. You don't need to specify TeamsSite and YammerSite separately in the CSV file.
compliance	Bulk Create Publish Labels Using Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-create-publish-labels-using-powershell.md	search.appverid: - MET150 - seo-marvel-apr2020 -description: "Learn how to use PowerShell to create and publish retention labels from the command line, independently from the Microsoft 365 compliance center." +description: "Learn how to use PowerShell to create and publish retention labels from the command line, independently from the Microsoft Purview compliance portal." # Create and publish retention labels by using PowerShell + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -After you've decided to use [retention labels](retention.md) to help you keep or delete documents and emails in Microsoft 365, you might have realized that you have many and possibly hundreds of retention labels to create and publish. The recommended method to create retention labels at scale is by using [file plan](file-plan-manager.md) from the Microsoft 365 compliance center. However, you can also use [PowerShell](retention.md#powershell-cmdlets-for-retention-policies-and-retention-labels). +After you've decided to use [retention labels](retention.md) to help you keep or delete documents and emails in Microsoft 365, you might have realized that you have many and possibly hundreds of retention labels to create and publish. The recommended method to create retention labels at scale is by using [file plan](file-plan-manager.md) from the Microsoft Purview compliance portal. However, you can also use [PowerShell](retention.md#powershell-cmdlets-for-retention-policies-and-retention-labels). Use the information, template files and examples, and script in this article to help you bulk-create retention labels and publish them in retention label policies. Then, the retention labels can be [applied by administrators and users](create-apply-retention-labels.md#how-to-apply-published-retention-labels). You can find the log file at the following location, although the digits in the ``` <path>.\Log_Publish_Compliance_Tag_01112018_151239.txt -``` +```
compliance	Change The Hold Duration For An Inactive Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/change-the-hold-duration-for-an-inactive-mailbox.md	description: "After an Office 365 mailbox is made inactive, change the duration # Change the hold duration for an inactive mailbox + An [inactive mailbox](inactive-mailboxes-in-office-365.md) is mailbox state that is used to retain a former employee's email after they leave your organization. A mailbox becomes inactive when an applicable hold is applied to it before the Microsoft 365 user object is deleted. The following types of holds will initiate the creation of an inactive mailbox upon user account deletion: - [Microsoft 365 retention policies and labels](retention.md) with retain or retain and delete settings The following table identifies the six different hold types that were used to ma \|Inactive mailbox\|Hold type\|How to identify the hold on the inactive mailbox\| \|:--\|:--\|:--\| \|Ann Beebe <br/> \|Litigation Hold <br/> \| The `LitigationHoldEnabled` property is set to `True` indicating the mailbox is on Litigation Hold. <br/><br/> Additionally, the `LitigationHoldDuration` is set to `365.00:00:00` indicating that mailbox items will no longer be subject to litigation hold 365 days after their creation date (sent/received). <br/><br/> The `LitigationHoldDate` indicates the date LitigationHold was enabled and `LitigationHoldOwner` identifies the person who initiated the litigation hold. <br/> \| -\|Carol Olson <br/> \|Microsoft 365 retention policy from the Microsoft 365 compliance center that is applied to specific mailboxes <br/> \|The `InPlaceHolds` property contains the GUID of the Microsoft 365 retention policy that's applied to the inactive mailbox. You can tell this is a retention policy that applied to specific mailboxes because the GUID starts with the `mbx` prefix and ends in a `:2` or `:3`. <br/><br/> For more information, see [Understanding the format of the InPlaceHolds value for retention policies](identify-a-hold-on-an-exchange-online-mailbox.md#understanding-the-format-of-the-inplaceholds-value-for-retention-policies). <br/> \| +\|Carol Olson <br/> \|Microsoft 365 retention policy from the Microsoft Purview compliance portal that is applied to specific mailboxes <br/> \|The `InPlaceHolds` property contains the GUID of the Microsoft 365 retention policy that's applied to the inactive mailbox. You can tell this is a retention policy that applied to specific mailboxes because the GUID starts with the `mbx` prefix and ends in a `:2` or `:3`. <br/><br/> For more information, see [Understanding the format of the InPlaceHolds value for retention policies](identify-a-hold-on-an-exchange-online-mailbox.md#understanding-the-format-of-the-inplaceholds-value-for-retention-policies). <br/> \| \|Megan Bowen <br/> \| Microsoft 365 retention label with a retain or retain and delete action is applied to at least one item in the mailbox <br/> \|The `ComplianceTagHoldApplied` property is `True` indicating an item has been labeled with a retain or retain and delete label. <br/><br/> Additionally, the `InPlaceHolds` property contains the GUID of the Microsoft 365 retention label policy that's applied to the inactive mailbox. <br/><br/> For more information, see [Identifying mailboxes on hold because a retention label has been applied to a folder or item](identify-a-hold-on-an-exchange-online-mailbox.md#identifying-mailboxes-on-hold-because-a-retention-label-has-been-applied-to-a-folder-or-item) <br/> \| -\|Mario Necaise <br/> \|Organization-wide Microsoft 365 retention policy from the Microsoft 365 compliance center <br/> \|The `InPlaceHolds` property is empty, `LitigationHoldEnabled` is `False` and `ComplianceTagHoldApplied` is `False`. This indicates that one or more entire (Exchange) location Microsoft 365 retention policies applied to the organization which the inactive mailbox is inheriting. <br/><br/> For more information, see [How to confirm that an organization-wide retention policy is applied to a mailbox](identify-a-hold-on-an-exchange-online-mailbox.md#how-to-confirm-that-an-organization-wide-retention-policy-is-applied-to-a-mailbox) <br/> \| -\|Abraham McMahon <br/> \|eDiscovery case hold in the Microsoft 365 compliance center <br/> \|The `InPlaceHolds` property contains the GUID of the eDiscovery case hold that's placed on the inactive mailbox. You can tell this is an eDiscovery case hold because the GUID starts with the `UniH` prefix. <br/><br/> For more information, see [eDiscovery holds](identify-a-hold-on-an-exchange-online-mailbox.md#ediscovery-holds). <br/> \| +\|Mario Necaise <br/> \|Organization-wide Microsoft 365 retention policy from the Microsoft Purview compliance portal <br/> \|The `InPlaceHolds` property is empty, `LitigationHoldEnabled` is `False` and `ComplianceTagHoldApplied` is `False`. This indicates that one or more entire (Exchange) location Microsoft 365 retention policies applied to the organization which the inactive mailbox is inheriting. <br/><br/> For more information, see [How to confirm that an organization-wide retention policy is applied to a mailbox](identify-a-hold-on-an-exchange-online-mailbox.md#how-to-confirm-that-an-organization-wide-retention-policy-is-applied-to-a-mailbox) <br/> \| +\|Abraham McMahon <br/> \|eDiscovery case hold in the Microsoft Purview compliance portal <br/> \|The `InPlaceHolds` property contains the GUID of the eDiscovery case hold that's placed on the inactive mailbox. You can tell this is an eDiscovery case hold because the GUID starts with the `UniH` prefix. <br/><br/> For more information, see [eDiscovery holds](identify-a-hold-on-an-exchange-online-mailbox.md#ediscovery-holds). <br/> \| \|Pilar Pinilla <br/> \|In-Place Hold <br/> \|The `InPlaceHolds` property contains the GUID of the In-Place Hold that's placed on the inactive mailbox. You can tell this is an In-Place Hold because the GUID doesn't start with a prefix. <br/><br/> NOTE: As of October 1, 2020, the hold duration of in-place holds can no longer be changed. You can only remove an In-Place Hold which will result in the deletion of the inactive mailbox. <br/><br/> For more information, see [Retirement of legacy eDiscovery tools](legacy-ediscovery-retirement.md). <br/> \| ## Step 2: Change the hold duration for an inactive mailbox Be sure to remove the prefix and suffix from the GUID when running this command. Get-RetentionCompliancePolicy cdbbb86ce60342489bff371876e7f224 \| FL Name ``` -Once you know the name of the policy, you can simply modify the retention policy in the Microsoft 365 Compliance center. Be aware that retention policies are typically applied to more than one location, so modifying the policy will affect all applied locations - both inactive and active, which may also include locations other than Exchange. For more information, see [Create and configure retention policies](create-retention-policies.md). +Once you know the name of the policy, you can simply modify the retention policy in the Microsoft Purview compliance portal. Be aware that retention policies are typically applied to more than one location, so modifying the policy will affect all applied locations - both inactive and active, which may also include locations other than Exchange. For more information, see [Create and configure retention policies](create-retention-policies.md). > [!IMPORTANT] > Retention policies with [preservation lock](retention-preservation-lock.md) enabled can have the retention period extended, but not decreased or removed.
compliance	Change The Size Of Pst Files When Exporting Results	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/change-the-size-of-pst-files-when-exporting-results.md	description: "You can change the default size of PST files that are downloaded t When you use the eDiscovery Export tool to export the email results of an eDiscovery search from the different Microsoft eDiscovery tools, the default size of a PST file that can be exported is 10 GB. If you want to change this default size, you can edit the Windows Registry on the computer that you use to export the search results. One reason to do this is so a PST file can fit on removable media, such a DVD, a compact disc, or a USB drive. > [!NOTE] -> The eDiscovery Export tool is used to export the search results when using the Content search tool in the Microsoft 365 compliance center. +> The eDiscovery Export tool is used to export the search results when using the Content search tool in the Microsoft Purview compliance portal. ## Create a registry setting to change the size of PST files when you export eDiscovery search results
compliance	Check Your Content Search Query For Errors	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/check-your-content-search-query-for-errors.md	description: "Learn how to detect errors and typos in your keyword query for eDi # Check your search query for errors -Here's a list of the unsupported characters that we check for in search queries for Content search and Core eDiscovery. Unsupported characters are often hidden, and they typically cause a search error or return unintended results. +Here's a list of the unsupported characters that we check for in search queries for Content search and Microsoft Purview eDiscovery (Standard). Unsupported characters are often hidden, and they typically cause a search error or return unintended results. - Smart quotation marks - Smart single and double quotation marks (also called curly quotes) aren't supported. Only straight quotation marks can be used in a search query.
compliance	Classifier Get Started With	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/classifier-get-started-with.md	description: "A Microsoft 365 classifier is a tool you can train to recognize va # Get started with trainable classifiers + A Microsoft 365 trainable classifier is a tool you can train to recognize various types of content by giving it samples to look at. Once trained, you can use it to identify item for application of Office sensitivity labels, Communications compliance policies, and retention label policies. Creating a custom trainable classifier first involves giving it samples that are human picked and positively match the category. Then, after it has processed those, you test the classifiers ability to predict by giving it a mix of positive and negative samples. This article shows you how to create and train a custom classifier and how to improve the performance of custom trainable classifiers and pre-trained classifiers over their lifetime through retraining. Once the trainable classifier has processed enough positive samples to build a p > [!TIP] > If you create a new site and folder for your seed data, allow at least an hour for that location to be indexed before creating the trainable classifier that will use that seed data. -3. Sign in to Microsoft 365 compliance center with compliance admin or security admin role access and open <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> or <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> > Data classification. +3. Sign in to Microsoft Purview compliance portal with compliance admin or security admin role access and open <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> or <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> > Data classification. 4. Choose the Trainable classifiers tab.
compliance	Classifier How To Retrain Content Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/classifier-how-to-retrain-content-explorer.md	description: "Learn how to provide feedback to a trainable classifier in Content # How to retrain a classifier in content explorer + A Microsoft 365 trainable classifier is a tool you can train to recognize various types of content by giving it samples to look at. Once trained, you can use it to identify items for application of Office sensitivity labels, communications compliance policies, and retention label policies. This article shows you how to improve the performance of custom trainable classifiers by providing them additional feedback. Watch this video for a quick summary of the tuning and retraining process. You'l ## Permissions -To access classifiers in the Microsoft 365 Compliance center: +To access classifiers in the Microsoft Purview compliance portal: - the Compliance admin role or Compliance Data Administrator is required to train a classifier To understand more about the overall workflow of retraining a classifier, see [P ## How to retrain a classifier in content explorer -1. Sign in to Microsoft 365 compliance center with compliance admin or security admin role access and open Microsoft 365 compliance center > Data classification > Content explorer. +1. Sign in to Microsoft Purview compliance portal with compliance admin or security admin role access and open Microsoft Purview compliance portal > Data classification > Content explorer. 2. Under the Filter on labels, info types, or categories list, expand Trainable classifiers. > [!IMPORTANT] We compare the performance numbers on both sets of items for the retrained and p ## See also - [Learn about trainable classifiers](classifier-learn-about.md)-- [Default crawled file name extensions and parsed file types in SharePoint Server](/sharepoint/technical-reference/default-crawled-file-name-extensions-and-parsed-file-types) +- [Default crawled file name extensions and parsed file types in SharePoint Server](/sharepoint/technical-reference/default-crawled-file-name-extensions-and-parsed-file-types)
compliance	Classifier Learn About	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/classifier-learn-about.md	description: "Trainable classifiers can recognize various types of content for l # Learn about trainable classifiers + Classifying and labeling content so it can be protected and handled properly is the starting place for the information protection discipline. Microsoft 365 has three ways to classify content. ## Manually This category of classification mechanisms includes finding content by: - Recognizing an item because it's a variation on a template [(document finger printing)](document-fingerprinting.md). - Using the presence of exact strings [exact data match](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types). -Sensitivity and retention labels can then be automatically applied to make the content available for use in [Learn about data loss prevention](dlp-learn-about-dlp.md) and [auto-apply polices for retention labels](apply-retention-labels-automatically.md). +Sensitivity and retention labels can then be automatically applied to make the content available for use in [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) and [auto-apply polices for retention labels](apply-retention-labels-automatically.md). ## Classifiers Microsoft 365 comes with multiple pre-trained classifiers: - Tax: Detects Tax relation content such as tax planning, tax forms, tax filing, tax regulations. Detects content in .docx, .docm, .doc, .dotx, .dotm, .dot, .pdf, .rtf, .txt, .one, .msg, .eml, .pptx, .pptm, .ppt, .potx, .potm, .pot, .ppsx, .ppsm, .pps, .ppam, .ppa, .xlsx, .xlsm, .xlsb, .xls, .csv, .xltx, .xltm, .xlt, .xlam, xla files. - Threat: Detects a specific category of offensive language text items related to threats to commit violence or do physical harm or damage to a person or property. Detects content in .msg, .docx, .pdf, .txt, .rtf, .jpeg, .jpg, .png, .gif, .bmp, .svg files. -These appear in the Microsoft 365 compliance center > Data classification > Trainable classifiers view with the status of `Ready to use`. +These appear in the Microsoft Purview compliance portal > Data classification > Trainable classifiers view with the status of `Ready to use`. ![classifiers-pre-trained-classifiers.](../media/classifiers-ready-to-use-classifiers.png)
compliance	Clone A Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/clone-a-content-search.md	Why clone Content Searches? ## Script information -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center to run the script described in this topic. +- You have to be a member of the eDiscovery Manager role group in the Microsoft Purview compliance portal to run the script described in this topic. - The script includes minimal error handling. The primary purpose of the script is to quickly clone a content search.
compliance	Close Or Delete Case	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-or-delete-case.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: Learn what happens when an investigation or legal case supported by an Advanced eDiscovery case is closed or deleted. +description: Learn what happens when an investigation or legal case supported by a Microsoft Purview eDiscovery (Premium) case is closed or deleted. -# Close or delete an Advanced eDiscovery case +# Close or delete an eDiscovery (Premium) case -When the legal case or investigation supported by an Advanced eDiscovery case is completed, you can close or delete a case. You can also reopen a closed case. +When the legal case or investigation supported by a Microsoft Purview eDiscovery (Premium) case is completed, you can close or delete a case. You can also reopen a closed case. ## Close a case -Here's what happens when you close an Advanced eDiscovery case: +Here's what happens when you close an eDiscovery (Premium) case: - If the case contains any content locations on hold, those holds will be turned off. After the hold is turned off, a 30-day grace period (called a delay hold) is applied to content locations that were on hold. This helps prevent content from being immediately deleted and gives admins an opportunity to search for or recover content that will be permanently deleted after the delay hold period expires. For more information, see [Removing content locations from an eDiscovery hold](create-ediscovery-holds.md#removing-content-locations-from-an-ediscovery-hold). -- Closing a case only turns off the holds that are associated with that case. If other holds are place on a content location (such as a Litigation Hold, Core eDiscovery hold, or a hold from a different Advanced eDiscovery case) those holds will still be maintained. +- Closing a case only turns off the holds that are associated with that case. If other holds are place on a content location (such as a Litigation Hold, Microsoft Purview eDiscovery (Standard) hold, or a hold from a different eDiscovery (Premium) case) those holds will still be maintained. -- The case is still listed on the eDiscovery page in the Microsoft 365 compliance center. The details, holds, searches, and members of a closed case are retained. +- The case is still listed on the eDiscovery page in the Microsoft Purview compliance portal. The details, holds, searches, and members of a closed case are retained. -- You can edit a case after it's closed. For example, you can add or removing members, create searches, export search results, and prepare search results for analysis in Advanced eDiscovery. The primary difference between active and closed cases is that holds are turned off when a case is closed. +- You can edit a case after it's closed. For example, you can add or removing members, create searches, export search results, and prepare search results for analysis in eDiscovery (Premium). The primary difference between active and closed cases is that holds are turned off when a case is closed. To close a case: -1. On the Advanced eDiscovery page, select the case that you want to close. +1. On the eDiscovery (Premium) page, select the case that you want to close. 2. On the Settings tab, under Case Information, click Select. - ![Access the case information flyout page in an Advanced eDiscovery case.](..\media\AeDSelectCaseInformation.png) + ![Access the case information flyout page in an eDiscovery (Premium) case.](..\media\AeDSelectCaseInformation.png) 3. At the bottom of the Case Information flyout page, click Actions, and then click Close case. To close a case: ## Reopen a closed case -When you reopen an Advanced eDiscovery case, any holds that were in place when the case was closed won't be automatically reinstated. After the case is reopened, you'll have to go to the Holds tab and turn on the previous holds. To turn on a hold, select it to display the flyout page, and then set the Status toggle to On. +When you reopen an eDiscovery (Premium) case, any holds that were in place when the case was closed won't be automatically reinstated. After the case is reopened, you'll have to go to the Holds tab and turn on the previous holds. To turn on a hold, select it to display the flyout page, and then set the Status toggle to On. To reopen a closed case: -1. On the Advanced eDiscovery page, select the case that you want to reopen. +1. On the eDiscovery (Premium) page, select the case that you want to reopen. 2. On the Settings tab, under Case Information, click Select. To reopen a closed case: ## Delete a case -You can delete both active and closed Advanced eDiscovery cases. When you delete a case, all components associated with the case, such as the list of custodians, communications, searches, review sets, and export job are deleted. The case is removed from the list of cases on the Advanced eDiscovery page in the Microsoft 365 compliance center. You can't recover or reopen a deleted case. +You can delete both active and closed eDiscovery (Premium) cases. When you delete a case, all components associated with the case, such as the list of custodians, communications, searches, review sets, and export job are deleted. The case is removed from the list of cases on the eDiscovery (Premium) page in the Microsoft Purview compliance portal. You can't recover or reopen a deleted case. > [!NOTE] -> In data spillage scenarios, the only way to remove items in a review set is to delete the Advanced eDiscovery case. Other "search and purge" methods don't remove items from a review set. +> In data spillage scenarios, the only way to remove items in a review set is to delete the eDiscovery (Premium) case. Other "search and purge" methods don't remove items from a review set. Before you can delete a case (whether it's active or closed), you must first delete all holds associated with the case. That includes deleting holds with a status of Off. To delete holds associated with a case: -1. Go the Holds tab in the Advanced eDiscovery case that you want to delete. +1. Go the Holds tab in the eDiscovery (Premium) case that you want to delete. 2. Click the hold that you want to delete. To delete holds associated with a case: To delete a case: -1. On the Advanced eDiscovery page, select the case that you want to delete. +1. On the eDiscovery (Premium) page, select the case that you want to delete. 2. On the Settings tab, under Case Information, click Select.
compliance	Close Reopen Delete Core Ediscovery Cases	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-reopen-delete-core-ediscovery-cases.md	Title: "Close, reopen, and delete Core eDiscovery cases" + Title: "Close, reopen, and delete eDiscovery (Standard) cases" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "This article describes how to manage Core eDiscovery cases. This includes closing a case, reopening a closed case, and deleting a case." +description: "This article describes how to manage eDiscovery (Standard) cases. This includes closing a case, reopening a closed case, and deleting a case." -# Close, reopen, and delete a Core eDiscovery case +# Close, reopen, and delete a eDiscovery (Standard) case -This article describes how to close, reopen, and delete Core eDiscovery cases in Microsoft 365. +This article describes how to close, reopen, and delete Microsoft Purview eDiscovery (Standard) cases in Microsoft 365. ## Close a case -When the legal case or investigation supported by a Core eDiscovery case is completed, you can close the case. Here's what happens when you close a case: +When the legal case or investigation supported by a eDiscovery (Standard) case is completed, you can close the case. Here's what happens when you close a case: - If the case contains any eDiscovery holds, they will be turned off. After the hold is turned off, a 30-day grace period (called a delay hold) is applied to content locations that were on hold. This helps prevent content from being immediately deleted and provides admins the opportunity to search for and restore content before it may be permanently deleted after the delay hold period expires. For more information, see [Removing content locations from an eDiscovery hold](create-ediscovery-holds.md#removing-content-locations-from-an-ediscovery-hold). -- Closing a case only turns off the holds that are associated with that case. If other holds are placed on a content location (such as a Litigation Hold, a retention policy, or a hold from a different Core eDiscovery case) those holds will still be maintained. +- Closing a case only turns off the holds that are associated with that case. If other holds are placed on a content location (such as a Litigation Hold, a retention policy, or a hold from a different eDiscovery (Standard) case) those holds will still be maintained. -- The case is still listed on the Core eDiscovery page in the Microsoft 365 compliance center. The details, holds, searches, and members of a closed case are retained. +- The case is still listed on the eDiscovery (Standard) page in the Microsoft Purview compliance portal. The details, holds, searches, and members of a closed case are retained. - You can edit a case after it's closed. For example, you can add or remove members, create searches, and export search results. The primary difference between active and closed cases is that eDiscovery holds are turned off when a case is closed. To close a case: -1. In the Microsoft 365 compliance center, click eDiscovery > Core to display the list of Core eDiscovery cases in your organization. +1. In the compliance portal, click eDiscovery > Core to display the list of eDiscovery (Standard) cases in your organization. 2. Click the name of the case that you want to close. To close a case: The status on the case home page is changed from Active to Closing. -5. On the Core eDiscovery page, click Refresh to update the status of the closed case. It might take up to 60 minutes for the closing process to complete. +5. On the eDiscovery (Standard) page, click Refresh to update the status of the closed case. It might take up to 60 minutes for the closing process to complete. - When the process is complete, the status of the case is changed to Closed on the Core eDiscovery page. + When the process is complete, the status of the case is changed to Closed on the eDiscovery (Standard) page. ## Reopen a closed case When you reopen a case, any eDiscovery holds that were in place when the case was closed won't be automatically reinstated. After the case is reopened, you'll have to go to the Holds page and turn on the previous holds. To turn on a hold, select it to display the flyout page, and then set the Status toggle to On. -1. In the Microsoft 365 compliance center, click eDiscovery > Core to display the list of Core eDiscovery cases in your organization. +1. In the compliance portal, click eDiscovery > Core to display the list of eDiscovery (Standard) cases in your organization. 2. Click the name of the case that you want to reopen. When you reopen a case, any eDiscovery holds that were in place when the case wa The status on the case home page flyout page is changed from Closed to Active. -5. On the Core eDiscovery page, click Refresh to update the status of the reopened case. It might take up to 60 minutes for the reopening process to complete. +5. On the eDiscovery (Standard) page, click Refresh to update the status of the reopened case. It might take up to 60 minutes for the reopening process to complete. - When the process is complete, the status of the case is changed to Active on the Core eDiscovery page. + When the process is complete, the status of the case is changed to Active on the eDiscovery (Standard) page. 6. (Optional) To turn on any holds associated with the reopened case, go to Holds tab, select a hold, and then select the checkbox under Status on the hold flyout page. ## Delete a case -You can also delete active and closed Core eDiscovery cases. When you delete a case, all searches and exports in the case are deleted, and the case is removed from the list of cases on the Core eDiscovery page in the Microsoft 365 compliance center. You can't reopen a deleted case. +You can also delete active and closed eDiscovery (Standard) cases. When you delete a case, all searches and exports in the case are deleted, and the case is removed from the list of cases on the eDiscovery (Standard) page in the compliance portal. You can't reopen a deleted case. Before you can delete a case (whether it's active or closed), you must first delete all eDiscovery holds associated with the case. That includes deleting holds with a status of Off. To delete an eDiscovery hold: To delete a case: -1. In the Microsoft 365 compliance center, click eDiscovery > Core to display the list of Core eDiscovery cases in your organization. +1. In the compliance portal, click eDiscovery > Core to display the list of eDiscovery (Standard) cases in your organization. 2. Click the name of the case that you want to delete.
compliance	Collection Statistics Reports	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collection-statistics-reports.md	Previously updated : Last updated : 04/08/2022 audience: Admin search.appverid: - MOE150 - MET150 -description: "Learn how to access and use statistics and reports for draft collections and collections that have been committed to a review set in Advanced eDiscovery." +description: "Learn how to access and use statistics and reports for draft collections and collections that have been committed to a review set in Microsoft Purview eDiscovery (Premium)." -# Collection statistics and reports in Advanced eDiscovery +# Collection statistics and reports in Microsoft Purview eDiscovery (Premium) After you create a draft collection, you can view statistics on the retrieved items, such as the content locations that contain the most items that matched the search criteria and the number of items returned by the search query. You can also preview a subset of the results. This section of the Summary tab contains statistics and other information ab A parent item might contain multiple child items. For example, an email message is a parent item if it contains an attached file or has a cloud attachment. In this case, the attached file or the target file of the cloud attachment is considered a child item. When you commit a collection, parent items and any corresponding child items (like attached files and cloud attachments) are added to the review set as individual items or files. -- Child items. The number of child items added to the review set. Only child items that are file attachments and cloud attachments are added to the review set as individual files. Other types of child items, such as email signatures and images, are extracted from a parent item and then processed by Optical Character Recognition (OCR) to extract any text from the child item. Text extracted from these types of child items is then added to its parent item so you can view it in the review set. By not adding child items to the review set as a separate file, Advanced eDiscovery helps streamline the review process by limiting the number of potentially immaterial items in the review set. +- Child items. The number of child items added to the review set. Only child items that are file attachments and cloud attachments are added to the review set as individual files. Other types of child items, such as email signatures and images, are extracted from a parent item and then processed by Optical Character Recognition (OCR) to extract any text from the child item. Text extracted from these types of child items is then added to its parent item so you can view it in the review set. By not adding child items to the review set as a separate file, eDiscovery (Premium) helps streamline the review process by limiting the number of potentially immaterial items in the review set. - Unique items. The number of unique items added to the review set. Unique items are unique to the review set. All items are unique when the first collection is added to a new review set because there were no previous items in the review set. When you run a draft collection, an estimate of the number of items (and their t For example, multiple versions of SharePoint documents aren't included in the estimate for the draft collection. But if you select the option to include all document versions when you commit a draft collection, the actual number (and total size) of items added to the review set will increase. - For more information about these options, see [Commit a draft collection to a review set](commit-draft-collection.md#commit-a-draft-collection-to-a-review-set-in-advanced-ediscovery). + For more information about these options, see [Commit a draft collection to a review set](commit-draft-collection.md#commit-a-draft-collection-to-a-review-set-in-ediscovery-premium). Here are other reasons why the estimated results from a draft collection can be different that the actual committed results.
compliance	Collections Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collections-overview.md	Title: "Overview of collections in Advanced eDiscovery" + Title: "Overview of collections in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Use collections in Advanced eDiscovery to search for and collect content that's relative to your case or investigation." +description: "Use collections in eDiscovery (Premium) to search for and collect content that's relative to your case or investigation." -# Learn about collections in Advanced eDiscovery +# Learn about collections in eDiscovery (Premium) When organizations are faced with gathering the communications and content that may be relevant to an investigation or potential litigation, they face a significant challenge under the best of circumstances. In todayΓÇÖs modern workplace, the volume, variety, and velocity of content is enabling innovation and remote work, while also expanding the requirements and process for managing collections for eDiscovery investigations. The collection workflow poses significant technical challenges around extracting content from native locations and sources. It's also a critical point in the assessment and strategy for common litigation or investigations scenarios. As organizations begin to assess an investigation, the first questions asked are who was involved? After identifying who was involved, these custodians can quickly be placed on hold to preserve relevant content. The next question is what took place? To answer this second fundamental question of any investigation, managers must turn to the data. To quickly assess the most relevant content to the question of what took place, managers start to refine the target of the question to ensure that the collection results are comprehensive without being too broad. -Collections in Advanced eDiscovery help eDiscovery managers quickly scope a search for content across email, documents, and other content in Microsoft 365. Collections provide managers with an estimate of the content that may be relevant to the case. This allows managers to make quick, informed decisions about the size and scope of content relevant to a case. eDiscovery managers can create a collection to search custodial data sources (such as mailboxes and SharePoint sites) and by using specific search criteria (such as keywords and date ranges) to quickly define the scope of their collection. +Collections in eDiscovery (Premium) help eDiscovery managers quickly scope a search for content across email, documents, and other content in Microsoft 365. Collections provide managers with an estimate of the content that may be relevant to the case. This allows managers to make quick, informed decisions about the size and scope of content relevant to a case. eDiscovery managers can create a collection to search custodial data sources (such as mailboxes and SharePoint sites) and by using specific search criteria (such as keywords and date ranges) to quickly define the scope of their collection. After the collection is defined, eDiscovery managers can save the collection as a draft and get estimates, including estimates for data volume, the content locations that contain results, and the number of hits for search query condition. These insights can help to inform if the collection should be revised to narrow or expand the scope of the collection before moving on the review and analyze stages in the eDiscovery workflow. When the manager is satisfied with the scope of the collection and the estimated amount of content that's likely to be responsive, the manager can add or commit the content to a review set. When committing a collection to a review set, that manager also has the options to include chat conversations, cloud attachments, and document versions. The content in the collection also goes through another level of processing during ingestion into the review set. and the collection will be updated with the final collection summary. After content is added to the review set, eDiscovery managers can continue to query, group, and refine the content in to help with minimization and review. Additionally, the collection is updated with information and statistics about the content committed to the review set. This provides a historical reference about the content in the collection. -With the release of collections in an Advanced eDiscovery, the Searches tab has been renamed to Collections in an Advanced eDiscovery case in the Microsoft 365 compliance center. The steps to define the scope and size of the collection follow the same process as search to define locations and conditions. Save as draft and get preview estimates enables quick validation of targeted scope of collections prior to committing a full search and collection into the review set. This enables improved job management, and targeted iterations for starting to minimize content during the search and collection process. +With the release of collections in an eDiscovery (Premium), the Searches tab has been renamed to Collections in an eDiscovery (Premium) case in the Microsoft Purview compliance portal. The steps to define the scope and size of the collection follow the same process as search to define locations and conditions. Save as draft and get preview estimates enables quick validation of targeted scope of collections prior to committing a full search and collection into the review set. This enables improved job management, and targeted iterations for starting to minimize content during the search and collection process. ## Collections workflow -To get started using collections in Advanced eDiscovery, here's a basic workflow and descriptions of each step in the process. +To get started using collections in eDiscovery (Premium), here's a basic workflow and descriptions of each step in the process. -![Collections workflow in Advanced eDiscovery.](../media/CollectionsWorkflow.png) +![Collections workflow in eDiscovery (Premium).](../media/CollectionsWorkflow.png) 1. Create and run a draft collection. The first step is to create a draft collection and define the custodial and non-custodial data sources to search. You can also search other data sources that haven't been added to the case. After you add the data sources, you configure the search query to search the data sources for content relevant to the case. You can keywords, properties, and conditions to build search queries that return content that's likely most relevant to the case. For more information, see [Create a draft collection](create-draft-collection.md). To get started using collections in Advanced eDiscovery, here's a basic workflow 4. Commit a draft collection to a review set. When you're satisfied that the collection returns the type content that is relevant to the case, you can commit the collection to the review set. When you commit a collection, you have the option to add conversation threads, cloud attachments, and document versions to the review set, all of which might be relevant to the case. - When you commit a collection, child items such as email signatures and images are extracted from a parent item (such as an email message, chat message, or document) and then processed by Optical Character Recognition (OCR) to extract any text from the child item. Text extracted from child items is then added to its parent item so you can view it in the review set. By not adding child items to the review set as a separate file, Advanced eDiscovery helps limit the number of potentially immaterial items added to the review set. For more information about how child items are handled, see [Collection statistics and reports](collection-statistics-reports.md#collection-contents). + When you commit a collection, child items such as email signatures and images are extracted from a parent item (such as an email message, chat message, or document) and then processed by Optical Character Recognition (OCR) to extract any text from the child item. Text extracted from child items is then added to its parent item so you can view it in the review set. By not adding child items to the review set as a separate file, eDiscovery (Premium) helps limit the number of potentially immaterial items added to the review set. For more information about how child items are handled, see [Collection statistics and reports](collection-statistics-reports.md#collection-contents). For more information, see [Commit a draft collection to a review set](commit-draft-collection.md).
compliance	Commit Draft Collection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/commit-draft-collection.md	search.appverid: description: "After you create and iterate on a draft collection, you can commit it to a review set. When you commit a draft collection, the collected items are added to review set in the case. After the collected items are in the review set, you can analyze, review, and export them." -# Commit a draft collection to a review set in Advanced eDiscovery +# Commit a draft collection to a review set in eDiscovery (Premium) When you're satisfied with the items you've collected in a draft collection and are ready to analyze, tag, and review them, you can add a collection to a review set in the case. When you commit a draft collection to a review set, collected items are copied from their original content location in Microsoft 365 to a review set. A review set is a secure, Microsoft-provided Azure Storage location in the Microsoft cloud. ## Commit a draft collection to a review set -1. In the Microsoft 365 compliance center, open the Advanced eDiscovery case, and then select the Collections tab to display a list of the collections in the case. +1. In the Microsoft Purview compliance portal, open the Microsoft Purview eDiscovery (Premium) case, and then select the Collections tab to display a list of the collections in the case. ![List of collections in a case.](../media/CommitDraftCollections1.png) When you're satisfied with the items you've collected in a draft collection and ![Configure additional collection settings.](../media/AeDAdditionalCollectionSettings.png). - a. Teams and Yammer messages: Select this option to add conversation threads to the collection that include the chat items returned by the search query in the collection. This means that the chat conversation that contains items that match the search criteria is reconstructed. This lets you review chat items in the context of the back and forth conversation. For more information, see [Conversation threading in Advanced eDiscovery](conversation-review-sets.md). + a. Teams and Yammer messages: Select this option to add conversation threads to the collection that include the chat items returned by the search query in the collection. This means that the chat conversation that contains items that match the search criteria is reconstructed. This lets you review chat items in the context of the back and forth conversation. For more information, see [Conversation threading in eDiscovery (Premium)](conversation-review-sets.md). b. Cloud attachments: Select this option to include modern attachments or linked files when the collection results are added to the review set. This means the target file of a modern attachment or linked file is added to the review set. When you commit a draft collection to a review set, the following things happen: ## Optical character recognition -When you commit a collection to a review set, optical character recognition (OCR) functionality in Advanced eDiscovery automatically extracts text from images, and includes the image text with the content that's added to a review set. You can view the extracted text in the Text viewer of the selected image file in the review set. This lets you conduct further review and analysis on text in images. OCR is supported for loose files, email attachments, and embedded images. For a list of image file formats that are supported for OCR, see [Supported file types in Advanced eDiscovery](supported-filetypes-ediscovery20.md#image). +When you commit a collection to a review set, optical character recognition (OCR) functionality in eDiscovery (Premium) automatically extracts text from images, and includes the image text with the content that's added to a review set. You can view the extracted text in the Text viewer of the selected image file in the review set. This lets you conduct further review and analysis on text in images. OCR is supported for loose files, email attachments, and embedded images. For a list of image file formats that are supported for OCR, see [Supported file types in eDiscovery (Premium)](supported-filetypes-ediscovery20.md#image). -You have to enable OCR functionality for each case that you create in Advanced eDiscovery. For more information, see [Configure search and analytics settings](configure-search-and-analytics-settings-in-advanced-ediscovery.md#optical-character-recognition-ocr). +You have to enable OCR functionality for each case that you create in eDiscovery (Premium). For more information, see [Configure search and analytics settings](configure-search-and-analytics-settings-in-advanced-ediscovery.md#optical-character-recognition-ocr).
compliance	Communication Compliance Case Study	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-case-study.md	Title: "Case study - Contoso quickly configures an inappropriate text policy for Microsoft Teams, Exchange, and Yammer communications" + Title: "Case study - Contoso configures an inappropriate text policy" description: "A case study for Contoso and how they quickly configure a communication compliance policy to monitor for inappropriate text in Microsoft Teams, Exchange Online, and Yammer communications." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Case study - Contoso quickly configures an inappropriate text policy for Microsoft Teams, Exchange, and Yammer communications -Communication compliance in Microsoft 365 helps minimize communication risks by helping you detect, capture, and act on messages with inappropriate text in your organization. inappropriate text may include profanity, threats, harassment, and inappropriate images. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate remediation actions to make sure they're compliant with your organization's message standards. + +Microsoft Purview Communication Compliance helps minimize communication risks by helping you detect, capture, and act on messages with inappropriate text in your organization. inappropriate text may include profanity, threats, harassment, and inappropriate images. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate remediation actions to make sure they're compliant with your organization's message standards. The Contoso Corporation is a fictional organization that needs to quickly configure a policy to monitor for inappropriate text. They have been using Microsoft 365 primarily for email, Microsoft Teams, and Yammer support for their users but have new requirements to enforce company policy around workplace harassment. Contoso IT administrators and compliance specialists have a basic understanding of the fundamentals of working with Microsoft 365 and are looking for end-to-end guidance for how to quickly get started with communication compliance. This case study will cover the basics for quickly configuring a communication compliance policy to monitor communications for inappropriate text. This guidance includes: - Step 1 - Planning for communication compliance-- Step 2 - Accessing communication compliance in Microsoft 365 +- Step 2 - Accessing communication compliance - Step 3 - Configuring prerequisites and creating a communication compliance policy - Step 4 - Investigation and remediation of alerts Contoso IT administrators take the following steps to verify the licensing suppo ### Permissions for communication compliance -There are five role groups used to configure permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft 365 compliance center and to continue with these configuration steps, Contoso administrators are assigned the Communication Compliance Admin role. +There are five role groups used to configure permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, Contoso administrators are assigned the Communication Compliance Admin role. Contoso decides to use the Communication Compliance role group assign all the communication compliance administrators, analysts, investigators, and viewers to the group. This makes it easier for Contoso to get started quickly and best fits their compliance management requirements. Contoso decides to use the Communication Compliance role group assign all the \| Communication Compliance \| Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that do not need separate permissions defined for separate groups of users. \| \| Communication Compliance Admin \| Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group cannot view message alerts. \| \| Communication Compliance Analyst \| Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they are assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts cannot resolve pending alerts. \| -\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an Advanced eDiscovery case, send notifications to users, and resolve the alert. \| +\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. \| \| Communication Compliance Viewer \| Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. \| -1. Contoso IT administrators sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com/permissions) permissions page using credentials for a global administrator account and select the link to view and manage roles in Microsoft 365. -2. In the Microsoft 365 compliance center, they go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> and select the link to view and manage roles in Office 365. +1. Contoso IT administrators sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com/permissions) permissions page using credentials for a global administrator account and select the link to view and manage roles in Microsoft 365. +2. In the Microsoft Purview compliance portal, they go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> and select the link to view and manage roles in Office 365. 3. The administrators select the Communication Compliance role group, then select Edit role group. 4. The administrators select Choose members from the left navigation pane, then select Edit. 5. They select Add and then select the checkbox for all Contoso users that will manage communication compliance, investigate, and review alerts. 6. The administrators select Add, then select Done. 7. They select Save to add Contoso users to the role group. They select Close to complete the steps. -## Step 2: Accessing communication compliance in Microsoft 365 +## Step 2: Accessing communication compliance -After configuring the permissions for communication compliance, Contoso IT administrators and compliance specialists assigned to the Communication Compliance role group can access the communication compliance solution in Microsoft 365. Contoso IT administrators and compliance specialists have several ways to access communication compliance and get started creating a new policy: +After configuring the permissions for communication compliance, Contoso IT administrators and compliance specialists assigned to the Communication Compliance role group can access the communication compliance solution in Microsoft Purview. Contoso IT administrators and compliance specialists have several ways to access communication compliance and get started creating a new policy: - Starting directly from the communication compliance solution-- Starting from the Microsoft 365 compliance center-- Starting from the Microsoft 365 solution catalog +- Starting from the Microsoft Purview compliance portal +- Starting from the Microsoft Purview solution catalog - Starting from the Microsoft 365 admin center ### Starting directly from the communication compliance solution The quickest way to access the solution is to sign in directly to the Communic ![Communication compliance overview.](../media/communication-compliance-case-overview.png) -### Starting from the Microsoft 365 compliance center +### Starting from the Microsoft Purview compliance portal -Another easy way for Contoso IT administrators and compliance specialists to access the communication compliance solution is to sign in directly to the [Microsoft 365 compliance center](https://compliance.microsoft.com). After signing in, users simply need to select the Show all control to display all the compliance solutions and then select the Communication compliance solution to get started. +Another easy way for Contoso IT administrators and compliance specialists to access the communication compliance solution is to sign in directly to the [Microsoft Purview compliance portal](https://compliance.microsoft.com). After signing in, users simply need to select the Show all control to display all the compliance solutions and then select the Communication compliance solution to get started. ![Compliance center.](../media/communication-compliance-case-center.png) -### Starting from the Microsoft 365 solution catalog +### Starting from the Microsoft Purview solution catalog -Contoso IT administrators and compliance specialists could also choose to access the communication compliance solution by selecting the Microsoft 365 solution catalog. By selecting Catalog in Solutions section of the left navigation while in the Microsoft 365 compliance center, they can open the solution catalog listing all Microsoft 365 compliance solutions. Scrolling down to the Insider risk management section, Contoso IT administrators can select Communication compliance to get started. Contoso IT administrators also decide to use the Show in navigation control to pin the communication compliance solution to the left-navigation pane for quicker access when they sign in going forward. +Contoso IT administrators and compliance specialists could also choose to access the communication compliance solution by selecting the Microsoft Purview solution catalog. By selecting Catalog in Solutions section of the left navigation while in the Microsoft Purview compliance portal, they can open the solution catalog listing all Microsoft Purview solutions. Scrolling down to the Insider risk management section, Contoso IT administrators can select Communication compliance to get started. Contoso IT administrators also decide to use the Show in navigation control to pin the communication compliance solution to the left-navigation pane for quicker access when they sign in going forward. ![Solution catalog.](../media/communication-compliance-case-solution.png) ### Starting from the Microsoft 365 admin center -To access communication compliance when starting from the Microsoft 365 admin center, Contoso IT administrators and compliance specialists sign in to the Microsoft 365 admin center [(https://admin.microsoft.com)](https://admin.microsoft.com) and go to [Microsoft 365 compliance center](https://compliance.microsoft.com) +To access communication compliance when starting from the Microsoft 365 admin center, Contoso IT administrators and compliance specialists sign in to the Microsoft 365 admin center [(https://admin.microsoft.com)](https://admin.microsoft.com) and go to [Microsoft Purview compliance portal](https://compliance.microsoft.com) ![Communication compliance link.](../media/communication-compliance-case-compliance-link.png) -This action opens the Office 365 Security and Compliance center, and they must select the link to the Microsoft 365 compliance center provided in the banner at the top of the page. +This action opens the Office 365 Security and Compliance center, and they must select the link to the Microsoft Purview compliance portal provided in the banner at the top of the page. ![Office 365 security and compliance center.](../media/communication-compliance-case-scc.png) -Once in the Microsoft 365 compliance center, Contoso IT administrators select Show all to display the full list of compliance solutions. +Once in the Microsoft Purview compliance portal, Contoso IT administrators select Show all to display the full list of compliance solutions. ![Communication compliance menu.](../media/communication-compliance-case-show-all.png) They need to create a new group to include all Contoso users, so they take the f With all the prerequisites completed, the IT administrators and the compliance specialists for Contoso are ready to configure the communication compliance policy to monitor for inappropriate text. Using the new inappropriate text policy template, configuring this policy is simple and quick. -1. The Contoso IT administrators and compliance specialists sign into the Microsoft 365 compliance center and select Communication compliance from the left navigation pane. This action opens the Overview dashboard that has quick links for communication compliance policy templates. They choose the Monitor for inappropriate text template by selecting Get started for the template. +1. The Contoso IT administrators and compliance specialists sign into the Microsoft Purview compliance portal and select Communication compliance from the left navigation pane. This action opens the Overview dashboard that has quick links for communication compliance policy templates. They choose the Monitor for inappropriate text template by selecting Get started for the template. ![Communication compliance inappropriate text template.](../media/communication-compliance-case-template.png) With all the prerequisites completed, the IT administrators and the compliance s Now that the communication compliance policy to monitor for inappropriate text is configured, the next step for the Contoso compliance specialists will be to investigate and remediate any alerts generated by the policy. It will take up to 24 hours for the policy to fully process communications in all the communication source channels and for alerts to show up in the Alert dashboard**. -After alerts are generated, Contoso compliance specialists will follow the [workflow instructions](communication-compliance-investigate-remediate.md) to investigate and remediate inappropriate text issues. +After alerts are generated, Contoso compliance specialists will follow the [workflow instructions](communication-compliance-investigate-remediate.md) to investigate and remediate inappropriate text issues.
compliance	Communication Compliance Channels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-channels.md	Title: "Detect channel signals with communication compliance" description: "Learn more about detecting channel signals with communication compliance." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Detect channel signals with communication compliance + With communication compliance policies, you can choose to scan messages in one or more of the following communication platforms as a group or as standalone sources. Original messages captured across these platforms are retained in the original platform location in accordance with your organization's [retention and hold policies](/microsoft-365/compliance/information-governance). Copies of messages used by communication compliance policies for analysis and investigation are retained for as long as policy is in place, even if users leave your organization and their mailboxes are deleted. When a communication policy is deleted, copies of messages associated with the policy are also deleted. ## Microsoft Teams
compliance	Communication Compliance Configure	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md	Title: "Get started with communication compliance" description: "Set up communication compliance policies to configure user communications for review." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Get started with communication compliance -Use communication compliance policies to identify user communications for examination by internal or external reviewers. For more information about how communication compliance policies can help you monitor communications in your organization, see [communication compliance policies in Microsoft 365](communication-compliance.md). If you'd like to review how Contoso quickly configured a communication compliance policy to monitor for inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications, check out this [case study](communication-compliance-case-study.md). + +Use communication compliance policies to identify user communications for examination by internal or external reviewers. For more information about how communication compliance policies can help you monitor communications in your organization, see [communication compliance policies](communication-compliance.md). If you'd like to review how Contoso quickly configured a communication compliance policy to monitor for inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications, check out this [case study](communication-compliance-case-study.md). ## Subscriptions and licensing Activity involving [sensitive information types](/microsoft-365/compliance/commu > [!IMPORTANT] > After configuring your role groups, it may take up to 30 minutes for the role group permissions to apply to assigned users across your organization. -There are six role groups used to configure initial permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft 365 compliance center and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: +There are six role groups used to configure initial permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: - Azure Active Directory [Global Administrator](/azure/active-directory/roles/permissions-reference#global-administrator) role - Azure Active Directory [Compliance Administrator](/azure/active-directory/roles/permissions-reference#compliance-administrator) role-- Microsoft 365 compliance center [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group-- Microsoft 365 compliance center [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - Communication Compliance role group - Communication Compliance Admin role group Members of the following roles have the same solution permissions included with - Azure Active Directory Global Administrator - Azure Active Directory Compliance Administrator-- Microsoft 365 compliance center Organization Management-- Microsoft 365 compliance center Compliance Administrator +- Microsoft Purview compliance portal Organization Management +- Microsoft Purview compliance portal Compliance Administrator > [!IMPORTANT] > Make sure you always have at least one user in the Communication Compliance or Communication Compliance Admin role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization. Choose from these solution role group options when configuring and managing comm \| Communication Compliance \| Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that don't need separate permissions defined for separate groups of users. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online.\| \| Communication Compliance Admin \| Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group can't view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online.\| \| Communication Compliance Analyst \| Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they're assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts can't resolve pending alerts. \| -\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an Advanced eDiscovery case, send notifications to users, and resolve the alert. \| +\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. \| \| Communication Compliance Viewer \| Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. \| ### Option 1: Assign all compliance users to the Communication Compliance role group Choose from these solution role group options when configuring and managing comm Use this option to assign users to specific role groups to segment communication compliance access and responsibilities among different users in your organization. -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization, and then go to the Permissions</a>. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization, and then go to the Permissions</a>. 2. Select the link to view and manage roles in Office 365. For more information about configuring Yammer in Native Mode, see: ## Step 5 (required): Create a communication compliance policy >[!IMPORTANT] ->Using PowerShell to create and manage communication compliance policies isn't supported. To create and manage these policies, you must use the policy management controls in the [Microsoft 365 communication compliance solution](https://compliance.microsoft.com/supervisoryreview). +>Using PowerShell to create and manage communication compliance policies isn't supported. To create and manage these policies, you must use the policy management controls in the [communication compliance solution](https://compliance.microsoft.com/supervisoryreview). >[!TIP] >Want to see an in-depth walkthrough of setting up a new communication compliance policy and remediating an alert? Check out [this 15-minute video](communication-compliance-plan.md#creating-a-communication-compliance-policy-walkthrough) to see a demonstration of how communication compliance policies can help you detect inappropriate messages, investigate potential violations, and remediate compliance issues. -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, select Communication compliance. +2. In the Microsoft Purview compliance portal, select Communication compliance. 3. Select the Policies tab. If you want to have the option of responding to a policy alert by sending a remi You can also choose to enable anonymization for displayed usernames when investigating policy matches and taking action on messages. -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Communication compliance. +2. In the Microsoft Purview compliance portal, go to Communication compliance. 3. To configure anonymization for usernames, select the Privacy tab. You can also choose to enable anonymization for displayed usernames when investi ## Step 8 (optional): Test your communication compliance policy -After you create a communication compliance policy, it's a good idea to test it to make sure that the conditions you defined are being properly enforced by the policy. You may also want to [test your data loss prevention (DLP) policies](create-test-tune-dlp-policy.md) if your communication compliance policies include sensitive information types. Make sure you give your policies time to activate so that the communications you want to test are captured. +After you create a communication compliance policy, it's a good idea to test it to make sure that the conditions you defined are being properly enforced by the policy. You may also want to [test your Microsoft Purview Data Loss Prevention (DLP) policies](create-test-tune-dlp-policy.md) if your communication compliance policies include sensitive information types. Make sure you give your policies time to activate so that the communications you want to test are captured. Follow these steps to test your communication compliance policy:
compliance	Communication Compliance Investigate Remediate	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-investigate-remediate.md	Title: "Investigate and remediate communication compliance alerts" -description: "Investigate and remediate communication compliance alerts in Microsoft 365." +description: "Investigate and remediate communication compliance alerts in Microsoft Purview." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Investigate and remediate communication compliance alerts -After you've configured your communication compliance policies, you'll start to receive alerts in the Microsoft 365 compliance center for message issues that match your policy conditions. Follow the workflow instructions here to investigate and remediate alert issues. + +After you've configured your communication compliance policies, you'll start to receive alerts in the Microsoft Purview compliance portal for message issues that match your policy conditions. Follow the workflow instructions here to investigate and remediate alert issues. ## Investigate alerts -The first step to investigate issues detected by your policies is to review communication compliance alerts in the Microsoft 365 compliance center. There are several areas in the communication compliance solution area to help you to quickly investigate alerts, depending on how you prefer to view alert grouping: +The first step to investigate issues detected by your policies is to review communication compliance alerts in the Microsoft Purview compliance portal. There are several areas in the communication compliance solution area to help you to quickly investigate alerts, depending on how you prefer to view alert grouping: -- Communication compliance policy page: When you sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization, select Communication compliance to display the communication compliance Policy page. This page displays communication compliance policies configured for your Microsoft 365 organization and links to recommended policy templates. Each policy listed includes the count of alerts that need review, the number of escalated and resolved items, status of the policy, and the date and time of the last policy scan. Selecting a policy displays all the pending alerts for matches to the policy, select a specific alert to launch the policy details page and to start remediation actions. +- Communication compliance policy page: When you sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization, select Communication compliance to display the communication compliance Policy page. This page displays communication compliance policies configured for your Microsoft 365 organization and links to recommended policy templates. Each policy listed includes the count of alerts that need review, the number of escalated and resolved items, status of the policy, and the date and time of the last policy scan. Selecting a policy displays all the pending alerts for matches to the policy, select a specific alert to launch the policy details page and to start remediation actions. - Alerts: Navigate to Communication compliance > Alerts to display the last 30 days of alerts grouped by policy matches. This view allows you to quickly see which communication compliance policies are generating the most alerts ordered by severity. To start remediation actions, select the policy associated with the alert to launch the Policy details page. From the Policy details page, you can review a summary of the activities on the Overview page, review and act on alert messages on the Pending page, or review the history of closed alerts on the Resolved page. - Reports: Navigate to Communication compliance > Reports to display communication compliance report widgets. Each widget provides an overview of communication compliance activities and statuses, including access to deeper insights about policy matches and remediation actions. The following table outlines filter details: #### To configure a filter -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Communication compliance. +2. In the Microsoft Purview compliance portal, go to Communication compliance. 3. Select the Policies tab and then select a policy for investigation, double-click to open the Policy page. Communication compliance policies automatically scan and pre-group near and exac #### To remediate duplicates -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Communication compliance. +2. In the Microsoft Purview compliance portal, go to Communication compliance. 3. Select the Policies tab and then select a policy for investigation, double-click to open the Policy page. Now that you've reviewed the details of the message for the alert, you can choos - Tag as: Tag the message as compliant, non-compliant, or as questionable as it relates to the policies and standards for your organization. Adding tags and tagging comments helps you micro-filter policy alerts for escalations or as part of other internal review processes. After tagging is complete, you can also choose to resolve the message to move it out of the pending review queue. - Notify: You can use the Notify control to assign a custom notice template to the alert and to send a warning notice to the user. Choose the appropriate notice template configured in the Communication compliance settings area and select Send to email a reminder to the user that sent the message and to resolve the issue. - Escalate: Using the Escalate control, you can choose who else in your organization should review the message. Choose from a list of reviewers configured in the communication compliance policy to send an email notification requesting additional review of the message alert. The selected reviewer can use a link in the email notification to go directly to items escalated to them for review.-- Escalate for investigation: Using the Escalate for investigation control, you can create a new [Advanced eDiscovery case](overview-ediscovery-20.md) for single or multiple messages. You'll provide a name and notes for the new case, and user who sent the message matching the policy is automatically assigned as the case custodian. You don't need any additional permissions to manage the case. Creating a case doesn't resolve or create a new tag for the message. You can select a total of 100 messages when creating an Advanced eDiscovery case during the remediation process. Messages in all communication channels monitored by communication compliance are supported. For example, you could select 50 Microsoft Teams chats, 25 Exchange Online email messages, and 25 Yammer messages when you open a new Advanced eDiscovery case for a user. +- Escalate for investigation: Using the Escalate for investigation control, you can create a new [eDiscovery (Premium) case](overview-ediscovery-20.md) for single or multiple messages. You'll provide a name and notes for the new case, and user who sent the message matching the policy is automatically assigned as the case custodian. You don't need any additional permissions to manage the case. Creating a case doesn't resolve or create a new tag for the message. You can select a total of 100 messages when creating an eDiscovery (Premium) case during the remediation process. Messages in all communication channels monitored by communication compliance are supported. For example, you could select 50 Microsoft Teams chats, 25 Exchange Online email messages, and 25 Yammer messages when you open a new eDiscovery (Premium) case for a user. - Remove message in Teams: Using the Remove message in Teams control, you can block inappropriate messages and content identified in alerts from Microsoft Teams channels and 1:1 and group chats. Removed messages and content are replaced with a policy tip that explains that it's blocked and the policy that applies to its removal from view. Recipients are provided a link in the policy tip to learn more about the applicable policy and the review process. The sender receives a policy tip for the blocked message and content but can review the details of the blocked message and content for context regarding the removal. ![Remove a message from Microsoft Teams.](../media/communication-compliance-remove-teams-message.png) Message details can be exported or downloaded if you need to archive the message [Microsoft Power Automate](/power-automate/getting-started) is a workflow service that automates actions across applications and services. By using flows from templates or created manually, you can automate common tasks associated with these applications and services. When you enable Power Automate flows for communication compliance, you can automate important tasks for alerts and users. You can configure Power Automate flows to notify managers when users have communication compliance alerts and other applications. -Customers with Microsoft 365 subscriptions that include communication compliance don't need additional Power Automate licenses to use the recommended default communication compliance Power Automate template. The default template can be customized to support your organization and cover core communication compliance scenarios. If you choose to use premium Power Automate features in these templates, create a custom template using the Microsoft 365 compliance connector, or use Power Automate templates for other compliance areas in Microsoft 365, you may need additional Power Automate licenses. +Customers with Microsoft 365 subscriptions that include communication compliance don't need additional Power Automate licenses to use the recommended default communication compliance Power Automate template. The default template can be customized to support your organization and cover core communication compliance scenarios. If you choose to use premium Power Automate features in these templates, create a custom template using the Microsoft Purview connector, or use Power Automate templates for other compliance areas in Microsoft Purview, you may need additional Power Automate licenses. > [!IMPORTANT] > Are you receiving prompts for additional license validation when testing Power Automate flows? Your organization may not have received service updates for this preview feature yet. Updates are being deployed and all organizations with Microsoft 365 subscriptions that include communication compliance should have license support for flows created from the recommended Power Automate templates by October 30, 2020. To create a Power Automate flow from a recommended default template, you'll use Complete the following steps to create a Power Automate flow from a default template: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. 2. From the policy, select the Pending tab and select a pending alert. 3. Select Power Automate from the alert action menu. 4. On the Power Automate page, select a default template from the Communication compliance templates you may like section on the page. By default, Power Automate flows created by a user are only available to that us To share a Power Automate flow, you must be a member of at least one communication compliance role group. Complete the following steps to share a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. 2. From the policy, select the Pending tab and select a pending alert. 3. Select Power Automate from the alert action menu. 4. On the Power Automate flows page, select the My flows or Team flows tab. If you need to edit a flow, you'll use the Power Automate control when worki Complete the following steps to edit a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. 2. From the policy, select the Pending tab and select a pending alert. 3. Select Power Automate from the alert action menu. 4. On the Power Automate flows page, select flow to edit. Select Edit from the flow control menu. If you need to delete a flow, you'll use the Power Automate control when wor Complete the following steps to delete a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Communication compliance > Policies and select the policy with the alert you want review. 2. From the policy, select the Pending tab and select a pending alert. 3. Select Power Automate from the alert action menu. 4. On the Power Automate flows page, select flow to delete. Select Delete from the flow control menu. When messages are resolved, they're removed from the Pending tab view and di To unresolve messages, complete the following steps: -1. Sign into the [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for a user assigned to the Communication Compliance Analyst or Communication Compliance Investigator role groups in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Communication compliance. +1. Sign into the [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for a user assigned to the Communication Compliance Analyst or Communication Compliance Investigator role groups in your Microsoft 365 organization. +2. In the Microsoft Purview compliance portal, go to Communication compliance. 3. Select the Policies tab and then select a policy that contains the resolved alert message, double-click to open the Policy page. 4. On the Policy page, select the Resolved tab. 5. On the Resolved tab, select one or more messages to move back to Pending. 6. On the command bar, select Unresolve. 7. On the Unresolve item pane, add any comments applicable to the unresolve action and select Save to move the item back to Pending. -8. Select the Pending tab to verify the selected items are displayed. +8. Select the Pending tab to verify the selected items are displayed.
compliance	Communication Compliance Plan	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-plan.md	Title: "Plan for communication compliance" description: "Learn about planning for using communication compliance in your organization." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Plan for communication compliance + Before getting started with [communication compliance](communication-compliance.md) in your organization, there are important planning activities and considerations that should be reviewed by your information technology and compliance management teams. Thoroughly understanding and planning for deployment in the following areas will help ensure that your implementation and use of communication compliance features goes smoothly and is aligned with the best practices for the solution. > [!IMPORTANT] Before getting started with [communication compliance](communication-compliance. ## Transitioning from Supervision in Office 365 -For organizations using supervision policies in Office 365, you should immediately plan to transition to communication compliance policies in Microsoft 365 and need to understand these important points: +For organizations using supervision policies in Office 365, you should immediately plan to transition to communication compliance policies in Microsoft Purview and need to understand these important points: -- The supervision solution in Office 365 has been fully replaced by the communication compliance solution in Microsoft 365. We recommend creating new policies in communication compliance that have the same settings as existing supervision policies to use the new investigation and remediation improvements.-- Messages saved in supervision in Office 365 policy matches cannot be moved or shared into communication compliance in Microsoft 365. +- The supervision solution in Office 365 has been fully replaced by the communication compliance solution in Microsoft Purview. We recommend creating new policies in communication compliance that have the same settings as existing supervision policies to use the new investigation and remediation improvements. +- Messages saved in supervision in Office 365 policy matches cannot be moved or shared into communication compliance. - For organizations with both solutions used side by side during the transition process, policies used in each solution must have unique policy names. Groups and custom keyword dictionaries can be shared between solutions during a transition period. For retirement information for supervision in Office 365, see the [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap) for details. Identify the appropriate stakeholders in your organization to collaborate for ta ### Permissions -Select dedicated stakeholders to monitor and review the alerts and cases on a regular cadence in the [Microsoft 365 compliance center](https://compliance.microsoft.com/). Make sure you understand how you will assign users and stakeholders to different communication compliance role groups in your organization. +Select dedicated stakeholders to monitor and review the alerts and cases on a regular cadence in the [Microsoft Purview compliance portal](https://compliance.microsoft.com/). Make sure you understand how you will assign users and stakeholders to different communication compliance role groups in your organization. > [!IMPORTANT] > After configuring your role groups, it may take up to 30 minutes for the role group permissions to apply to assigned users across your organization. -There are six role groups used to configure initial permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft 365 compliance center and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: +There are six role groups used to configure initial permissions to manage communication compliance features. To make Communication compliance available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: - Azure Active Directory [Global Administrator](/azure/active-directory/roles/permissions-reference#global-administrator) role - Azure Active Directory [Compliance Administrator](/azure/active-directory/roles/permissions-reference#compliance-administrator) role-- Microsoft 365 compliance center [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group-- Microsoft 365 compliance center [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - Communication Compliance role group - Communication Compliance Admin role group Members of the following roles have the same solution permissions included with - Azure Active Directory Global Administrator - Azure Active Directory Compliance Administrator-- Microsoft 365 compliance center Organization Management-- Microsoft 365 compliance center Compliance Administrator +- Microsoft Purview compliance portal Organization Management +- Microsoft Purview compliance portal Compliance Administrator > [!IMPORTANT] > Make sure you always have at least one user in the Communication Compliance or Communication Compliance Admin role groups (depending on the option you choose) so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization. Choose from these solution role group options when configuring and managing comm \| Communication Compliance \| Use this role group to manage communication compliance for your organization in a single group. By adding all user accounts for designated administrators, analysts, investigators, and viewers, you can configure communication compliance permissions in a single group. This role group contains all the communication compliance permission roles. This configuration is the easiest way to quickly get started with communication compliance and is a good fit for organizations that do not need separate permissions defined for separate groups of users. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online. \| \| Communication Compliance Admin \| Use this role group to initially configure communication compliance and later to segregate communication compliance administrators into a defined group. Users assigned to this role group can create, read, update, and delete communication compliance policies, global settings, and role group assignments. Users assigned to this role group cannot view message alerts. Users that create policies as a communication compliance administrator must have their mailbox hosted on Exchange Online. \| \| Communication Compliance Analyst \| Use this group to assign permissions to users that will act as communication compliance analysts. Users assigned to this role group can view policies where they are assigned as Reviewers, view message metadata (not message content), escalate to additional reviewers, or send notifications to users. Analysts cannot resolve pending alerts. \| -\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an Advanced eDiscovery case, send notifications to users, and resolve the alert. \| +\| Communication Compliance Investigator \| Use this group to assign permissions to users that will act as communication compliance investigators. Users assigned to this role group can view message metadata and content, escalate to additional reviewers, escalate to an eDiscovery (Premium) case, send notifications to users, and resolve the alert. \| \| Communication Compliance Viewer \| Use this group to assign permissions to users that will manage communication reports. Users assigned to this role group can access all reporting widgets on the communication compliance home page and can view all communication compliance reports. \| ### Supervised users Want to see an in-depth walkthrough of setting up a new communication compliance ## Ready to get started? -To configure communication compliance for your Microsoft 365 organization, see [Configure communication compliance for Microsoft 365](communication-compliance-configure.md) or check out the [case study for Contoso](communication-compliance-case-study.md) and how they quickly configured a communication compliance policy to monitor for inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications. +To configure communication compliance for your Microsoft 365 organization, see [Configure communication compliance](communication-compliance-configure.md) or check out the [case study for Contoso](communication-compliance-case-study.md) and how they quickly configured a communication compliance policy to monitor for inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications.
compliance	Communication Compliance Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-policies.md	Title: "Communication compliance policies" description: "Learn more about communication compliance policies." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Communication compliance policies + ## Policies > [!IMPORTANT] -> Using PowerShell to create and manage communication compliance policies is not supported. To create and manage these policies, you must use the policy management controls in the [Microsoft 365 communication compliance solution](https://compliance.microsoft.com/supervisoryreview). +> Using PowerShell to create and manage communication compliance policies is not supported. To create and manage these policies, you must use the policy management controls in the [communication compliance solution](https://compliance.microsoft.com/supervisoryreview). -You create communication compliance policies for Microsoft 365 organizations in the Microsoft 365 compliance center. Communication compliance policies define which communications and users are subject to review in your organization, define which custom conditions the communications must meet, and specify who should do reviews. Users assigned the Communication Compliance Admin role can set up policies, and anyone who has this role assigned can access the Communication compliance page and global settings in the Microsoft 365 compliance center. If needed, you can export the history of modifications to a policy to a .csv (comma-separated values) file that also includes the status of alerts pending review, escalated items, and resolved items. Policies can't be renamed and can be deleted when no longer needed. +You create communication compliance policies for Microsoft 365 organizations in the Microsoft Purview compliance portal. Communication compliance policies define which communications and users are subject to review in your organization, define which custom conditions the communications must meet, and specify who should do reviews. Users assigned the Communication Compliance Admin role can set up policies, and anyone who has this role assigned can access the Communication compliance page and global settings in the Microsoft Purview compliance portal. If needed, you can export the history of modifications to a policy to a .csv (comma-separated values) file that also includes the status of alerts pending review, escalated items, and resolved items. Policies can't be renamed and can be deleted when no longer needed. ## Policy templates User reported messages from Teams chats are the only messages processed by the U Admins should immediately assign custom reviewers to this policy as appropriate for your organization. This may include reviewers such as your Compliance Officer, Risk Officer, or members of your Human Resources department. To customize the reviewers for chat messages submitted as user-reported messages, complete the following steps: -1. Sign into [Microsoft 365 compliance center](https://compliance.microsoft.com/) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Communication compliance. +1. Sign into [Microsoft Purview compliance portal](https://compliance.microsoft.com/) using credentials for an admin account in your Microsoft 365 organization. +2. In the compliance portal, go to Communication compliance. 3. On the Policy tab, select the User-reported messages policy and select Edit. 4. On the Monitor for user-reported messages pane, assign reviewers for the policy. Reviewers must have mailboxes hosted on Exchange Online. When reviewers are added to a policy, they automatically receive an email message that notifies them of the assignment to the policy and provides links to information about the review process. 5. Select Save. By default, the Direction is condition is displayed and can't be removed. Co ### Sensitive information types -You have the option of including sensitive information types as part of your communication compliance policy. Sensitive information types are either pre-defined or custom data types that can help identify and protect credit card numbers, bank account numbers, passport numbers, and more. As part of [Learn about data loss prevention](dlp-learn-about-dlp.md), the sensitive information configuration can use patterns, character proximity, confidence levels, and even custom data types to help identify and flag content that may be sensitive. The default sensitive information types are: +You have the option of including sensitive information types as part of your communication compliance policy. Sensitive information types are either pre-defined or custom data types that can help identify and protect credit card numbers, bank account numbers, passport numbers, and more. As part of [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md), the sensitive information configuration can use patterns, character proximity, confidence levels, and even custom data types to help identify and flag content that may be sensitive. The default sensitive information types are: - Financial - Medical and health The built-in trainable and global classifiers don't provide an exhaustive list o > [!NOTE] > Policies using classifiers will inspect and evaluate messages with a word count of six or greater. Messages containing less than six words aren't evaluated in policies using classifiers. To identify and take action on shorter messages containing inappropriate content, we recommend including a custom keyword dictionary to communication compliance policies monitoring for this type of content. -For information about trainable classifiers in Microsoft 365, see [Getting started with trainable classifiers](classifier-get-started-with.md). +For information about trainable classifiers, see [Getting started with trainable classifiers](classifier-get-started-with.md). ### Optical character recognition (OCR) For communication compliance policies, the following alert policy values are con > [!NOTE] > The alert policy threshold trigger settings for activities supports a minimum value of 3 or higher for communication compliance policies. -You can change the default settings for triggers on number of activities, period for the activities, and for specific users in alert policies on the Alert policies page in the Microsoft 365 compliance center. +You can change the default settings for triggers on number of activities, period for the activities, and for specific users in alert policies on the Alert policies page in the Microsoft Purview compliance portal. ### Change the severity level for an alert policy If you'd like to change the severity level assigned in an alert policy for a specific communication compliance policy, complete the following steps: -1. Sign into [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. -2. In the Microsoft 365 compliance center, go to Policies. +2. In the Microsoft Purview compliance portal, go to Policies. 3. Select Office 365 alert on the Policies page to open the Alerts policies page.
compliance	Communication Compliance Reports Audits	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-reports-audits.md	Title: "Use communication compliance reports and audits" description: "Learn more about using communication compliance reports and audits." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Use communication compliance reports and audits + ## Reports The new Reports dashboard is the central location for viewing all communication compliance reports. Report widgets provide a quick view of insights most commonly needed for an overall assessment of the status of communication compliance activities. Information contained in the report widgets isn't exportable. Detailed reports provide in-depth information related to specific communication compliance areas and offer the ability to filter, group, sort, and export information while reviewing. Create custom reports and review details for messages contained in specific poli To create a new message details report, complete the following steps: -1. Sign into the Microsoft 365 compliance center with an account that is a member of the Communication Compliance Investigators role group. +1. Sign into the Microsoft Purview compliance portal with an account that is a member of the Communication Compliance Investigators role group. 2. Navigate to the Policies tab, select a policy, and then select Create message details report. 3. On the Create message details report pane, enter a name for the report in the Report name field. 4. In Choose a date range, select a Start date and End date for the report.
compliance	Communication Compliance Siem	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-siem.md	Title: "Communication compliance with SIEM solutions" description: "Learn about communication compliance integration with SIEM solutions." +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: # Communication compliance with SIEM solutions -[Communication compliance](communication-compliance.md) is an insider risk solution in Microsoft 365 that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Security information and event management (SIEM) solutions such as [Microsoft Sentinel](https://azure.microsoft.com/services/azure-sentinel) or [Splunk](https://www.splunk.com/) are commonly used to aggregate and track threats within an organization. + +[Communication compliance](communication-compliance.md) is an insider risk solution in Microsoft Purview that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Security information and event management (SIEM) solutions such as [Microsoft Sentinel](https://azure.microsoft.com/services/azure-sentinel) or [Splunk](https://www.splunk.com/) are commonly used to aggregate and track threats within an organization. A common need for organizations is to integrate communication compliance alerts and these SIEM solutions. With this integration, organizations can view communication compliance alerts in their SIEM solution and then remediate alerts within the communication compliance workflow and user experience. For example, an employee sends an offensive message to another employee and that message is detected by a communication compliance policy monitoring for inappropriate content. These events are tracked in Microsoft 365 Audit (also known as "unified audit log") by the communication compliance solution and imported into the SIEM solution. An alert is then triggered in the SIEM solution for the organization from events monitored in Microsoft 365 Audit that are associated with communication compliance alerts. Investigators are notified of the alert in the SIEM solutions and then they investigate and remediate the alert in the communication compliance solution. Search-UnifiedAuditLog -StartDate $startDate -EndDate $endDate -RecordType Compl ## Resources - [Communication compliance auditing](communication-compliance-reports-audits.md#audit)-- [Advanced Audit in Microsoft 365](advanced-audit.md) +- [Microsoft Purview Audit (Premium)](advanced-audit.md) - [Office 365 Management Activity API reference](/office/office-365-management-api/office-365-management-activity-api-reference)
compliance	Communication Compliance Solution Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-solution-overview.md	Title: Communication compliance in Microsoft 365 -description: Learn how to configure communication compliance in Microsoft 365. + Title: Communication compliance +description: Learn how to configure communication compliance in Microsoft Purview. keywords: Microsoft 365, insider risk, compliance ms.localizationpriority: medium ms.prod: microsoft-365-enterprise - m365solution-scenario -# Communication compliance in Microsoft 365 +# Communication compliance -Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. Communication compliance in Microsoft 365 helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization. -## Configure communication compliance for Microsoft 365 +Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. Microsoft Purview Communication Compliance helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization. + +## Configure communication compliance Use the following steps to configure communication compliance for your organization: ![Insider risk solution communication compliance steps.](../media/ir-solution-cc-steps.png) -1. Learn about [communication compliance](communication-compliance.md) in Microsoft 365 +1. Learn about [communication compliance](communication-compliance.md) 2. Plan for [communication compliance](communication-compliance-plan.md) and [verify licensing](communication-compliance-configure.md#subscriptions-and-licensing) 3. Configure [prerequisites](communication-compliance-configure.md#step-2-required-enable-the-audit-log) and [permissions](communication-compliance-configure.md#step-1-required-enable-permissions-for-communication-compliance) 4. Create and configure [communication compliance policies](communication-compliance-configure.md#step-5-required-create-a-communication-compliance-policy) Use the following steps to configure communication compliance for your organizat ## More information about communication compliance - [Investigate and remediate alerts](communication-compliance-investigate-remediate.md)-- [Case study - Contoso quickly configures an inappropriate content policy for Microsoft Teams, Exchange, and Yammer communications](communication-compliance-case-study.md) +- [Case study - Contoso quickly configures an inappropriate content policy for Microsoft Teams, Exchange, and Yammer communications](communication-compliance-case-study.md)
compliance	Communication Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance.md	Title: "Learn about communication compliance" -description: "Learn about communication compliance in Microsoft 365" +description: "Learn about communication compliance in Microsoft Purview" +keywords: Microsoft 365, Microsoft Purview, compliance, communication compliance f1.keywords: - NOCSH search.appverid: - MOE150 -# Learn about communication compliance in Microsoft 365 +# Learn about communication compliance -Communication compliance is an insider risk solution in Microsoft 365 that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate actions to make sure they're compliant with your organization's message standards. + +Microsoft Purview Communication Compliance is an insider risk solution that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate actions to make sure they're compliant with your organization's message standards. Communication compliance policies in Microsoft 365 help you overcome many modern challenges associated with compliance and internal and external communications, including: For the latest Ignite presentations for communication compliance, see the follow - [Fulfill regulatory compliance requirements with communication compliance](https://www.youtube.com/watch?v=gagOhtCBfgU) - [Better with Microsoft Teams - Learn more about the latest native Teams integrated features in communication compliance](https://www.youtube.com/watch?v=m4jukD5Fh-o) -For a quick overview of communication compliance, see the [Detect workplace harassment and respond with Communication Compliance in Microsoft 365](https://youtu.be/z33ji7a7Zho) video on the [Microsoft Mechanics channel](https://www.youtube.com/user/OfficeGarageSeries). +For a quick overview of communication compliance, see the [Detect workplace harassment and respond with Communication Compliance](https://youtu.be/z33ji7a7Zho) video on the [Microsoft Mechanics channel](https://www.youtube.com/user/OfficeGarageSeries). Check out how [TD Securities is using communication compliance](https://customers.microsoft.com/story/1391545301764211731-td-securities-banking-capital-markets-compliance) to address their regulatory obligations and meet their security and stability needs. Communication compliance policies can assist with reviewing messages in your org ## Key feature areas -Communication compliance in Microsoft 365 offers several important features to help address compliance concerns on your messaging platforms: +Communication compliance offers several important features to help address compliance concerns on your messaging platforms: - Intelligent customizable templates - Flexible remediation workflows New interactive dashboards for alerts, policy matches, actions, and trends help - Proactive intelligent alerts: Alerts for policy matches requiring immediate attention include new dashboards for pending items sorted by severity and new automatic email notifications sent to designated reviewers. - Interactive dashboards: New dashboards display policy matches, pending and resolved actions, and trends by users and policy.-- Auditing support: A full log of policy and review activities is easily exported from the Microsoft 365 compliance center to help support audit review requests. +- Auditing support: A full log of policy and review activities is easily exported from the Microsoft Purview compliance portal to help support audit review requests. ## Integration with Microsoft 365 services To learn more about messaging channel support in communication compliance polici Communication compliance helps you address common pain points associated with complying with internal policies and regulatory compliance requirements. With focused policy templates and a flexible workflow, you can use actionable insights to quickly resolve detected compliance issues. -Identifying and resolving compliance issues with communication compliance in Microsoft 365 uses the following workflow: +Identifying and resolving compliance issues with communication compliance uses the following workflow: ![Communication compliance workflow.](../media/communication-compliance-workflow.png) In this workflow step, you identify your compliance requirements and configure a >[!IMPORTANT] >By default, Global Administrators do not have access to communication compliance features. To enable permissions for communication compliance features, see [Make communication compliance available in your organization](communication-compliance-configure.md#step-1-required-enable-permissions-for-communication-compliance). -You can choose from the following policy templates in the Microsoft 365 compliance center: +You can choose from the following policy templates in the Microsoft Purview compliance portal: - Monitor for inappropriate text: Use this template to quickly create a policy that uses built-in classifiers to automatically detect text in messages that may be considered inappropriate, abusive, or offensive. - Monitor for inappropriate images: Use this template to quickly create a policy that uses built-in classifiers to automatically detect content that contains adult and racy images that may be considered as inappropriate in your organization. You can choose from the following policy templates in the Microsoft 365 complian ### Investigate -In this step, you look deeper into the issues detected as matching your communication compliance policies. This step includes the following actions available in the Microsoft 365 compliance center: +In this step, you look deeper into the issues detected as matching your communication compliance policies. This step includes the following actions available in the Microsoft Purview compliance portal: -- Alerts: When a message matches a policy condition, an alert is automatically generated. For each alert, you can see the status, the severity, the time detected, and if an Advanced eDiscovery case is assigned and its status. New alerts are displayed on the communication compliance home page and the Alerts page and are listed in order of severity. +- Alerts: When a message matches a policy condition, an alert is automatically generated. For each alert, you can see the status, the severity, the time detected, and if an eDiscovery (Premium) case is assigned and its status. New alerts are displayed on the communication compliance home page and the Alerts page and are listed in order of severity. - Issue management: For each alert, you can take investigative actions to help remediate the issue detected in the message. - Document review: During the investigation of an issue, you can use several views of the message to help properly evaluate the detected issue. The views include a conversation summary, text-only, and detail views of the communication conversation. - Reviewing user activity history: View the history of user message activities and remediation actions, such as past notifications and escalations, for policy matches. The next step is to remediate communication compliance issues you've investigate - Escalate to another reviewer: Sometimes, the initial reviewer of an issue needs input from other reviewers to help resolve the incident. You can easily escalate message issues to reviewers in other areas of your organization as part of the resolution process. - Report as misclassified: Messages incorrectly detected as matches of compliance policies will occasionally slip through to the review process. You can mark these types of alerts as misclassified, submit feedback to Microsoft about the misclassification to help improve global classifiers, and automatically resolve the issue. - Remove message in Teams (preview): Inappropriate messages may be removed from displaying in Microsoft Teams channels or personal and group chat messages. Inappropriate messages that are removed are replaced with a notification that the message has been removed for a policy violation.-- Escalate for investigation: In the most serious situations, you may need to share communication compliance information with other reviewers in your organization. Communication compliance is tightly integrated with other Microsoft 365 compliance features to help you with end-to-end risk resolution. Escalating a case for investigation allows you to transfer data and management of the case to Advanced eDiscovery in Microsoft 365. Advanced eDiscovery provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It allows legal teams to manage the entire legal hold notification workflow. To learn more about Advanced eDiscovery cases, see [Overview of Advanced eDiscovery in Microsoft 365](overview-ediscovery-20.md). +- Escalate for investigation: In the most serious situations, you may need to share communication compliance information with other reviewers in your organization. Communication compliance is tightly integrated with other Microsoft Purview features to help you with end-to-end risk resolution. Escalating a case for investigation allows you to transfer data and management of the case to Microsoft Purview eDiscovery (Premium). eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It allows legal teams to manage the entire legal hold notification workflow. To learn more about eDiscovery (Premium) cases, see [Overview of Microsoft Purview eDiscovery (Premium)](overview-ediscovery-20.md). ### Monitor Keeping track and managing compliance issues identified by communication complia - For planning information, see [Plan for communication compliance](communication-compliance-plan.md). - Check out the [case study for Contoso](communication-compliance-case-study.md) and see how they quickly configured a communication compliance policy to monitor for inappropriate content in Microsoft Teams, Exchange Online, and Yammer communications.-- To configure communication compliance for your Microsoft 365 organization, see [Configure communication compliance for Microsoft 365](communication-compliance-configure.md). +- To configure communication compliance for your Microsoft 365 organization, see [Configure communication compliance](communication-compliance-configure.md).
compliance	Compliance Easy Trials Compliance Manager Assessment Playbook	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials-compliance-manager-assessment-playbook.md	Title: "Microsoft Compliance Manager premium assessments trial playbook" + Title: "Microsoft Purview Compliance Manager premium assessments trial playbook" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Microsoft Compliance Manager premium assessments trial playbook." +description: "Microsoft Purview Compliance Manager premium assessments trial playbook." -# Trial playbook: Microsoft Compliance Manager premium assessments +# Trial playbook: Microsoft Purview Compliance Manager premium assessments -Welcome to the Microsoft Compliance Manager premium assessment trial playbook. + +Welcome to the Microsoft Purview Compliance Manager premium assessment trial playbook. This playbook will help you make the most of your 90-day free trial by teaching you how to use the comprehensive set of premium assessment templates (add-on). Compliance Manager also offers 300+ regulatory or premium templates that can be Trial licenses allow you to use 25 premium templates for 90 days. You will be able to choose from a list of 300+ premium templates. You are not required to select all 25 templates at once. Once selected, the licensed templates are available for your use within 4 hours of obtaining your trial license. -There are two ways to enable the Premium Assessment Add-on trial: through the Compliance Manager dashboard or through the Microsoft 365 Compliance trial. +There are two ways to enable the Premium Assessment Add-on trial: through the Compliance Manager dashboard or through the Microsoft Purview trial. ### Enable trial via the Compliance Manager dashboard
compliance	Compliance Easy Trials Compliance Manager Assessments	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials-compliance-manager-assessments.md	Title: "About the Microsoft Compliance Manager premium assessment trial" + Title: "About the Microsoft Purview Compliance Manager premium assessment trial" f1.keywords: - NOCSH ms.localizationpriority: high search.appverid: - MOE150 - MET150 -description: "About the Microsoft Compliance Manager premium assessment trials." +description: "About the Microsoft Purview Compliance Manager premium assessment trials." -# About the free trial for Microsoft Compliance Manager premium assessments +# About the free trial for Microsoft Purview Compliance Manager premium assessments + Compliance Manager helps you manage your organizationΓÇÖs compliance requirements and assess and improve your compliance score. The assessments you build are based on templates that correspond to governmental regulations and industry standards around the world. Your licensing agreement to use Compliance Manager may include one or more built ## Terms and conditions -See the [terms and conditions](terms-conditions.md) for Microsoft 365 compliance trials. +See the [terms and conditions](terms-conditions.md) for Microsoft Purview trials. ## Set up a premium assessment trial -You can sign up for a trial in the Microsoft 365 compliance center using the Trials link in the left navigation pane. Select the Compliance Manager premium assessment trial to start a trial for premium assessment templates. +You can sign up for a trial in the Microsoft Purview compliance portal using the Trials link in the left navigation pane. Select the Compliance Manager premium assessment trial to start a trial for premium assessment templates. This premium assessment trial is available to organizations using Compliance Manager under a commercial license. For GCC and DOD information and trial options, see [Working with Compliance Manager templates](compliance-manager-templates.md). -Full access to Compliance Manager features may depend on your licensing agreement for Compliance Manager. To learn more about the free compliance trial that includes Compliance Manager, see [About the free trial for Microsoft 365 compliance](compliance-easy-trials.md). +Full access to Compliance Manager features may depend on your licensing agreement for Compliance Manager. To learn more about the free compliance trial that includes Compliance Manager, see [About the free trial for Microsoft Purview](compliance-easy-trials.md). > [!NOTE] > Check your Microsoft 365 admin center settings to facilitate enrollment in the trial. In the Microsoft 365 admin center, go to the Settings > Org settings > Services page, and select User owned apps and services. Then check the box to let users start trials on behalf of your organization. When setup finishes in about two minutes, you can go back and uncheck the box to disable this setting. You can also start the trial without adjusting your org settings by going to the Billing > Purchase services page and searching for the Compliance Manager premium assessment trial. After your trial ends, the templates you used won't receive automatic updates an ## Learn more about compliance -To learn more about the features of Compliance Manager and how it can help your organization meet compliance and regulatory requirements, see [Microsoft Compliance Manager](compliance-manager.md). +To learn more about the features of Compliance Manager and how it can help your organization meet compliance and regulatory requirements, see [Microsoft Purview Compliance Manager](compliance-manager.md). -You can also learn about other Microsoft compliance solutions and how to start trials at [About the free trial for Microsoft 365 compliance](compliance-easy-trials.md). +You can also learn about other Microsoft compliance solutions and how to start trials at [About the free trial for Microsoft Purview](compliance-easy-trials.md).
compliance	Compliance Easy Trials Compliance Playbook	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials-compliance-playbook.md	Title: "Microsoft 365 compliance solutions trial playbook" + Title: "Microsoft Purview solutions trial playbook" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Microsoft 365 compliance solutions trial playbook." +description: "Microsoft Purview solutions trial playbook." -# Trial playbook: Microsoft 365 Compliance solutions +# Trial playbook: Microsoft Purview solutions -Welcome to the Microsoft 365 compliance solutions trial playbook. This playbook will help you make the most of your 90-day free trial by helping you discover robust and comprehensive capabilities of Microsoft 365 compliance and security products. + +Welcome to the Microsoft Purview solutions trial playbook. This playbook will help you make the most of your 90-day free trial by helping you discover robust and comprehensive capabilities of Microsoft Purview and security products. Trying each solution will help you make informed decisions to meet your organizationΓÇÖs compliance needs. Features: -- [Advanced Audit](#advanced-audit) +- [Audit (Premium)](#audit-premium) - [Communication Compliance](#communication-compliance) - [Compliance Manager](#compliance-manager)-- [Data Loss Prevention](#data-loss-prevention) +- [Microsoft Purview Data Loss Prevention](#data-loss-prevention) - [eDiscovery](#ediscovery) - [Information Protection](#information-protection) - [Insider Risk Management](#insider-risk-management) Optional add-ons: - [Compliance Manager premium assessments](#compliance-manager-premium-assessments) - [Microsoft Priva Privacy Risk Management and Microsoft Priva Subject Rights Requests](#microsoft-priva-privacy-risk-management-and-microsoft-priva-subject-rights-requests) -## Compliance Actions with Microsoft 365 +## Compliance Actions with Microsoft Purview Easily and quickly start trying MicrosoftΓÇÖs compliance solutions without changing your organizationΓÇÖs meta data. Depending on your priorities, you can start with any of these solution areas to see immediate value. Below are five top organizational concerns as communicated by our customers and recommended solutions to start with. :::image type="content" source="../media/compliance-trial/workflow.png" alt-text="Compliance actions with Microsoft 365"::: -## Advanced Audit +## Audit (Premium) Conduct investigations -Advanced Audit helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events that help determine scope of compromise, and providing faster access to the Office 365 Management Activity API. +Microsoft Purview Audit (Premium) helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events that help determine scope of compromise, and providing faster access to the Office 365 Management Activity API. -### Step 1: [Apply the E5 license to each user for which youΓÇÖd like to generate E5 events](set-up-advanced-audit.md#step-1-set-up-advanced-audit-for-users) +### Step 1: [Apply the E5 license to each user for which youΓÇÖd like to generate E5 events](set-up-advanced-audit.md#step-1-set-up-audit-premium-for-users) > [!TIP] > Trial best practice: Day 1 -Advanced Audit features such as the ability to log crucial events such as MailItemsAccessed and Send require an appropriate E5 license assigned to users. Additionally, the Advanced Auditing app/service plan must be enabled for those users. +Audit (Premium) features such as the ability to log crucial events such as MailItemsAccessed and Send require an appropriate E5 license assigned to users. Additionally, the Advanced Auditing app/service plan must be enabled for those users. -Set up Advanced Audit for users - to verify that the Advanced Auditing app is assigned to users, [perform the following steps for each user](set-up-advanced-audit.md#step-1-set-up-advanced-audit-for-users). +Set up Audit (Premium) for users - to verify that the Advanced Auditing app is assigned to users, [perform the following steps for each user](set-up-advanced-audit.md#step-1-set-up-audit-premium-for-users). -1. Enable Advanced Audit events - [enable SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint](set-up-advanced-audit.md#step-2-enable-advanced-audit-events) to be audited for each user in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). +1. Enable Audit (Premium) events - [enable SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint](set-up-advanced-audit.md#step-2-enable-audit-premium-events) to be audited for each user in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). 1. Set up audit retention policies - [create additional audit log retention policies](set-up-advanced-audit.md#step-3-set-up-audit-retention-policies) to meet the requirements of your organization's security operations, IT, and compliance teams. -1. Search for Advanced Audit events - [search for crucial Advanced Audit events](set-up-advanced-audit.md#step-4-search-for-advanced-audit-events) and other activities when conducting forensic investigations. +1. Search for Audit (Premium) events - [search for crucial Audit (Premium) events](set-up-advanced-audit.md#step-4-search-for-audit-premium-events) and other activities when conducting forensic investigations. ### Step 2: [Create new Audit Log policies to specify how long to retain audit logs in your org for activities performed by users and define priority levels for your policiesΓÇï](audit-log-retention-policies.md#before-you-create-an-audit-log-retention-policy) > [!TIP] > Trial best practice: Create within the first 30 days -Audit log retention policies are part of the new Advanced Audit capabilities in Microsoft 365. An audit log retention policy lets you specify how long to retain audit logs in your organization. +Audit log retention policies are part of the new Audit (Premium) capabilities in Microsoft 365. An audit log retention policy lets you specify how long to retain audit logs in your organization. 1. Before you create an audit log retention policy ΓÇô [key things to know](audit-log-retention-policies.md#before-you-create-an-audit-log-retention-policy) before creating your policy. 1. [Create an audit log retention policyΓÇï](audit-log-retention-policies.md#create-an-audit-log-retention-policy) -1. [Manage audit log retention policies in the Microsoft 365 compliance center](audit-log-retention-policies.md#manage-audit-log-retention-policies-in-the-microsoft-365-compliance-center) - Audit log retention policies are listed on the Audit retention policies tab (also called the dashboard). You can use the dashboard to view, edit, and delete audit retention policies. +1. [Manage audit log retention policies in the Microsoft Purview compliance portal](audit-log-retention-policies.md#manage-audit-log-retention-policies-in-the-compliance-portal) - Audit log retention policies are listed on the Audit retention policies tab (also called the dashboard). You can use the dashboard to view, edit, and delete audit retention policies. 1. Create and manage audit log retention policies on PowerShell - You can also use Security & Compliance Center PowerShell to [create and manage audit log retention policies](audit-log-retention-policies.md#create-and-manage-audit-log-retention-policies-in-powershell). One reason to use PowerShell is to create a policy for a record type or activity that isn't available in the UI. ## Communication Compliance Identify and act on code of conduct policy violations -Communication compliance helps you intelligently identify communication violations to support a compliant and healthy work environment by helping you detect inappropriate messages, investigate possible policy violations, and take steps to remediate. +Microsoft Purview Communication Compliance helps you intelligently identify communication violations to support a compliant and healthy work environment by helping you detect inappropriate messages, investigate possible policy violations, and take steps to remediate. ### Step 1: [Enable permissions for communication compliance](communication-compliance-configure.md#step-1-required-enable-permissions-for-communication-compliance) To use this feature, turn on auditing so your organization can start recording u Manage your organizational compliance easily -Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. +Microsoft Purview Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. ### Step 1: [Get to know Compliance Manager](compliance-manager-quickstart.md#first-visit-get-to-know-compliance-manager) Custom assessments are helpful for: Protect sensitive data -To comply with business standards and industry regulations, organizations need to protect sensitive info to prevent its inadvertent disclosure. Set up data loss prevention policies to identify, monitor, and automatically protect sensitive info across Microsoft 365. +To comply with business standards and industry regulations, organizations need to protect sensitive info to prevent its inadvertent disclosure. Set up Microsoft Purview Data Loss Prevention policies to identify, monitor, and automatically protect sensitive info across Microsoft 365. ### Step 1: [Protect data loss on Teams locations](dlp-microsoft-teams.md#dlp-licensing-for-microsoft-teams) If your organization has data loss prevention (DLP), you can define policies tha Microsoft Endpoint DLP allows you to monitor Windows 10 devices and detect when sensitive items are used and shared. 1. Prepare your endpoints - make sure that the Windows 10 and macOS devices that you plan on deploying Endpoint DLP to [meet these requirements](endpoint-dlp-getting-started.md) -1. [Onboard devices into device management](endpoint-dlp-getting-started.md) - You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft 365 Compliance portal. +1. [Onboard devices into device management](endpoint-dlp-getting-started.md) - You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft Purview compliance portal. - Scenario 1 ΓÇô [Onboarding devices](endpoint-dlp-getting-started.md) that have not been onboarded yet. - Scenario 2 - [Microsoft Defender for Endpoint is already deployed and there are endpoints reporting in](endpoint-dlp-getting-started.md). All these endpoints will appear in the managed devices list. 1. [Configure our default DLP policy for devices](mip-easy-trials.md#dlp-for-devices) or [Define a new DLP policy for devices](endpoint-dlp-learn-about.md). You have flexibility in how you configure your DLP policies. You can start with - [Prevent external access to sensitive documents](dlp-microsoft-teams.md#prevent-external-access-to-sensitive-documents) - [Get policy tips to help educate users and instructions for customizing policy tips](dlp-microsoft-teams.md#policy-tips-help-educate-users) - Devices: switch from audit only to block -1. [Configure and view alerts for data loss prevention policies - Microsoft 365 Compliance \| Microsoft Docs](dlp-configure-view-alerts-policies.md) +1. [Configure and view alerts for data loss prevention policies - Microsoft Purview \| Microsoft Docs](dlp-configure-view-alerts-policies.md) ## eDiscovery Take advantage of an end-to-end workflow for preserving, collecting, analyzing, > [!TIP] > Trial best practice: Day 1 -To access Advanced eDiscovery or be added as a member of an Advanced eDiscovery case, a user must be assigned the appropriate permissions. +To access eDiscovery (Premium) or be added as a member of an eDiscovery (Premium) case, a user must be assigned the appropriate permissions. -1. [Set up Advanced eDiscovery ΓÇô Assign eDiscovery permissions](get-started-with-advanced-ediscovery.md#step-2-assign-ediscovery-permissions) +1. [Set up eDiscovery (Premium) ΓÇô Assign eDiscovery permissions](get-started-with-advanced-ediscovery.md#step-2-assign-ediscovery-permissions) 1. [Add or remove members from a case](add-or-remove-members-from-a-case-in-advanced-ediscovery.md) ### Step 2 (required): Create a Case To access Advanced eDiscovery or be added as a member of an Advanced eDiscovery > [!TIP] > Trial best practice: Create within the first 30 days -More organizations use the Advanced eDiscovery solution in Microsoft 365 for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation. +More organizations use the eDiscovery (Premium) solution in Microsoft 365 for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation. -1. Manage Advanced eDiscovery ΓÇô [learn how to configure Advanced eDiscovery, manage cases by using the Security & Compliance Center, manage a workflow in Advanced eDiscovery, and analyze Advanced eDiscovery search results](/learn/modules/manage-advanced-ediscovery). +1. Manage eDiscovery (Premium) ΓÇô [learn how to configure eDiscovery (Premium), manage cases by using the Security & Compliance Center, manage a workflow in eDiscovery (Premium), and analyze eDiscovery (Premium) search results](/learn/modules/manage-advanced-ediscovery). 1. [Create an eDiscovery case using Advance eDiscovery's new case format](advanced-ediscovery-new-case-format.md) 1. [Close or delete a case](close-or-delete-case.md) - When the legal case or investigation is completed, you can close or delete. You can also reopen a closed case. More organizations use the Advanced eDiscovery solution in Microsoft 365 for cri To allow people in your organization start to create and use cases, you must configure global settings that apply to all cases in your organization. At this time, the only global setting is attorney-client privilege detection (more global settings will be available in the future). -1. [Set up Advanced eDiscovery ΓÇô Global Settings](get-started-with-advanced-ediscovery.md#step-3-configure-global-settings-for-advanced-ediscovery) +1. [Set up eDiscovery (Premium) ΓÇô Global Settings](get-started-with-advanced-ediscovery.md#step-3-configure-global-settings-for-ediscovery-premium) 1. [Configure search and analytics settings](configure-search-and-analytics-settings-in-advanced-ediscovery.md) -1. [Manage jobs in Advanced eDiscovery](managing-jobs-ediscovery20.md) +1. [Manage jobs in eDiscovery (Premium)](managing-jobs-ediscovery20.md) ### Step 4 (optional): [Compliance Boundaries](set-up-compliance-boundaries.md) Set up compliance boundaries for eDiscovery investigations: ### Step 5 (optional): [Learn about Content search tool](search-for-content.md) -Use the Content search tool in the Microsoft 365 compliance center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups. +Use the Content search tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups. -- [Learn more about Advanced eDiscovery search](search-for-content.md#search-for-content) +- [Learn more about eDiscovery (Premium) search](search-for-content.md#search-for-content) ## Information Protection Discover, classify and protect your sensitive information -Implement Microsoft Information Protection and sensitivity labels, to help you discover, classify, and protect your sensitive content wherever it lives or travels. +Implement Microsoft Purview Information Protection and sensitivity labels, to help you discover, classify, and protect your sensitive content wherever it lives or travels. ### Step 1: [Start your information protection trial](mip-easy-trials.md) > [!TIP] > Trial best practice: Day 1 -Eligible customers can activate default labels and policies for Microsoft Information Protection. When you enable the default configuration in the trial, it will take about 2 minutes to configure all policies for your tenant and up to 24 hours to see the results of these default policies. +Eligible customers can activate default labels and policies for Microsoft Purview Information Protection. When you enable the default configuration in the trial, it will take about 2 minutes to configure all policies for your tenant and up to 24 hours to see the results of these default policies. Choosing the default configuration, with 1-click, the following is automatically configured: To enable insider risk Analytics, you must be a member of the Insider Risk Manag Automate the retention schedule for business-critical records -Use integrated Records Management features to automate the retention schedule for organizational regulatory, legal, and business-critical records. Get full content lifecycle support, from creation to collaboration, record declaration, retention, and disposition. +Use integrated Microsoft Purview Records Management features to automate the retention schedule for organizational regulatory, legal, and business-critical records. Get full content lifecycle support, from creation to collaboration, record declaration, retention, and disposition. ### Step 1: Dynamically target retention policies with Adaptive Policy Scopes Help your organization assess risks and efficiently respond to nations, regional [More information on the Compliance Manager premium assessments trial](compliance-easy-trials-compliance-manager-assessments.md). -[Trial playbook: Microsoft Compliance Manager premium assessments](compliance-easy-trials-compliance-manager-assessment-playbook.md) +[Trial playbook: Microsoft Purview Compliance Manager premium assessments](compliance-easy-trials-compliance-manager-assessment-playbook.md) ### Microsoft Priva Privacy Risk Management and Microsoft Priva Subject Rights Requests Proactively identify and protect against privacy risks such as data hoarding, da ## Additional resources -WhatΓÇÖs included: For a full list of Microsoft 365 compliance solutions and features listed by product tier, view the [Feature Matrix](https://go.microsoft.com/fwlink/?linkid=2139145). +WhatΓÇÖs included: For a full list of Microsoft Purview solutions and features listed by product tier, view the [Feature Matrix](https://go.microsoft.com/fwlink/?linkid=2139145). Microsoft Security Technical Content Library: Explore this library to find interactive guides and other learning content relevant to your needs. [Visit Library](/security).
compliance	Compliance Easy Trials	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials.md	Title: "About the Microsoft 365 compliance trial" + Title: "About the Microsoft Purview solutions trial" f1.keywords: - NOCSH ms.localizationpriority: high search.appverid: - MOE150 - MET150 -description: "About the compliance solutions trials." +description: "Learn details about the Microsoft Purview solutions trial and how to sign up." -# About the compliance solutions trial +# About the Microsoft Purview solutions trial -Microsoft compliance solutions help protect your organization from internal threats rising from inappropriate permissions on files and emails, and helps your organization to comply with regulatory and policy requirements. -The Microsoft 365 compliance solutions trial is the easiest way to try all the capabilities of Microsoft compliance solutions, and setting it up only takes a couple of minutes. After the trial setup is complete, all features of the Microsoft E5 license package are available for you to use for up to 90 days. +Microsoft Purview solutions help protect your organization from internal threats arising from inappropriate permissions on files and emails, and helps your organization to comply with regulatory and internal business requirements. + +The Microsoft Purview solutions trial is the easiest way to try all the capabilities of Microsoft Purview solutions, and setting it up only takes a couple of minutes. After the trial setup is complete, all features of the Microsoft E5 license package are available for you to use for up to 90 days. ## Terms and conditions -See the [terms and conditions](terms-conditions.md) for Microsoft 365 compliance trials. +See the [terms and conditions](terms-conditions.md) for Microsoft Purview trials. -## Set up a compliance trial +## Eligibility -You can sign up for a trial in the [Microsoft 365 compliance center](https://go.microsoft.com/fwlink/p/?linkid=2077149) using the Trials link in the left navigation pane. +Microsoft 365 E3 and Office 365 E3 customers who don't already have a Microsoft E5 license package are eligible for the Purview solutions trial. The trial isn't available for Microsoft 365 Government customers. ## Licensing -As part of the trial setup, the Microsoft E5 compliance licenses are automatically applied to your organization. The licenses are active for 90 days. +As part of the trial setup, 300 Microsoft 365 E5 compliance licenses are automatically applied to your organization. The licenses are active for 90 days. + +## Required roles for starting the trial + +Users must hold one of the following admin roles in order to sign up for or end a trial: +- Billing Administrator +- Compliance Administrator +- Global Administrator + +Get details on roles at [About admin roles](../admin/add-users/about-admin-roles.md). + +## How to sign up for the trial + +Visit the [Microsoft 365 trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef) to sign up for the trial. You can also follow the steps below: + +1. In the [Microsoft Purview compliance portal](https://go.microsoft.com/fwlink/p/?linkid=2077149), select Trials on the left navigation to get to the Microsoft 365 trials hub. +2. Under Compliance trials, find the Microsoft Purview solutions card and select Try now. +3. On the Microsoft Purview solutions trial flyout pane, review the information about what's included and what to expect when you start the trial, then select Start trial. + +Your trial will be effective immediately for 90 days. It can take up to two hours for all Purview solutions to appear in your left navigation. Sign out and sign back in to see the updates. + +## Getting started, finding support, and ending the trial -## Permissions +#### Getting started -To start or end the trial, you need to be a member of the Global Administrator or Security Administrator roles in Azure Active Directory. For details, see [About admin roles](../admin/add-users/about-admin-roles.md). +You can start using Purview solutions as soon as you see them in the Microsoft Purview compliance portal. Nothing is created automatically and users won't be affected. When you navigate to each solution, you may be guided to make extra setup configurations to start using features. -## Additional information +Use our [trial playbook](compliance-easy-trials-compliance-playbook.md) to help you get started. -After you enroll in the trial, it might take up to 2 hours for the changes and updates to be available. And, admins must sign out and sign back in to see the changes. +#### Finding support -You can extend the trial within the last 15 days of the trial period. You are limited to a maximum of two trial periods. If you do not extend by the time your trial period ends, you must wait at least 30 days before signing up for a second trial. +Organizations may use FastTrack for trial deployment support if the tenant has at least 150 licenses. Get more [details about FastTrack](https://docs.microsoft.com/fasttrack/introduction). -## Ending the trial +#### Extending the trial -Admins can disable the trial at any point by going to the compliance card. +You can extend the trial within the last 15 days of the trial period. You're limited to a maximum of two trial periods. If you don't extend by the time your trial period ends, you'll need to wait at least 30 days before signing up for a second trial. -If you decide not to enroll in a feature that is part of the compliance solutions trial, unless stated otherwise for the solution, your trial data will be maintained for a period of time, usually 180 days, before being permanently deleted. You may continue to access the data gathered during the trial until that time. +#### Ending the trial -## Availability +Admins can disable the trial anytime by going to the Purview solutions trial card in the Microsoft 365 trials hub (see [How to sign up for the trial](#how-to-sign-up-for-the-trial)) and selecting End trial. -The Microsoft 365 compliance solutions trial is gradually rolling out to existing customers who meet specific criteria (including geography) who don't already have a Microsoft E5 license package. +If you decide not to upgrade to the E5 level solutions, unless stated otherwise for the solution your trial data will be maintained for a period of time, usually 180 days, before being permanently deleted. You may continue to access the data gathered during the trial until that time. -## Learn more about compliance solutions +## Learn more about Purview solutions -Wondering what you can experience in your free trial? The compliance solutions trial includes the following solutions: +Wondering what you can experience in your free trial? The Purview solutions trial includes the following solutions: - Audit - Advanced Audit helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events that help determine scope of compromise, and faster access to Office 365 Management Activity API. [Learn more about Audit](advanced-audit.md) + Microsoft Purview Audit (Premium) helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events that help determine scope of compromise, and faster access to Office 365 Management Activity API. Learn more about [Audit](advanced-audit.md) - Communication Compliance - Communication Compliance helps you overcome modern compliance challenges associated with internal and external communications by helping you automatically capture inappropriate messages, investigate possible policy violations, and take steps to remediate. Learn more about [Communication Compliance](communication-compliance.md) + Microsoft Purview Communication Compliance helps you overcome modern compliance challenges associated with internal and external communications by helping you automatically capture inappropriate messages, investigate possible policy violations, and take steps to remediate. Learn more about [Communication Compliance](communication-compliance.md) - Compliance Manager - Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. [Learn more about Compliance Manager](compliance-manager.md) + Microsoft Purview Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. Learn more about [Compliance Manager](compliance-manager.md) - eDiscovery - Take advantage of an end-to-end workflow for preserving, collecting, analyzing, and exporting content that's responsive to your organization's internal and external investigations. Legal teams can also manage the entire legal hold notification process by communicating with custodians involved in a case. [Learn more about eDiscovery](ediscovery.md) + Take advantage of an end-to-end workflow for preserving, collecting, analyzing, and exporting content that's responsive to your organization's internal and external investigations. Legal teams can also manage the entire legal hold notification process by communicating with custodians involved in a case. Learn more about [eDiscovery](ediscovery.md) -- Information Governance +- Data Lifecycle Management - Automate your retention policy coverage using Adaptive Policy Scopes. This feature allows you to dynamically target retention policies to specific users, groups, or sites. These policies automatically update when changes occur in your organization. In addition, retention policies using adaptive scopes are not subject to location limits. [Learn more about Adaptive Policy Scopes](create-retention-policies.md). + Automate your retention coverage by using adaptive policy scopes. This feature allows you to dynamically target policies for retention to specific users, groups, or sites. These policies automatically update when changes occur in your organization. In addition, policies that use adaptive scopes are not subject to location limits. Learn more about [adaptive policy scopes](retention.md#adaptive-or-static-policy-scopes-for-retention). - Information Protection - Implement Microsoft Information Protection with [sensitivity labels](sensitivity-labels.md) and [data loss prevention policies](dlp-learn-about-dlp.md) to help you discover, classify, and protect your sensitive content wherever it lives or travels. + Implement Microsoft Purview Information Protection with [sensitivity labels](sensitivity-labels.md) and [Microsoft Purview Data Loss Prevention policies](dlp-learn-about-dlp.md) to help you discover, classify, and protect your sensitive content wherever it lives or travels. The Information Protection trial provides you with default labels, auto-labeling for documents and emails, and data loss prevention to protect credit card numbers shared in Teams and by devices. The default policies we create for you get you up and running quickly, but you can fully customize them as you want. Wondering what you can experience in your free trial? The compliance solutions t - Any auto-labeling policies cannot be edited after the trial ends, but can be deleted. - If you edit DLP policies that include either the Teams or Devices locations after the trial ends, those locations will be removed from the policy. - For more information about each of these preconfigured features and how they will impact users, see [Learn about the free trial for Microsoft Information Protection](mip-easy-trials.md). + For more information about each of these preconfigured features and how they will impact users, see Learn about the [free trial for Microsoft Purview Information Protection](mip-easy-trials.md). - For more information about the full range of features for Microsoft Information Protection, see [Microsoft Information Protection in Microsoft 365](information-protection.md). + For more information about the full range of features for Microsoft Purview Information Protection, see [Microsoft Purview Information Protection](information-protection.md). - Insider Risk Management - Leverage artificial intelligence to help you quickly identify, triage, and remediate internal risks. Using logs from Microsoft 365 and Azure services, you can define policies that monitor for risk signals, then take remediation actions such as promoting user education or initiating an investigation. [Learn more about Insider Risk Management](insider-risk-management-solution-overview.md) + Leverage artificial intelligence to help you quickly identify, triage, and remediate internal risks. Using logs from Microsoft 365 and Azure services, you can define policies that monitor for risk signals, then take remediation actions such as promoting user education or initiating an investigation. Learn more about [Insider Risk Management](insider-risk-management-solution-overview.md) <!-- - privacy management Wondering what you can experience in your free trial? The compliance solutions t - Records Management - Use integrated Records Management features to: + Use integrated Microsoft Purview Records Management features to: - Classify content as a record to prevent users from editing, as required by regulations, laws, or organizational policy - Apply retention labels to content automatically when it matches criteria you specify, using auto-apply label policies - Use adaptive scope policies to dynamically target your retention label policies to locations, with no limit on how many locations are included - Get full content lifecycle support, including the ability to perform disposition review on contents before they are permanently deleted at the end - For more information on the full range of feature for Microsoft Records Management, [learn more about Records Management](records-management.md) + For more information on the full range of feature for Microsoft Records Management, learn more about [Records Management](records-management.md)
compliance	Compliance Extensibility	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-extensibility.md	Title: "Microsoft 365 compliance extensibility" + Title: "Microsoft Purview extensibility" f1.keywords: - NOCSH search.appverid: ms.assetid: - seo-marvel-apr2020 -description: "Learn about extending Microsoft 365 compliance solutions by using third-party data connectors and Microsoft Graph APIs." +description: "Learn about extending Microsoft Purview solutions by using third-party data connectors and Microsoft Graph APIs." -# Microsoft 365 Compliance and Microsoft Priva extensibility +# Microsoft Purview and Microsoft Priva extensibility -Microsoft 365 compliance solutions help organizations intelligently assess their compliance risks, govern and protect sensitive data, and effectively respond to regulatory requirements. Microsoft 365 compliance is rich in extensibility scenarios and enables organizations to adapt, extend, integrate, accelerate, and support their compliance solutions. +Microsoft Purview solutions help organizations intelligently assess their compliance risks, govern and protect sensitive data, and effectively respond to regulatory requirements. Microsoft Purview is rich in extensibility scenarios and enables organizations to adapt, extend, integrate, accelerate, and support their compliance solutions. There are two key building blocks for compliance extensibility: - Data connectors. Use to import and archive non-Microsoft data so you can apply Microsoft 365 protection and governance capabilities to third-party data. -- APIs. Enables programmatic access to Microsoft 365 compliance capabilities. +- APIs. Enables programmatic access to Microsoft Purview capabilities. ## Data connectors -Microsoft provides third-party data connectors that can be configured in the Microsoft 365 compliance center. For a list of data connectors provided by Microsoft, see the [Third-party data connectors](archiving-third-party-data.md#third-party-data-connectors) table. The table of third-party data connectors also summarizes the compliance solutions that you can apply to third-party data after you import and archive data in Microsoft 365, and links to the step-by-step instructions for each connector. +Microsoft provides third-party data connectors that can be configured in the Microsoft Purview compliance portal. For a list of data connectors provided by Microsoft, see the [Third-party data connectors](archiving-third-party-data.md#third-party-data-connectors) table. The table of third-party data connectors also summarizes the compliance solutions that you can apply to third-party data after you import and archive data in Microsoft 365, and links to the step-by-step instructions for each connector. -To learn more about Microsoft 365 data connectors, see [Archiving third-party data](archiving-third-party-data.md). If a third-party data type isn't supported by the data connectors available in the Microsoft 365 compliance center, you can work with a partner who can provide you with a custom connector. For a list of partners you can work with and the step-by-step process for this method, see [Work with a partner to archive third-party data](work-with-partner-to-archive-third-party-data.md). +To learn more about Microsoft 365 data connectors, see [Archiving third-party data](archiving-third-party-data.md). If a third-party data type isn't supported by the data connectors available in the compliance portal, you can work with a partner who can provide you with a custom connector. For a list of partners you can work with and the step-by-step process for this method, see [Work with a partner to archive third-party data](work-with-partner-to-archive-third-party-data.md). ### Prerequisites for data connectors -Many of the data connectors available in the Microsoft 365 compliance center to import and archive third-party data require that you prepare and perform configuration tasks in the third-party data source. These prerequisites are documented in detail for each third-party data connector. +Many of the data connectors available in the compliance portal to import and archive third-party data require that you prepare and perform configuration tasks in the third-party data source. These prerequisites are documented in detail for each third-party data connector. -For data connectors in the Microsoft 365 compliance center provided by one of Microsoft's partners, your organization will need a business relationship with the partner before you can deploy a connector. +For data connectors in the compliance portal provided by one of Microsoft's partners, your organization will need a business relationship with the partner before you can deploy a connector. For guidance and requirements for third-party data connectors, see the "Data connectors" section in [Microsoft 365 guidance for security & compliance - Service Descriptions \| Microsoft Docs](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). ## APIs -Microsoft 365 compliance and Microsoft Priva APIs are available in the Microsoft Information Protection SDK, Microsoft Graph API, and the Office 365 Management Activity API. Some compliance APIs are part of a new set of security and compliance APIs that enable developers for Microsoft 365 customers, independent software vendors, system integrators, and managed security service providers to build high-value security and compliance solutions. +Microsoft Purview and Microsoft Priva APIs are available in the Microsoft Information Protection SDK, Microsoft Graph API, and the Office 365 Management Activity API. Some compliance APIs are part of a new set of security and compliance APIs that enable developers for Microsoft 365 customers, independent software vendors, system integrators, and managed security service providers to build high-value security and compliance solutions. To learn more about how to access Graph APIs, see [Overview of Microsoft Graph](/graph/overview). High-level MIP SDK use cases include: - A line-of-business application that applies classification labels to files on export. -- A CAD/CAM design application that provides native support for MIP labeling. +- A CAD/CAM design application that provides native support for sensitivity labels. - A cloud access security broker or data loss prevention solution that can encrypt data with Azure Information Protection. For the licensing requirements for Teams DLP, see [Microsoft 365 licensing guida ### Microsoft Graph API for eDiscovery (preview) -With [Advanced eDiscovery](overview-ediscovery-20.md), organizations can discover data where it lives, and manage more end-to-end eDiscovery workflows with intelligent machine learning and analytics capabilities to reduce data to the relevant set ΓÇô all while the data stays within the Microsoft 365 security and compliance boundary. +With [eDiscovery (Premium)](overview-ediscovery-20.md), organizations can discover data where it lives, and manage more end-to-end eDiscovery workflows with intelligent machine learning and analytics capabilities to reduce data to the relevant set ΓÇô all while the data stays within the Microsoft 365 security and compliance boundary. -Graph APIs for Advanced eDiscovery can be used to create and manage cases, review sets, and review set queries in a scalable and repeatable manner. This enables customers and partners to create apps and workflows to automate common and repetitive processes such as creating cases and managing custodians and legal holds. +Graph APIs for eDiscovery (Premium) can be used to create and manage cases, review sets, and review set queries in a scalable and repeatable manner. This enables customers and partners to create apps and workflows to automate common and repetitive processes such as creating cases and managing custodians and legal holds. -The first set of Graph APIs for eDiscovery are available in public preview. We plan to add more capabilities by the end of the calendar year. To learn more about these APIs and other updates for Advanced eDiscovery, see this [blog](https://aka.ms/Ignite2020AeDAA). +The first set of Graph APIs for eDiscovery are available in public preview. We plan to add more capabilities by the end of the calendar year. To learn more about these APIs and other updates for eDiscovery (Premium), see this [blog](https://aka.ms/Ignite2020AeDAA). -For the licensing requirements for Advanced eDiscovery and the API, see the "eDiscovery" section in the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#ediscovery). +For the licensing requirements for eDiscovery (Premium) and the API, see the "eDiscovery" section in the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#ediscovery). ### Microsoft Graph API for Teams Export For the licensing requirements for the use of the Teams Export APIs, see [Micros ### Microsoft Graph Connector APIs (preview) -With [Microsoft Graph connectors](/microsoftsearch/connectors-overview), organizations can index third-party data so it appears in Microsoft Search results. This feature expands the types of content sources that are searchable in your Microsoft 365 productivity apps and the broader Microsoft ecosystem. The third-party data can be hosted on-premises or in public or private clouds. Starting with Advanced eDiscovery, we're enabling developer preview of built-in compliance value of Microsoft 365 connected apps. This enables compliance for apps integrating into the Microsoft 365 ecosystem to empower users with seamless compliance experiences. To learn more about to how to incorporate Microsoft Graph Connector APIs in your apps view, see [Create, update, and delete connections in the Microsoft Graph](/graph/connecting-external-content-connectors-api-overview). +With [Microsoft Graph connectors](/microsoftsearch/connectors-overview), organizations can index third-party data so it appears in Microsoft Search results. This feature expands the types of content sources that are searchable in your Microsoft 365 productivity apps and the broader Microsoft ecosystem. The third-party data can be hosted on-premises or in public or private clouds. Starting with eDiscovery (Premium), we're enabling developer preview of built-in compliance value of Microsoft 365 connected apps. This enables compliance for apps integrating into the Microsoft 365 ecosystem to empower users with seamless compliance experiences. To learn more about to how to incorporate Microsoft Graph Connector APIs in your apps view, see [Create, update, and delete connections in the Microsoft Graph](/graph/connecting-external-content-connectors-api-overview).
compliance	Compliance Manager Alert Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-alert-policies.md	Title: "Microsoft Compliance Manager alerts and alert policies" + Title: "Microsoft Purview Compliance Manager alerts and alert policies" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Learn how to create alerts for activities in Microsoft Compliance Manager that can impact your compliance score." +description: "Learn how to create alerts for activities in Microsoft Purview Compliance Manager that can impact your compliance score." -# Microsoft Compliance Manager alerts and alert policies +# Microsoft Purview Compliance Manager alerts and alert policies + In this article: Learn how to set alerts for certain activities in Compliance Manager, how to manage alerts, and how to create alert policies for defining alert conditions. The table below outlines which users can create and edit alerts and alert polici - The Security reader role in Azure AD for viewing alerts and alert policies - The Security administrator role in Azure AD for creating or updating alert policies -Learn more about [Azure roles in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#azure-roles-in-the-microsoft-365-compliance-center). +Learn more about [Azure roles in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#azure-roles-in-the-compliance-portal). \| Role \| Can create and edit policies \| Can edit alerts \|
compliance	Compliance Manager Assessments	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-assessments.md	Title: "Build and manage assessments in Microsoft Compliance Manager" + Title: "Build and manage assessments in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Build assessments in Microsoft Compliance Manager to help you meet the requirements of regulations and certifications that are important to your organization." +description: "Build assessments in Microsoft Purview Compliance Manager to help you meet the requirements of regulations and certifications that are important to your organization." # Build and manage assessments in Compliance Manager + In this article: Learn how to customize Compliance Manager for your organization by creating and managing assessments. This article walks you through how to create assessments, how to organize them into groups, working with controls, accepting updates, and exporting assessment reports. ## Introduction to assessments Compliance Manager helps you create assessments that evaluate your compliance wi All of your assessments are listed on the assessments tab of Compliance Manager. Learn more about [how to filter your view of your assessments and interpret status states](compliance-manager-setup.md#assessments-page). > [!IMPORTANT] -> The templates available to your organization for building assessments depend on your licensing agreement. [Review licensing details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +> The templates available to your organization for building assessments depend on your licensing agreement. [Review licensing details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager). ## Data Protection Baseline default assessment
compliance	Compliance Manager Improvement Actions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-improvement-actions.md	Title: "Working with improvement actions in Microsoft Compliance Manager" + Title: "Working with improvement actions in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Learn how to implement and test controls by working with improvement actions in Microsoft Compliance Manager. Assign work, store documentation, and export reports." +description: "Learn how to implement and test controls by working with improvement actions in Microsoft Purview Compliance Manager. Assign work, store documentation, and export reports." # Working with improvement actions in Compliance Manager + In this article: This article explains how to manage your compliance workflow with improvement actions. Learn how to assign improvement actions for implementation and testing, manage updates, and export reports. ## Manage compliance workflows with improvement actions You can set up alerts to notify you immediately when certain changes to improvem ## Export a report -Select Export in the upper-left corner of your screen to download an Excel worksheet containing all your improvement actions and the filter categories shown on the improvement actions page. +Select Export in the upper-left corner of your screen to download an Excel worksheet containing all your improvement actions and the filter categories shown on the improvement actions page.
compliance	Compliance Manager Mcca	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-mcca.md	search.appverid: - MOE150 - MET150 -description: "Understand how to use Microsoft Compliance Configuration Analyzer to get up and running quickly with Microsoft Compliance Manager." +description: "Understand how to use Microsoft Compliance Configuration Analyzer to get up and running quickly with Microsoft Purview Compliance Manager." # Microsoft Compliance Configuration Analyzer for Compliance Manager (preview) + In this article: Learn how to install and run the Microsoft Compliance Configure Analyzer tool to get quickly started with Microsoft Compliance Manger. ## Microsoft Compliance Configuration Analyzer (MCCA) (preview) overview -The Microsoft Compliance Configuration Analyzer (MCCA) is a preview tool that can help you get started with [Microsoft Compliance Manager](compliance-manager.md). MCCA is a PowerShell-based utility that will fetch your organizationΓÇÖs current configurations and validate them against Microsoft 365 recommended best practices. These best practices are based on a set of controls that include key regulations and standards for data protection and data governance. +The Microsoft Compliance Configuration Analyzer (MCCA) is a preview tool that can help you get started with [Microsoft Purview Compliance Manager](compliance-manager.md). MCCA is a PowerShell-based utility that will fetch your organizationΓÇÖs current configurations and validate them against Microsoft 365 recommended best practices. These best practices are based on a set of controls that include key regulations and standards for data protection and data governance. MCCA can help you quickly see which improvement actions in Compliance Manager apply to your current Microsoft 365 environment. Each action identified by MCCA will give you recommendations for implementation, with direct links to Compliance Manager and the applicable solution to start taking corrective action. Select a box to view improvements and recommendations. Items with the Improvement status -Select the dropdown next to the Improvement label to the right of the improvement action. YouΓÇÖll see a quick summary and details about your current settings and the recommended improvement actions. The summary includes direct links into Compliance Manager, the applicable solution in the Microsoft 365 compliance center, and relevant documentation. +Select the dropdown next to the Improvement label to the right of the improvement action. YouΓÇÖll see a quick summary and details about your current settings and the recommended improvement actions. The summary includes direct links into Compliance Manager, the applicable solution in the Microsoft Purview compliance portal, and relevant documentation. Clicking on the Compliance Manager link takes you to a filtered view of all the improvement actions within that solution that you have not yet implemented. From there, you can see the number of points you can achieve to increase your [compliance score](compliance-score-calculation.md), and the assessments they apply to, and the applicable regulations and certifications.
compliance	Compliance Manager Quickstart	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-quickstart.md	Title: "Microsoft Compliance Manager quickstart guide" + Title: "Microsoft Purview Compliance Manager quickstart guide" f1.keywords: - NOCSH description: "Use the Compliance Manager quickstart guide to help you along your # Compliance Manager quickstart -In this article: Use this quickstart guide to help you along your journey of using Microsoft Compliance Manager to manage your organizationΓÇÖs compliance with regulations, policies, and standards. + +In this article: Use this quickstart guide to help you along your journey of using Microsoft Purview Compliance Manager to manage your organizationΓÇÖs compliance with regulations, policies, and standards. Compliance Manager provides intelligent and actionable data upon your first visit. Compliance Manager also has advanced capabilities for scaling your compliance when youΓÇÖre ready. Available assessments depend on your licensing agreement; [learn more](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Whether youΓÇÖre coming to Compliance Manager for the first time, or are ready t ## First visit: get to know Compliance Manager -Compliance Manager is located in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. Your organization's global administrator will need to [set up user permissions and assign roles](compliance-manager-setup.md#set-user-permissions-and-assign-roles) before you start using Compliance Manager. +Compliance Manager is located in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. Your organization's global administrator will need to [set up user permissions and assign roles](compliance-manager-setup.md#set-user-permissions-and-assign-roles) before you start using Compliance Manager. The first time you visit Compliance Manager, you'll see a compliance score for your organization. Compliance Manager is already assessing your current Microsoft 365 environment against the data protection baseline. The best way to start getting familiar with Compliance Manager is to understand what it's showing you, its key elements, and how to customize your dashboard. You can also set up automated testing of all or a subset of improvement actions. - [Create your own custom template](compliance-manager-templates-create.md) - [Modify an existing template to add or remove controls and actions](compliance-manager-templates-modify.md) - [Set up automated testing of improvement actions](compliance-manager-setup.md#set-up-automated-testing)-- [Reassign improvement actions to another user](compliance-manager-setup.md#reassign-improvement-actions-to-another-user) +- [Reassign improvement actions to another user](compliance-manager-setup.md#reassign-improvement-actions-to-another-user)
compliance	Compliance Manager Setup	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-setup.md	Title: "Get started with Microsoft Compliance Manager" + Title: "Get started with Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Set Microsoft Compliance Manager user permissions and roles, and configure automated testing of actions. Manage user history and filter your dashboard view." +description: "Set Microsoft Purview Compliance Manager user permissions and roles, and configure automated testing of actions. Manage user history and filter your dashboard view." # Get started with Compliance Manager + In this article: This article helps you set up Compliance Manager. Learn how to access Compliance Manager, set roles and permissions, and configure automatic testing of improvement actions. Walk through your Compliance Manager dashboard and understand the main pages: the improvement actions page, the solutions page, the assessments page, and the assessment templates page. ## Who can access Compliance Manager -Compliance Manager is available to organizations with Office 365 and Microsoft 365 licenses, and to US Government Community Cloud (GCC) Moderate, GCC High, and Department of Defense (DoD) customers. Assessment availability and management capabilities depend on your licensing agreement. [View service description details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +Compliance Manager is available to organizations with Office 365 and Microsoft 365 licenses, and to US Government Community Cloud (GCC) Moderate, GCC High, and Department of Defense (DoD) customers. Assessment availability and management capabilities depend on your licensing agreement. [View service description details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager). ## Before you begin The Microsoft 365 global administrator for your organization will likely be the ## Sign in -1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in with your Microsoft 365 global administrator account. +1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in with your Microsoft 365 global administrator account. 2. Select Compliance Manager on the left navigation pane. You'll arrive at your [Compliance Manager dashboard](#understand-the-compliance-manager-dashboard). The direct link to access Compliance Manager is [https://compliance.microsoft.com/compliancemanager](https://compliance.microsoft.com/compliancemanager). Compliance Manager uses a role-based access control (RBAC) permission model. Onl ### Where to set permissions -The person holding the global admin role for your organization can set user permissions for Compliance Manager. Permissions can be set in the Microsoft 365 compliance center as well as in Azure Active Directory (Azure AD). +The person holding the global admin role for your organization can set user permissions for Compliance Manager. Permissions can be set in the Microsoft Purview compliance portal as well as in Azure Active Directory (Azure AD). > [!NOTE] > Customers in US Government Community (GCC) High and Department of Defense (DoD) environments can only set user permissions and roles for Compliance Manager in Azure AD. See below for Azure AD instructions and role type definitions. -To set permissions and assign roles in the Microsoft 365 compliance center, follow the steps below: +To set permissions and assign roles in the Microsoft Purview compliance portal, follow the steps below: -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. +1. Go to the Microsoft Purview compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. -2. Under the Compliance center dropdown, select Roles. +2. Under the compliance portal dropdown, select Roles. 3. Find the role group to which you want to add one or more users, and check the box to the left of the group name. (See the [list of roles and related functions below](#role-types). The role group names mimic the role name.) To set permissions and assign roles in the Microsoft 365 compliance center, foll To assign roles and set permissions in Azure AD, see [Assign administrator and non-administrator roles to users with Azure Active Directory](/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal). -Users with Azure AD identities who don't have Office 365 or Microsoft 365 subscriptions won't be able to access Compliance Manager in the Microsoft 365 compliance center. To seek assistance in accessing Compliance Manager, contact [cmresearch@microsoft.com](mailto:cmresearch@microsoft.com). +Users with Azure AD identities who don't have Office 365 or Microsoft 365 subscriptions won't be able to access Compliance Manager in the Microsoft Purview compliance portal. To seek assistance in accessing Compliance Manager, contact [cmresearch@microsoft.com](mailto:cmresearch@microsoft.com). ### Role types Learn more about getting started with assessments by visiting the [Assessments p ## Settings for automated testing and user history -The Compliance Manager settings in the Microsoft 365 compliance center allow you to enable and disable automatic testing of improvement actions. The settings also allow you to manage the data of users associated to improvement actions, including the ability to reassign improvement actions to a different user. Only people with a global administrator or Compliance Manager Administrator role can access the Compliance Manager settings. +The Compliance Manager settings in the Microsoft Purview compliance portal allow you to enable and disable automatic testing of improvement actions. The settings also allow you to manage the data of users associated to improvement actions, including the ability to reassign improvement actions to a different user. Only people with a global administrator or Compliance Manager Administrator role can access the Compliance Manager settings. > [!NOTE] > The automated testing feature is not available to customers in GCC High and DoD environments because Secure Score isn't available in these environments. GCC High and DoD customers will need to manually implement and test their improvement actions. ### Set up automated testing -Compliance Manager detects signals from other Microsoft 365 compliance solutions that your organization subscribes to, including information governance, information protection, data loss prevention, communication compliance, and insider risk management. In each improvement action's details page, the Testing logic field on the Testing tab will show what's required in the other solution in order for the action to pass and earn points toward your compliance score. +Compliance Manager detects signals from other Microsoft Purview solutions that your organization subscribes to, including data lifecycle management, information protection, Microsoft Purview Data Loss Prevention, communication compliance, and insider risk management. In each improvement action's details page, the Testing logic field on the Testing tab will show what's required in the other solution in order for the action to pass and earn points toward your compliance score. Compliance Manager also detects signals from complementary improvement actions that are also monitored by [Microsoft Secure Score](../security/defender/microsoft-secure-score.md). Using these signals, Compliance Manager can automatically test certain improvement actions for you, which helps maximize efficiency in your compliance activities. When an improvement action is successfully tested and implemented, you receive the full amount of points, which gets credited to your overall compliance score. Automatic testing is turned on by default for organizations new to Compliance Ma The global administrator for your organization can change the settings for automated testing at any time. You can turn off automated testing for common improvement actions, or turn it on for individual actions. Follow the instructions below to change your automated testing settings. -1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft 365 compliance center. +1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft Purview compliance portal. 2. On the settings page, select Compliance Manager. The user history settings also allow you to reassign all improvement actions fro To find the user history settings: -1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft 365 compliance center. +1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft Purview compliance portal. 2. On the settings page, select Compliance Manager. The report reflects the improvement actionΓÇÖs status as of its creation date. I Follow the steps below to export a report by user: -1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft 365 compliance center. +1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft Purview compliance portal. 2. On the settings page, select Compliance Manager. You can reassign improvement actions from one user to another. When you reassign Follow the steps below to reassign improvement actions to another user: -1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft 365 compliance center. +1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft Purview compliance portal. 2. On the settings page, select Compliance Manager. Deleting a userΓÇÖs history will remove them as an owner of improvement actions, To delete a userΓÇÖs history, follow the steps below: -1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft 365 compliance center. +1. Select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> in the Microsoft Purview compliance portal. 2. On the settings page, select Compliance Manager.
compliance	Compliance Manager Templates Create	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-create.md	Title: "Create assessment templates in Microsoft Compliance Manager" + Title: "Create assessment templates in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Understand how to create templates for assessments in Microsoft Compliance Manager. Create and modify templates using a formatted Excel file." +description: "Understand how to create templates for assessments in Microsoft Purview Compliance Manager. Create and modify templates using a formatted Excel file." -# Create an assessment template in Microsoft Compliance Manager +# Create an assessment template in Microsoft Purview Compliance Manager + To create your own new template for custom assessments in Compliance Manager, you'll use a specially formatted Excel spreadsheet to assemble the necessary control data. After completing the spreadsheet, you will import it into Compliance Manager.
compliance	Compliance Manager Templates Extend	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-extend.md	Title: "Extend assessment templates in Microsoft Compliance Manager" + Title: "Extend assessment templates in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Understand how to extend assessment templates in Microsoft Compliance Manager to add and modify controls." +description: "Understand how to extend assessment templates in Microsoft Purview Compliance Manager to add and modify controls." -# Extend assessment templates in Microsoft Compliance Manager +# Extend assessment templates in Microsoft Purview Compliance Manager + Compliance Manager offers the option to add your own controls and improvement actions to an existing template. This process is called extending a template.
compliance	Compliance Manager Templates Format Excel	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-format-excel.md	Title: "Format assessment template data in Excel for Microsoft Compliance Manager" + Title: "Format assessment template data in Excel for Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Understand how to work with Excel data for assessment templates in Microsoft Compliance Manager." +description: "Understand how to work with Excel data for assessment templates in Microsoft Purview Compliance Manager." -# Format assessment template data in Excel for Microsoft Compliance Manager +# Format assessment template data in Excel for Microsoft Purview Compliance Manager + When [creating](compliance-manager-templates-create.md), [modifying](compliance-manager-templates-modify.md), or [extending](compliance-manager-templates-extend.md) assessment templates in Compliance Manager, you will work with Excel spreadsheets that use a specific format and schema. These specifications must be followed for the files to import correctly.
compliance	Compliance Manager Templates List	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-list.md	Title: "Microsoft Compliance Manager templates list" + Title: "Microsoft Purview Compliance Manager templates list" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Microsoft Compliance Manager provides templates for building assessments that align to national, regional, and industry regulations, standards, and laws." +description: "Microsoft Purview Compliance Manager provides templates for building assessments that align to national, regional, and industry regulations, standards, and laws." # Compliance Manager templates list + In this article: View the comprehensive list of templates available for creating assessments in Compliance Manager. > [!IMPORTANT] -> The assessment templates that are available to your organization depend on your licensing agreement. [Review details](compliance-manager-templates.md#template-availability-and-licensing). +> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager). ## Overview -[Microsoft Compliance Manager](compliance-manager.md) provides a comprehensive set of templates for creating assessments. These templates can help your organization comply with national, regional, and industry-specific requirements governing the collection and use of data. +[Microsoft Purview Compliance Manager](compliance-manager.md) provides a comprehensive set of templates for creating assessments. These templates can help your organization comply with national, regional, and industry-specific requirements governing the collection and use of data. Templates are added to Compliance Manager as new laws and regulations are enacted. Compliance Manager also updates its templates when the underlying laws or regulations change. Learn more about how to [review and accept updates](compliance-manager-assessments.md#accept-updates-to-assessments).
compliance	Compliance Manager Templates Modify	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-modify.md	Title: "Modify assessment templates in Microsoft Compliance Manager" + Title: "Modify assessment templates in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Understand how to modify assessment templates in Microsoft Compliance Manager." +description: "Understand how to modify assessment templates in Microsoft Purview Compliance Manager." -# Modify assessment templates in Microsoft Compliance Manager +# Modify assessment templates in Microsoft Purview Compliance Manager + When working with assessments in Compliance Manager, you may want to modify an assessment template that you've created. The process is similar to the [template creation](compliance-manager-templates-create.md) process in that you'll upload a formatted Excel file with your template data.
compliance	Compliance Manager Templates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates.md	Title: "Working with assessment templates in Microsoft Compliance Manager" + Title: "Working with assessment templates in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Understand how to use and manage templates for building assessments in Microsoft Compliance Manager. Create and modify templates using a formatted Excel file." +description: "Understand how to use and manage templates for building assessments in Microsoft Purview Compliance Manager. Create and modify templates using a formatted Excel file." # Learn about assessment templates in Compliance Manager + In this article: Understand how templates work and how to manage them from your assessment templates page. Get instructions for creating new templates, extending and modifying existing templates, formatting your template data with Excel, and exporting template reports. > [!IMPORTANT] -> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager). ## Templates overview GCC High and DOD accounts must purchase template licenses through [volume licens To try out premium templates before you make a purchase, you may also acquire trial versions of the licenses. Trial licenses are good for up to 25 templates for 90 days. Once you obtain your trial license, the templates should become available in your tenant within 48 hours. -If your organization has a commercial license for Compliance Manager, you can learn how to start your trial at [About the free trial for Microsoft Compliance Manager premium assessments](compliance-easy-trials-compliance-manager-assessments.md). +If your organization has a commercial license for Compliance Manager, you can learn how to start your trial at [About the free trial for Microsoft Purview Compliance Manager premium assessments](compliance-easy-trials-compliance-manager-assessments.md). If your organization is under a GCC or DOD license, choose the appropriate trial link for your organization: You can export an Excel file that contains all of a template's data. You'll need To export your template, go to your template details page and select the Export to Excel button. -Note that when exporting a template you extended from a Compliance Manager template, the exported file will only contain the attributes you added to the template. The exported file won't include the original template data provided by Microsoft. To get such a report, see the instructions for [exporting an assessment report](compliance-manager-assessments.md#export-an-assessment-report). +Note that when exporting a template you extended from a Compliance Manager template, the exported file will only contain the attributes you added to the template. The exported file wonΓÇÖt include the original template data provided by Microsoft. To get such a report, see the instructions for [exporting an assessment report](compliance-manager-assessments.md#export-an-assessment-report).
compliance	Compliance Manager Whats New	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-whats-new.md	Title: "What's new in Microsoft Compliance Manager" + Title: "What's new in Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: description: "Find out whatΓÇÖs new in Compliance Manger and whatΓÇÖs to come. Read about updated assessments, new assessment templates, new actions, and more." -# What's new in Microsoft Compliance Manager +# What's new in Microsoft Purview Compliance Manager + In this article: Learn about recent updates in Compliance Manager.
compliance	Compliance Manager	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager.md	Title: "Microsoft Compliance Manager" + Title: "Microsoft Purview Compliance Manager" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Microsoft Compliance Manager helps organizations simplify and automate risk assessments, and suggests recommended actions to help address risks." +description: "Microsoft Purview Compliance Manager helps organizations simplify and automate risk assessments, and suggests recommended actions to help address risks." -# Microsoft Compliance Manager +# Microsoft Purview Compliance Manager + In this article: Learn what Compliance Manager is, how it helps simplify compliance and reduce risk, and its key components. ## What is Compliance Manager? -[Microsoft Compliance Manager](https://compliance.microsoft.com/compliancemanager) is a feature in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> that helps you manage your organizationΓÇÖs compliance requirements with greater ease and convenience. Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. +[Microsoft Purview Compliance Manager](https://compliance.microsoft.com/compliancemanager) is a feature in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> that helps you manage your organizationΓÇÖs compliance requirements with greater ease and convenience. Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. Watch the video below to learn how Compliance Manager can help simplify how your organization manages compliance: <br>
compliance	Compliance Quick Tasks	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-quick-tasks.md	Title: "Quick tasks for getting started with Microsoft 365 compliance" + Title: "Quick tasks for getting started with Microsoft Purview" f1.keywords: - NOCSH ms.localizationpriority: medium description: "Learn about tasks that will help you quickly get started with compliance in Microsoft 365." -# Quick tasks for getting started with Microsoft 365 compliance +# Quick tasks for getting started with Microsoft Purview -If you're new to Microsoft 365 compliance and wondering where to start, this article provides guidance on the basics and prioritizes important compliance tasks. This article will help you quickly get started with managing and monitoring your data, protecting information, and minimizing insider risks. + +If you're new to Microsoft Purview and wondering where to start, this article provides guidance on the basics and prioritizes important compliance tasks. This article will help you quickly get started with managing and monitoring your data, protecting information, and minimizing insider risks. This article is also helpful if you're figuring out how best to manage risks, protect your data, and remain compliant with regulations and standards with a newly remote workforce. Employees are now collaborating and connecting with each other in new ways, and this means your existing compliance processes and controls may need to adapt. Identifying and managing these new compliance risks within your organization is critical to safeguarding your data and minimizing threats and risks. -After youΓÇÖve completed these basic compliance tasks, consider expanding compliance coverage in your organization by implementing additional Microsoft 365 compliance solutions. +After youΓÇÖve completed these basic compliance tasks, consider expanding compliance coverage in your organization by implementing additional Microsoft Purview solutions. ## Task 1: Configure compliance permissions -ItΓÇÖs important to manage who in your organization has access to the Microsoft 365 compliance center to view content and perform management tasks. Microsoft 365 provides administrative roles specific to compliance and for using the tools included in the Microsoft 365 compliance center. +ItΓÇÖs important to manage who in your organization has access to the Microsoft Purview compliance portal to view content and perform management tasks. Microsoft 365 provides administrative roles specific to compliance and for using the tools included in the Microsoft Purview compliance portal. Start by assigning compliance permissions to the people in your organization so that they can perform these tasks and to prevent unauthorized people from having access to areas outside of their responsibilities. YouΓÇÖll want to make sure that youΓÇÖve assigned the proper people to the Compliance data administrator and the Compliance administrator admin roles before you start to configure and implement compliance solutions included with Microsoft 365. YouΓÇÖll also need to assign users to the Azure Active Directory global reader role to view data in Compliance Manager. For step-by-step guidance to configure permissions and assign people to admin ro ItΓÇÖs difficult to know where to go if you donΓÇÖt know where you are. Meeting your compliance needs includes understanding your current level of risk and what updates may be needed in these ever changing times. Whether your organization is new to compliance requirements or has deep experience with standards and regulations that govern your industry, the single best thing you can do to improve compliance is to understand where your organization stands. -[Microsoft Compliance Manager](compliance-manager.md) can help you understand your organization's compliance posture and highlight areas that may need improvement. Compliance Manager uses a centralized dashboard to calculate a risk-based score, measuring your progress in completing actions that help reduce risks around data protection and regulatory standards. You can also use Compliance Manager as a tool to track all your risk assessments. It provides workflow capabilities to help you efficiently complete your risk assessments through a common tool. +[Microsoft Purview Compliance Manager](compliance-manager.md) can help you understand your organization's compliance posture and highlight areas that may need improvement. Compliance Manager uses a centralized dashboard to calculate a risk-based score, measuring your progress in completing actions that help reduce risks around data protection and regulatory standards. You can also use Compliance Manager as a tool to track all your risk assessments. It provides workflow capabilities to help you efficiently complete your risk assessments through a common tool. For step-by-step guidance to get started with Compliance Manager, see [Get started with Compliance Manager](compliance-manager-setup.md). When content is subject to a retention policy, people can continue to edit and w You can quickly put retention policies in place for multiple services in your Microsoft 365 environment that include Teams and Yammer messages, Exchange mail, SharePoint sites, and OneDrive accounts. There are no limits to the number of users, mailboxes or sites that a retention policy can automatically include. But if you need to get more selective, you can do so by configuring either an adaptive scope that's query-based to dynamically target specific instances, or a static scope that specifies specific instances to always include or always exclude. -For step-by-step guidance to configure retention policies, see [Create and configure retention policies](create-retention-policies.md). Because retention policies form the cornerstone of an information governance strategy for Microsoft 365, see [Get started with information governance](get-started-with-information-governance.md). +For step-by-step guidance to configure retention policies, see [Create and configure retention policies](create-retention-policies.md). Because retention policies form the cornerstone of a data lifecycle management strategy for Microsoft 365 apps and services, also see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). ## Task 7: Configure sensitive information and offensive language policies Now that youΓÇÖve configured the basics for compliance management for your organ Whereas retention policies automatically apply to all items at the container level (such as SharePoint sites, user mailboxes, and so on), [retention labels](retention.md#retention-labels) apply to individual items, such as a SharePoint document or an email message. You can apply these labels manually or automatically. -Retention labels can be used as part of your governance information strategy to retain what you need and delete what you don't. Use these labels when you need exceptions to your retention policies when specific documents or emails need different retention or deletion settings. For example, your SharePoint policy retains all documents for three years, but specific business documents must be retained for five years. For more information, see [Create retention labels for exceptions to your retention policies](create-retention-labels-information-governance.md). +Retention labels can be used as part of your data governance strategy to retain what you need and delete what you don't. Use these labels when you need exceptions to your retention policies when specific documents or emails need different retention or deletion settings. For example, your SharePoint policy retains all documents for three years, but specific business documents must be retained for five years. For more information, see [Create retention labels for exceptions to your retention policies](create-retention-labels-data-lifecycle-management.md). -However, retention labels, when used with [records management](records-management.md), provide many more management options to support the full lifecycle of documents and emails. This level of data management is well-suited to high-value items for business, legal, or regulatory record-keeping requirements. For more information, see [Get started with records management](get-started-with-records-management.md). +However, retention labels, when used with [records management](records-management.md), provide many more management options to support documents and emails at the item level. This level of data management is well-suited to high-value items for business, legal, or regulatory record-keeping requirements. For more information, see [Get started with records management](get-started-with-records-management.md). ### Identify and define sensitive information types For step-by-step guidance to define custom sensitive information types, see [Cre ### Prevent data loss -[Data loss prevention (DLP) policies](dlp-learn-about-dlp.md) allow you to identify, monitor, and automatically protect sensitive information across your Microsoft 365 organization. Use DLP policies to identify sensitive items across Microsoft services, prevent the accidental sharing of sensitive items, and help users learn how to stay compliant without interrupting their workflow. +[Microsoft Purview Data Loss Prevention (DLP) policies](dlp-learn-about-dlp.md) allow you to identify, monitor, and automatically protect sensitive information across your Microsoft 365 organization. Use DLP policies to identify sensitive items across Microsoft services, prevent the accidental sharing of sensitive items, and help users learn how to stay compliant without interrupting their workflow. For step-by-step guidance to configure DLP policies, [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md). For data loss management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#office-365-data-loss-prevention-for-exchange-online-sharepoint-online-and-onedrive-for-business). For step-by-step guidance to configure DLP policies, [Create, test, and tune a D More and more, employees have increasing access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent. -[Insider risk management](insider-risk-management-policies.md) in Microsoft 365 uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks. +[Insider risk management](insider-risk-management-policies.md) uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks. For step-by-step guidance to plan and configure insider risk management policies, see [Plan for insider risk management](insider-risk-management-plan.md) and [Get started with insider risk management](insider-risk-management-configure.md). For insider risk management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#insider-risk-management).
compliance	Compliance Score Calculation	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-score-calculation.md	search.appverid: - MOE150 - MET150 -description: "Understand how Microsoft Compliance Manager calculates a personalized score based on actions taken to address risks and improve your compliance posture." +description: "Understand how Microsoft Purview Compliance Manager calculates a personalized score based on actions taken to address risks and improve your compliance posture." # Compliance score calculation + In this article: Learn how Compliance Manager calculates a compliance score for your organization. This article explains how to interpret your score, what the Data Protection Baseline assessment includes, continuous monitoring, and how different types of actions are managed and scored. > [!IMPORTANT] -> Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance. It is up to you to evaluate and validate the effectiveness of customer controls per your regulatory environment. These services are subject to the terms and conditions in the [Online Services Terms](https://go.microsoft.com/fwlink/?linkid=2108910). See also [Microsoft 365 licensing guidance for security and compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +> Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance. It is up to you to evaluate and validate the effectiveness of customer controls per your regulatory environment. These services are subject to the terms and conditions in the [Product Terms](https://go.microsoft.com/fwlink/?linkid=2108910). See also [Microsoft 365 licensing guidance for security and compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager). ## How to read your compliance score Because every organization has specific needs, Compliance Manager relies on you ## How Compliance Manager continuously assesses controls -Compliance Manager automatically identifies settings in your Microsoft 365 environment that help determine when certain configurations meet improvement action implementation requirements. Compliance Manager detects signals from other compliance solutions you may have deployed, including information governance, information protection, communication compliance, and insider risk management, and also leverages Microsoft Secure Score monitoring of complementary improvement actions. +Compliance Manager automatically identifies settings in your Microsoft 365 environment that help determine when certain configurations meet improvement action implementation requirements. Compliance Manager detects signals from other compliance solutions you may have deployed, including data lifecycle management, information protection, communication compliance, and insider risk management, and also leverages Microsoft Secure Score monitoring of complementary improvement actions. Your action status is updated on your dashboard within 24 hours of a change being made. Once you follow a recommendation to implement a control, youΓÇÖll typically see the control status updated the next day. Each action has an assigned value in Compliance Manager based on the risk it rep \| Corrective mandatory \| 3 \| \| Corrective discretionary \| 1 \| -![Compliance Manager action point values.](../media/compliance-score-action-scoring.png "Compliance Manager action point values") +![Compliance Manager action point values.](../media/compliance-score-action-scoring.png "Compliance Manager action point values")
compliance	Configure Irm To Use An On Premises Ad Rms Server	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-irm-to-use-an-on-premises-ad-rms-server.md	# Configure IRM to use an on-premises AD RMS server + For use with on-premises deployments, Information Rights Management (IRM) in Exchange Online uses Active Directory Rights Management Services (AD RMS), an information protection technology in Windows Server 2008 and later. IRM protection is applied to email by applying an AD RMS rights policy template to an email message. Rights are attached to the message itself so that protection occurs online and offline and inside and outside of your organization's firewall. -This topic shows you how to configure IRM to use an AD RMS server. For information about using the new capabilities for Office 365 Message Encryption with Azure Active Directory and Azure Rights Management, see the [Office 365 Message Encryption FAQ](./ome-faq.yml). +This topic shows you how to configure IRM to use an AD RMS server. For information about using Microsoft Purview Message Encryption with Azure Active Directory and Azure Rights Management, see the [Message encryption FAQ](./ome-faq.yml). To learn more about IRM in Exchange Online, see [Information Rights Management in Exchange Online](information-rights-management-in-exchange-online.md).
compliance	Configure Irm To Use Azure Rights Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-irm-to-use-azure-rights-management.md	- M365-security-compliance - seo-marvel-apr2020 -description: "This article contains information about the new capabilities of Office 365 Message Encryption (OME)." +description: "This article contains information about Microsoft Purview Message Encryption." # Configure IRM to use Azure Rights Management -With the release of the new capabilities for Office 365 Message Encryption (OME), you no longer need to set up IRM separately. Microsoft does not recommend setting up new deployments using legacy OME and IRM with Azure Rights Management. For more information about the new OME capabilities, see the [Office 365 Message Encryption FAQ](./ome-faq.yml). If you're ready to get started using the new OME capabilities within your organization, see [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection](./set-up-new-message-encryption-capabilities.md). + +With the release of Microsoft Purview Message Encryption, you no longer need to set up IRM separately. Microsoft does not recommend setting up new deployments using legacy OME and IRM with Azure Rights Management. For more information about the Microsoft Purview Message Encryption, see the [Message encryption FAQ](./ome-faq.yml). If you're ready to get started using Microsoft Purview Message Encryption within your organization, see [Set up Microsoft Purview Message Encryption](./set-up-new-message-encryption-capabilities.md).
compliance	Configure Search And Analytics Settings In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-search-and-analytics-settings-in-advanced-ediscovery.md	Title: Configure search and analytics settings - Advanced eDiscovery + Title: Configure search and analytics settings - eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: "Configure Advanced eDiscovery settings that apply to all review set in a case. This includes settings for analytics and Optical character recognition." +description: "Configure Microsoft Purview eDiscovery (Premium) settings that apply to all review set in a case. This includes settings for analytics and Optical character recognition." -# Configure search and analytics settings in Advanced eDiscovery +# Configure search and analytics settings in eDiscovery (Premium) -You can configure settings for each Advanced eDiscovery case to control the following functionality. +You can configure settings for each Microsoft Purview eDiscovery (Premium) case to control the following functionality. - Near duplicates and email threading You can configure settings for each Advanced eDiscovery case to control the foll To configure search and analytics settings for a case: -1. On the Advanced eDiscovery page, select the case. +1. On the eDiscovery (Premium) page, select the case. 2. On the Settings tab, under Search & analytics, click Select. The case settings page is displayed. These settings are applied to all review sets in a case. - ![Configure analytics and search settings for an Advanced eDiscovery case.](../media/AeDCaseSettings.png) + ![Configure analytics and search settings for an eDiscovery (Premium) case.](../media/AeDCaseSettings.png) ## Near duplicates and email threading In this section, you can set parameters for themes. For more information, see [T - Include numbers in themes: When turned on, numbers (that identify a theme) are included when generating themes. -- Adjust maximum number of themes dynamically: In certain situations, there may not be enough documents in a review set to produce the desired number of themes. When this setting is enabled, Advanced eDiscovery adjusts the maximum number of themes dynamically rather than attempting to enforce the maximum number of themes. +- Adjust maximum number of themes dynamically: In certain situations, there may not be enough documents in a review set to produce the desired number of themes. When this setting is enabled, eDiscovery (Premium) adjusts the maximum number of themes dynamically rather than attempting to enforce the maximum number of themes. ## Review set query -If you select the Automatically create a For Review saved search after analytics checkbox, Advanced eDiscovery autogenerates review set query named For Review. +If you select the Automatically create a For Review saved search after analytics checkbox, eDiscovery (Premium) autogenerates review set query named For Review. ![The For Review autogenerated query.](../media/AeDForReviewQuery.png)
compliance	Content Search Reference	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search-reference.md	search.appverid: - seo-marvel-apr2020 - admindeeplinkMAC -description: "This article contains reference information about the Content search eDiscovery tool in the Microsoft 365 compliance center to help you learn the many details about Content search." +description: "This article contains reference information about the Content search eDiscovery tool in the Microsoft Purview compliance portal to help you learn the many details about Content search." # Feature reference for Content search If it's necessary for an eDiscovery manager to search for content in SharePoint 2. Create a search permissions filter for each satellite geo location (and corresponding user account) the eDiscovery manager needs to search. Each of these search permissions filters limits the scope of the content search to a specific geo location when the eDiscovery manager is signed in to the user account associated with that location. > [!TIP] -> You don't have to use this strategy when using the search tool in [Advanced eDiscovery](overview-ediscovery-20.md). That's because all datacenters are searched when you search SharePoint sites and OneDrive accounts in Advanced eDiscovery. You have to use this strategy of region-specific user accounts and search permissions filters only when using the Content Search tool and running searches associated with [eDiscovery cases](./get-started-core-ediscovery.md). +> You don't have to use this strategy when using the search tool in [eDiscovery (Premium)](overview-ediscovery-20.md). That's because all datacenters are searched when you search SharePoint sites and OneDrive accounts in Microsoft Purview eDiscovery (Premium). You have to use this strategy of region-specific user accounts and search permissions filters only when using the Content Search tool and running searches associated with [eDiscovery cases](./get-started-core-ediscovery.md). For example, let's say that an eDiscovery manager needs to search for SharePoint and OneDrive content in satellite locations in North American, Europe, and Asia Pacific. The first step is to create three users accounts, one for each location. The next step is to create three search permissions filters, one for each location and corresponding user account. Here are examples of the three search permissions filters for this scenario. In each of these examples, the Region specifies the SharePoint datacenter location for that geo and the Users parameter specifies the corresponding user account.
compliance	Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search.md	Title: "Create and run a Content search in the Microsoft 365 compliance center" + Title: "Create and run a Content search in the Microsoft Purview compliance portal" f1.keywords: - NOCSH description: "Use the Content search eDiscovery tool in the compliance center to # Create a content search -You can use the Content search eDiscovery tool in the Microsoft 365 compliance center to search for in-place content such as email, documents, and instant messaging conversations in your organization. Use this tool to search for content in these cloud-based Microsoft 365 data sources: +You can use the Content search eDiscovery tool in the Microsoft Purview compliance portal to search for in-place content such as email, documents, and instant messaging conversations in your organization. Use this tool to search for content in these cloud-based Microsoft 365 data sources: - Exchange Online mailboxes After you run a search, the number of content locations and an estimated number ## Before you run a search -- To access to the Content search tool in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> (to run searches and preview results and export results), an administrator, compliance officer, or eDiscovery manager must be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- To access to the Content search tool in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a> (to run searches and preview results and export results), an administrator, compliance officer, or eDiscovery manager must be a member of the eDiscovery Manager role group in the compliance portal. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). - In an Exchange hybrid deployment, you can't use the Content search tool to search on-premises mailboxes. You can only use the tool to search cloud-based mailboxes. After you run a search, the number of content locations and an estimated number 1. Go to <https://compliance.microsoft.com> and sign in using the credentials of an account that's been assigned the appropriate permissions. -2. In the left navigation pane of the Microsoft 365 compliance center, click Content search. +2. In the left navigation pane of the compliance portal, click Content search. 3. On the Content search page, click New search.
compliance	Conversation Review Sets	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/conversation-review-sets.md	Title: "Review conversations in Advanced eDiscovery" + Title: "Review conversations in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn about the conversation reconstruction feature in Advanced eDiscovery (called conversation threading) to reconstruct, review, and export chat conversations in Microsoft Teams and Yammer groups." +description: "Learn about the conversation reconstruction feature in Microsoft Purview eDiscovery (Premium) (called conversation threading) to reconstruct, review, and export chat conversations in Microsoft Teams and Yammer groups." -# Conversation threading in Advanced eDiscovery +# Conversation threading in eDiscovery (Premium) Instant messaging is a convenient way to ask questions, share ideas, or quickly communicate across large audiences. As instant messaging platforms, like Microsoft Teams and Yammer groups, become core to enterprise collaboration, organizations must evaluate how their eDiscovery workflow addresses these new forms of communication and collaboration. -The conversation reconstruction feature in Advanced eDiscovery is designed to help you identify contextual content and produce distinct conversation views. This capability allows you to efficiently and rapidly review complete instant message conversations (also called threaded conversations) that are generated in platforms like Microsoft Teams. +The conversation reconstruction feature in Microsoft Purview eDiscovery (Premium) is designed to help you identify contextual content and produce distinct conversation views. This capability allows you to efficiently and rapidly review complete instant message conversations (also called threaded conversations) that are generated in platforms like Microsoft Teams. -With conversation reconstruction, you can use built-in capabilities to reconstruct, review, and export threaded conversations. Use Advanced eDiscovery conversation reconstruction to: +With conversation reconstruction, you can use built-in capabilities to reconstruct, review, and export threaded conversations. Use eDiscovery (Premium) conversation reconstruction to: - Preserve unique message-level metadata across all messages within a conversation. Here are few definitions to help you get start using conversation reconstruction ## Step 1: Create a draft collection -After you have identified relevant custodians and content locations, you can create a search to find potentially relevant content. On the Collections tab in the Advanced eDiscovery case, you can create a collection by clicking New collection and following the wizard. For information about how you can create a collection, build a search query, and preview the search results, see [Create a draft collection](create-draft-collection.md). +After you have identified relevant custodians and content locations, you can create a search to find potentially relevant content. On the Collections tab in the eDiscovery (Premium) case, you can create a collection by clicking New collection and following the wizard. For information about how you can create a collection, build a search query, and preview the search results, see [Create a draft collection](create-draft-collection.md). ## Step 2: Commit a draft collection to a review set When you add items from conversations to a review set, you can use the threaded 1. Using a keyword and date range query, the search returned a hit on Message 3. This message was part of a larger conversation, illustrated by CRC1. -2. When you add the data into a review set and enable the conversation retrieval options, Advanced eDiscovery will go back and collect other items in CRC1. +2. When you add the data into a review set and enable the conversation retrieval options, eDiscovery (Premium) will go back and collect other items in CRC1. 3. After the items have been added to the review set, you can review all the individual messages from CRC1. Specifically, you can export entire chat conversations in a single PDF file or y ## More information -To learn more about how to review case data in Advanced eDiscovery, see the following articles: +To learn more about how to review case data in eDiscovery (Premium), see the following articles: - [Query and filter content in a review set](review-set-search.md) - [Tag documents in a review set](tagging-documents.md)
compliance	Create A Custom Sensitive Information Type In Scc Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell.md	description: "Learn how to create and import a custom sensitive information type # Create a custom sensitive information type using PowerShell + This article shows you how to create an XML rule package file that defines custom [sensitive information types](sensitive-information-type-entity-definitions.md). This article describes a custom sensitive information type that identifies an employee ID. You can use the sample XML in this article as a starting point for your own XML file. For more information about sensitive information types, see [Learn about sensitive information types](sensitive-information-type-learn-about.md). For more information about sensitive information types, see [Learn about sensiti After you've created a well-formed XML file, you can upload it to Microsoft 365 using PowerShell. Then, you're ready to use your custom sensitive information type in policies. You can test its effectiveness in detecting the sensitive information as you intended. > [!NOTE] -> If you don't need the fine-grained control that PowerShell provides, you can create custom sensitive information types in the Microsoft 365 compliance center. For more information, see [Create a custom sensitive information type](create-a-custom-sensitive-information-type.md). +> If you don't need the fine-grained control that PowerShell provides, you can create custom sensitive information types in the Microsoft Purview compliance portal. For more information, see [Create a custom sensitive information type](create-a-custom-sensitive-information-type.md). ## Important disclaimer In addition to confidenceLevel for each Pattern, the Entity has a recommendedCon ## Do you want to support other languages in the UI of the Compliance center? [LocalizedStrings element] -If your compliance team uses the Microsoft 365 Compliance center to create policies in different locales and in different languages, you can provide localized versions of the name and description of your custom sensitive information type. When your compliance team uses Microsoft 365 in a language that you support, they'll see the localized name in the UI. +If your compliance team uses the Microsoft Purview compliance portal to create policies in different locales and in different languages, you can provide localized versions of the name and description of your custom sensitive information type. When your compliance team uses Microsoft 365 in a language that you support, they'll see the localized name in the UI. ![Instance count and match accuracy configuration.](../media/11d0b51e-7c3f-4cc6-96d8-b29bcdae1aeb.png) You can copy this markup, save it as an XSD file, and use it to validate your ru ## More information -- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) - [Sensitive information type functions](sit-functions.md)
compliance	Create A Custom Sensitive Information Type	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-custom-sensitive-information-type.md	# Create custom sensitive information types in the Compliance center + If the pre-configured sensitive information types don't meet your needs, you can create your own custom sensitive information types that you fully define or you can copy one of the pre-configured ones and modify it. The custom sensitive information types that you create by using this method are added to the rule package named `Microsoft.SCCManaged.CustomRulePack`. There are two ways to create a new sensitive information type: - [Sensitive information type functions](sit-functions.md) - [confidence levels](sensitive-information-type-learn-about.md#more-on-confidence-levels) -- You must have Global admin or Compliance admin permissions to create, test, and deploy a custom sensitive information type through the UI. See [About admin roles](/office365/admin/add-users/about-admin-roles) in Office 365. +- Your organization must have a subscription, such as Office 365 Enterprise, that includes Microsoft Purview Data Loss Prevention (DLP). See [Messaging Policy and Compliance ServiceDescription](/office365/servicedescriptions/exchange-online-protection-service-description/messaging-policy-and-compliance-servicedesc). -- Your organization must have a subscription, such as Office 365 Enterprise, that includes Data Loss Prevention (DLP). See [Messaging Policy and Compliance ServiceDescription](/office365/servicedescriptions/exchange-online-protection-service-description/messaging-policy-and-compliance-servicedesc). +- Your organization must have a subscription, such as Office 365 Enterprise, that includes data loss prevention (DLP). See [Messaging Policy and Compliance ServiceDescription](/office365/servicedescriptions/exchange-online-protection-service-description/messaging-policy-and-compliance-servicedesc). > [!IMPORTANT] > Microsoft Customer Service & Support can't assist with creating custom classifications or regular expression patterns. Support engineers can provide limited support for the feature, such as, providing sample regular expression patterns for testing purposes, or assisting with troubleshooting an existing regular expression pattern that's not triggering as expected, but can't provide assurances that any custom content-matching development will fulfill your requirements or obligations. The SIT instance count limit applies when SITs are used in these solutions: - DLP policies - Information Protection-- Information Governance +- Data Lifecycle Management - Communication Compliance - Records Management - Microsoft Defender for Cloud Apps
compliance	Create A Dlp Policy From A Template	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-dlp-policy-from-a-template.md	description: In this article, you'll learn about how to create DLP policies usin # Create a DLP policy from a template -The easiest, most common way to get started with DLP policies is to use one of the templates included in the Microsoft 365 Compliance center. You can use one of these templates as is, or customize the rules to meet your organization's specific compliance requirements. + +The easiest, most common way to get started with DLP policies is to use one of the templates included in the Microsoft Purview compliance portal. You can use one of these templates as is, or customize the rules to meet your organization's specific compliance requirements. Microsoft 365 includes over 40 ready-to-use templates that can help you meet a wide range of common regulatory and business policy needs. See; [Policy templates](dlp-policy-reference.md#policy-templates) for a complete list. These permissions are required to create and apply a DLP policy not to enforce p There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins Here's a list of MIP role groups that are in preview. To learn more about the, s ### Create the DLP policy from a template -1. Sign in to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Sign in to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. -2. In the Compliance Center \> left navigation \> Solutions \> Data loss prevention \> Policies \> + Create policy. +2. In the Microsoft Purview compliance portal \> left navigation \> Solutions \> Data loss prevention \> Policies \> + Create policy. ![Create a policy button.](../media/b1e48a08-92e2-47ca-abdc-4341694ddc7c.png)
compliance	Create A Keyword Dictionary	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-keyword-dictionary.md	description: "Learn the basic steps to creating a keyword dictionary in the Offi # Create a keyword dictionary -Data loss prevention (DLP) can identify, monitor, and protect your sensitive items. Identifying sensitive items sometimes requires looking for keywords, particularly when identifying generic content (such as healthcare-related communication), or inappropriate or explicit language. Although you can create keyword lists in sensitive information types, keyword lists are limited in size and require modifying XML to create or edit them. Keyword dictionaries provide simpler management of keywords and at a much larger scale, supporting up to 1 MB of terms (post compression) in the dictionary and support any language. The tenant limit is also 1 MB after compression. 1 MB of post compression limit means that all dictionaries combined across a tenant can have close to 1 million characters. + +Microsoft Purview Data Loss Prevention (DLP) can identify, monitor, and protect your sensitive items. Identifying sensitive items sometimes requires looking for keywords, particularly when identifying generic content (such as healthcare-related communication), or inappropriate or explicit language. Although you can create keyword lists in sensitive information types, keyword lists are limited in size and require modifying XML to create or edit them. Keyword dictionaries provide simpler management of keywords and at a much larger scale, supporting up to 1 MB of terms (post compression) in the dictionary and support any language. The tenant limit is also 1 MB after compression. 1 MB of post compression limit means that all dictionaries combined across a tenant can have close to 1 million characters. ## Keyword dictionary limits Remove-Item $rawFile The keywords for your dictionary could come from various sources, most commonly from a file (such as a .csv or .txt list) imported in the service or by PowerShell cmdlet, from a list you enter directly in the PowerShell cmdlet, or from an existing dictionary. When you create a keyword dictionary, you follow the same core steps: -1. Use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> or connect to Security & Compliance Center PowerShell. +1. Use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> or connect to Security & Compliance Center PowerShell. 2. Define or load your keywords from your intended source. The wizard and the cmdlet both accept a comma-separated list of keywords to create a custom keyword dictionary, so this step will vary slightly depending on where your keywords come from. Once loaded, they're encoded and converted to a byte array before they're imported. The keywords for your dictionary could come from various sources, most commonly Use the following steps to create and import keywords for a custom dictionary: -1. Connect to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Connect to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. Navigate to Classifications > Sensitive info types.
compliance	Create A Report On Holds In Ediscovery Cases	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-report-on-holds-in-ediscovery-cases.md	description: Learn how to generate a report that contains information about all # Use a script to create a report on holds in eDiscovery cases -The script in this article lets eDiscovery administrators and eDiscovery managers generate a report that contains information about all holds that are associated with Core and Advanced eDiscovery cases in the Microsoft 365 compliance center. The report contains information such as the name of the case a hold is associated with, the content locations that are placed on hold, and whether the hold is query-based. If there are cases that don't have any holds, the script will create an additional report with a list of cases without holds. +The script in this article lets eDiscovery administrators and eDiscovery managers generate a report that contains information about all holds that are associated with Core and eDiscovery (Premium) cases in the Microsoft Purview compliance portal. The report contains information such as the name of the case a hold is associated with, the content locations that are placed on hold, and whether the hold is query-based. If there are cases that don't have any holds, the script will create an additional report with a list of cases without holds. See the [More information](#more-information) section for a detailed description of the information included in the report. After you've connected to Security & Compliance Center PowerShell, the next step } #get information on the cases and pass values to the case report function " " - write-host "Gathering a list of Core eDiscovery cases and holds..." + write-host "Gathering a list of eDiscovery (Standard) cases and holds..." " " $edc =Get-ComplianceCase -ErrorAction SilentlyContinue foreach($cc in $edc) After you've connected to Security & Compliance Center PowerShell, the next step } #get information on the cases and pass values to the case report function " " - write-host "Gathering a list of Advanced eDiscovery cases and holds..." + write-host "Gathering a list of eDiscovery (Premium) cases and holds..." " " $edc =Get-ComplianceCase -CaseType Advanced -ErrorAction SilentlyContinue foreach($cc in $edc) The case holds report that's created when you run the script in this article con - The name of the hold and the name of the eDiscovery case that the hold is associated with. -- Whether the hold is associated with a Core or Advanced eDiscovery case. +- Whether the hold is associated with a Core or eDiscovery (Premium) case. - Whether or not the eDiscovery case is active or closed.
compliance	Create Activity Alerts	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-activity-alerts.md	search.appverid: - MET150 ms.assetid: 72bbad69-035b-4d33-b8f4-549a2743e97d -description: Add and manage activity alerts in the Microsoft 365 compliance center so that Microsoft 365 will send you email notifications when users perform specific activities +description: Add and manage activity alerts in the Microsoft Purview compliance portal so that Microsoft 365 will send you email notifications when users perform specific activities # Create activity alerts You can create an activity alert that will send you an email notification when u ## Confirm roles and configure audit logging -- You must be assigned the Organization Configuration role in the Microsoft 365 compliance center to manage activity alerts. By default, this role is assigned to the Compliance Administrator and Organization Management role groups. For more information about adding members to role groups, see [Give users access to the Microsoft 365 compliance center](../security/office-365-security/grant-access-to-the-security-and-compliance-center.md). +- You must be assigned the Organization Configuration role in the Microsoft Purview compliance portal to manage activity alerts. By default, this role is assigned to the Compliance Administrator and Organization Management role groups. For more information about adding members to role groups, see [Give users access to the Microsoft Purview compliance portal](../security/office-365-security/grant-access-to-the-security-and-compliance-center.md). -- You (or another admin) must first turn on audit logging for your organization before you can start using activity alerts. To do this, just click Start recording user and admin activity on the Activity alerts page. (If you don't see this link, auditing has already been turned on for your organization.) You can also turn on auditing on the Audit log search page in the Microsoft 365 compliance center (go to Audit). You only have to do this once for your organization. +- You (or another admin) must first turn on audit logging for your organization before you can start using activity alerts. To do this, just click Start recording user and admin activity on the Activity alerts page. (If you don't see this link, auditing has already been turned on for your organization.) You can also turn on auditing on the Audit log search page in the compliance portal (go to Audit). You only have to do this once for your organization. - You can create alerts for the same activities that you can search for in the audit log. See the [More information](#more-information) section for a list of common scenarios (and the specific activity to monitor) that you can create alerts for. -- You can use the Activity alerts page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> to create alerts only for activity performed by users who are listed in your organization's address book. You can't use this page to create alerts for activities performed by external users who aren't listed in the address book. +- You can use the Activity alerts page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a> to create alerts only for activity performed by users who are listed in your organization's address book. You can't use this page to create alerts for activities performed by external users who aren't listed in the address book. ## Create an activity alert -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>. 2. Sign in using your work or school account. You can create an activity alert that will send you an email notification when u You can turn off an activity alert so that an email notification isn't sent. After you turn off the activity alert, it's still displayed in the list of activity alerts for your organization, and you can still view its properties. -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>. 2. Sign in using your work or school account. To turn an activity alert back on, just repeat these steps and click the Off ## More information -- Here's an example of the email notification that is sent to the users that are specified in the Sent this alert to field (and listed under Recipients on the Activity alerts page) in the Microsoft 365 compliance center. +- Here's an example of the email notification that is sent to the users that are specified in the Sent this alert to field (and listed under Recipients on the Activity alerts page) in the compliance portal. ![Example of an email notification sent for an activity alert.](../media/a5f91611-fae6-4fe9-82f5-58521a2e2541.png)
compliance	Create And Manage Advanced Ediscoveryv2 Case	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-and-manage-advanced-ediscoveryv2-case.md	Title: "Create and manage Advanced eDiscovery cases in Microsoft 365" + Title: "Create and manage eDiscovery (Premium) cases in Microsoft 365" f1.keywords: - NOCSH Previously updated : Last updated : 04/08/2022 audience: Admin search.appverid: - MOE150 - MET150 -description: "This article describes how to create and manage Advanced eDiscovery cases. The first step is to create a case and start using Advanced eDiscovery features and functionality." +description: "This article describes how to create and manage Microsoft Purview eDiscovery (Premium) cases. The first step is to create a case and start using eDiscovery (Premium) features and functionality." -# Create and manage an Advanced eDiscovery case +# Create and manage an eDiscovery (Premium) case -After setting up Advanced eDiscovery and [assigning permissions to eDiscovery managers](get-started-with-advanced-ediscovery.md#step-2-assign-ediscovery-permissions) in your organization that will manage cases, the next step is to create and manage a case. +After setting up Microsoft Purview eDiscovery (Premium) and [assigning permissions to eDiscovery managers](get-started-with-advanced-ediscovery.md#step-2-assign-ediscovery-permissions) in your organization that will manage cases, the next step is to create and manage a case. -This article also provides a high-level overview of using cases to manage the Advanced eDiscovery workflow for a legal case or other types of investigations. +This article also provides a high-level overview of using cases to manage the eDiscovery (Premium) workflow for a legal case or other types of investigations. ## Create a case -Complete the following steps to create a case and add members. The user who creates the case is automatically added as a member. Members of the case can access the case in the Microsoft 365 compliance center and perform Advanced eDiscovery tasks. +Complete the following steps to create a case and add members. The user who creates the case is automatically added as a member. Members of the case can access the case in the Microsoft Purview compliance portal and perform eDiscovery (Premium) tasks. -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for user account that has been assigned eDiscovery permissions. Members of the Organization Management role group can also create Advanced eDiscovery cases. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a> and sign in using the credentials for user account that has been assigned eDiscovery permissions. Members of the Organization Management role group can also create eDiscovery (Premium) cases. -2. In the left navigation pane of the Microsoft 365 compliance center, click Show all, and then select eDiscovery > Advanced, and then select the <a href="https://go.microsoft.com/fwlink/p/?linkid=2173764" target="_blank">Cases tab</a>. +2. In the left navigation pane of the compliance portal, click Show all, and then select eDiscovery > Advanced, and then select the <a href="https://go.microsoft.com/fwlink/p/?linkid=2173764" target="_blank">Cases tab</a>. 3. Select Create a case. Complete the following steps to create a case and add members. The user who crea ## Manage the workflow -To get you started using Advanced eDiscovery, here's a basic workflow that aligns with [common eDiscovery practices](advanced-ediscovery-edrm.md). In each of these steps, we'll also highlight some extended Advanced eDiscovery functionality that you can explore. +To get you started using eDiscovery (Premium), here's a basic workflow that aligns with [common eDiscovery practices](advanced-ediscovery-edrm.md). In each of these steps, we'll also highlight some extended eDiscovery (Premium) functionality that you can explore. -![Advanced eDiscovery workflow.](../media/AeDWorkflow.png) +![eDiscovery (Premium) workflow.](../media/AeDWorkflow.png) 1. [Add custodians](add-custodians-to-case.md) and [non-custodial data sources](non-custodial-data-sources.md) to the case. The first step after creating a case is to add custodians. A custodian is a person having administrative control of a document or electronic file that may be relevant to the case. Additionally, you can add data sources that aren't associated with a specific user but may be relevant to the case. To get you started using Advanced eDiscovery, here's a basic workflow that align - You can associate other data sources with a custodian (for example, you can associate a SharePoint site or Microsoft 365 Group with a custodian) so this data can be reindexed, placed on hold, and searched, just like the data in the custodian's mailbox or OneDrive account. - - You can use the [communications workflow](managing-custodian-communications.md) in Advanced eDiscovery to send a legal hold notification to custodians. + - You can use the [communications workflow](managing-custodian-communications.md) in eDiscovery (Premium) to send a legal hold notification to custodians. 2. [Collect relevant content from data sources](create-draft-collection.md). After you add custodians and non-custodial data sources to a case, use the built-in collections tool to search these data sources for content that may be relevant to the case. You use keywords, properties, and conditions to [build search queries](building-search-queries.md) that return search results with the data that's most likely relevant to the case. You can also: To get you started using Advanced eDiscovery, here's a basic workflow that align 3. [Commit collection to a review set](commit-draft-collection.md). Once you've configured and verified that a search returns the desired data, the next step is to add the search results to a review set. When you add data to a review set, items are copied from their original location to a secure Azure Storage location. The data is reindexed again to optimize it for thorough and fast searches when reviewing and analyzing items in the review set. Additionally, you can also [add non-Office 365 data into a review set](load-non-office-365-data-into-a-review-set.md). - There's also a special kind of review set that you can add data to, called a conversation review set. These types of reviews sets provide conversation reconstruction capabilities to reconstruct, review, and export threaded conversations like those in Microsoft Teams. For more information, see [Review conversations in Advanced eDiscovery](conversation-review-sets.md). + There's also a special kind of review set that you can add data to, called a conversation review set. These types of reviews sets provide conversation reconstruction capabilities to reconstruct, review, and export threaded conversations like those in Microsoft Teams. For more information, see [Review conversations in eDiscovery (Premium)](conversation-review-sets.md). 4. Review and analyze data in a review set. Now that data is in a review set, you can use a wide-variety of tools and capabilities to view and analyze the case data with the goal of reducing the data set to what is most relevant to the case you're investigating. Here's a list of some tools and capabilities that you can use during this process. To get you started using Advanced eDiscovery, here's a basic workflow that align - [Annotate and redact documents](view-documents-in-review-set.md#annotate-view). You can use the annotation tool in a review to annotate documents and redact content in documents as work product. We generate a PDF version of an annotated or redacted document during review to reduce the risk of exporting the unredacted native version of the document. - - [Analyze case data](analyzing-data-in-review-set.md). The analytics functionality in Advanced eDiscovery is powerful. After you run analytics on the data in review set, we perform analysis such as near duplicate detection, email threading, and themes that can help reduce the volume of documents that you have to review. We also generate an Analytics reports that summarize the result of running analytics. As previously explained, running analytics also runs [the attorney-client privilege detection model](attorney-privilege-detection.md#use-the-attorney-client-privilege-detection-model). + - [Analyze case data](analyzing-data-in-review-set.md). The analytics functionality in eDiscovery (Premium) is powerful. After you run analytics on the data in review set, we perform analysis such as near duplicate detection, email threading, and themes that can help reduce the volume of documents that you have to review. We also generate an Analytics reports that summarize the result of running analytics. As previously explained, running analytics also runs [the attorney-client privilege detection model](attorney-privilege-detection.md#use-the-attorney-client-privilege-detection-model). -5. Export and download case data. A final step after collecting, reviewing, and analyzing case data is to export it out of Advanced eDiscovery for external review or for review by people outside of the investigation team. Exporting data is a two-step process. The first step is to [export](export-documents-from-review-set.md) data out of the review set and copy it to a different Azure Storage location (one provided by Microsoft or one managed by your organization). Then you use Azure Storage Explorer to [download](download-export-jobs.md) the data to a local computer. In addition to the exported data files, the contains of the export package also contains an export report, a summary report, and an error report. +5. Export and download case data. A final step after collecting, reviewing, and analyzing case data is to export it out of eDiscovery (Premium) for external review or for review by people outside of the investigation team. Exporting data is a two-step process. The first step is to [export](export-documents-from-review-set.md) data out of the review set and copy it to a different Azure Storage location (one provided by Microsoft or one managed by your organization). Then you use Azure Storage Explorer to [download](download-export-jobs.md) the data to a local computer. In addition to the exported data files, the contains of the export package also contains an export report, a summary report, and an error report. -## Advanced eDiscovery architecture +## eDiscovery (Premium) architecture -Here's an architecture diagram that shows the Advanced eDiscovery end-to-end workflow in a single-geo environment and in a multi-geo environment, and the end-to-end data flow that's aligned with the [Electronic Discovery Reference Model](overview-ediscovery-20.md#advanced-ediscovery-alignment-with-the-electronic-discovery-reference-model). +Here's an architecture diagram that shows the eDiscovery (Premium) end-to-end workflow in a single-geo environment and in a multi-geo environment, and the end-to-end data flow that's aligned with the [Electronic Discovery Reference Model](overview-ediscovery-20.md#ediscovery-premium-alignment-with-the-electronic-discovery-reference-model). -[![Model poster: Advanced eDiscovery Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) +[![Model poster: eDiscovery (Premium) Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) [View as an image](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png)
compliance	Create And Manage Inactive Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-and-manage-inactive-mailboxes.md	description: "Create and manage inactive mailboxes that retain the contents of d # Create and manage inactive mailboxes + Inactive mailboxes let you retain former employees' email after they leave your organization and can be accessed by authorized people who have been granted [eDiscovery permissions](assign-ediscovery-permissions.md) for compliance or legal reasons. For example, administrators, compliance officers, and records managers who can then use Content Search to search and export the contents of an inactive mailbox. Inactive mailboxes can't receive email and aren't displayed in your organization's shared address book or other lists. For more information about inactive mailboxes, see [Learn about inactive mailboxes](inactive-mailboxes-in-office-365.md). The following table summarizes the process of making an inactive mailbox for dif To view a list of the inactive mailboxes in your organization: -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for a Global administrator or a Compliance administrator account in your organization. +1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in using the credentials for a Global administrator or a Compliance administrator account in your organization. -2. In the left navigation pane, click Show all, and then click Information governance > Retention. +2. In the left navigation pane, click Show all, and then click Data lifecycle management > Retention. ![Click the Inactive Mailbox button on the Retention page.](../media/MCCInactiveMailboxes1.png) Get-Mailbox -InactiveMailboxOnly \| Select Displayname,PrimarySMTPAddress,Disting ## Search and export the contents of an inactive mailbox -You can access the contents of the inactive mailbox by using the Content Search tool in the Microsoft 365 compliance center. When you search an inactive mailbox, you can create a keyword search query to search for specific items or you can return the entire contents of the inactive mailbox. You can preview the search results or export the search results to an Outlook Data (PST) file or as individual email messages. For step-by-step procedures for searching mailboxes and exporting search results, see the following topics: +You can access the contents of the inactive mailbox by using the Content Search tool in the Microsoft Purview compliance portal. When you search an inactive mailbox, you can create a keyword search query to search for specific items or you can return the entire contents of the inactive mailbox. You can preview the search results or export the search results to an Outlook Data (PST) file or as individual email messages. For step-by-step procedures for searching mailboxes and exporting search results, see the following topics: - [Content search](content-search.md)
compliance	Create Apply Retention Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-apply-retention-labels.md	Title: "Publish retention labels and apply them in apps to retain or delete content" + Title: "Publish and apply retention labels" f1.keywords: - NOCSH description: Instructions to publish retention labels so you can then apply them # Publish retention labels and apply them in apps + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] Use the following instructions for the two admin steps. ## Before you begin -The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see the permissions information for [records management](get-started-with-records-management.md#permissions) or [information governance](get-started-with-information-governance.md#permissions-for-retention-policies-and-retention-labels), depending on the solution you're using. +The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see the permissions information for [records management](get-started-with-records-management.md#permissions) or [data lifecycle management](get-started-with-data-lifecycle-management.md#permissions-for-retention-policies-and-retention-labels), depending on the solution you're using. Make sure you have [created the retention labels](file-plan-manager.md#create-retention-labels) you want to apply to items. Make sure you have [created the retention labels](file-plan-manager.md#create-re Decide before you create your retention label policy whether it will be adaptive or static. For more information, see [Adaptive or static policy scopes for retention](retention.md#adaptive-or-static-policy-scopes-for-retention). If you decide to use an adaptive policy, you must create one or more adaptive scopes before you create your retention label policy, and then select them during the create retention label policy process. For instructions, see [Configuration information for adaptive scopes](retention-settings.md#configuration-information-for-adaptive-scopes). -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, go to one of the following locations: +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, go to one of the following locations: - If you are using records management: - Solutions > Records management > > Label policies tab > Publish labels - - If you are using information governance: - - Solutions > Information governance > Label policies tab > Publish labels + - If you are using data lifecycle management: + - Solutions > Data lifeycle management > Label policies tab > Publish labels Don't immediately see your solution in the navigation pane? First select Show all. If you publish retention labels to Exchange, it can take up to seven days for th ![Diagram of when published labels take effect.](../media/retention-labels-published-timings.png) -If the labels don't appear after seven days, check the Status of the label policy by selecting it from the Label policies page in the compliance center. If you see (Error) included in the status and in the details for the locations see a message that it's taking longer than expected to deploy the policy or to try redeploying the policy, try running the [Set-AppRetentionCompliancePolicy](/powershell/module/exchange/set-appretentioncompliancepolicy) or [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: +If the labels don't appear after seven days, check the Status of the label policy by selecting it from the Label policies page in the Microsoft Purview compliance portal. If you see (Error) included in the status and in the details for the locations see a message that it's taking longer than expected to deploy the policy or to try redeploying the policy, try running the [Set-AppRetentionCompliancePolicy](/powershell/module/exchange/set-appretentioncompliancepolicy) or [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: 1. [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). To help you track the labels applied from your published retention labeling poli - [Using Content Search to find all content with a specific retention label](retention.md#using-content-search-to-find-all-content-with-a-specific-retention-label) - [Auditing retention actions](retention.md#auditing-retention-actions) -Event-based retention is another supported scenario for retention labels. For more information, see [Start retention when an event occurs](event-driven-retention.md). +Event-based retention is another supported scenario for retention labels. For more information, see [Start retention when an event occurs](event-driven-retention.md).
compliance	Create Draft Collection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-draft-collection.md	search.appverid: - MOE150 - MET150 -description: "A draft collection is an eDiscovery search of custodial and non-custodial data sources in an Advanced eDiscovery case that returns a search estimate that matches the search query of the collection. You can review search statistics, preview a sampling of items, and revise and rerun the collection before you commit the results to a review set." +description: "A draft collection is an eDiscovery search of custodial and non-custodial data sources in an eDiscovery (Premium) case that returns a search estimate that matches the search query of the collection. You can review search statistics, preview a sampling of items, and revise and rerun the collection before you commit the results to a review set." -# Create a draft collection in Advanced eDiscovery +# Create a draft collection in eDiscovery (Premium) After you've identified custodians and any non-custodian data sources for the case, you're ready to identify and locate a set of documents that are relevant. You do this by using the Collections tool to search data sources for relevant content. You do this by creating a collection that searches specified data sources for content that matches your search criteria. You have the option to create a draft collection, which is an estimate of the items are found or you can create a collection that automatically adds the items to a review set. When you create a draft collection, you can views information about the estimated results that matched the search query, such as the total number and size of items found, the different data sources where they were found, and statistics about the search query. You can also preview a sample of items that were returned by the collection. Using these statistics, you can change the search query and rerun the draft collection to narrow your results. Once you're satisfied with the collection results, you can commit the collection to a review set. When you commit a draft collection, the items returned by the collection are added to a review set for review, analysis, and export. After you've identified custodians and any non-custodian data sources for the ca ## Create a draft collection -1. In the Microsoft 365 compliance center, open the Advanced eDiscovery case, and then select the Collections tab. +1. In the Microsoft Purview compliance portal, open the eDiscovery (Premium) case, and then select the Collections tab. 2. On the Collections page, select New collection > Standard collection. After you've identified custodians and any non-custodian data sources for the ca After you create a draft collection, it listed on the Collections page in the case and the status shows that it's in progress. A job named Preparing search preview and estimates is also created and displayed on the Jobs page in the case. -During the draft collection process, Advanced eDiscovery performs a search estimate using the search criteria and data sources that you specified in the collection. Advanced eDiscovery also prepares a sampling of items that you can preview. When the collection is complete, the following columns and corresponding values on the Collection page are updated: +During the draft collection process, eDiscovery (Premium) performs a search estimate using the search criteria and data sources that you specified in the collection. eDiscovery (Premium) also prepares a sampling of items that you can preview. When the collection is complete, the following columns and corresponding values on the Collection page are updated: ![Status states for a draft collection.](../media/DraftCollectionStatus.png)
compliance	Create Ediscovery Holds	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-ediscovery-holds.md	Title: "Create eDiscovery holds in a Core eDiscovery case" + Title: "Create eDiscovery holds in a eDiscovery (Standard) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "You can create a hold that's associated with a Core eDiscovery case in Microsoft 365 to preserve content relevant to an investigation or legal case." +description: "You can create a hold that's associated with a eDiscovery (Standard) case in Microsoft 365 to preserve content relevant to an investigation or legal case." # Create an eDiscovery hold -You can use a Core eDiscovery case to create holds to preserve content that might be relevant to the case. You can place a hold on the Exchange mailboxes and OneDrive for Business accounts of people you're investigating in the case. You can also place a hold on the mailboxes and sites that are associated with Microsoft Teams, Office 365 Groups, and Yammer Groups. When you place content locations on hold, content is preserved until you remove the content location from the hold or until you delete the hold. +You can use a Microsoft Purview eDiscovery (Standard) case to create holds to preserve content that might be relevant to the case. You can place a hold on the Exchange mailboxes and OneDrive for Business accounts of people you're investigating in the case. You can also place a hold on the mailboxes and sites that are associated with Microsoft Teams, Office 365 Groups, and Yammer Groups. When you place content locations on hold, content is preserved until you remove the content location from the hold or until you delete the hold. After you create an eDiscovery hold, it may take up to 24 hours for the hold to take effect. When you create a hold, you have the following options to scope the content that ## How to create an eDiscovery hold -To create an eDiscovery hold that's associated with a Core eDiscovery case: +To create an eDiscovery hold that's associated with a eDiscovery (Standard) case: -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for user account that has been assigned the appropriate eDiscovery permissions. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in using the credentials for user account that has been assigned the appropriate eDiscovery permissions. 2. In the left navigation pane, click Show all, and then click eDiscovery > Core. -3. On the Core eDiscovery page, click the name of the case that you want to create the hold in. +3. On the eDiscovery (Standard) page, click the name of the case that you want to create the hold in. 4. On the Home page for the case, click the Hold tab. Keep the following things in mind about eDiscovery hold statistics: ## Search locations on eDiscovery hold -When you [search for content](search-for-content-in-core-ediscovery.md) in a Core eDiscovery case, you can quickly configure the search to only search the content locations that have been placed on a hold associated with the case. +When you [search for content](search-for-content-in-core-ediscovery.md) in a eDiscovery (Standard) case, you can quickly configure the search to only search the content locations that have been placed on a hold associated with the case. Select the Locations on hold option to search all the content locations that have been placed on hold. If the case contains multiple eDiscovery holds, the content locations from all holds will be searched when you select this option. Additionally, if a content location was placed on a query-based hold, only the items that match the hold query will be searched when you run the search. In other words, only the content that matches both the hold criteria and the search criteria is returned with the search results. For example, if a user was placed on query-based case hold that preserves items that were sent or created before a specific date, only those items would be searched. This is accomplished by connecting the case hold query and the search query by an AND operator. After a mailbox, SharePoint site, or OneDrive account is removed from an eDiscov For more information, see [Releasing a policy for retention](retention.md#releasing-a-policy-for-retention). -A delay hold is also applied to content locations on hold when you close a Core eDiscovery case because holds are turned off when a case is closed. For more information about closing a case, see [Close, reopen, and delete a Core eDiscovery case](close-reopen-delete-core-ediscovery-cases.md). +A delay hold is also applied to content locations on hold when you close a eDiscovery (Standard) case because holds are turned off when a case is closed. For more information about closing a case, see [Close, reopen, and delete a eDiscovery (Standard) case](close-reopen-delete-core-ediscovery-cases.md). ## eDiscovery hold limits The following table lists the limits for eDiscovery cases and case holds. \| Description of limit \| Limit \| \|:--\|:--\| \|Maximum number of cases for an organization. <br/> \|No limit <br/> \| - \|Maximum number of eDiscovery hold policies for an organization. This limit includes the combined total of hold policies in Core eDiscovery and Advanced eDiscovery cases. <br/> \|10,000 <br/> \| + \|Maximum number of eDiscovery hold policies for an organization. This limit includes the combined total of hold policies in eDiscovery (Standard) and eDiscovery (Premium) cases. <br/> \|10,000<sup>1</sup> <br/> \| \|Maximum number of mailboxes in a single eDiscovery hold. This limit includes the combined total of user mailboxes, and the mailboxes associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|1,000 <br/> \| \|Maximum number of sites in a single eDiscovery hold. This limit includes the combined total of OneDrive for Business sites, SharePoint sites, and the sites associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|100 <br/> \| \|Maximum number of cases displayed on the eDiscovery home page, and the maximum number of items displayed on the Holds, Searches, and Export tabs within a case. \|1,000<sup>1</sup>\|
compliance	Create Hold Notification	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-hold-notification.md	search.appverid: - MET150 ms.assetid: -description: Use the Communications tool in an Advanced eDiscovery case to send, collect, and track legal hold notifications. +description: Use the Communications tool in an eDiscovery (Premium) case to send, collect, and track legal hold notifications. # Create a legal hold notice -Using Advanced eDiscovery custodian communications, organizations can manage their workflow around communicating with custodians. Through the Communications tool, legal teams can systematically send, collect, and track legal hold notifications. The flexible creation process also allows teams to customize the hold notification workflow and the content in the notices sent to custodians. +Using eDiscovery (Premium) custodian communications, organizations can manage their workflow around communicating with custodians. Through the Communications tool, legal teams can systematically send, collect, and track legal hold notifications. The flexible creation process also allows teams to customize the hold notification workflow and the content in the notices sent to custodians. ![Communications Page.](../media/CommunicationPage.PNG) The first step is to specify the appropriate details for legal hold notices or o ![Name Communication page.](../media/NameCommunication.PNG) -1. In the Microsoft 365 compliance center, go to eDiscovery > Advanced to display the list of cases in your organization. +1. In the Microsoft Purview compliance portal, go to eDiscovery > Advanced to display the list of cases in your organization. 2. Select a case, click the Communications tab, and then click New communication. The first step is to specify the appropriate details for legal hold notices or o - Name: This is the name for the communication. - - Issuing officer: The drop-down list displays users in your organization who can be selected as the issuing officer for the communication. Each communication sent to custodians will be sent on behalf of the selected issuing officer. The list of users in the drop-down consists of the members of the case and the organization-wide issuing officers. These issuing officers are added by an eDiscovery Administrator, and are available in all Advanced eDiscovery cases in your organization. For more information, see [Manage issuing officers](advanced-ediscovery-issuing-officers.md). + - Issuing officer: The drop-down list displays users in your organization who can be selected as the issuing officer for the communication. Each communication sent to custodians will be sent on behalf of the selected issuing officer. The list of users in the drop-down consists of the members of the case and the organization-wide issuing officers. These issuing officers are added by an eDiscovery Administrator, and are available in all eDiscovery (Premium) cases in your organization. For more information, see [Manage issuing officers](advanced-ediscovery-issuing-officers.md). - - Select communication template: The drop-down list displays the templates from the Communications library on the Advanced eDiscovery settings page. If you select a template, it will be displayed on the Define portal content as a starting point for the text of the notification that you're creating. If you don't select a template, then you'll have to create the notice yourself from scratch. For more information about communication templates, see [Manage custodian communications templates](advanced-ediscovery-communications-library.md). + - Select communication template: The drop-down list displays the templates from the Communications library on the eDiscovery (Premium) settings page. If you select a template, it will be displayed on the Define portal content as a starting point for the text of the notification that you're creating. If you don't select a template, then you'll have to create the notice yourself from scratch. For more information about communication templates, see [Manage custodian communications templates](advanced-ediscovery-communications-library.md). 4. Click Next.
compliance	Create Info Mgmt Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-info-mgmt-policies.md	description: Learn how to set up an information management policy to control how # Create and apply information management policies + Information management policies enable your organization to control how long to retain content, to audit what people do with content, and to add barcodes or labels to documents. A policy can help enforce compliance with legal and governmental regulations or internal business processes. As an administrator, you can set up a policy to control how to track documents and how long to retain documents. You can create an information management policy can at three different locations in the site hierarchy, from the broadest to the narrowest:
compliance	Create Report On And Delete Multiple Content Searches	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searches.md	Title: "Create, report on, and delete multiple Content Searches" + Title: "Create, report on, and delete Content Searches" f1.keywords: - NOCSH ## Before you create a Content Search -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center to run the scripts that are described in this topic. +- You have to be a member of the eDiscovery Manager role group in the Microsoft Purview compliance portal to run the scripts that are described in this topic. - To collect a list of the URLs for the OneDrive for Business sites in your organization that you can add to the CSV file in Step 1, see [Create a list of all OneDrive locations in your organization](/onedrive/list-onedrive-urls).
compliance	Create Retention Labels Data Lifecycle Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-labels-data-lifecycle-management.md	+ + Title: "Create retention labels for exceptions" +f1.keywords: +- NOCSH +++ Last updated : +audience: Admin ++ +ms.localizationpriority : high + +- M365-security-compliance +- SPO_Content +search.appverid: +- MOE150 +- MET150 +description: Instructions to create retention labels for exceptions to retention policies for data lifecycle management so you can retain what you need and delete what you don't. ++ +# Create retention labels for exceptions to your retention policies ++ +>[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). + +As part of your data governance strategy to retain what you need and delete what you don't, you might need to create a few retention labels for items that need exceptions to your retention policies. + +Whereas retention policies automatically apply to all items at the container level (such as SharePoint sites, user mailboxes, and so on), retention labels apply to individual items, such as a SharePoint document or an email message. + +Make sure you understand the [principles of retention](retention.md#the-principles-of-retention-or-what-takes-precedence) before you use retention labels to supplement a retention policy for specific SharePoint, OneDrive, or Exchange items. Typically, you'll use retention labels to retain specific items longer than an applied retention policy, but they can also be used to override automatic deletion at the end of the retention period, or apply a different deletion period. + +As a typical example: The majority of content on your SharePoint sites need to be retained for three years, which is covered with a retention policy. But you have some contract documents that must be retained for seven years. These exceptions can be addressed with retention labels. After assigning the retention policy to all SharePoint sites, you apply the retention labels to the contract documents. All SharePoint items will be retained for three years, and just the contract documents will be retained for seven years. + +For more examples of how retention labels can be used as exceptions to retention policies, see [Combining retention policies and retention labels](retention.md#combining-retention-policies-and-retention-labels). + +Retention labels also support more capabilities than retention policies. For more information, see [Compare capabilities for retention policies and retention labels](retention.md#compare-capabilities-for-retention-policies-and-retention-labels). + +Use the following information to help you create retention labels to supplement retention policies as part of your data lifecycle management strategy. + +> [!NOTE] +> Create retention labels from the Records management solution rather than Data lifecycle management if you need to use retention labels to manage high-value items for business, legal, or regulatory record-keeping requirements. For example, you want to use event-based retention or disposition review. For instructions, see [Use file plan to create and manage retention labels](file-plan-manager.md). + +## Before you begin + +The global admin for your organization has full permissions to create and edit retention labels and their policies. If you aren't signing in as a global admin, see [Permissions for retention policies and retention labels](get-started-with-data-lifecycle-management.md#permissions-for-retention-policies-and-retention-labels). + +## How to create retention labels for data lifecycle management + +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), navigate to: Solutions > Data lifecycle management > Labels tab > + Create a label + + Don't immediately see the Data lifecycle management solution? First select Show all. + +2. Follow the prompts to create the retention label. Be careful what name you choose, because this can't be changed after the label is saved. + + For more information about the retention settings, see [Settings for retaining and deleting content](retention-settings.md#settings-for-retaining-and-deleting-content). + +3. After you have created the label and you see the options to publish the label, auto-apply the label, or just save the label: Select Just save the label for now, and then select Done. + +4. Repeat these steps to create any more retention labels that you need for different retention settings. + +To edit an existing label, select it, and then select the Edit label option to start the Edit retention label configuration that lets you change the label descriptions and any eligible settings. + +Most settings can't be changed after the label is created and saved, which include: +- The retention label name and the retention settings except the retention period. However, you can't change the retention period when the retention period is based on when items were labeled. + +## Next steps + +Now you've created retention labels, they are ready to be added to items by publishing the labels, or automatically applying them: +- [Publish retention labels and apply them in apps](create-apply-retention-labels.md) +- [Apply a retention label to content automatically](apply-retention-labels-automatically.md)
compliance	Create Retention Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-policies.md	Title: "Create and configure retention policies to automatically retain or delete content" + Title: "Automatically retain or delete content by using retention policies" f1.keywords: - NOCSH description: "Use a retention policy to efficiently keep control of the content # Create and configure retention policies + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Use a retention policy to manage the data for your organization by deciding proactively whether to retain content, delete content, or retain and then delete the content. For more information about retention policies and how retention works in Microso ## Before you begin -The global admin for your organization has full permissions to create and edit retention policies. If you aren't signing in as a global admin, see the [permissions information for information governance](get-started-with-information-governance.md#permissions-for-retention-policies-and-retention-labels). +The global admin for your organization has full permissions to create and edit retention policies. If you aren't signing in as a global admin, see the [permissions information for data lifecycle management](get-started-with-data-lifecycle-management.md#permissions-for-retention-policies-and-retention-labels). Decide before you create your retention policy whether it will be adaptive or static. For more information, see [Adaptive or static policy scopes for retention](retention.md#adaptive-or-static-policy-scopes-for-retention). If you decide to use an adaptive policy, you must create one or more adaptive scopes before you create your retention policy, and then select them during the create retention policy process. For instructions, see [Configuration information for adaptive scopes](retention-settings.md#configuration-information-for-adaptive-scopes). When you have more than one retention policy, and when you also use retention la > [!NOTE] > Retention policies now support [shared channels](/MicrosoftTeams/shared-channels), currently in preview. When you configure retention settings for the Teams channel message location, if a team has any shared channels, they inherit retention settings from their parent team. -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Information Governance > Retention Policies. +1. From the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), select Data lifecycle management > Retention Policies. 2. Select New retention policy to start the Create retention policy configuration, and name your new retention policy. It's possible that a retention policy that's applied to Microsoft 365 groups, Sh > > To use this feature, your Yammer network must be [Native Mode](/yammer/configure-your-yammer-network/overview-native-mode), not Hybrid Mode. -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Information Governance > Retention Policies. +1. From the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), select Data lifecycle management > Retention Policies. 2. Select New retention policy to create a new retention policy. Use the following instructions for retention policies that apply to any of these - Microsoft 365 groups - Skype for Business -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Information Governance > Retention Policies. +1. From the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), select Data lifecycle management > Retention Policies. 2. Select New retention policy to start the Create retention policy configuration, and name your new retention policy. When you create and submit a retention policy, it can take up to seven days for ![Diagram of when retention policy take effect.](../media/retention-policy-timings.png) -First, the retention policy needs to be distributed to the locations that you selected, and then applied to content. You can always check the distribution status of the retention policy by selecting it from the Retention policies page in the compliance center. From the flyout pane, if you see (Error) included in the status, and in the details for the locations see a message that it's taking longer than expected to deploy the policy or to try redeploying the policy, try running the [Set-AppRetentionCompliancePolicy](/powershell/module/exchange/set-appretentioncompliancepolicy) or [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: +First, the retention policy needs to be distributed to the locations that you selected, and then applied to content. You can always check the distribution status of the retention policy by selecting it from the Retention policies page in the Microsoft Purview compliance portal. From the flyout pane, if you see (Error) included in the status, and in the details for the locations see a message that it's taking longer than expected to deploy the policy or to try redeploying the policy, try running the [Set-AppRetentionCompliancePolicy](/powershell/module/exchange/set-appretentioncompliancepolicy) or [Set-RetentionCompliancePolicy](/powershell/module/exchange/set-retentioncompliancepolicy) PowerShell command to retry the policy distribution: 1. [Connect to Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). Some settings can't be changed after the policy is created and saved, which incl ## Next steps -If some items for Exchange, SharePoint, OneDrive, or Microsoft 365 Groups need different retention settings from the retention policy settings you've configured, [create retention labels for these exceptions](create-retention-labels-information-governance.md). +If some items for Exchange, SharePoint, OneDrive, or Microsoft 365 Groups need different retention settings from the retention policy settings you've configured, [create retention labels for these exceptions](create-retention-labels-data-lifecycle-management.md). -However, if you're looking for lifecycle management of high-value items for business, legal, or regulatory record-keeping requirements, [use file plan to create and manage retention labels](file-plan-manager.md). +However, if you're looking to manage high-value items for business, legal, or regulatory record-keeping requirements, [use file plan to create and manage retention labels](file-plan-manager.md).
compliance	Create Sensitivity Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-sensitivity-labels.md	search.appverid: - MOE150 - MET150 -description: "A requirement for all Microsoft Information Protection solutions: Create, configure, and publish sensitivity labels to classify and protect your organization's data." +description: "A requirement for all Microsoft Purview Information Protection solutions: Create, configure, and publish sensitivity labels to classify and protect your organization's data." # Create and configure sensitivity labels and their policies + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -All Microsoft Information Protection solutions (sometimes abbreviated to MIP) are implemented by using [sensitivity labels](sensitivity-labels.md). To create and publish these labels, go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +All Microsoft Purview Information Protection solutions are implemented by using [sensitivity labels](sensitivity-labels.md). To create and publish these labels, go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. First, create and configure the sensitivity labels that you want to make available for apps and other services. For example, the labels you want users to see and apply from Office apps. The global admin for your organization has full permissions to create and manage ## Create and configure sensitivity labels -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Solutions > Information protection +1. From the [Microsoft Purview porta](https://compliance.microsoft.com/), select Solutions > Information protection If you don't immediately see this option, first select Show all. -2. On the Labels page, select + Create a label to start the New sensitivity label configuration. - - For example, from the Microsoft 365 compliance center: - +2. On the Labels page, select + Create a label to start the New sensitivity label configuration: + ![Create a sensitivity label.](../media/create-sensitivity-label-full.png) > [!NOTE] The global admin for your organization has full permissions to create and manage - If Groups & sites is selected, you can configure settings that apply to Microsoft 365 groups, and sites for Teams and SharePoint. If this option isn't selected, you see the first page of these settings but you can't configure them and the labels won't be available for users to select for groups and site. - For information about the Schematized data assets scope, see [Automatically label your content in Azure Purview](/azure/purview/create-sensitivity-label). + For information about the Schematized data assets scope, see [Automatically label your content in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label). 4. Follow the configuration prompts for the label settings. Set-Label -Identity $Label -LocaleSettings (ConvertTo-Json $DisplayNameLocaleSet ## Publish sensitivity labels by creating a label policy -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Solutions > Information protection +1. From the [Microsoft Purview porta](https://compliance.microsoft.com/), select Solutions > Information protection If you don't immediately see this option, first select Show all. 2. Select the Label policies tab, and then Publish label to start the Create policy configuration:- - For example, from the Microsoft 365 compliance center: - + ![Publish labels.](../media/publish-sensitivity-labels-full.png)- + > [!NOTE] > By default, tenants don't have any label policies and you must create them. Set-Label -Identity $Label -LocaleSettings (ConvertTo-Json $DisplayNameLocaleSet For more information about these settings, see [What label policies can do](sensitivity-labels.md#what-label-policies-can-do) from the overview information and use the help in the UI for individual settings. - For labels configured for Azure Purview assets (preview): These labels don't have any associated policy settings. + For labels configured for Microsoft Purview Data Map assets (preview): These labels don't have any associated policy settings. 6. Repeat these steps if you need different policy settings for different users or scopes. For example, you want additional labels for a group of users, or a different default label for a subset of users. Or, if you have configured labels to have different scopes.
compliance	Create Test Tune Dlp Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-test-tune-dlp-policy.md	description: In this article, you'll learn how to create, test, and tune a DLP p # Create, test, and tune a DLP policy -Data loss prevention (DLP) helps you prevent the unintentional or accidental sharing of sensitive information. + +Microsoft Purview Data Loss Prevention (DLP) helps you prevent the unintentional or accidental sharing of sensitive information. DLP examines email messages and files for sensitive information, like a credit card number. Using DLP you can detect sensitive information, and take action such as: These permissions are required to create and apply a DLP policy not to enforce p There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins See [Sensitive information type entity definitions](sensitive-information-type-e When the risks of data leakage aren't entirely obvious, it's difficult to work out where exactly you should start with implementing DLP. Fortunately, DLP policies can be run in "test mode", allowing you to gauge their effectiveness and accuracy before you turn them on. -DLP policies for Exchange Online can be managed through the Exchange admin center. But you can configure DLP policies for all workloads through the Security & Compliance Center, so that's what I'll use for demonstrations in this article. In the Security & Compliance Center, you'll find the DLP policies under Data loss prevention > Policy. Choose Create a policy to start. +DLP policies for Exchange Online can be managed through the Exchange admin center. But you can configure DLP policies for all workloads through the Microsoft Purview compliance portal, so that's what I'll use for demonstrations in this article. In the Microsoft Purview compliance portal, you'll find the DLP policies under Data loss prevention > Policy. Choose Create a policy to start. Microsoft 365 provides a range of [DLP policy templates](what-the-dlp-policy-templates-include.md) you can use to create policies. Let's say that you're an Australian business. You can filter the templates on Australia, and choose Financial, Medical and Health, and Privacy.
compliance	Customer Key Availability Key Roll	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-key-availability-key-roll.md	description: "Learn how to roll the customer root keys stored in Azure Key Vault # Roll or rotate a Customer Key or an availability key + > [!CAUTION] > Only roll an encryption key that you use with Customer Key when your security or compliance requirements dictate that you must roll the key. In addition, do not delete any keys that are or were associated with policies. When you roll your keys, there will be content encrypted with the previous keys. For example, while active mailboxes will be re-encrypted frequently, inactive, disconnected, and disabled mailboxes may still be encrypted with the previous keys. SharePoint Online performs backup of content for restore and recovery purposes, so there may still be archived content using older keys. SharePoint Online only allows you to roll one key at a time. If you want to roll ## Related articles -- [Service encryption with Customer Key for Office 365](customer-key-overview.md) +- [Service encryption with Customer Key](customer-key-overview.md) -- [Set up Customer Key for Office 365](customer-key-set-up.md) +- [Set up Customer Key](customer-key-set-up.md) -- [Manage Customer Key for Office 365](customer-key-manage.md) +- [Manage Customer Key](customer-key-manage.md) - [Learn about the availability key](customer-key-availability-key-understand.md)
compliance	Customer Key Availability Key Understand	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-key-availability-key-understand.md	description: "Learn about the availability key used to recover lost Customer Key # Learn about the availability key for Customer Key + The availability key is a root key automatically generated and provisioned when you create a data encryption policy. Microsoft 365 stores and protects the availability key. The availability key is functionally like the two root keys that you supply for service encryption with Customer Key. The availability key wraps the keys one tier lower in the key hierarchy. Unlike the keys that you provide and manage in Azure Key Vault, you can't directly access the availability key. Microsoft 365 automated services manage the availability key programatically. These services initiate automated operations that never involve direct access to the availability key. The primary purpose of the availability key is to provide recovery capability from the unanticipated loss of root keys that you manage. Loss could be a result of mismanagement or malicious action. If you lose control of your root keys, contact Microsoft Support and Microsoft will assist you through the process of recovery using the availability key. You'll use the availability key to migrate to a new Data Encryption Policy with new root keys you provision. The availability key provides recovery capability for scenarios in which an exte In addition to the recovery capability, Exchange Online and Skype for Business use the availability key to ensure data availability during transient, or intermittent operational issues, related to the service accessing root keys. When the service cannot reach either of your Customer Keys in Azure Key Vault due to transient errors, the service automatically uses the availability key. The service NEVER goes directly to the availability key. -Automated systems in Exchange Online and Skype for Business may use the availability key during transient errors to support automated back-end services such as anti-virus, e-discovery, data loss prevention, mailbox moves, and data indexing. +Automated systems in Exchange Online and Skype for Business may use the availability key during transient errors to support automated back-end services such as anti-virus, e-discovery, Microsoft Purview Data Loss Prevention, mailbox moves, and data indexing. ### SharePoint Online, OneDrive for Business, and Teams files uses Microsoft 365 uses the availability key to wrap the tier of keys lower in the ke ### Encryption ciphers used to encrypt keys for Exchange Online and Skype for Business -![Encryption ciphers for Exchange Online Customer Key](../media/customerkeyencryptionhierarchiesexchangeskype.png) +![Encryption ciphers for Exchange Online in Customer Key](../media/customerkeyencryptionhierarchiesexchangeskype.png) ### Encryption ciphers used to encrypt keys for SharePoint Online and OneDrive for Business -![Encryption ciphers for SharePoint Online Customer Key](../media/customerkeyencryptionhierarchiessharepointonedriveteamsfiles.png) +![Encryption ciphers for SharePoint Online in Customer Key](../media/customerkeyencryptionhierarchiessharepointonedriveteamsfiles.png) ## Related articles
compliance	Customer Key Manage	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-key-manage.md	description: "After you set up Customer Key, learn how to manage it by restoring # Manage Customer Key -After you've set up Customer Key for Office 365, you'll need to create and assign one or more data encryption policies (DEP). Once you've assigned your DEPs, you can manage your keys as described in this article. Learn more about Customer Key in the related topics. + +After you've set up Customer Key, you'll need to create and assign one or more data encryption policies (DEP). Once you've assigned your DEPs, you can manage your keys as described in this article. Learn more about Customer Key in the related topics. ## Create a DEP for use with multiple workloads for all tenant users -Before you begin, ensure that you've completed the tasks required to set up Customer. For information, see [Set up Customer Key](customer-key-set-up.md). To create the DEP, you need the Key Vault URIs you obtained during setup. For information, see [Obtain the URI for each Azure Key Vault key](customer-key-set-up.md#obtain-the-uri-for-each-azure-key-vault-key). +Before you begin, ensure that you've completed the tasks required to set up Customer Key. For information, see [Set up Customer Key](customer-key-set-up.md). To create the DEP, you need the Key Vault URIs you obtained during setup. For information, see [Obtain the URI for each Azure Key Vault key](customer-key-set-up.md#obtain-the-uri-for-each-azure-key-vault-key). To create a multi-workload DEP, follow these steps: If you need to revert to Microsoft-managed keys, you can. When you offboard, you > [!IMPORTANT] > Offboarding is not the same as a data purge. A data purge permanently crypto-deletes your organization's data from Microsoft 365, offboarding does not. You can't perform a data purge for a multiple workload policy. -If you decide not to use Customer Key for assigning multi-workload DEPs anymore then you'll need to reach out to Microsoft support with a request to "offboard" from Customer Key. Ask the support team to file a service request against Microsoft 365 Customer Key team. Reach out to m365-ck@service.microsoft.com if you have any questions. +If you decide not to use Customer Key for assigning multi-workload DEPs anymore then you'll need to reach out to Microsoft support with a request to "offboard" from Customer Key. Ask the support team to file a service request against the Microsoft Purview Customer Key team. Reach out to m365-ck@service.microsoft.com if you have any questions. If you do not want to encrypt individual mailboxes using mailbox level DEPs anymore, then you can unassign mailbox level DEPs from all your mailboxes. Microsoft 365 audits and validates the data purge path. For more information, se - [O365 Exit Planning Considerations](https://servicetrust.microsoft.com/ViewPage/TrustDocuments?command=Download&downloadType=Document&downloadId=77ea7ebf-ce1b-4a5f-9972-d2d81a951d99&docTab=6d000410-c9e9-11e7-9a91-892aae8839ad_FAQ_and_White_Papers) -Purging of multi-workload DEP is not supported for Microsoft 365 Customer Key. The multi-workload DEP is used to encrypt data across multiple workloads across all tenant users. Purging such DEP would result into data from across multiple workloads become inaccessible. If you decide to exit Microsoft 365 services altogether then you could pursue the path of tenant deletion per the documented process. See [how to delete a tenant in Azure Active Directory](/azure/active-directory/enterprise-users/directory-delete-howto). +Purging of multi-workload DEP is not supported for Customer Key. The multi-workload DEP is used to encrypt data across multiple workloads across all tenant users. Purging such DEP would result into data from across multiple workloads become inaccessible. If you decide to exit Microsoft 365 services altogether then you could pursue the path of tenant deletion per the documented process. See [how to delete a tenant in Azure Active Directory](/azure/active-directory/enterprise-users/directory-delete-howto). ### Revoke your Customer Keys and the availability key for Exchange Online and Skype for Business To initiate the data purge path for SharePoint Online, OneDrive for Business, an ## Related articles -- [Service encryption with Customer Key](customer-key-overview.md) +- [Service encryption with Microsoft Purview Customer Key](customer-key-overview.md) - [Learn about the availability key](customer-key-availability-key-understand.md)
compliance	Customer Key Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-key-overview.md	Title: "Service encryption with Customer Key" + Title: "Service encryption with Microsoft Purview Customer Key" - m365solution-mip - m365initiative-compliance -description: "In this article, you will learn about how service encryption works with Customer Key in Microsoft 365." +description: "In this article, you will learn about how service encryption works with Microsoft Purview Customer Key." -# Service encryption with Customer Key +# Service encryption with Microsoft Purview Customer Key -Microsoft 365 provides baseline, volume-level encryption enabled through BitLocker and Distributed Key Manager (DKM). Microsoft 365 offers an added layer of encryption for your content. This content includes data from Exchange Online, Skype for Business, SharePoint Online, OneDrive for Business, and Microsoft Teams. + +Microsoft 365 provides baseline, volume-level encryption enabled through BitLocker and Distributed Key Manager (DKM). Microsoft 365 offers an added layer of encryption for your content. This content includes data from Exchange Online, Skype for Business, SharePoint┬áOnline,┬áOneDrive┬áfor┬áBusiness,┬áand┬áMicrosoft Teams. ## How service encryption, BitLocker, and Customer Key work together Customer Key only encrypts data at rest in the cloud. Customer Key does not work ## About data encryption policies -A data encryption policy (DEP) defines the encryption hierarchy. This hierarchy is used by the service to encrypt data using each of the keys you manage and the availability key that's protected by Microsoft. You create DEPs using PowerShell cmdlets, and then assign those DEPs to encrypt application data. There are three types of DEPs supported by Microsoft 365 Customer Key, each policy type uses different cmdlets and provides coverage for a different type of data. The DEPs you can define include: +A data encryption policy (DEP) defines the encryption hierarchy. This hierarchy is used by the service to encrypt data using each of the keys you manage and the availability key that's protected by Microsoft. You create DEPs using PowerShell cmdlets, and then assign those DEPs to encrypt application data. There are three types of DEPs supported by Customer Key, each policy type uses different cmdlets and provides coverage for a different type of data. The DEPs you can define include: DEP for multiple Microsoft 365 workloads These DEPs encrypt data across multiple M365 workloads for all users within the tenant. These workloads include: A data encryption policy (DEP) defines the encryption hierarchy. This hierarchy - Teams status messages - User and signal information for Exchange Online - Exchange Online mailboxes that aren't already encrypted by mailbox DEPs-- Microsoft Information Protection: +- Microsoft Purview Information Protection: - Exact data match (EDM) data, including data file schemas, rule packages, and the salts used to hash the sensitive data. For EDM and Microsoft Teams, the multi-workload DEP encrypts new data from the time you assign the DEP to the tenant. For Exchange Online, Customer Key encrypts all existing and new data.
compliance	Customer Key Set Up	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-key-set-up.md	search.appverid: - MET150 - M365-security-compliance -description: "Learn how to set up Customer Key for Microsoft 365." +description: "Learn how to set up Customer Key." # Set up Customer Key -With Customer Key, you control your organization's encryption keys and then configure Microsoft 365 to use them to encrypt your data at rest in Microsoft's data centers. In other words, Customer Key allows customers to add a layer of encryption that belongs to them, with their keys. -Set up Azure before you can use Customer Key for Office 365. This article describes the steps you need to follow to create and configure the required Azure resources and then provides the steps for setting up Customer Key in Office 365. After you set up Azure, you determine which policy, and therefore, which keys, to assign to encrypt data across various Microsoft 365 workloads in your organization. For more information about Customer Key, or for a general overview, see [Service encryption with Customer Key in Office 365](customer-key-overview.md). +With Customer Key, you control your organization's encryption keys and then configure Microsoft 365 to use them to encrypt your data at rest in Microsoft's data centers. In other words, Customer Key allows customers to add a layer of encryption that belongs to them, with their keys. + +Set up Azure before you can use Customer Key. This article describes the steps you need to follow to create and configure the required Azure resources and then provides the steps for setting up Customer Key. After you set up Azure, you determine which policy, and therefore, which keys, to assign to encrypt data across various Microsoft 365 workloads in your organization. For more information about Customer Key, or for a general overview, see [Service encryption with Microsoft Purview Customer Key](customer-key-overview.md). > [!IMPORTANT] > We strongly recommend that you follow the best practices in this article. These are called out as TIP and IMPORTANT. Customer Key gives you control over root encryption keys whose scope can be as large as your entire organization. This means that mistakes made with these keys can have a broad impact and may result in service interruptions or irrevocable loss of your data. The temporary or permanent loss of root encryption keys can be disruptive or eve - For enabling Customer Key for assigning DEP to individual Exchange Online mailboxes, contact [exock@microsoft.com](mailto:exock@microsoft.com). -- For enabling Customer Key for assigning DEPs to encrypt SharePoint Online and OneDrive for Business content (including Teams files) for all tenant users, contact [spock@microsoft.com](mailto:spock@microsoft.com). + - For enabling Customer Key for assigning DEPs to encrypt content across multiple Microsoft 365 workloads (Exchange Online, Teams, Microsoft Purview Information Protection) for all tenant users, contact [m365-ck@service.microsoft.com](mailto:m365-ck@service.microsoft.com). -- For enabling Customer Key for assigning DEPs to encrypt content across multiple Microsoft 365 workloads (Exchange Online, Teams, MIP EDM) for all tenant users, contact [m365-ck@service.microsoft.com](mailto:m365-ck@service.microsoft.com). +- For enabling Customer Key for assigning DEPs to encrypt content across multiple Microsoft 365 workloads (Exchange Online, Teams, Microsoft Purview Information Protection) for all tenant users, contact [m365-ck@service.microsoft.com](mailto:m365-ck@service.microsoft.com). - Include the following information in your email: You'll need to define three separate sets of permissions for each key vault, dep - vault name is the name of the key vault you created. - For Exchange Online and Skype for Business, replace Office 365 appID with `00000002-0000-0ff1-ce00-000000000000` - For SharePoint Online, OneDrive for Business, and Teams files, replace Office 365 appID with `00000003-0000-0ff1-ce00-000000000000` - - For multi-workload policy (Exchange, Teams, Microsoft Information Protection) that applies to all tenant users, replace Office 365 appID with `c066d759-24ae-40e7-a56f-027002b5d3e4` + - For multi-workload policy (Exchange, Teams, Microsoft Purview Information Protection) that applies to all tenant users, replace Office 365 appID with `c066d759-24ae-40e7-a56f-027002b5d3e4` Example: Setting permissions for Exchange Online and Skype for Business:
compliance	Customer Lockbox Requests	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customer-lockbox-requests.md	Title: "Customer Lockbox Requests" + Title: "Customer Lockbox requests" f1.keywords: - NOCSH description: "Learn about Customer Lockbox requests that allow you to control how a Microsoft support engineer can access your data when you encounter an issue." -# Customer Lockbox in Office 365 +# Microsoft Purview Customer Lockbox + This article provides deployment and configuration guidance for Customer Lockbox. Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, OneDrive for Business, and Teams. To recommend support for other services, submit a request at [Feedback Portal](https://feedbackportal.microsoft.com). -To see the options for licensing your users to benefit from Microsoft 365 compliance offerings, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +To see the options for licensing your users to benefit from Microsoft Purview offerings, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Customer Lockbox ensures that Microsoft can't access your content to do service operations without your explicit approval. Customer Lockbox brings you into the approval workflow process that Microsoft uses to ensure only authorized requests allow access to your content. To learn more about Microsoft's workflow process, see [Privileged access management in Microsoft 365](privileged-access-management-solution-overview.md). +Customer Lockbox ensures that Microsoft can't access your content to do service operations without your explicit approval. Customer Lockbox brings you into the approval workflow process that Microsoft uses to ensure only authorized requests allow access to your content. To learn more about Microsoft's workflow process, see [Privileged access management](privileged-access-management-solution-overview.md). Occasionally, Microsoft engineers help troubleshoot and fix issues that arise with the service. Usually, engineers fix issues using extensive telemetry and debugging tools Microsoft has in place for its services. However, some cases require a Microsoft engineer to access your content to determine the root cause and fix the issue. Customer Lockbox requires the engineer to request access from you as a final step in the approval workflow. This gives you the option to approve or deny the request for your organization, and provide direct-access control to your content. You can turn on Customer Lockbox controls in the Microsoft 365 admin center. Whe ![Deny Customer Lockbox requests.](../media/CustomerLockbox8.png) > [!NOTE] -> Use the Set-AccessToCustomerDataRequest cmdlet to approve, deny, or cancel Microsoft 365 customer lockbox requests that control access to your data by Microsoft support engineers. For more information, see [Set-AccessToCustomerDataRequest](/powershell/module/exchange/set-accesstocustomerdatarequest). +> Use the Set-AccessToCustomerDataRequest cmdlet to approve, deny, or cancel Microsoft Purview Customer Lockbox requests that control access to your data by Microsoft support engineers. For more information, see [Set-AccessToCustomerDataRequest](/powershell/module/exchange/set-accesstocustomerdatarequest). ## Auditing Customer Lockbox requests -Audit records that correspond to Customer Lockbox requests are logged in the Microsoft 365 audit log. You can access these logs by using the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft 365 compliance center. Actions related to accepting or denying a Customer Lockbox request and actions performed by Microsoft engineers (when access requests are approved) are also logged in the audit log. You can search for and review these audit records. +Audit records that correspond to Customer Lockbox requests are logged in the Microsoft 365 audit log. You can access these logs by using the [audit log search tool](search-the-audit-log-in-security-and-compliance.md) in the Microsoft Purview compliance portal. Actions related to accepting or denying a Customer Lockbox request and actions performed by Microsoft engineers (when access requests are approved) are also logged in the audit log. You can search for and review these audit records. ### Search the audit log for activity related to Customer Lockbox requests -Before you can use the audit log to track requests for Customer Lockbox, there are some steps you need to take to set up audit logging, including assigning permissions to search the audit log. For more information, see [Set up Basic Audit in Microsoft 365](set-up-basic-audit.md). Once you've completed the setup, use these steps to create an audit log search query to return audit records related to Customer Lockbox: +Before you can use the audit log to track requests for Customer Lockbox, there are some steps you need to take to set up audit logging, including assigning permissions to search the audit log. For more information, see [Set up Microsoft Purview Audit (Standard)](set-up-basic-audit.md). Once you've completed the setup, use these steps to create an audit log search query to return audit records related to Customer Lockbox: 1. Go to <https://compliance.microsoft.com>. After you download the file, you can open it in Excel and then filter on the O ### Use PowerShell to search and export audit records -An alternative to using the audit search tool in the Microsoft 365 compliance center is to run the [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) cmdlet in Exchange Online PowerShell. One advantage of using PowerShell is that you can specifically search for Set-AccessToCustomerDataRequest activities or activities performed by Microsoft engineers related to a Customer Lockbox request. +An alternative to using the audit search tool in the Microsoft Purview compliance portal is to run the [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) cmdlet in Exchange Online PowerShell. One advantage of using PowerShell is that you can specifically search for Set-AccessToCustomerDataRequest** activities or activities performed by Microsoft engineers related to a Customer Lockbox request. After you [connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell), run one of the following commands. Replace the placeholders with a specific date range.
compliance	Customize A Built In Sensitive Information Type	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/customize-a-built-in-sensitive-information-type.md	description: Learn how to create a custom sensitive information type that will a # Customize a built-in sensitive information type -When looking for sensitive information in content, you need to describe that information in what's called a rule. Data loss prevention (DLP) includes rules for the most-common sensitive information types that you can use right away. To use these rules, you have to include them in a policy. You might find that you want to adjust these built-in rules to meet your organization's specific needs, and you can do that by creating a custom sensitive information type. This topic shows you how to customize the XML file that contains the existing rule collection to detect a wider range of potential credit-card information. + +When looking for sensitive information in content, you need to describe that information in what's called a rule. Microsoft Purview Data Loss Prevention (DLP) includes rules for the most-common sensitive information types that you can use right away. To use these rules, you have to include them in a policy. You might find that you want to adjust these built-in rules to meet your organization's specific needs, and you can do that by creating a custom sensitive information type. This topic shows you how to customize the XML file that contains the existing rule collection to detect a wider range of potential credit-card information. You can take this example and apply it to other built-in sensitive information types. For a list of default sensitive information types and XML definitions, see [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md).
compliance	Data Classification Activity Explorer Available Events	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-activity-explorer-available-events.md	description: "A list of labeling activities that are available in Activity explo # Labeling activities that are available in Activity explorer + ## Sensitivity label applied This event is generated each time an unlabeled document is labeled or an email is sent with a sensitivity label.
compliance	Data Classification Activity Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-activity-explorer.md	Title: "Get started with activity explorer" + Title: "Get started with Activity explorer" f1.keywords: - NOCSH description: "Activity explorer lets you see and filter on the actions users are # Get started with activity explorer + The [data classification overview](data-classification-overview.md) and [content explorer](data-classification-content-explorer.md) tabs give you visibility into what content has been discovered and labeled, and where that content is. Activity explorer rounds out this suite of functionality by allowing you to monitor what's being done with your labeled content. Activity explorer provides a historical view of activities on your labeled content. The activity information is collected from the Microsoft 365 unified audit logs, transformed, and made available in the Activity explorer UI. Activity explorer reports on up to 30 days worth of data. ![placeholder screenshot overview activity explorer.](../media/data-classification-activity-explorer-1.png) An account must be explicitly assigned membership in any one of these role group There are roles and role groups in preview that you can test out to fine-tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins Activity explorer also gathers DLP policy matches events from Exchange Onlin - Copied to network share - Accessed by unallowed app -Understanding what actions are being taken with your sensitive labeled content helps you see if the controls that you have in place, such as [data loss prevention](dlp-learn-about-dlp.md) policies are effective or not. If not, or if you discover something unexpected, such as a large number of items that are labeled `highly confidential` and are downgraded `general`, you can manage your various policies and take new actions to restrict the undesired behavior. +Understanding what actions are being taken with your sensitive labeled content helps you see if the controls that you have in place, such as [Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) policies are effective or not. If not, or if you discover something unexpected, such as a large number of items that are labeled `highly confidential` and are downgraded `general`, you can manage your various policies and take new actions to restrict the undesired behavior. > [!NOTE] > Activity explorer doesn't currently monitor retention activities for Exchange Online.
compliance	Data Classification Content Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-content-explorer.md	description: "Content explorer allows you to natively view labeled items." # Get started with content explorer + The data classification content explorer allows you to natively view the items that were summarized on the overview page. ![content explorer collapsed screenshot.](../media/data-classification-content-explorer-1.png) Access to content explorer is highly restricted because it lets you read the con > [!IMPORTANT] > These permissions supercede permissions that are locally assigned to the items, which allows viewing of the content. -There are two roles that grant access to content explorer and it is granted using the <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Microsoft 365 compliance center</a>: +There are two roles that grant access to content explorer and it is granted using the <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Microsoft Purview compliance portal</a>: - Content Explorer List viewer: Membership in this role group allows you to see each item and its location in list view. The `data classification list viewer` role has been pre-assigned to this role group. A Global admin, can assign the necessary Content Explorer List Viewer, and Conte There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins A [retention label](retention.md) allows you to define how long a labeled item i ### How to use content explorer -1. Open Microsoft 365 compliance center > Data classification > Content explorer. +1. Open Microsoft Purview compliance portal > Data classification > Content explorer. 2. If you know the name of the label, or the sensitive information type, you can type that into the filter box. 3. Alternately, you can browse for the item by expanding the label type and selecting the label from the list. 4. Select a location under All locations and drill down the folder structure to the item. You can search on: - [Learn about sensitivity labels](sensitivity-labels.md) - [Learn about retention policies and retention labels](retention.md) - [Sensitive information type entity definitions.md](sensitive-information-type-entity-definitions.md)-- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md)
compliance	Data Classification Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-overview.md	description: "The data classification dashboard gives you visibility into how mu # Learn about data classification + As a Microsoft 365 administrator or compliance administrator, you can evaluate and then tag content in your organization in order to control where it goes, protect it no matter where it is and to ensure that it is preserved and deleted according to your organizations needs. You do this through the application of [sensitivity labels](sensitivity-labels.md), [retention labels](retention.md#retention-labels), and sensitive information type classification. There are various ways to do the discovery, evaluation and tagging, but the end result is that you may have very large number of documents and emails that are tagged and classified with one or both of these labels. After you apply your retention labels and sensitivity labels, you'll want to see how the labels are being used across your tenant and what is being done with those items. The data classification page provides visibility into that body of content, specifically: - the number items that have been classified as a sensitive information type and what those classifications are You also manage these features on the data classification page: - [content explorer](data-classification-content-explorer.md) - [activity explorer](data-classification-activity-explorer.md) -You can find data classification in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> or <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> > Classification > Data Classification. +You can find data classification in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> or <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> > Classification > Data Classification. Take a video tour of our data classification features. Data classification will scan your sensitive content and labeled content before There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about them, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about them, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins The top applied retention labels card shows you how many items have a given rete > [!NOTE] > If this card displays the message, "No retention labels detected", it means you haven't created or published any retention labels or no content has had a retention label applied. To get started with retention labels, see: ->- [Get started with information governance](get-started-with-information-governance.md) +>- [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md) ## Top activities detected
compliance	Data Encryption In Odb And Spo	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-encryption-in-odb-and-spo.md	# Data Encryption in OneDrive for Business and SharePoint Online + Understand the basic elements of encryption for data security in OneDrive for Business and SharePoint Online. ## Security and data encryption in Office 365 In other words, there are three different types of stores involved in per-file e - The Content Database is a SQL Server database. It holds the map required to locate and reassemble all of the content blobs held in the blob store as well as the keys needed to decrypt those blobs. -Each of these three storage componentsΓÇöthe blob store, the Content Database, and the Key StoreΓÇöis physically separate. The information held in any one of the components is unusable on its own. This provides an unprecedented level of security. Without access to all three it is impossible to retrieve the keys to the chunks, decrypt the keys to make them usable, associate the keys with their corresponding chunks, decrypt any chunk, or reconstruct a document from its constituent chunks. +Each of these three storage componentsΓÇöthe blob store, the Content Database, and the Key StoreΓÇöis physically separate. The information held in any one of the components is unusable on its own. This provides an unprecedented level of security. Without access to all three it is impossible to retrieve the keys to the chunks, decrypt the keys to make them usable, associate the keys with their corresponding chunks, decrypt any chunk, or reconstruct a document from its constituent chunks.
compliance	Data Governance Recommendations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-governance-recommendations.md	search.appverid: - MOE150 - MET150 -description: "The Microsoft 365 Defender portal and Microsoft 365 compliance center provide recommendations for data governance based on your org's current setup and lets you set up things with a few clicks. Some of these recommendations detect specific content in your organization and then provide recommended steps for managing that content. For example, a recommendation might detect items that contain business-critical content (such as attorney-client privilege or NDA info), and then let you automatically apply a retention label to those items to ensure that they're classified and retained as needed. This topic lists the data-governance recommendations you might see and describes what content is detected to trigger each one." +description: "The Microsoft 365 Defender portal and Microsoft Purview compliance portal provide recommendations for data governance based on your org's current setup and lets you set up things with a few clicks. Some of these recommendations detect specific content in your organization and then provide recommended steps for managing that content. For example, a recommendation might detect items that contain business-critical content (such as attorney-client privilege or NDA info), and then let you automatically apply a retention label to those items to ensure that they're classified and retained as needed. This topic lists the data-governance recommendations you might see and describes what content is detected to trigger each one." # How content is identified for data-governance recommendations -The <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> and <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> provide recommendations for data governance based on your org's current setup and lets you set things up in a couple clicks. Some of these recommendations detect specific content in your organization and then provide recommended steps for managing that content. For example, a recommendation might detect items that contain business-critical content (such as attorney-client privilege or NDA info), and then let you automatically apply a retention label to those items to ensure that they're classified and retained as needed. + +The <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> and <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> provide recommendations for data governance based on your org's current setup and lets you set things up in a couple clicks. Some of these recommendations detect specific content in your organization and then provide recommended steps for managing that content. For example, a recommendation might detect items that contain business-critical content (such as attorney-client privilege or NDA info), and then let you automatically apply a retention label to those items to ensure that they're classified and retained as needed. This topic lists the data-governance recommendations you might see and describes what content is detected to trigger each one.
compliance	Data Lifecycle Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-lifecycle-management.md	+ + Title: "Learn about Microsoft Purview Data Lifecycle Management" +f1.keywords: +- NOCSH +++ Last updated : +audience: Admin ++ +ms.localizationpriority: high + +- M365-security-compliance +- SPO_Content +- m365initiative-compliance +description: Learn how Microsoft Purview Data Lifecycle Management helps you keep what you need and delete what you don't. ++ +# Learn about data lifecycle management ++ +>[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). + +Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance) provides you with tools and capabilities to retain the content that you need to keep, and delete the content that you don't. Retaining and deleting content is often needed for compliance and regulatory requirement, but deleting content that no longer has business value also helps you manage risk and liability. For example, it reduces your attack surface. + +Retention policies are the cornerstone for data lifecycle management. Use these policies for Microsoft 365 workloads that include Exchange, SharePoint, OneDrive, Teams, and Yammer. Configure whether content for these services needs to be retained indefinitely, or for a specific period if users edit or delete it. Or you can configure the policy to automatically permanently delete the content after a specified period if it's not already deleted. You can also combine these two actions for retain and then delete, which is a very typical configuration. For example, retain email for three years and then delete it. + +When you configure a retention policy, you can target all instances in your organization (such as all mailboxes and all SharePoint sites), or individual instances (such as only the mailboxes for specific departments or regions, or just selected SharePoint sites). + +If you need exceptions for individual emails or documents, such as a longer retention period for legal documents, you do this with retention labels that you publish to apps so that users can apply them, or automatically apply them by inspecting the content. + +For more information about retention policies and retention labels, and how retention works in Microsoft 365, see [Learn about retention policies and retention labels](retention.md). + +> [!NOTE] +> If you need to manage high-value items for business, legal, or regulatory record-keeping requirements, use retention labels with [records management](records-management.md) rather than retention labels with data lifecycle management. + +Other data lifecycle management capabilities to help you keep what you need and delete what you don't: + +- Mailbox archiving to provide users with additional mailbox storage space, and auto-expanding archiving for mailboxes that need more than 100 GB storage. A default archiving policy automatically moves email to the archive mailbox, and if required, you can customize this policy. For more information about mailbox archiving, see [Learn about archive mailboxes](archive-mailboxes.md). + +- Inactive mailboxes that retain mailbox content after employees leave the organization. For more information about inactive mailboxes, see [Learn about inactive mailboxes](inactive-mailboxes-in-office-365.md). + +- Import service for PST files by using network upload or drive shipping. For more information, see [Learn about importing your organization's PST files](importing-pst-files-to-office-365.md). + +## Deployment guidance + +For deployment guidance for data lifecycle management that includes a recommended deployment roadmap, licensing information, permissions, a list of supported scenarios, and end-user documentation, see [Get started with data lifecycle management](get-started-with-information-governance.md). + +Looking for deployment guidance to protect your data? See [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md). +
compliance	Data Loss Prevention Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-loss-prevention-policies.md	description: data loss prevention reference material # Data loss prevention reference + > [!IMPORTANT] -> This is reference topic is no longer the main resource for Microsoft 365 data loss prevention (DLP) information. The DLP content set is being updated and restructured. The topics covered in this article will be moving to new, updated articles. For more information about DLP, see [Learn about data loss prevention](dlp-learn-about-dlp.md). +> This is reference topic is no longer the main resource for Microsoft Purview Data Loss Prevention (DLP) information. The DLP content set is being updated and restructured. The topics covered in this article will be moving to new, updated articles. For more information about DLP, see [Learn about data loss prevention](dlp-learn-about-dlp.md). <!-- this topic needs to be split into smaller, more coherent ones. It is confusing as it is. --> <!-- move this note to a more appropriate place, no topic should start with a note --> With a DLP policy, you can: --> ## Create and manage DLP policies -You create and manage DLP policies on the Data loss prevention page in the Microsoft 365 Compliance center. +You create and manage DLP policies on the data loss prevention page in the Microsoft Purview compliance portal. -![Data loss prevention page in the Office 365 Security & Compliance Center.](../media/943fd01c-d7aa-43a9-846d-0561321a405e.png) +![Data loss prevention page in the Microsoft Purview compliance portal](../media/943fd01c-d7aa-43a9-846d-0561321a405e.png) <!-- MOVED TO LEARN ABOUT ## What a DLP policy contains
compliance	Data Spillage Scenariosearch And Purge	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-spillage-scenariosearch-and-purge.md	Here's a how to manage a data spillage incident: ## (Optional) Step 1: Manage who can access the case and set compliance boundaries -Depending on your organizational practice, you need to control who can access the eDiscovery case used to investigate a data spillage incident and set up compliance boundaries. The easiest way to do this is to add investigators as members of an existing role group in the Microsoft 365 compliance center and then add the role group as a member of the eDiscovery case. For information about the built-in eDiscovery role groups and how to add members to an eDiscovery case, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +Depending on your organizational practice, you need to control who can access the eDiscovery case used to investigate a data spillage incident and set up compliance boundaries. The easiest way to do this is to add investigators as members of an existing role group in the Microsoft Purview compliance portal and then add the role group as a member of the eDiscovery case. For information about the built-in eDiscovery role groups and how to add members to an eDiscovery case, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). You can also create a new role group that aligns with your organizational needs. For example, you might want a group of data spillage investigators in the organization to access and collaborate on all data spillage cases. You can do this by creating a "Data Spillage Investigator" role group, assigning the appropriate roles (Export, RMS Decrypt, Review, Preview, Compliance Search, and Case Management), adding the data spillage investigators to the role group, and then adding the role group as a member of the data spillage eDiscovery case. See [Set up compliance boundaries for eDiscovery investigations in Office 365](set-up-compliance-boundaries.md) for detailed instructions on how to do this. You can also create a new role group that aligns with your organizational needs. An eDiscovery case provides an effective way to manage your data spillage investigation. You can add members to the role group that you created in Step 1, add the role group as a member of new a eDiscovery case, perform iterative searches to find the spilled data, export a report to share, track the status of the case, and then refer back to the details of the case if needed. Consider establishing a naming convention for eDiscovery cases used for data spillage incidents, and provide as much information as you can in the case name and description so you can locate and refer to in the future if necessary. -To create a new case, you can use eDiscovery in the security and compliance center. See "Create a new case" in [Get started with Core eDiscovery](get-started-core-ediscovery.md#step-3-create-a-core-ediscovery-case). +To create a new case, you can use eDiscovery in the security and compliance center. See "Create a new case" in [Get started with eDiscovery (Standard)](get-started-core-ediscovery.md#step-3-create-a-ediscovery-standard-case). ## Step 3: Search for the spilled data Now that you've created a case and managed access, you can use the case to iteratively search to find the spilled data and identify the mailboxes that contain the spilled data. You will use the same search query that you used to find the email messages to delete those same messages in [Step 7](#step-7-permanently-delete-the-spilled-data). -To create a content search associated with an eDiscovery case, see [Search for content in a Core eDiscovery case](search-for-content-in-core-ediscovery.md). +To create a content search associated with an eDiscovery case, see [Search for content in a eDiscovery (Standard) case](search-for-content-in-core-ediscovery.md). > [!IMPORTANT] > The keywords that you use in the search query may contain the actual spilled data that you're searching for. For example, if you searching for documents containing a social security number and you use the it as search keyword, you must delete the query afterwards to avoid further spillage. See [Deleting the search query](#deleting-the-search-query) in Step 8. If you have more than 1,000 mailboxes or more than 100 email messages per mailbo When you find an email message that contains spilled data, check the recipients of the message to determine if it was shared externally. To further trace a message, you can collect sender information and date ranges so you can use the message trace logs. This process is described in [Step 5](#step-5-use-message-trace-log-to-check-how-spilled-data-was-shared). -After you verified the search results, you may want to share your findings with others for a secondary review. People who you assigned to the case in Step 1 can review the case content in both eDiscovery and Advanced eDiscovery and approve case findings. You can also generate a report without exporting the actual content. You can also use this same report as a proof of deletion, which is described in [Step 8](#step-8-verify-provide-a-proof-of-deletion-and-audit). +After you verified the search results, you may want to share your findings with others for a secondary review. People who you assigned to the case in Step 1 can review the case content in both eDiscovery and Microsoft Purview eDiscovery (Premium) and approve case findings. You can also generate a report without exporting the actual content. You can also use this same report as a proof of deletion, which is described in [Step 8](#step-8-verify-provide-a-proof-of-deletion-and-audit). To generate a statistical report: Keep the following limits in mind when deleting spilled data: - A maximum of 10 items per mailbox can be removed at one time. Because the capability to search for and remove messages is intended to be an incident-response tool, this limit helps ensure that messages are quickly removed from mailboxes. This feature isn't intended to clean up user mailboxes. > [!IMPORTANT] -> Email items in a review set in an Advanced eDiscovery case can't be deleted by using the procedures in this article. That's because items in a review set are copies of items in the live service that are copied and stored in an Azure Storage location. This means they won't be returned by a content search that you create in Step 3. To delete items in a review set, you have to delete the Advanced eDiscovery case that contains the review set. For more information, see [Close or delete an Advanced eDiscovery case](close-or-delete-case.md). +> Email items in a review set in an eDiscovery (Premium) case can't be deleted by using the procedures in this article. That's because items in a review set are copies of items in the live service that are copied and stored in an Azure Storage location. This means they won't be returned by a content search that you create in Step 3. To delete items in a review set, you have to delete the eDiscovery (Premium) case that contains the review set. For more information, see [Close or delete an eDiscovery (Premium) case](close-or-delete-case.md). ## Step 8: Verify, provide a proof of deletion, and audit
compliance	Decision Based On The Results In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/decision-based-on-the-results-in-advanced-ediscovery.md	Title: "Decision based on the results in Advanced eDiscovery" + Title: "Decision based on the results in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: aed65bcd-0a4f-43e9-b5e5-b98cc376bdf8 -description: "Learn how the Decide tab in Advanced eDiscovery provides data that can help you determine the correct size of the review set of case files." +description: "Learn how the Decide tab in eDiscovery (Premium) provides data that can help you determine the correct size of the review set of case files." -# Decisions based on Relevance results in Advanced eDiscovery +# Decisions based on Relevance results in eDiscovery (Premium) -In the Relevance module in Advanced eDiscovery, the Decide tab provides additional information for viewing and using decision-support statistics for determining the size of the review set of case files. +In the Relevance module in eDiscovery (Premium), the Decide tab provides additional information for viewing and using decision-support statistics for determining the size of the review set of case files. ## Using the Decide tab This tab includes the following components: - Issue: From here, you can select the issue of interest from the list. -- Review-recall ratio: Comparisons of Advanced eDiscovery review according to Relevance scores. The Cutoff point in the chart represents the percentage of files to review, mapped to a Relevance score. This is used in the Relevance Test phase and as an Export threshold for culling. The default cutoff point, for the number of files to review is at the point in which the balance between Recall and Precision is optimal. The actual cutoff point should be determined by the user depending on objectives and the cost tradeoff (%review) and risk (%recall). Using the slider, you can adjust the cutoff point and see the effect on the graph and parameters, when adjusting the percent of relevant files to be retrieved, and before validating a decision. +- Review-recall ratio: Comparisons of eDiscovery (Premium) review according to Relevance scores. The Cutoff point in the chart represents the percentage of files to review, mapped to a Relevance score. This is used in the Relevance Test phase and as an Export threshold for culling. The default cutoff point, for the number of files to review is at the point in which the balance between Recall and Precision is optimal. The actual cutoff point should be determined by the user depending on objectives and the cost tradeoff (%review) and risk (%recall). Using the slider, you can adjust the cutoff point and see the effect on the graph and parameters, when adjusting the percent of relevant files to be retrieved, and before validating a decision. - Parameters: Review, Recall, Next relevant and Total cost parameters are cumulative calculated statistics pertaining to the review set in relation to the collection for the entire case. Definitions for these parameters are as follows:
compliance	Declare Records	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/declare-records.md	description: "Declare records by using retention labels." # Declare records by using retention labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). To declare documents and emails as [records](records-management.md#records), you use [retention labels](retention.md#retention-labels) that mark the content as a record or a regulatory record. If you change your mind about seeing this option in the retention label wizard, ## Configuring retention labels to declare records -When you create a retention label from the Records Management solution in the Microsoft 365 compliance center, you can select the option Mark items as a record. Then, as an additional option that's currently rolling out in preview, unlock the record by default for SharePoint and OneDrive. - -The additional option of Unlock this record by default effectively lets users declare records themselves because they lock the record when they have finished editing the content. For more information about this supported scenario, see [Use record versioning to update records stored in SharePoint or OneDrive](record-versioning.md). - -If you ran the PowerShell command from the previous section, you can alternatively mark items as a regulatory record. +When you create a retention label from the Records Management solution in the Microsoft Purview compliance portal, you have the option to mark items as a record. If you ran the PowerShell command from the previous section, you can alternatively mark items as a regulatory record. For example: For full instructions: If you'll use retention labels to declare items as records (rather than regulatory records) in SharePoint and OneDrive, consider whether you need to change the default tenant setting that allows users to edit the properties for a [locked record](record-versioning.md) when files are larger than 0 bytes. -To change this default, go to the [Microsoft 365 compliance center](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Allow editing of record properties and then turn off the setting Allow users to edit record properties. +To change this default, go to the [Microsoft Purview compliance portal](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Allow editing of record properties and then turn off the setting Allow users to edit record properties. ## Applying the configured retention label to content For more information about searching for these events, see [Search the audit log ## Next steps -Understand how you can use [record versioning to update records stored in SharePoint or OneDrive](record-versioning.md). +Understand how you can use [record versioning to update records stored in SharePoint or OneDrive](record-versioning.md).
compliance	Define Mail Flow Rules To Encrypt Email	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/define-mail-flow-rules-to-encrypt-email.md	- admindeeplinkMAC - admindeeplinkEXCHANGE -description: "Admins can learn to create mail flow rules (transport rules) to encrypt and decrypt messages using Office 365 Message Encryption." +description: "Admins can learn to create mail flow rules (transport rules) to encrypt and decrypt messages using Microsoft Purview Message Encryption." # Define mail flow rules to encrypt email messages + As an administrator that manages Exchange Online, you can create mail flow rules (also known as transport rules) to help protect email messages you send and receive. You can set up rules to encrypt any outgoing email messages and remove encryption from encrypted messages coming from inside your organization or from replies to encrypted messages sent from your organization. You can use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center (EAC)</a> or Exchange Online PowerShell to create these rules. In addition to overall encryption rules, you can also choose to enable or disable individual message encryption options for end users. You can't encrypt inbound mail from senders outside of your organization. -If you recently migrated from Active Directory RMS to Azure Information Protection, you'll need to review your existing mail flow rules to ensure that they continue to work in your new environment. Also, if you want to take advantage of the new Office 365 Message Encryption (OME) capabilities available to you through Azure Information Protection, you need to update your existing mail flow rules. Otherwise, your users will continue to receive encrypted mail that uses the previous HTML attachment format instead of the new, seamless OME experience. If you haven't set up OME yet, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md) for information. +If you recently migrated from Active Directory RMS to Azure Information Protection, you'll need to review your existing mail flow rules to ensure that they continue to work in your new environment. Also, to use Microsoft Purview Message Encryption with Azure Information Protection, you need to update your existing mail flow rules. Otherwise, your users will continue to receive encrypted mail that uses the previous HTML attachment format instead of the new, seamless experience. If you haven't set up message encryption yet, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md) for information. For information about the components that make up mail flow rules and how mail flow rules work, see [Mail flow rules (transport rules) in Exchange Online](/exchange/security-and-compliance/mail-flow-rules/mail-flow-rules). For additional information about how mail flow rules work with Azure Information Protection, see [Configuring Exchange Online mail flow rules for Azure Information Protection labels](/azure/information-protection/deploy-use/configure-exo-rules). > [!IMPORTANT] -> For hybrid Exchange environments, on-premises users can send and receive encrypted mail using OME only if email is routed through Exchange Online. To configure OME in a hybrid Exchange environment, you need to first [configure hybrid using the Hybrid Configuration wizard](/Exchange/exchange-hybrid) and then [configure mail to flow from Office 365 to your email server](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail#part-1-configure-mail-to-flow-from-office-365-to-your-on-premises-email-server) and [configure mail to flow from your email server to Office 365](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail#part-2-configure-mail-to-flow-from-your-email-server-to-office-365). Once you've configured mail to flow through Office 365, then you can configure mail flow rules for OME by using this guidance. +> For hybrid Exchange environments, on-premises users can send and receive encrypted mail using message encryption only if email is routed through Exchange Online. To configure message encryption in a hybrid Exchange environment, you need to first [configure hybrid using the Hybrid Configuration wizard](/Exchange/exchange-hybrid) and then [configure mail to flow from Office 365 to your email server](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail#part-1-configure-mail-to-flow-from-office-365-to-your-on-premises-email-server) and [configure mail to flow from your email server to Office 365](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-to-route-mail#part-2-configure-mail-to-flow-from-your-email-server-to-office-365). Once you've configured mail to flow through Office 365, then you can configure mail flow rules for message encryption by using this guidance. -## Create mail flow rules to encrypt email messages with the new OME capabilities +## Create mail flow rules to encrypt email messages with Microsoft Purview Message Encryption -You can define mail flow rules for triggering message encryption with the new OME capabilities by using the EAC. +You can define mail flow rules for triggering message encryption with by using the EAC. -### Use the EAC to create a rule for encrypting email messages with the new OME capabilities +### Use the EAC to create a rule for encrypting email messages with Microsoft Purview Message Encryption 1. In a web browser, using a work or school account that has been granted global administrator permissions, [sign in to Office 365](https://support.office.com/article/b9582171-fd1f-4284-9846-bdd72bb28426#ID0EAABAAA=Web_browser). You can define mail flow rules for triggering message encryption with the new OM For example, to apply the rule only if the recipient is outside your organization, select add condition and then select The recipient is external/internal \> Outside the organization \> OK. -8. To enable encryption using the new OME capabilities, from Do the following, select Modify the message security and then choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save, and then choose OK. +8. To enable message encryption, from Do the following, select Modify the message security and then choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save, and then choose OK. - The list of templates includes all default templates and options as well as any custom templates you've created for use by Office 365. If the list is empty, ensure that you have set up Office 365 Message Encryption with the new capabilities as described in [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt-only option, see [Encrypt-only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). + The list of templates includes all default templates and options as well as any custom templates you've created for use by Office 365. If the list is empty, ensure that you have set up Microsoft Purview Message Encryption as described in [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt-only option, see [Encrypt-only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). You can choose add action if you want to specify another action. -### Use the EAC to update an existing mail flow rule to use the new OME capabilities +### Use the EAC to update an existing mail flow rule to use Microsoft Purview Message Encryption 1. In a web browser, using a work or school account that has been granted global administrator permissions, [sign in to Office 365](https://support.office.com/article/b9582171-fd1f-4284-9846-bdd72bb28426#ID0EAABAAA=Web_browser). You can define mail flow rules for triggering message encryption with the new OM 4. In the EAC, go to Mail flow \> Rules. -5. In the list of mail flow rules, select the rule you want to modify to use the new OME capabilities and then choose Edit ![Edit icon.](../media/ebd260e4-3556-4fb0-b0bb-cc489773042c.gif). +5. In the list of mail flow rules, select the rule you want to modify to use with Microsoft Purview Message Encryption and then choose Edit ![Edit icon.](../media/ebd260e4-3556-4fb0-b0bb-cc489773042c.gif). -6. To enable encryption using the new OME capabilities, from Do the following, choose Modify the message security and then choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save and then choose OK. +6. To enable encryption using Microsoft Purview Message Encryption, from Do the following, choose Modify the message security and then choose Apply Office 365 Message Encryption and rights protection. Select an RMS template from the list, choose Save and then choose OK. - The list of templates includes all default templates and options as well as any custom templates you've created for use by Office 365. If the list is empty, ensure that you have set up Office 365 Message Encryption with the new capabilities as described in [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt-only option, see [Encrypt Only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). + The list of templates includes all default templates and options as well as any custom templates you've created for use by Office 365. If the list is empty, ensure that you have set up Microsoft Purview Message Encryption as described in [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). For information about the default templates, see [Configuring and managing templates for Azure Information Protection](/information-protection/deploy-use/configure-policy-templates). For information about the Do Not Forward option, see [Do Not Forward option for emails](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails). For information about the encrypt-only option, see [Encrypt Only option for emails](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). You can choose add action if you want to specify another action. You can define mail flow rules for triggering message encryption with the new OM 8. Choose Save. -## Create mail flow rules to remove encryption for email messages with the new OME capabilities +## Create mail flow rules to remove encryption for email messages with Microsoft Purview Message Encryption -You can define mail flow rules for triggering remove message encryption with the new OME capabilities by using the EAC. +You can define mail flow rules to remove message encryption with Microsoft Purview Message Encryption by using the EAC. -### Use the EAC to create a rule to remove encryption from email messages with the new OME capabilities +### Use the EAC to create a rule to remove encryption from email messages with Microsoft Purview Message Encryption You can remove encryption from messages that was applied by your organization. You can also remove encryption from any encrypted attachments to ensure the whole email message is without any protection. You can remove encryption from messages that was applied by your organization. Y 4. In the EAC, go to Mail flow \> Rules and select New ![New icon.](../media/457cd93f-22c2-4571-9f83-1b129bcfb58e.gif) \> Create a new rule. For more information about using the EAC, see [Exchange admin center in Exchange Online](/exchange/exchange-admin-center). -5. In Name, type a name for the rule, such as Remove encryption from outgoing mail. +5. In Name, type a name for the rule, such as `Remove encryption from outgoing mail`. 6. In Apply this rule if, select the conditions where encryption should be removed from messages. Add The sender is located \> Inside the organization for sending mail _or_ The recipient is located \> Inside the organization for receiving mail. You can remove encryption from messages that was applied by your organization. Y Save the rule. -## Create mail flow rules for Office 365 Message Encryption without the new capabilities +## Create mail flow rules for Office 365 Message Encryption without Microsoft Purview Message Encryption -If you haven't yet moved your organization to the new OME capabilities, Microsoft recommends that you make a plan to move to the new OME capabilities as soon as it is reasonable for your organization. For instructions, see [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection](set-up-new-message-encryption-capabilities.md). Otherwise, see [Defining mail flow rules for Office 365 Message Encryption that don't use the new OME capabilities](legacy-information-for-message-encryption.md#defining-mail-flow-rules-for-office-365-message-encryption-that-dont-use-the-new-ome-capabilities). +If you haven't yet moved your organization to Microsoft Purview Message Encryption, Microsoft recommends that you make a plan to move as soon as it is reasonable for your organization. For instructions, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). Otherwise, see [Defining mail flow rules for Office 365 Message Encryption that don't use Microsoft Purview Message Encryption](legacy-information-for-message-encryption.md#defining-mail-flow-rules-for-office-365-message-encryption-that-dont-use-microsoft-purview-message-encryption). ## Related content [Encryption in Office 365](encryption.md) -[Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md) +[Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md) [Add branding to encrypted messages](add-your-organization-brand-to-encrypted-messages.md)
compliance	Delete An Inactive Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/delete-an-inactive-mailbox.md	description: When you no longer need to preserve the contents of a Microsoft 365 # Delete an inactive mailbox -An inactive mailbox is used to preserve a former employee's email after they leave your organization. When you no longer need to preserve the contents of an inactive mailbox, you can permanently delete the inactive mailbox by removing the hold. Also, it's possible that multiple holds might be placed on an inactive mailbox. For example, an inactive mailbox might be placed on Litigation Hold and on one or more In-Place Holds. Additionally, a retention policy (created in the security and compliance center in Office 365 or Microsoft 365) might be applied to the inactive mailbox. You have to remove all holds and retention policies from an inactive mailbox to delete it. After you remove the holds and retention policies, the inactive mailbox is marked for deletion and is permanently deleted after it's processed. + +An inactive mailbox is used to preserve a former employee's email after they leave your organization. When you no longer need to preserve the contents of an inactive mailbox, you can permanently delete the inactive mailbox by removing the hold. Also, it's possible that multiple holds might be placed on an inactive mailbox. For example, an inactive mailbox might be placed on Litigation Hold and on one or more In-Place Holds. Additionally, Microsoft 365 retention might be applied to the inactive mailbox. You have to remove all holds and retention policies from an inactive mailbox to delete it. After you remove the holds and retention policies, the inactive mailbox is marked for deletion and is permanently deleted after it's processed. > [!IMPORTANT] > As we continue to invest in different ways to preserve mailbox content, we're announcing the retirement of In-Place Holds in the Exchange admin center. That means you should use Litigation Holds and retention policies to create an inactive mailbox. Starting July 1, 2020 you won't be able to create new In-Place Holds in Exchange Online. But you'll still be able to change the hold duration of an In-Place Hold placed on an inactive mailbox. However, starting October 1, 2020, you won't be able to change the hold duration. You'll only be able to delete an inactive mailbox by removing the In-Place Hold. Existing inactive mailboxes that are on In-Place Hold will still be preserved until the hold is removed. For more information about the retirement of In-Place Holds, see [Retirement of legacy eDiscovery tools](legacy-ediscovery-retirement.md).
compliance	Delete Items In The Recoverable Items Folder Of Mailboxes On Hold	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/delete-items-in-the-recoverable-items-folder-of-mailboxes-on-hold.md	Title: Delete items in the Recoverable Items folder of cloud mailbox's on hold + Title: Delete items in the Recoverable Items folder f1.keywords: - NOCSH This article explains how admins can delete items from the Recoverable Items fol [Step 6: Revert the mailbox to its previous state](#step-6-revert-the-mailbox-to-its-previous-state) > [!CAUTION] -> The procedures outlined in this article will result in data being permanently deleted (purged) from an Exchange Online mailbox. That means messages that you delete from the Recoverable Items folder can't be recovered and won't be available for legal discovery or other compliance purposes. If you want to delete messages from a mailbox that's placed on hold as part of a Litigation Hold, In-Place Hold, eDiscovery hold, or retention policy created in the Microsoft 365 compliance center, check with your records management or legal departments before removing the hold. Your organization might have a policy that defines whether a mailbox on hold or a data spillage incident takes priority. +> The procedures outlined in this article will result in data being permanently deleted (purged) from an Exchange Online mailbox. That means messages that you delete from the Recoverable Items folder can't be recovered and won't be available for legal discovery or other compliance purposes. If you want to delete messages from a mailbox that's placed on hold as part of a Litigation Hold, In-Place Hold, eDiscovery hold, or retention policy created in the Microsoft Purview compliance portal, check with your records management or legal departments before removing the hold. Your organization might have a policy that defines whether a mailbox on hold or a data spillage incident takes priority. ## Before you delete items Run the following command in [Security & Compliance Center PowerShell](/powershe Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name ``` -After you identify the retention policy, go to the Information governance > Retention page in the Microsoft 365 compliance center, edit the retention policy that you identified in the previous step, and remove the mailbox from the list of recipients that are included in the retention policy. +After you identify the retention policy, go to the Information governance > Retention page in the compliance portal, edit the retention policy that you identified in the previous step, and remove the mailbox from the list of recipients that are included in the retention policy. ### Organization-wide retention policies Organization-wide, Exchange-wide, and Teams-wide retention policies are applied Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name ``` -After you identify the organization-wide retention policies, go to the Information governance > Retention page in the Microsoft 365 compliance center, edit each organization-wide retention policy that you identified in the previous step, and add the mailbox to the list of excluded recipients. Doing this will remove the user's mailbox from the retention policy. +After you identify the organization-wide retention policies, go to the Information governance > Retention page in the compliance portal, edit each organization-wide retention policy that you identified in the previous step, and add the mailbox to the list of excluded recipients. Doing this will remove the user's mailbox from the retention policy. > [!IMPORTANT] > After you exclude a mailbox from an organization-wide retention policy, it may take up to 24 hours to synchronize this change and remove the mailbox from the policy. To view the value of the ComplianceTagHoldApplied property, run the following Get-Mailbox <username> \|FL ComplianceTagHoldApplied ``` -After you've identified that a mailbox is on hold because a retention label is applied to a folder or item, you can use the Content search tool in the Microsoft 365 compliance center to search for labeled items by using the Retention label condition. For more information, see: +After you've identified that a mailbox is on hold because a retention label is applied to a folder or item, you can use the Content search tool in the compliance portal to search for labeled items by using the Retention label condition. For more information, see: - The "Using Content Search to find all content with a specific retention label" section in [Learn about retention policies and retention labels](retention.md#using-content-search-to-find-all-content-with-a-specific-retention-label) Perform the following steps (in the specified sequence) in Exchange Online Power Retention policies applied to specific mailboxes - Use the Microsoft 365 compliance center to add the mailbox back to the retention policy. Go to the Information governance > Retention page in the compliance center, edit the retention policy, and add the mailbox back to the list of recipients that the retention policy is applied to. + Use the compliance portal to add the mailbox back to the retention policy. Go to the Information governance > Retention page in the compliance center, edit the retention policy, and add the mailbox back to the list of recipients that the retention policy is applied to. Organization-wide retention policies - If you removed an organization-wide or Exchange-wide retention policy by excluding it from the policy, then use the Microsoft 365 compliance center to remove the mailbox from the list of excluded users. Go to the Information governance > Retention page in the compliance center, edit the organization-wide retention policy, and remove the mailbox from the list of excluded recipients. Doing this will reapply the retention policy to the user's mailbox. + If you removed an organization-wide or Exchange-wide retention policy by excluding it from the policy, then use the compliance portal to remove the mailbox from the list of excluded users. Go to the Information governance > Retention page in the compliance center, edit the organization-wide retention policy, and remove the mailbox from the list of excluded recipients. Doing this will reapply the retention policy to the user's mailbox. eDiscovery case holds - Use the Microsoft 365 compliance center to add the mailbox back the hold that's associated with an eDiscovery case. Go to the eDiscovery > Core page, open the case, and add the mailbox back to the hold. + Use the compliance portal to add the mailbox back the hold that's associated with an eDiscovery case. Go to the eDiscovery > Core page, open the case, and add the mailbox back to the hold. 5. Run the following command to allow the Managed Folder Assistant to process the mailbox again. As previously stated, we recommend that you wait 24 hours after reapplying a hold or retention policy (and verifying that it's in place) before you re-enable the Managed Folder Assistant. As previously explained, you have to remove all holds and retention policies fro \|:--\|:--\|:--\| \|Litigation Hold <br/> \| `True` <br/> \|The LitigationHoldEnabled property is set to `True`. <br/> \| \|In-Place Hold <br/> \| `c0ba3ce811b6432a8751430937152491` <br/> \|The InPlaceHolds property contains the GUID of the In-Place Hold that's placed on the mailbox. You can tell this is an In-Place Hold because the GUID doesn't start with a prefix. <br/> You can use the `Get-MailboxSearch -InPlaceHoldIdentity <hold GUID> \| FL` command in Exchange Online PowerShell to get information about the In-Place Hold on the mailbox. <br/> \| -\| Retention policies in the Microsoft 365 compliance center applied to specific mailboxes <br/> \| `mbxcdbbb86ce60342489bff371876e7f224` <br/> or <br/> `skp127d7cf1076947929bf136b7a2a8c36f` <br/> \|When you run the Get-Mailbox cmdlet, the InPlaceHolds property also contains GUIDs of retention policies applied to the mailbox. You can identify retention policies because the GUID starts with the `mbx` prefix. If the GUID of the retention policy starts with the `skp` prefix, that indicates that the retention policy is applied to Skype for Business conversations. <br/> To identity the retention policy that's applied to the mailbox, run the following command in Security & Compliance Center PowerShell: <br/> <br/>`Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name`<br/><br/>Be sure to remove the `mbx` or `skp` prefix when you run this command. <br/> \| -\|Organization-wide retention policies in the Microsoft 365 compliance center <br/> \|No value <br/> or <br/> `-mbxe9b52bf7ab3b46a286308ecb29624696` (indicates that the mailbox is excluded from an organization-wide policy) <br/> \|Even if the InPlaceHolds property is empty when you run the Get-Mailbox cmdlet, there still might be one or more organization-wide retention policies applied to the mailbox. <br/> To verify this, you can run the `Get-OrganizationConfig \| FL InPlaceHolds` command in Exchange Online PowerShell to get a list of the GUIDs for organization-wide retention policies. The GUID for organization-wide retention policies applied to Exchange mailboxes starts with the `mbx` prefix; for example, `mbxa3056bb15562480fadb46ce523ff7b02`. <br/> To identity the organization-wide retention policy that's applied to the mailbox, run the following command in Security & Compliance Center PowerShell: <br/><br/> `Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name`<br/><br/>If a mailbox is excluded from an organization-wide retention policy, the GUID for the retention policy is displayed in the InPlaceHolds property of the user's mailbox when you run the Get-Mailbox cmdlet; it's identified by the prefix `-mbx`; for example, `-mbxe9b52bf7ab3b46a286308ecb29624696` <br/> \| -\|eDiscovery case hold in the Microsoft 365 compliance center <br/> \| `UniH7d895d48-7e23-4a8d-8346-533c3beac15d` <br/> \|The InPlaceHolds property also contains the GUID of any hold associated with an eDiscovery case in the Microsoft 365 compliance center that might be placed on the mailbox. You can tell this is an eDiscovery case hold because the GUID starts with the `UniH` prefix. <br/> You can use the `Get-CaseHoldPolicy` cmdlet in Security & Compliance Center PowerShell to get information about the eDiscovery case that the hold on the mailbox is associated with. For example, you can run the command `Get-CaseHoldPolicy <hold GUID without prefix> \| FL Name` to display the name of the case hold that's on the mailbox. Be sure to remove the `UniH` prefix when you run this command. <br/><br/> To identity the eDiscovery case that the hold on the mailbox is associated with, run the following commands:<br/><br/>`$CaseHold = Get-CaseHoldPolicy <hold GUID without prefix>`<br/><br/>`Get-ComplianceCase $CaseHold.CaseId \| FL Name` +\| Retention policies in the compliance portal applied to specific mailboxes <br/> \| `mbxcdbbb86ce60342489bff371876e7f224` <br/> or <br/> `skp127d7cf1076947929bf136b7a2a8c36f` <br/> \|When you run the Get-Mailbox cmdlet, the InPlaceHolds property also contains GUIDs of retention policies applied to the mailbox. You can identify retention policies because the GUID starts with the `mbx` prefix. If the GUID of the retention policy starts with the `skp` prefix, that indicates that the retention policy is applied to Skype for Business conversations. <br/> To identity the retention policy that's applied to the mailbox, run the following command in Security & Compliance Center PowerShell: <br/> <br/>`Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name`<br/><br/>Be sure to remove the `mbx` or `skp` prefix when you run this command. <br/> \| +\|Organization-wide retention policies in the compliance portal <br/> \|No value <br/> or <br/> `-mbxe9b52bf7ab3b46a286308ecb29624696` (indicates that the mailbox is excluded from an organization-wide policy) <br/> \|Even if the InPlaceHolds property is empty when you run the Get-Mailbox cmdlet, there still might be one or more organization-wide retention policies applied to the mailbox. <br/> To verify this, you can run the `Get-OrganizationConfig \| FL InPlaceHolds` command in Exchange Online PowerShell to get a list of the GUIDs for organization-wide retention policies. The GUID for organization-wide retention policies applied to Exchange mailboxes starts with the `mbx` prefix; for example, `mbxa3056bb15562480fadb46ce523ff7b02`. <br/> To identity the organization-wide retention policy that's applied to the mailbox, run the following command in Security & Compliance Center PowerShell: <br/><br/> `Get-RetentionCompliancePolicy <retention policy GUID without prefix> \| FL Name`<br/><br/>If a mailbox is excluded from an organization-wide retention policy, the GUID for the retention policy is displayed in the InPlaceHolds property of the user's mailbox when you run the Get-Mailbox cmdlet; it's identified by the prefix `-mbx`; for example, `-mbxe9b52bf7ab3b46a286308ecb29624696` <br/> \| +\|eDiscovery case hold in the compliance portal <br/> \| `UniH7d895d48-7e23-4a8d-8346-533c3beac15d` <br/> \|The InPlaceHolds property also contains the GUID of any hold associated with an eDiscovery case in the compliance portal that might be placed on the mailbox. You can tell this is an eDiscovery case hold because the GUID starts with the `UniH` prefix. <br/> You can use the `Get-CaseHoldPolicy` cmdlet in Security & Compliance Center PowerShell to get information about the eDiscovery case that the hold on the mailbox is associated with. For example, you can run the command `Get-CaseHoldPolicy <hold GUID without prefix> \| FL Name` to display the name of the case hold that's on the mailbox. Be sure to remove the `UniH` prefix when you run this command. <br/><br/> To identity the eDiscovery case that the hold on the mailbox is associated with, run the following commands:<br/><br/>`$CaseHold = Get-CaseHoldPolicy <hold GUID without prefix>`<br/><br/>`Get-ComplianceCase $CaseHold.CaseId \| FL Name`
compliance	Deploy Facebook Connector	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-facebook-connector.md	This article contains the step-by-step process to deploy a connector that uses t 5. Click Save to save the connector settings. -## Step 5: Set up a Facebook connector in the Microsoft 365 compliance center +## Step 5: Set up a Facebook connector in the compliance portal -1. Go to the Microsoft 365 compliance center, and then select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a. +1. Go to the Microsoft Purview compliance portal, and then select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a. 2. On the Data connectors page under Facebook Business pages, click View.
compliance	Deploy Twitter Connector	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-twitter-connector.md	The Twitter developer app is now ready to use. 5. Click Save to save the connector settings. -## Step 5: Set up a Twitter connector in the Microsoft 365 compliance center +## Step 5: Set up a Twitter connector in the compliance portal -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors page</a. +1. Go to the Microsoft Purview compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors page</a. 2. On the Data connectors page under Twitter, click View.
compliance	Deprecating Ome Viewer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deprecating-ome-viewer.md	Title: "Deprecating Message Encryption Viewer App" + Title: "Deprecating OME Viewer app" f1.keywords: - NOCSH description: The Office 365 Message Encryption (OME) Viewer app was removed from # Deprecating Message Encryption Viewer App + On August 15, 2018, we removed the Office 365 Message Encryption (OME) Viewer mobile app from Android and Apple stores. The Office 365 Message Encryption Viewer mobile app was required to read email messages and attachments that were encrypted with the previous version of OME on Apple and Android phones. Apart from removing the OME Viewer app, we are not making any other changes to the previous version of OME. ## Changes from August 2018 With this change, users will no longer be able to download the Office 365 Messag ## Why this change was made -The new version of OME no longer requires a mobile app to read protected email messages and attachments. Customers using the new OME capabilities can view the protected message in Outlook mobile and non-customers can view protected messages in a browser. +The new version of OME no longer requires a mobile app to read protected email messages and attachments. Customers using Microsoft Purview Message Encryption can view the protected message in Outlook mobile and non-customers can view protected messages in a browser. -Requiring users to download a mobile app is another hurdle for customers to view protected messages. The new Office 365 Message Encryption capabilities provide a better mobile experience. +Requiring users to download a mobile app is another hurdle for customers to view protected messages. Microsoft Purview Message Encryption provides a better mobile experience. ## Can I still use the previous version of Office 365 Message Encryption -The previous version of Office 365 Message Encryption will not be deprecated at this time, however, we have made significant enhancements to the new version of Office 365 Message Encryption, which make it easier to encrypt and rights protect sensitive data to anyone and on any device - including the ability for users to read protected messages directly in Outlook (desktop, mobile, and web). +The previous version of Office 365 Message Encryption will not be deprecated at this time, however, we have made significant enhancements to Microsoft Purview Message Encryption, which make it easier to encrypt and rights protect sensitive data to anyone and on any device - including the ability for users to read protected messages directly in Outlook (desktop, mobile, and web). ## What do I need to do to prepare for this change If your organization currently sends encrypted attachments to recipients that require the OME Viewer app, you should update your documentation and training resources. -We recommend updating existing Exchange mail flow rules to use the current version of OME so that your organization can take advantage of the new and improved capabilities. Once you have set up the new OME capabilities, recipients won't need the OME Viewer app to read encrypted messages on mobile devices. - -Microsoft recommends that you make a plan to move to the new OME capabilities as soon as it is reasonable for your organization. For instructions, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). If you want to find out more about how the new capabilities work first, see [Office 365 Message Encryption](ome.md). +We recommend updating existing Exchange mail flow rules to use Microsoft Purview Message Encryption so that your organization can take advantage of the new and improved capabilities. Once you have set up Microsoft Purview Message Encryption, recipients won't need the OME Viewer app to read encrypted messages on mobile devices. - +Microsoft recommends that you make a plan to move to Microsoft Purview Message Encryption as soon as it is reasonable for your organization. For instructions, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). If you want to find out more about how message encryption works first, see [Message Encryption](ome.md).
compliance	Detailed Properties In The Office 365 Audit Log	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/detailed-properties-in-the-office-365-audit-log.md	# Detailed properties in the audit log -When you export the results of an audit log search from the Microsoft 365 compliance center, you have the option to download all the results that meet your search criteria. You do this by selecting Export results \> Download all results on the Audit log search page. For more information, see [Search the audit log](search-the-audit-log-in-security-and-compliance.md). +When you export the results of an audit log search from the Microsoft Purview compliance portal, you have the option to download all the results that meet your search criteria. You do this by selecting Export results \> Download all results on the Audit log search page. For more information, see [Search the audit log](search-the-audit-log-in-security-and-compliance.md). When your export all results for an audit log search, the raw data from the unified audit log is copied to a comma-separated value (CSV) file that is downloaded to your local computer. This file contains additional information from each audit record in a column named AuditData. This column contains a multi-value property for multiple properties from the audit log record. Each of the property: value pairs in this multi-value property are separated by a comma. The following table describes the properties that are included (depending on the \|Parameters\|For Exchange admin activity, the name and value for all parameters that were used with the cmdlet that is identified in the Operation property.\|Exchange (admin activity)\| \|RecordType\|The type of operation indicated by the record. This property indicates the service or feature that the operation was triggered in. For a list of record types and their corresponding ENUM value (which is the value displayed in the RecordType property in an audit record), see [Audit log record type](/office/office-365-management-api/office-365-management-activity-api-schema#auditlogrecordtype).\| \|ResultStatus\|Indicates whether the action (specified in the Operation property) was successful or not. <br/> For Exchange admin activity, the value is either True (successful) or False (failed).\|All <br/>\| -\|SecurityComplianceCenterEventType\|Indicates that the activity was a Microsoft 365 compliance center event. All compliance center activities will have a value of 0 for this property.\|Security & Compliance Center\| +\|SecurityComplianceCenterEventType\|Indicates that the activity was a compliance portal event. All compliance center activities will have a value of 0 for this property.\|Security & Compliance Center\| \|SharingType\|The type of sharing permissions that was assigned to the user that the resource was shared with. This user is identified in the UserSharedWith property.\|SharePoint\| \|Site\|The GUID of the site where the file or folder accessed by the user is located.\|SharePoint\| \|SiteUrl\|The URL of the site where the file or folder accessed by the user is located.\|SharePoint\|
compliance	Device Onboarding Configure Proxy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-configure-proxy.md	description: "Configure device proxy and internet connection settings for Inform # Configure device proxy and internet connection settings for Information Protection + Microsoft Endpoint technologies uses Microsoft Windows HTTP (WinHTTP) to report data and communicate with the Microsoft endpoint cloud service. The embedded service runs in system context using the LocalSystem account. > [!TIP]
compliance	Device Onboarding Gp	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-gp.md	description: Use Group Policy to deploy the configuration package on Windows 10 # Onboard Windows 10 devices and Windows 11 using Group Policy + Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) - Group Policy > [!NOTE] For security reasons, the package used to offboard devices will expire 30 days a > [!NOTE] > Onboarding and offboarding policies must not be deployed on the same device at the same time, otherwise this will cause unpredictable collisions. -1. Get the offboarding package from [Microsoft Compliance center](https://compliance.microsoft.com/compliancesettings/deviceonboarding). +1. Get the offboarding package from [Microsoft Purview compliance portal](https://compliance.microsoft.com/compliancesettings/deviceonboarding). 2. In the navigation pane, select Settings > //Device onboarding > Offboarding. For security reasons, the package used to offboard devices will expire 30 days a With Group Policy there isnΓÇÖt an option to monitor deployment of policies on the devices. Monitoring can be done directly on the portal, or by using the different deployment tools. ## Monitor devices using the portal -1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. Click Devices list. 3. Verify that devices are appearing. With Group Policy there isnΓÇÖt an option to monitor deployment of policies on t - [Onboard Windows 10 and Windows 11 devices using a local script](device-onboarding-script.md) - [Onboard non-persistent virtual desktop infrastructure (VDI) devices](device-onboarding-vdi.md) - [Run a detection test on a newly onboarded Microsoft Defender for Endpoint devices](/windows/security/threat-protection/microsoft-defender-atp/run-detection-test)-- [Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues](/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding) +- [Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues](/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding)
compliance	Device Onboarding Macos Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-macos-overview.md	Title: Onboard macOS devices into Microsoft 365 overview (preview) + Title: Onboard macOS devices into Microsoft 365 overview f1.keywords: NOCSH search.appverid: description: Learn about onboarding macOS devices into Compliance solutions -# Onboard macOS devices into Microsoft 365 overview (preview) +# Onboard macOS devices into Microsoft 365 overview -MacOS devices can be onboarded into Microsoft 365 compliance solutions using either Intune or JAMF Pro. The onboarding procedures differ depending on which management solution you are using. If your macOS devices have already been onboarded into Microsoft Defender for Endpoint (MDE), there are fewer steps. See [Next steps](#next-steps) for links to the appropriate procedures for you. + +MacOS devices can be onboarded into Microsoft Purview solutions using either Intune or JAMF Pro. The onboarding procedures differ depending on which management solution you are using. If your macOS devices have already been onboarded into Microsoft Defender for Endpoint (MDE), there are fewer steps. See [Next steps](#next-steps) for links to the appropriate procedures for you. Applies to: - [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Insider risk management](insider-risk-management.md) ## Before you begin Before you get started with Endpoint DLP on macOS devices (Catalina 10.15 or later), you should familiarize yourself with these articles: -- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md#learn-about-microsoft-365-endpoint-data-loss-prevention)-- [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md#get-started-with-endpoint-data-loss-prevention) +- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) +- [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md) If you are not familiar with DLP at all, you should familiarize yourself with these articles as well: - [Learn about data loss prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) - [Plan for data loss prevention (DLP)](dlp-overview-plan-for-dlp.md#plan-for-data-loss-prevention-dlp)-- [Data Loss Prevention policy reference](dlp-policy-reference.md#data-loss-prevention-policy-reference) +- [Data loss prevention policy reference](dlp-policy-reference.md#data-loss-prevention-policy-reference) If you are not familiar with Insider Risk, you should familiarize yourself with these articles: + - [Insider risk management](insider-risk-management.md) - [Plan for insider risk management](insider-risk-management-plan.md#plan-for-insider-risk-management) Your macOS devices must already be managed through Intune or JAMF Pro. See, [Microsoft 365 licensing guidance for information protection](/office365/se ## Activities that can be restricted on macOS -Once a macOS device is onboarded into Microsoft 365 Compliance solutions, you can monitor and restrict these actions with data loss prevention (DLP) policies. +Once a macOS device is onboarded into Microsoft Purview solutions, you can monitor and restrict these actions with data loss prevention (DLP) policies. Copy to a USB removable media ΓÇô when enforced, this action blocks, warns or audits the copying or moving of protected files from an endpoint device to USB removable media Once a macOS device is onboarded into Microsoft 365 Compliance solutions, you ca ## Onboarding devices into device management -You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft 365 Compliance portal. +You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft Purview compliance portal. When you want to onboard devices that haven't been onboarded yet, you'll download the appropriate script and deploy it to those devices. <!--Follow the [Onboarding devices procedure](endpoint-dlp-getting-started.md#onboarding-devices).--> <!--If you already have devices onboarded into [Microsoft Defender for Endpoint](/windows/security/threat-protection/), they will already appear in the managed devices list.--> -1. Open the [Microsoft compliance center](https://compliance.microsoft.com) Settings page and choose Enable device monitoring. +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com) Settings page and choose Enable device monitoring. > [!NOTE] > While it usually takes about 60 seconds for device onboarding to be enabled, please allow up to 30 minutes before engaging with Microsoft support. When you want to onboard devices that haven't been onboarded yet, you'll downloa ## Next steps -Getting devices onboarding into Microsoft 365 compliance solutions is required in order to receive DLP sensor telemetry and to enforce data loss prevention policies. +Getting devices onboarding into Microsoft Purview solutions is required in order to receive DLP sensor telemetry and to enforce data loss prevention policies. Topic \| Description :\|: -\|[Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md#onboard-and-offboard-macos-devices-into-microsoft-365-compliance-solutions-using-intune-preview)\|For macOS devices that are managed through Intune -\|[Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md#onboard-and-offboard-macos-devices-into-compliance-solutions-using-intune-for-microsoft-defender-for-endpoint-customers-preview) \|For macOS devices that are managed through Intune and that have Microsoft Defender for Endpoint (MDE) deployed to them -\|[Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md#onboard-and-offboard-macos-devices-into-microsoft-365-compliance-solutions-using-jamf-pro-preview) \| For macOS devices that are managed through JAMF Pro -\|[Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md#onboard-and-offboard-macos-devices-into-compliance-solutions-using-jamf-pro-for-microsoft-defender-for-endpoint-customers-preview)\|For macOS devices that are managed through JAMF Pro and that have Microsoft Defender for Endpoint (MDE) deployed to them +\|[Onboard and offboard macOS devices into Microsoft Purview solutions using Intune](device-onboarding-offboarding-macos-intune.md)\|For macOS devices that are managed through Intune +\|[Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers](device-onboarding-offboarding-macos-intune-mde.md) \|For macOS devices that are managed through Intune and that have Microsoft Defender for Endpoint (MDE) deployed to them +\|[Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro](device-onboarding-offboarding-macos-jamfpro.md) \| For macOS devices that are managed through JAMF Pro +\|[Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers](device-onboarding-offboarding-macos-jamfpro-mde.md)\|For macOS devices that are managed through JAMF Pro and that have Microsoft Defender for Endpoint (MDE) deployed to them ## Related topics
compliance	Device Onboarding Mdm	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-mdm.md	description: Use Mobile Device Management tools to deploy the configuration pack # Onboard Windows 10 and Windows 11 devices using Mobile Device Management tools + Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) You can use mobile device management (MDM) solutions to configure devices. Microsoft 365 information protection supports MDMs by providing OMA-URIs to create policies to manage devices. For security reasons, the package used to Offboard devices will expire 30 days a > [!NOTE] > Onboarding and offboarding policies must not be deployed on the same device at the same time, otherwise this will cause unpredictable collisions. -1. Get the offboarding package from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Get the offboarding package from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. In the navigation pane, select Settings > Device onboarding > Offboarding.
compliance	Device Onboarding Offboarding Macos Intune Mde	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-intune-mde.md	Title: Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune for Microsoft Defender for Endpoint customers (preview) + Title: Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune for Microsoft Defender for Endpoint customers f1.keywords: NOCSH - M365-security-compliance search.appverid: - MET150 -description: Learn how to onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune for MDE customers (preview) +description: Learn how to onboard and offboard macOS devices into Microsoft Purview solutions using Microsoft Intune for MDE customers -# Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview) +# Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers + > [!IMPORTANT] > Use this procedure *if you have* deployed Microsoft Defender for Endpoint (MDE) to your macOS devices description: Learn how to onboard and offboard macOS devices into Microsoft 365 Applies to: - Customers who have MDE deployed to their macOS devices.-- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) ## Before you begin description: Learn how to onboard and offboard macOS devices into Microsoft 365 - This supports macOS version Catalina 10.15 and higher - Install the v95+ Edge browser on your macOS devices -## Onboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune +## Onboard macOS devices into Microsoft Purview solutions using Microsoft Intune Use these steps to onboard a macOS device into Compliance solutions if it already has MDE deployed to it. full disk access \|[fulldisk.mobileconfig](https://github.com/microsoft/mdatp <string>enabled</string> </dict> ``` -3. Save. +3. Save.
compliance	Device Onboarding Offboarding Macos Intune	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-intune.md	Title: Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune (preview) + Title: Onboard and offboard macOS devices into Microsoft Purview solutions using Microsoft Intune f1.keywords: NOCSH - M365-security-compliance search.appverid: - MET150 -description: Learn how to onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune (preview) +description: Learn how to onboard and offboard macOS devices into Microsoft Purview solutions using Microsoft Intune -# Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Intune (preview) +# Onboard and offboard macOS devices into Microsoft Purview solutions using Intune -You can use Intune to onboard macOS devices into Microsoft 365 compliance solutions. + +You can use Intune to onboard macOS devices into Microsoft Purview solutions. > [!IMPORTANT] > Use this procedure if you *do not* have Microsoft Defender for Endpoint (MDE) deployed to your macOS devices Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) ## Before you begin You can use Intune to onboard macOS devices into Microsoft 365 compliance soluti - Install the v95+ Edge browser on your macOS devices -## Onboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune +## Onboard macOS devices into Microsoft Purview solutions using Microsoft Intune Onboarding a macOS device into Compliance solutions is a six phase process.
compliance	Device Onboarding Offboarding Macos Jamfpro Mde	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde.md	Title: Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview) + Title: Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers f1.keywords: NOCSH - M365-security-compliance search.appverid: - MET150 -description: Learn how to onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview) +description: Learn how to onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro for Microsoft Defender for Endpoint customers -# Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview) +# Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers -You can use JAMF Pro to onboard macOS devices into Microsoft 365 compliance solutions. + +You can use JAMF Pro to onboard macOS devices into Microsoft Purview solutions. > [!IMPORTANT] > Use this procedure *if you have* deployed Microsoft Defender for Endpoint (MDE) to your macOS devices You can use JAMF Pro to onboard macOS devices into Microsoft 365 compliance solu Applies to: - Customers who have MDE deployed to their macOS devices.-- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) ## Before you begin You can use JAMF Pro to onboard macOS devices into Microsoft 365 compliance solu - Make sure your [macOS devices are managed through JAMF pro](https://www.jamf.com/resources/product-documentation/jamf-pro-installation-guide-for-mac/) and are associated with an identity (Azure AD joined UPN) through JAMF Connect or Intune. - Install the v95+ Edge browser on your macOS devices -## Onboard devices into Microsoft 365 Compliance solutions using JAMF Pro +## Onboard devices into Microsoft Purview solutions using JAMF Pro Onboarding a macOS device into Compliance solutions is a multi phase process.
compliance	Device Onboarding Offboarding Macos Jamfpro	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro.md	Title: Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview) + Title: Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro f1.keywords: NOCSH ms.localizationpriority: medium - M365-security-compliance search.appverid:-- MET150 -description: Learn how to onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview) +- MET150 +description: Learn how to onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro -# Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview) +# Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro -You can use JAMF Pro to onboard macOS devices into Microsoft 365 compliance solutions like Endpoint data loss prevention. + +You can use JAMF Pro to onboard macOS devices into Microsoft Purview solutions like Endpoint data loss prevention. > [!IMPORTANT] > Use this procedure if you *do not* have Microsoft Defender for Endpoint (MDE) deployed to your macOS devices Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) ## Before you begin - Make sure your [macOS devices are managed through JAMF pro](https://www.jamf.com/resources/product-documentation/jamf-pro-installation-guide-for-mac/) and are associated with an identity (Azure AD joined UPN) through JAMF Connect or Intune. - Install the v95+ Edge browser on your macOS devices -## Onboard devices into Microsoft 365 Compliance solutions using JAMF Pro +## Onboard devices into Microsoft Purview solutions using JAMF Pro 1. You'll need these files for this procedure.
compliance	Device Onboarding Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-overview.md	description: "Onboard Windows 10 and Windows 11 devices into Microsoft 365" # Onboard Windows 10 and Windows 11 devices into Microsoft 365 overview + Applies to: - [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Insider risk management](insider-risk-management.md) Endpoint data loss prevention (Endpoint DLP) and insider risk management require that Windows 10 Windows and Windows 11 devices be onboarded into the service so that they can send monitoring data to the services. Endpoint DLP allows you to monitor Windows 10 or Windows 11 devices and detect when sensitive items are used and shared. This gives you the visibility and control you need to ensure that they are used and protected properly, and to help prevent risky behavior that might compromise them. For more information about all of MicrosoftΓÇÖs DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). To learn more about Endpoint DLP, see [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md). -Insider risk management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks. For more information, see [Learn about insider risk management in Microsoft 365](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365). +Insider risk management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks. For more information, see [Learn about insider risk management](insider-risk-management.md). Device onboarding is shared across Microsoft 365 and Microsoft Defender for Endpoint (MDE). If you've already onboarded devices to MDE, they will appear in the managed devices list and no further steps are necessary to onboard those specific devices. Onboarding devices in Compliance center also onboards them into MDE. Make sure that the Windows devices that you need to onboard meet these requireme ## Onboarding Windows 10 or Windows 11 devices -You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft 365 Compliance portal. +You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft Purview compliance portal. When you want to onboard devices that haven't been onboarded yet, you'll download the appropriate script and deploy it to those devices. Follow the device onboarding procedures below. If you already have devices onboarded into [Microsoft Defender for Endpoint](/wi In this deployment scenario, you'll onboard Windows 10 or Windows 11 devices that have not been onboarded yet. -1. Open the [Microsoft compliance center](https://compliance.microsoft.com). Choose Settings > Enable device monitoring. +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com). Choose Settings > Enable device monitoring. > [!NOTE] > While it usually takes about 60 seconds for device onboarding to be enabled, please allow up to 30 minutes before engaging with Microsoft support. Once an device is onboarded, it should be visible in the devices list and also s ### Viewing Endpoint DLP alerts in DLP Alerts Management dashboard -1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and choose Alerts. +1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and choose Alerts. 2. Refer to the procedures in [How to configure and view alerts for your DLP policies](dlp-configure-view-alerts-policies.md) to view alerts for your Endpoint DLP policies. ### Viewing Endpoint DLP data in activity explorer -1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft 365 Compliance center and choose Activity explorer. +1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft Purview compliance portal and choose Activity explorer. 2. Refer to the procedures in [Get started with Activity explorer](data-classification-activity-explorer.md) to access and filter all the data for your Endpoint devices. Once an device is onboarded, it should be visible in the devices list and also s ## See also -- [Learn about insider risk management in Microsoft 365](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Learn about insider risk management](insider-risk-management.md) - [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) - [Using Endpoint data loss prevention](endpoint-dlp-using.md) - [Learn about data loss prevention](dlp-learn-about-dlp.md)
compliance	Device Onboarding Sccm	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-sccm.md	description: Use Configuration Manager to deploy the configuration package on de # Onboard Windows 10 and Windows 11 devices using Configuration Manager + Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) ### Onboard devices using System Center Configuration Manager -1. Get the configuration package .zip file (DeviceComplianceOnboardingPackage.zip) from [Microsoft Compliance center](https://compliance.microsoft.com/). +1. Get the configuration package .zip file (DeviceComplianceOnboardingPackage.zip) from [Microsoft Purview compliance portal](https://compliance.microsoft.com/). 2. In the navigation pane, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device Onboarding > Onboarding. If you use Microsoft Endpoint Configuration Manager current branch, see [Create ### Offboard devices using System Center 2012 R2 Configuration Manager -1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>: +1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>: 2. In the navigation pane, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device onboarding> Offboarding. If you're using System Center 2012 R2 Configuration Manager, monitoring consists ![Configuration Manager showing successful deployment with no errors.](../media/sccm-deployment.png) -### Check that the devices are compliant with the Microsoft 365 Endpoint data loss prevention service +### Check that the devices are compliant with the Endpoint data loss prevention service You can set a compliance rule for configuration item in System Center 2012 R2 Configuration Manager to monitor your deployment.
compliance	Device Onboarding Script	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-script.md	description: Use a local script to deploy the configuration package on devices s # Onboard Windows 10 and Windows 11 devices using a local script + Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) You can also manually onboard individual devices to Microsoft 365. You might want to do this first when testing the service before you commit to onboarding all devices in your network. You can also manually onboard individual devices to Microsoft 365. You might wan ## Onboard devices -1. Get the configuration package .zip file (DeviceComplianceOnboardingPackage.zip) package from [Microsoft Compliance center](https://compliance.microsoft.com) +1. Get the configuration package .zip file (DeviceComplianceOnboardingPackage.zip) package from [Microsoft Purview compliance portal](https://compliance.microsoft.com) 2. In the navigation pane, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device onboarding. For security reasons, the package used to Offboard devices will expire 30 days a > [!NOTE] > Onboarding and offboarding policies must not be deployed on the same device at the same time, otherwise this will cause unpredictable collisions. -1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. In the navigation pane, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device offboarding. Monitoring can also be done directly on the portal, or by using the different de ### Monitor devices using the portal -1. Go to [Microsoft 365 Compliance center](https://compliance.microsoft.com). +1. Go to [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Choose Settings > Device onboarding > Devices. -1. Go to Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device onboarding > Devices. +1. Go to Microsoft Purview compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174201" target="_blank">Settings</a> > Device onboarding > Devices. 1. Verify that devices are appearing. Monitoring can also be done directly on the portal, or by using the different de - [Onboard Windows 10 and Windows 11 devices using Mobile Device Management tools](device-onboarding-mdm.md) - [Onboard non-persistent virtual desktop infrastructure (VDI) devices](device-onboarding-vdi.md) - [Run a detection test on a newly onboarded Microsoft Defender for Endpoint device](/windows/security/threat-protection/microsoft-defender-atp/run-detection-test)-- [Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues](/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding) +- [Troubleshoot Microsoft Defender Advanced Threat Protection onboarding issues](/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding)
compliance	Device Onboarding Vdi	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-vdi.md	- M365-security-compliance search.appverid: - MET150 -description: Deploy the configuration package on virtual desktop infrastructure (VDI) device so that they are onboarded to the Microsoft 365 Endpoint data loss prevention service. +description: Deploy the configuration package on virtual desktop infrastructure (VDI) device so that they are onboarded to the Endpoint data loss prevention service. # Onboard non-persistent virtual desktop infrastructure devices + Applies to: -- [Microsoft 365 Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md)-- [Insider risk management](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365) +- [Endpoint data loss prevention (DLP)](./endpoint-dlp-learn-about.md) +- [Insider risk management](insider-risk-management.md) - Virtual desktop infrastructure (VDI) devices > [!WARNING] -> Microsoft 365 Endpoint data loss prevention support for Windows Virtual Desktop supports single session scenarios. Multi-session scenarios on Windows Virtual Desktop are currently not supported. +> Endpoint data loss prevention support for Windows Virtual Desktop supports single session scenarios. Multi-session scenarios on Windows Virtual Desktop are currently not supported. ## Onboard VDI devices There might be associated challenges when onboarding VDIs. The following are typ - Instant early onboarding of short-lived sessions, which must be onboarded to Microsoft 365 prior to the actual provisioning. - The device name is typically reused for new sessions. -VDI devices can appear in the Microsoft 365 Compliance center as either: +VDI devices can appear in the Microsoft Purview compliance portal as either: - Single entry for each device. Note that in this case, the same device name must be configured when the session is created, for example using an unattended answer file. The following steps will guide you through onboarding VDI devices and will highl > [!WARNING] > For environments where there are low resource configurations, the VDI boot procedure might slow the device onboarding process. -1. Get the VDI configuration package .zip file (DeviceCompliancePackage.zip) from [Microsoft Compliance center](https://compliance.microsoft.com). +1. Get the VDI configuration package .zip file (DeviceCompliancePackage.zip) from [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. In the navigation pane, select Settings > Device onboarding > Onboarding.
compliance	Differences Between Estimated And Actual Ediscovery Search Results	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/differences-between-estimated-and-actual-ediscovery-search-results.md	Title: "Differences between estimated and actual eDiscovery search results" + Title: "Estimated and actual eDiscovery search results" f1.keywords: - NOCSH description: "Understand why estimated and actual search results may vary in sea This article applies to searches that you can run using one of the following Microsoft 365 eDiscovery tools: - Content search-- Core eDiscovery +- eDiscovery (Standard) -When you run an eDiscovery search, the tool you're using will return an estimate of the number of items (and their total size) that match the search criteria. For example, when you run a search in the Microsoft 365 compliance center, the estimated search results are displayed on the flyout page for the selected search. +When you run an eDiscovery search, the tool you're using will return an estimate of the number of items (and their total size) that match the search criteria. For example, when you run a search in the Microsoft Purview compliance portal, the estimated search results are displayed on the flyout page for the selected search. ![Estimate of results displayed on the search flyout page.](../media/EstimatedSearchResults1.png)
compliance	Disable Reports When You Export Content Search Results	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disable-reports-when-you-export-content-search-results.md	search.appverid: ms.assetid: c9b0ff0c-282b-4a44-b43f-cfc5b96557f9 - seo-marvel-apr2020 -description: Edit the Windows Registry on your local computer to disable reports when you export the results of a Content Search from the Microsoft 365 compliance center. +description: Edit the Windows Registry on your local computer to disable reports when you export the results of a Content Search from the Microsoft Purview compliance portal. # Disable reports when you export Content Search results -When you use the eDiscovery Export tool to export the results of a Content Search in the Microsoft 365 compliance center, the tool automatically creates and exports two reports that contain additional information about the exported content. These reports are the Results.csv file and the Manifest.xml file (see the [Frequently asked questions about disabling export reports](#frequently-asked-questions-about-disabling-export-reports) section in this topic for detailed descriptions of these reports). Because these files can be very large, you can speed up the download time and save disk space by preventing these files from being exported. You can do this by changing the Windows Registry on the computer that you use to export the search results. If you want to include the reports at a later time, you can edit the registry setting. +When you use the eDiscovery Export tool to export the results of a Content Search in the Microsoft Purview compliance portal, the tool automatically creates and exports two reports that contain additional information about the exported content. These reports are the Results.csv file and the Manifest.xml file (see the [Frequently asked questions about disabling export reports](#frequently-asked-questions-about-disabling-export-reports) section in this topic for detailed descriptions of these reports). Because these files can be very large, you can speed up the download time and save disk space by preventing these files from being exported. You can do this by changing the Windows Registry on the computer that you use to export the search results. If you want to include the reports at a later time, you can edit the registry setting. ## Create registry settings to disable the export reports
compliance	Disposition	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disposition.md	description: "Monitor and manage the disposal of content for when you use a disp # Disposition of content + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Use the Disposition page from Records Management in the Microsoft 365 compliance center to manage disposition reviews and view the metadata of [records](records-management.md#records) that have been automatically deleted at the end of their retention period. +Use the Disposition page from Records Management in the Microsoft Purview compliance portal to manage disposition reviews and view the metadata of [records](records-management.md#records) that have been automatically deleted at the end of their retention period. ## Prerequisites for viewing content dispositions To manage disposition reviews and confirm that records have been deleted, you mu ### Permissions for disposition -To successfully access the Disposition tab in the Microsoft 365 compliance center, users must have the Disposition Management role. From December 2020, this role is now included in the Records Management default role group. +To successfully access the Disposition tab in the Microsoft Purview compliance portal, users must have the Disposition Management role. From December 2020, this role is now included in the Records Management default role group. > [!NOTE] > By default, a global admin isn't granted the Disposition Management role. To grant users just the permissions they need for disposition reviews without granting them permissions to view and configure other features for retention and records management, create a custom role group (for example, named "Disposition Reviewers") and grant this group the Disposition Management role. -For instructions to add users to the default roles or create your own role groups, see [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md). +For instructions to add users to the default roles or create your own role groups, see [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md). Additionally: -- To view the contents of items during the disposition process, add users to the Content Explorer Content Viewer role group. If users don't have the permissions from this role group, they can still select a disposition review action to complete the disposition review, but must do so without being able to view the item's contents from the mini-preview pane in the compliance center. +- To view the contents of items during the disposition process, add users to the Content Explorer Content Viewer role group. If users don't have the permissions from this role group, they can still select a disposition review action to complete the disposition review, but must do so without being able to view the item's contents from the mini-preview pane in the Microsoft Purview compliance portal. - By default, each person that accesses the Disposition page sees only items that they are assigned to review. For a records management administrator to see all items assigned to all users, and all retention labels that are configured for disposition review: Navigate to Records management settings > Disposition to select and then enable a mail-enabled security group that contains the administrator accounts. Microsoft 365 groups and security groups that aren't mail-enabled don't support this feature and don't display in the list to select. If you need to create a new mail-enabled security group, use the link to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> to create the new group. > [!IMPORTANT] - > After you have enabled the group, you can't change it in the compliance center. See the next section for how to enable a different group by using PowerShell. + > After you have enabled the group, you can't change it in the Microsoft Purview compliance portal. See the next section for how to enable a different group by using PowerShell. - The Records management settings option is visible only to record management administrators. #### Enabling another security group for disposition -After you have enabled a security group for disposition from the Records management settings in the Microsoft 365 compliance center, you can't disable this permission for the group or replace the selected group in the compliance center. However, you can enable another mail-enabled security group by using the [Enable-ComplianceTagStorage](/powershell/module/exchange/enable-compliancetagstorage) cmdlet. +After you have enabled a security group for disposition from the Records management settings in the Microsoft Purview compliance portal, you can't disable this permission for the group or replace the selected group in the Microsoft Purview compliance portal. However, you can enable another mail-enabled security group by using the [Enable-ComplianceTagStorage](/powershell/module/exchange/enable-compliancetagstorage) cmdlet. For example: Enable-ComplianceTagStorage -RecordsManagementSecurityGroupEmail dispositionrevi ### Enable auditing -Make sure that auditing is enabled at least one day before the first disposition action. For more information, see [Search the audit log in the compliance center](search-the-audit-log-in-security-and-compliance.md). +Make sure that auditing is enabled at least one day before the first disposition action. For more information, see [Search the audit log in the Microsoft Purview compliance portal](search-the-audit-log-in-security-and-compliance.md). ## Disposition reviews When a disposition review is triggered at the end of the retention period, the r You can customize the notification email that reviewers receive, including instructions in different languages. For multi-language support, you must specify the translations yourself and this custom text is displayed to all reviewers irrespective of their locale. -Users receive an initial email notification per label at the end of the item's retention period, with a reminder per label once a week of all disposition reviews that they are assigned. They can click the link in the notification and reminder emails to go directly to the Records management > Disposition page in the Microsoft 365 compliance center to review the content and take an action. Alternately, the reviewers can navigate to this Disposition page in the compliance center. Then: +Users receive an initial email notification per label at the end of the item's retention period, with a reminder per label once a week of all disposition reviews that they are assigned. They can click the link in the notification and reminder emails to go directly to the Records management > Disposition page in the Microsoft Purview compliance portal to review the content and take an action. Alternately, the reviewers can navigate to this Disposition page in the Microsoft Purview compliance portal. Then: - Reviewers see only the disposition reviews that are assigned to them, whereas administrators who are added to the selected security group for records manager see all disposition reviews. Administrators can see an overview of all pending dispositions in the Overview When you select the View all pending dispositions, you're taken to the Disposition page. For example: -![Dispositions page in Microsoft 365 compliance center.](../media/disposition-tab.png) +![Dispositions page in the Microsoft Purview compliance portal.](../media/disposition-tab.png) ### Workflow for a disposition review Example default email notification sent to a reviewer: You can customize the email messages that are sent to disposition reviewers for the initial notification and then reminders. -From any of the Records management pages in the compliance center, select Records management settings: +From any of the Records management pages in the Microsoft Purview compliance portal, select Records management settings: ![Records management settings.](../media/record-management-settings.png) Select Save to save any changes. ### Viewing and disposing of content -When a reviewer is notified by email that content is ready to review, they can click a link in the email that takes them directly to the Disposition page from Records management in the Microsoft 365 compliance center. There, the reviewers can see how many items for each retention label are waiting disposition with the Type displaying Pending disposition. They then select a retention label, and Open in new window to see all content with that label: +When a reviewer is notified by email that content is ready to review, they can click a link in the email that takes them directly to the Disposition page from Records management in the Microsoft Purview compliance portal. There, the reviewers can see how many items for each retention label are waiting disposition with the Type displaying Pending disposition. They then select a retention label, and Open in new window** to see all content with that label: ![Open in new window for disposition review.](../media/open-in-new-window.png)
compliance	Dlp Alerts Dashboard Get Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-alerts-dashboard-get-started.md	Title: "Get started with the data loss prevention alert dashboard" + Title: "Get started with the DLP Alerts dashboard" f1.keywords: - CSH description: Get started with defining and managing alerts for data loss prevention policies. -# Get started with the data loss prevention alert dashboard +# Get started with the data loss prevention Alerts dashboard -Data loss prevention (DLP) policies can take protective actions to prevent unintentional sharing of sensitive items. When an action is taken on a sensitive item, you can be notified by configuring alerts for DLP. This article shows you how to define rich alert policies that are linked to your data loss prevention (DLP) policies. You'll see how to use the [DLP alert management dashboard](https://compliance.microsoft.com/datalossprevention?viewid=dlpalerts) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> to view alerts, events, and associated metadata for DLP policy violations. + +Microsoft Purview Data Loss Prevention (DLP) policies can take protective actions to prevent unintentional sharing of sensitive items. When an action is taken on a sensitive item, you can be notified by configuring alerts for DLP. This article shows you how to define rich alert policies that are linked to your data loss prevention (DLP) policies. You'll see how to use the [DLP alert management dashboard](https://compliance.microsoft.com/datalossprevention?viewid=dlpalerts) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> to view alerts, events, and associated metadata for DLP policy violations. If you are new to DLP alerts, you should review [Learn about the data loss prevention alerts dashboard](dlp-alerts-dashboard-learn.md) Before you begin, make sure you have the necessary prerequisites: ### Licensing for the DLP alert management dashboard -All eligible tenants for Office 365 DLP can access the DLP alert management dashboard. To get started, you should be eligible for Office 365 DLP for Exchange Online, SharePoint Online, and OneDrive for Business. For more information about the licensing requirements for Office 365 DLP, see [Which licenses provide the rights for a user to benefit from the service?](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#which-licenses-provide-the-rights-for-a-user-to-benefit-from-the-service-16). +All eligible tenants for DLP can access the DLP alert management dashboard. To get started, you should be eligible for Microsoft Purview DLP for Exchange Online, SharePoint Online, and OneDrive for Business. For more information about the licensing requirements for DLP, see [Which licenses provide the rights for a user to benefit from the service?](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#which-licenses-provide-the-rights-for-a-user-to-benefit-from-the-service-16). Customers who use [Endpoint DLP](endpoint-dlp-learn-about.md) who are eligible for [Teams DLP](dlp-microsoft-teams.md) will see their endpoint DLP policy alerts and Teams DLP policy alerts in the DLP alert management dashboard. which has the data classification content viewer role pre-assigned. There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about them, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins If your org is licensed for [single-event alert configuration options](#licensin To work with the DLP alert management dashboard: -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, go to Data Loss Prevention. +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, go to Data loss prevention. 2. Select the Alerts tab to view the DLP alerts dashboard. 3. Select an alert to see details:
compliance	Dlp Alerts Dashboard Learn	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-alerts-dashboard-learn.md	Title: "Learn about the data loss prevention Alerts dashboard" + Title: "Learn about the DLP alerts dashboard" f1.keywords: - CSH description: Learn about data loss prevention alerts and the alerts dashboard. # Learn about the data loss prevention Alerts dashboard -When the criteria in a Data loss prevention (DLP) policy is matched by the actions a user is taking on a sensitive item, the policy can generate an alert. This situation can result in a high volume of alerts. DLP alerts are collected in the alerts dashboard. The alerts dashboard gives you a single place to go to do a deep investigation of all the details about the policy match. -<!-- [Microsoft 365 compliance center](https://compliance.microsoft.com/)--> +When the criteria in a Microsoft Purview Data Loss Prevention (DLP) policy is matched by the actions a user is taking on a sensitive item, the policy can generate an alert. This situation can result in a high volume of alerts. DLP alerts are collected in the alerts dashboard. The alerts dashboard gives you a single place to go to do a deep investigation of all the details about the policy match. + +<!-- [Microsoft Purview compliance portal](https://compliance.microsoft.com/)--> ## Workloads -The [DLP alert management dashboard](https://compliance.microsoft.com/datalossprevention?viewid=dlpalerts), in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, shows alerts for DLP policies on these workloads: +The [DLP alert management dashboard](https://compliance.microsoft.com/datalossprevention?viewid=dlpalerts), in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, shows alerts for DLP policies on these workloads: - Exchange - SharePoint
compliance	Dlp Chrome Get Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-chrome-get-started.md	Title: "Get started with the Microsoft Compliance Extension" + Title: "Get started with the Microsoft Purview Extension" f1.keywords: - CSH search.appverid: - MET150 -description: "Prepare for and deploy the Microsoft Compliance Extension." +description: "Prepare for and deploy the Microsoft Purview Extension." -# Get started with Microsoft Compliance Extension +# Get started with Microsoft Purview Extension -Use these procedures to roll out the Microsoft Compliance Extension. + +Use these procedures to roll out the Microsoft Purview Extension. ## Before you begin -To use Microsoft Compliance Extension, the device must be onboarded into endpoint DLP. Review these articles if you are new to DLP or endpoint DLP +To use Microsoft Purview Extension, the device must be onboarded into endpoint DLP. Review these articles if you are new to DLP or endpoint DLP -- [Learn about Microsoft Compliance Extension](dlp-chrome-learn-about.md)-- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Extension](dlp-chrome-learn-about.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md) - [Learn about endpoint data loss prevention](endpoint-dlp-learn-about.md) Data from Endpoint DLP can be viewed in [Activity explorer](data-classification- There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins Here's a list of MIP role groups that are in preview. To learn more about the, s ### Overall installation workflow -Deploying Microsoft Compliance Extension is a multi-phase process. You can choose to install on one machine at a time, or use Microsoft Endpoint Manager or Group Policy for organization-wide deployments. +Deploying the extension is a multi-phase process. You can choose to install on one machine at a time, or use Microsoft Endpoint Manager or Group Policy for organization-wide deployments. 1. [Prepare your devices](#prepare-your-devices). 2. [Basic Setup Single Machine Selfhost](#basic-setup-single-machine-selfhost) 3. [Deploy using Microsoft Endpoint Manager](#deploy-using-microsoft-endpoint-manager) 4. [Deploy using Group Policy](#deploy-using-group-policy) -5. [Test the Extension](#test-the-extension) +5. [Test the extension](#test-the-extension) 6. [Use the Alerts Management Dashboard to viewing Chrome DLP alerts](#use-the-alerts-management-dashboard-to-viewing-chrome-dlp-alerts) 7. [Viewing Chrome DLP data in activity explorer](#viewing-chrome-dlp-data-in-activity-explorer) ### Prepare infrastructure -If you are rolling out the Microsoft Compliance Extension to all your monitored Windows 10 devices, you should remove Google Chrome from the unallowed app and unallowed browser lists. For more information, see [Unallowed browsers](dlp-configure-endpoint-settings.md#unallowed-browsers). If you are only rolling it out to a few devices, you can leave Chrome on the unallowed browser or unallowed app lists. The Microsoft Compliance Extension will bypass the restrictions of both lists for those computers where it is installed. +If you are rolling out the extension to all your monitored Windows 10 devices, you should remove Google Chrome from the unallowed app and unallowed browser lists. For more information, see [Unallowed browsers](dlp-configure-endpoint-settings.md#unallowed-browsers). If you are only rolling it out to a few devices, you can leave Chrome on the unallowed browser or unallowed app lists. The extension will bypass the restrictions of both lists for those computers where it is installed. ### Prepare your devices If you are rolling out the Microsoft Compliance Extension to all your monitored This is the recommended method. -1. Navigate to [Microsoft Compliance Extension - Chrome Web Store (google.com)](https://chrome.google.com/webstore/detail/microsoft-compliance-exte/echcggldkblhodogklpincgchnpgcdco). +1. Navigate to [Microsoft Purview Extension - Chrome Web Store (google.com)](https://chrome.google.com/webstore/detail/microsoft-compliance-exte/echcggldkblhodogklpincgchnpgcdco). 2. Install the extension using the instructions on the Chrome Web Store page. Use this setup method for organization-wide deployments. #### Microsoft Endpoint Manager Force Install Steps -Before adding the Microsoft Compliance Extension to the list of force-installed extensions, it is important to ingest the Chrome ADMX. Steps for this process in Microsoft Endpoint Manager are documented by Google: [Manage Chrome Browser with Microsoft Intune - Google Chrome Enterprise Help](https://support.google.com/chrome/a/answer/9102677?hl=en#zippy=%2Cstep-ingest-the-chrome-admx-file-into-intune). +Before adding the extension to the list of force-installed extensions, it is important to ingest the Chrome ADMX. Steps for this process in Microsoft Endpoint Manager are documented by Google: [Manage Chrome Browser with Microsoft Intune - Google Chrome Enterprise Help](https://support.google.com/chrome/a/answer/9102677?hl=en#zippy=%2Cstep-ingest-the-chrome-admx-file-into-intune). After ingesting the ADMX, the steps below can be followed to create a configuration profile for this extension. Before adding the Microsoft Compliance Extension to the list of force-installed ### Deploy using Group Policy -If you don't want to use Microsoft Endpoint Manager, you can use group policies to deploy the Microsoft Compliance Extension across your organization. +If you don't want to use Microsoft Endpoint Manager, you can use group policies to deploy the extension across your organization. #### Adding the Chrome Extension to the ForceInstall List Now that youΓÇÖve removed Chrome from the disallowed browsers/apps list, you can ### Use the Alerts Management Dashboard to viewing Chrome DLP alerts -1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and select Alerts. +1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and select Alerts. 2. Refer to the procedures in [How to configure and view alerts for your DLP policies](dlp-configure-view-alerts-policies.md) to view alerts for your Endpoint DLP policies. ### Viewing Chrome DLP data in activity explorer -1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and choose Activity explorer. +1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and choose Activity explorer. 2. Refer to the procedures in [Get started with Activity explorer](data-classification-activity-explorer.md) to access and filter all the data for your Endpoint devices.
compliance	Dlp Chrome Learn About	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-chrome-learn-about.md	Title: "Learn about the Microsoft Compliance Extension" + Title: "Learn about the Microsoft Purview Extension" f1.keywords: - CSH - m365initiative-compliance search.appverid: - MET150 -description: "The Microsoft Compliance Extension extends monitoring and control of file activities and protective actions to the Google Chrome browser" +description: "The Microsoft Purview Extension extends monitoring and control of file activities and protective actions to the Google Chrome browser" -# Learn about the Microsoft Compliance Extension +# Learn about the Microsoft Purview Extension) -[Endpoint data loss prevention (endpoint DLP)](endpoint-dlp-learn-about.md) extends the activity monitoring and protection capabilities of [Microsoft 365 data loss prevention (DLP)](dlp-learn-about-dlp.md) to sensitive items that are on Windows 10 devices. Once devices are onboarded into the Microsoft 365 compliance solutions, the information about what users are doing with sensitive items is made visible in [activity explorer](data-classification-activity-explorer.md) and you can enforce protective actions on those items via [DLP policies](create-test-tune-dlp-policy.md). -Once the Microsoft Compliance Extension is installed on a Windows 10 device, organizations can monitor when a user attempts to access or upload a sensitive item to a cloud service using Google Chrome and enforce protective actions via DLP. +[Endpoint data loss prevention (endpoint DLP)](endpoint-dlp-learn-about.md) extends the activity monitoring and protection capabilities of [Microsoft Purview data loss prevention (DLP)](dlp-learn-about-dlp.md) to sensitive items that are on Windows 10 devices. Once devices are onboarded into the Microsoft Purview solutions, the information about what users are doing with sensitive items is made visible in [activity explorer](data-classification-activity-explorer.md) and you can enforce protective actions on those items via [DLP policies](create-test-tune-dlp-policy.md). + +Once the Extension is installed on a Windows 10 device, organizations can monitor when a user attempts to access or upload a sensitive item to a cloud service using Google Chrome and enforce protective actions via DLP. ## Activities you can monitor and take action on -The Microsoft Compliance Extension enables you to audit and manage the following types of activities users take on sensitive items on devices running Windows 10. +The extension enables you to audit and manage the following types of activities users take on sensitive items on devices running Windows 10. activity \|description \| supported policy actions\| \|\|\|\| activity \|description \| supported policy actions\| ## Next steps -See [Get started with the Microsoft Compliance Extension](dlp-chrome-get-started.md) for complete deployment procedures and scenarios. +See [Get started with the Microsoft Purview Extension](dlp-chrome-get-started.md) for complete deployment procedures and scenarios. ## See also -- [Get started with Microsoft Compliance Extension](dlp-chrome-get-started.md)-- [Learn about Microsoft 365 Endpoint data loss prevention](endpoint-dlp-learn-about.md)-- [Getting started with Microsoft Endpoint data loss prevention](endpoint-dlp-getting-started.md)-- [Using Microsoft Endpoint data loss prevention](endpoint-dlp-using.md) +- [Get started with Microsoft Purview Extension](dlp-chrome-get-started.md) +- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) +- [Getting started with Endpoint data loss prevention](endpoint-dlp-getting-started.md) +- [Using Endpoint data loss prevention](endpoint-dlp-using.md) - [Learn about data loss prevention](dlp-learn-about-dlp.md) - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Get started with Activity explorer](data-classification-activity-explorer.md) - [Microsoft Defender for Endpoint](/windows/security/threat-protection/)-- [Insider Risk management](insider-risk-management.md) +- [Insider risk management](insider-risk-management.md)
compliance	Dlp Conditions And Exceptions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-conditions-and-exceptions.md	description: "learn about dlp policy conditions and exceptions" # DLP policy conditions, exceptions, and actions + Conditions and exceptions in DLP policies identify sensitive items that the policy is applied to. Actions define what happens as a consequence of a condition of exception being met. - Conditions define what to include To configure the sender address location at a DLP rule level, the parameter is * \|condition or exception in DLP\|condition/exception parameters in Microsoft 365 PowerShell\|property type\|description\| \|\|\|\|\| -\|Subject contains words or phrases\|condition: SubjectContainsWords <br/><br/> exception: ExceptIf SubjectContainsWords\|Words\|Messages that have the specified words in the Subject field.\| -\|Subject matches patterns\|condition: SubjectMatchesPatterns <br/><br/> exception: ExceptIf SubjectMatchesPatterns\|Patterns\|Messages where the Subject field contain text patterns that match the specified regular expressions.\| -\|Content contains\|condition: ContentContainsSensitiveInformation <br/><br/> exception ExceptIfContentContainsSensitiveInformation\|SensitiveInformationTypes\|Messages or documents that contain sensitive information as defined by data loss prevention (DLP) policies.\| -\|Subject or Body matches pattern\|condition: SubjectOrBodyMatchesPatterns <br/><br/> exception: ExceptIfSubjectOrBodyMatchesPatterns\|Patterns\|Messages where the subject field or message body contains text patterns that match the specified regular expressions.\| -\|Subject or Body contains words\|condition: SubjectOrBodyContainsWords <br/><br/> exception: ExceptIfSubjectOrBodyContainsWords\|Words\|Messages that have the specified words in the subject field or message body\| +\|Subject contains words or phrases\|condition: SubjectContainsWords <br/> exception: ExceptIf SubjectContainsWords\|Words\|Messages that have the specified words in the Subject field.\| +\|Subject matches patterns\|condition: SubjectMatchesPatterns <br/> exception: ExceptIf SubjectMatchesPatterns\|Patterns\|Messages where the Subject field contain text patterns that match the specified regular expressions.\| +\|Content contains\|condition: ContentContainsSensitiveInformation <br/> exception ExceptIfContentContainsSensitiveInformation\|SensitiveInformationTypes\|Messages or documents that contain sensitive information as defined by Microsoft Purview Data Loss Prevention (DLP) policies.\| +\|Subject or Body matches pattern\|condition: SubjectOrBodyMatchesPatterns <br/> exception: ExceptIfSubjectOrBodyMatchesPatterns\|Patterns\|Messages where the subject field or message body contains text patterns that match the specified regular expressions.\| +\|Subject or Body contains words\|condition: SubjectOrBodyContainsWords <br/> exception: ExceptIfSubjectOrBodyContainsWords\|Words\|Messages that have the specified words in the subject field or message body\| +\| ### Attachments This table describes the actions that are available in DLP. \|Add the sender's manager as recipient\|AddRecipients\|First property: AddedManagerAction<br/><br/>Second property: Field\|Adds the sender's manager to the message as the specified recipient type (To, Cc, Bcc), or redirects the message to the sender's manager without notifying the sender or the recipient. This action only works if the sender's Manager attribute is defined in Active Directory. This parameter uses the syntax: @{AddManagerAsRecipientType = "\<To \\| Cc \\| Bcc\>"}\| Prepend subject\|PrependSubject\|String\|Adds the specified text to the beginning of the Subject field of the message. Consider using a space or a colon (:) as the last character of the specified text to differentiate it from the original subject text.<br/><br/>To prevent the same string from being added to messages that already contain the text in the subject (for example, replies), add the "The subject contains words" (ExceptIfSubjectContainsWords) exception to the rule.\| \|Apply HTML disclaimer\|ApplyHtmlDisclaimer\|First property: Text<br/><br/>Second property: Location<br/><br/>Third property: Fallback action\|Applies the specified HTML disclaimer to the required location of the message.<br/><br/>This parameter uses the syntax: @{ Text = " " ; Location = \<Append \\| Prepend\>; FallbackAction = \<Wrap \\| Ignore \\| Reject\> }\| -\|Remove Office 365 Message Encryption and rights protection\|RemoveRMSTemplate\|n/a\|Removes Office 365 encryption applied on an email\| +\|Remove message encryption and rights protection\|RemoveRMSTemplate\|n/a\|Removes message encryption applied on an email\| \|Deliver the message to the hosted quarantine \|Quarantine\|n/a\| This action is currently in public preview. During this phase, emails quarantined by DLP policies will show policy type as ExchangeTransportRule.<br/><br/> Delivers the message to the quarantine in EOP. For more information, see [Quarantined email messages in EOP](/microsoft-365/security/office-365-security/quarantine-email-messages).\| <!--\|Modify Subject\|ModifySubject\|PswsHashTable \| Remove text from the subject line that matches a specific pattern and replace it with different text. See the example below. You can: <br/><br/>- Replace all matches in the subject with the replacement text <br/><br/>- Append to remove all matches in the subject and inserts the replacement text at the end of the subject. <br/><br/>- Prepend to remove all matches and inserts the replacement text at the beginning of the subject. See ModifySubject parameter in, /powershell/module/exchange/new-dlpcompliancerule\|-->
compliance	Dlp Configure Endpoint Settings	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-configure-endpoint-settings.md	Title: "Configure endpoint data loss prevention settings" + Title: "Configure endpoint DLP settings" f1.keywords: - CSH description: "Learn how to configure endpoint data loss prevention (DLP) central # Configure endpoint data loss prevention settings + Many aspects of Endpoint data loss prevention (DLP) behavior are controlled by centrally configured settings. Settings are applied to all DLP policies for devices. ![Endpoint DLP settings](../media/endpoint-dlp-1-using-dlp-settings.png) Before you get started, you should set up your DLP settings. ### Endpoint DLP Windows 10/11 and macOS settings -\|Setting \|Windows 10, 1809 and later, Windows 11 \|macOS Catalina 10.15 or later (preview) \|Notes \| +\|Setting \|Windows 10, 1809 and later, Windows 11 \|macOS Catalina 10.15 or later \|Notes \| \|\|\|\|\| \|File path exclusions \|Supported \|Supported \|macOS includes a recommended list of exclusions that is on by default \| \|Restricted apps \|Supported \|Supported \| \| Before you get started, you should set up your DLP settings. ### Advanced classification scanning and protection -Advanced classification scanning and protection allows the more advanced Microsoft 365 cloud based data classification service to scan items, classify them and return the results to the local machine. This means you can take advantage of classification techniques like [exact data match](create-custom-sensitive-information-types-with-exact-data-match-based-classification.md) classification, [named entities (preview)](named-entities-learn.md#learn-about-named-entities-preview), and [trainable classifiers](classifier-learn-about.md#learn-about-trainable-classifiers) in your DLP policies. +Advanced classification scanning and protection allows the more advanced Microsoft Purview cloud based data classification service to scan items, classify them and return the results to the local machine. This means you can take advantage of classification techniques like [exact data match](create-custom-sensitive-information-types-with-exact-data-match-based-classification.md) classification, [named entities](named-entities-learn.md), and [trainable classifiers](classifier-learn-about.md) in your DLP policies. -When advanced classification is turned on, content is sent from the local device to the cloud services for scanning and classification. If bandwidth utilization is a concern, you can set a limit on how much can be used in a rolling 24 hour period. The limit is configured in Endpoint DLP settings and is applied per device. If you set a bandwidth utilization limit and it's exceeded, DLP stops sending the user content to the cloud. At this point data classification continues locally on the device but classification using exact data match, named entities (preview), and trainable classifiers aren't available. When When the cumulative bandwidth utilization drops below the rolling 24 hour limit, communication with the cloud services will resume. +When advanced classification is turned on, content is sent from the local device to the cloud services for scanning and classification. If bandwidth utilization is a concern, you can set a limit on how much can be used in a rolling 24 hour period. The limit is configured in Endpoint DLP settings and is applied per device. If you set a bandwidth utilization limit and it's exceeded, DLP stops sending the user content to the cloud. At this point data classification continues locally on the device but classification using exact data match, named entities, and trainable classifiers aren't available. When When the cumulative bandwidth utilization drops below the rolling 24 hour limit, communication with the cloud services will resume. If bandwidth utilization isn't a concern, you select No limit to allow unlimited bandwidth utilization. These Windows versions support advanced classification scanning and protection: ### File path exclusions -Open [Compliance center](https://compliance.microsoft.com) > Data loss prevention > Endpoint DLP settings > File path exclusions. +Open [Microsoft Purview compliance portal](https://compliance.microsoft.com) > Data loss prevention > Endpoint DLP settings > File path exclusions. You may want to exclude certain paths from DLP monitoring, DLP alerting, and DLP policy enforcement on your devices because they're too noisy or donΓÇÖt contain files you're interested in. Files in those locations won't be audited and any files that are created or modified in those locations won't be subject to DLP policy enforcement. You can configure path exclusions in DLP settings. You can use this logic to construct your exclusion paths for Windows 10 devices: - A mix of all the above. <br/>For example: `%SystemDrive%\Users\\Documents\(2)\Sub\` -#### macOS devices (preview) +#### macOS devices Similar to Windows 10 devices you can add your own exclusions for macOS devices. For performance reasons, Endpoint DLP includes a list of recommended file path e #### Restricted apps -Restricted apps (previously called Unallowed apps) is a list of applications that you create. You configure what actions DLP will take when a user uses an app on the list to *access* a DLP protected file on a device. It's available for Windows 10 and macOS devices (preview). +Restricted apps (previously called Unallowed apps) is a list of applications that you create. You configure what actions DLP will take when a user uses an app on the list to *access* a DLP protected file on a device. It's available for Windows 10 and macOS devices. When Access by restricted apps is selected in a policy and a user uses an app that is on the restricted apps list to access a protected file, the activity will be `audited`, `blocked`, or `blocked with override` depending on how you configured it. That is unless the same app is a member of a Restricted app group, then the actions configured for activities in the Restricted app group override the actions configured for the access activity for the Restricted apps list. All activity is audited and available to review in activity explorer. User A opens a DLP protected file using Notepad. DLP allows the access and audit If an app is not in File activities for apps in restricted app groups (preview) or is not in the Restricted app activities list or is in the Restricted app activities list with an action of `Audit only`, or 'Block with override`, any restrictions defined in the File activities for all apps are applied in the same rule. -#### macOS devices (preview) +#### macOS devices Just like on Windows devices, you'll now be able to prevent macOS apps from accessing sensitive data by defining them in the Restricted app activities list. For macOS devices, you must add the full file path. To find the full path of Mac #### Service domains > [!NOTE] -> The Service domains setting only applies to files uploaded using Microsoft Edge or Google Chrome with the [the Microsoft Compliance Extension](dlp-chrome-learn-about.md#learn-about-the-microsoft-compliance-extension) installed. +> The Service domains setting only applies to files uploaded using Microsoft Edge or Google Chrome with the [Microsoft Purview Extension](dlp-chrome-learn-about.md#learn-about-the-microsoft-purview-extension) installed. You can control whether sensitive files protected by your policies can be uploaded to specific service domains from Microsoft Edge. File activity will always be audited for onboarded devices, regardless of whethe - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Get started with Activity explorer](data-classification-activity-explorer.md) - [Microsoft Defender for Endpoint](/windows/security/threat-protection/)-- [Onboard Windows 10 and Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview) +- [Onboard Windows 10 and Windows 11 devices into Microsoft Purview overview](/microsoft-365/compliance/device-onboarding-overview) - [Microsoft 365 subscription](https://www.microsoft.com/microsoft-365/compare-microsoft-365-enterprise-plans?rtc=1) - [Azure Active Directory (AAD) joined](/azure/active-directory/devices/concept-azure-ad-join) - [Download the new Microsoft Edge based on Chromium](https://support.microsoft.com/help/4501095/download-the-new-microsoft-edge-based-on-chromium)
compliance	Dlp Configure View Alerts Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-configure-view-alerts-policies.md	Title: "Configure and view alerts for data loss prevention policies" + Title: "Configure and view alerts for DLP policies" f1.keywords: - CSH description: Learn how to define and manage alerts for data loss prevention poli # Configure and view alerts for data loss prevention polices -Data loss prevention (DLP) policies can take protective actions to prevent unintentional sharing of sensitive items. When an action is taken on a sensitive item, you can be notified by configuring alerts for DLP. This article shows you how to define rich alert policies that are linked to your data loss prevention (DLP) policies. You'll see how to use the -new DLP alert management dashboard in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> to view alerts, events, and associated metadata for DLP policy violations. + +Microsoft Purview Data Loss Prevention (DLP) policies can take protective actions to prevent unintentional sharing of sensitive items. When an action is taken on a sensitive item, you can be notified by configuring alerts for DLP. This article shows you how to define rich alert policies that are linked to your data loss prevention (DLP) policies. You'll see how to use the +new DLP alert management dashboard in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> to view alerts, events, and associated metadata for DLP policy violations. ## Features The following features are part of this: -- DLP alert management dashboard: In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, this dashboard shows +- DLP alert management dashboard: In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, this dashboard shows alerts for DLP policies that are enforced on the following workloads: - Exchange For organizations that have an E1, F1, or G1 subscription or an E3 or G3 subscri To work with the DLP alert management dashboard: -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, go to Data Loss Prevention. +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, go to Data Loss Prevention. 2. Select the Alerts tab to view the DLP alerts dashboard.
compliance	Dlp Learn About Dlp	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-learn-about-dlp.md	- M365-security-compliance search.appverid: - MET150 -description: "Learn how to protect your sensitive information using Microsoft 365 data loss prevention policies and tools and take a tour through the DLP lifecycle." +description: "Learn how to protect your sensitive information using Microsoft Purview data loss prevention policies and tools and take a tour through the DLP lifecycle." # Learn about data loss prevention + Organizations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect this sensitive data and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn't have it. This practice is called data loss prevention (DLP). -In Microsoft 365, you implement data loss prevention by defining and applying DLP policies. With a DLP policy, you can identify, monitor, and automatically protect sensitive items across: +In Microsoft Purview, you implement data loss prevention by defining and applying DLP policies. With a DLP policy, you can identify, monitor, and automatically protect sensitive items across: - Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive - Office applications such as Word, Excel, and PowerPoint In Microsoft 365, you implement data loss prevention by defining and applying DL - non-Microsoft cloud apps - on-premises file shares and on-premises SharePoint. -Microsoft 365 detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analyzed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that DLP also uses machine learning algorithms and other methods to detect content that matches your DLP policies. +DLP detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analyzed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that DLP also uses machine learning algorithms and other methods to detect content that matches your DLP policies. -## DLP is part of the larger Microsoft 365 Compliance offering +## DLP is part of the larger Microsoft Purview offering -Microsoft 365 DLP is just one of the Microsoft 365 Compliance tools that you will use to help protect your sensitive items wherever they live or travel. You should understand the other tools in the Microsoft 365 Compliance tools set, how they interrelate, and work better together. See, [Microsoft 365 compliance tools](protect-information.md) to learn more about the information protection process. +DLP is just one of the Microsoft Purview tools that you will use to help protect your sensitive items wherever they live or travel. You should understand the other tools in the Microsoft Purview tools set, how they interrelate, and work better together. See, [Microsoft Purview tools](protect-information.md) to learn more about the information protection process. ## Protective actions of DLP policies -Microsoft 365 DLP policies are how you monitor the activities that users take on sensitive items at rest, sensitive items in transit, or sensitive items in use and take protective actions. For example, when a user attempts to take a prohibited action, like copying a sensitive item to an unapproved location or sharing medical information in an email or other conditions laid out in a policy, DLP can: +DLP policies are how you monitor the activities that users take on sensitive items at rest, sensitive items in transit, or sensitive items in use and take protective actions. For example, when a user attempts to take a prohibited action, like copying a sensitive item to an unapproved location or sharing medical information in an email or other conditions laid out in a policy, DLP can: - show a pop-up policy tip to the user that warns them that they may be trying to share a sensitive item inappropriately - block the sharing and, via a policy tip, allow the user to override the block and capture the users' justification A DLP implementation typically follows these major phases. ### Plan for DLP -Microsoft 365 DLP monitoring and protection are native to the applications that users use every day. This helps to protect your organizations' sensitive items from risky activities even if your users are unaccustomed to data loss prevention thinking and practices. If your organization and your users are new to data loss prevention practices, the adoption of DLP may require a change to your business processes and there will be a culture shift for your users. But, with proper planning, testing and tuning, your DLP policies will protect your sensitive items while minimizing any potential business process disruptions. +DLP monitoring and protection are native to the applications that users use every day. This helps to protect your organizations' sensitive items from risky activities even if your users are unaccustomed to data loss prevention thinking and practices. If your organization and your users are new to data loss prevention practices, the adoption of DLP may require a change to your business processes and there will be a culture shift for your users. But, with proper planning, testing and tuning, your DLP policies will protect your sensitive items while minimizing any potential business process disruptions. Technology planning for DLP DLP policies can block prohibited activities, like inappropriate sharing of sens A successful DLP implementation is as much dependent on getting your users trained and acclimated to data loss prevention practices as it is on well planned and tuned policies. Since your users are heavily involved, be sure to plan for training for them too. You can strategically use policy tips to raise awareness with your users before changing the policy enforcement from test mode to more restrictive modes. -<!--For more information on planning for DLP, including suggestions for deployment based on your needs and resources, see [Planning for Microsoft 365 data loss prevention](dlp-plan-for-dlp.md).--> +<!--For more information on planning for DLP, including suggestions for deployment based on your needs and resources, see [Planning for data loss prevention](dlp-plan-for-dlp.md).--> ### Prepare for DLP Once the policy meets all your objectives, turn it on. Continue to monitor the o You have flexibility in how you create and configure your DLP policies. You can start from a predefined template and create a policy in just a few clicks or you can design your own from the ground up. No matter which you choose, all DLP policies require the same information from you. -1. Choose what you want to monitor - Microsoft 365 comes with many predefined policy templates to help you get started or you can create a custom policy. +1. Choose what you want to monitor - DLP comes with many predefined policy templates to help you get started or you can create a custom policy. - A predefined policy template: Financial data, Medical and health data, Privacy data all for various countries and regions. - A custom policy that uses the available sensitive information types, retention labels, and sensitivity labels. 2. Choose where you want to monitor - You pick one or more locations that you want DLP to monitor for sensitive information. You can monitor: location \| include/exclude by\| <!--## Create a DLP policy -All DLP policies are created and maintained in the Microsoft 365 Compliance center. See, INSERT LINK TO ARTICLE THAT WILL START WALKING THEM THROUGH THE POLICY CREATION PROCEDURES for more information.--> +All DLP policies are created and maintained in the Microsoft Purview center. See, INSERT LINK TO ARTICLE THAT WILL START WALKING THEM THROUGH THE POLICY CREATION PROCEDURES for more information.--> After you create a DLP policy in the Compliance Center, it's stored in a central policy store, and then synced to the various content sources, including: After the policy's synced to the right locations, it starts to evaluate content ## Viewing policy application results -DLP reports a vast amount of information into Microsoft 365 from monitoring, policy matches and actions, and user activities. You'll need to consume and act on that information to tune your policies and triage actions taken on sensitive items. The telemetry goes into the [Microsoft 365 Compliance center Audit Logs](search-the-audit-log-in-security-and-compliance.md#search-the-audit-log-in-the-compliance-center) first, is processed, and makes its way to different reporting tools. Each reporting tool has a different purpose. +DLP reports a vast amount of information into Microsoft Purview from monitoring, policy matches and actions, and user activities. You'll need to consume and act on that information to tune your policies and triage actions taken on sensitive items. The telemetry goes into the [Microsoft Purview compliance portal Audit Logs](search-the-audit-log-in-security-and-compliance.md#search-the-audit-log-in-the-compliance-center) first, is processed, and makes its way to different reporting tools. Each reporting tool has a different purpose. ### DLP Alerts Dashboard The Activity explorer tab on the DLP page has the Activity filter preset to *D For more information, see [Get started with activity explorer](data-classification-activity-explorer.md) -To learn more about Microsoft 365 DLP, see: +To learn more about Microsoft Purview DLP, see: -- [Learn about Microsoft 365 Endpoint data loss prevention](endpoint-dlp-learn-about.md) +- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) - [Learn about the default data loss prevention policy in Microsoft Teams (preview)](dlp-teams-default-policy.md)-- [Learn about the Microsoft 365 data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-learn.md)-- [Learn about the Microsoft Compliance Extension (preview)](dlp-chrome-learn-about.md) +- [Learn about data loss prevention on-premises scanner](dlp-on-premises-scanner-learn.md) +- [Learn about the Microsoft Compliance Extension](dlp-chrome-learn-about.md) - [Learn about the data loss prevention Alerts dashboard](dlp-alerts-dashboard-learn.md) -To learn how to use data loss prevention to comply with data privacy regulations, see [Deploy information protection for data privacy regulations with Microsoft 365](../solutions/information-protection-deploy.md) (aka.ms/m365dataprivacy). +To learn how to use data loss prevention to comply with data privacy regulations, see [Deploy information protection for data privacy regulations with Microsoft Purview](../solutions/information-protection-deploy.md) (aka.ms/m365dataprivacy). ## Licensing and Subscriptions
compliance	Dlp Microsoft Teams	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-microsoft-teams.md	description: "Microsoft Teams chats and channels support Data Loss Prevention (D # Data loss prevention and Microsoft Teams -If your organization has data loss prevention (DLP), you can define policies that prevent people from sharing sensitive information in a Microsoft Teams channel or chat session. Here are some examples of how this protection works: + +If your organization has Microsoft Purview Data Loss Prevention (DLP), you can define policies that prevent people from sharing sensitive information in a Microsoft Teams channel or chat session. Here are some examples of how this protection works: - Example 1: Protecting sensitive information in messages. Suppose that someone attempts to share sensitive information in a Teams chat or channel with guests (external users). If you have a DLP policy defined to prevent this, messages with sensitive information that are sent to external users are deleted. This happens automatically, and within seconds, according to how your DLP policy is configured.
compliance	Dlp Migrate Exo Policy To Unified Dlp	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-migrate-exo-policy-to-unified-dlp.md	Title: "Migrate Exchange Online data loss prevention policies to Compliance center" + Title: "Migrate Exchange Online DLP policies to Compliance center" f1.keywords: - CSH - SPO_Content search.appverid: - MET150 -description: "Learn how to plan for and migrate your Exchange online data loss prevention policies into Microsoft 365 DLP." +description: "Learn how to plan for and migrate your Exchange online data loss prevention policies into DLP." -# Migrate Exchange Online data loss prevention policies to Compliance center +# Migrate Exchange Online data loss prevention policies to Microsoft Purview compliance portal -[Exchange Online data loss prevention (DLP) policies](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention) are being deprecated. [Much richer DLP functionality](dlp-learn-about-dlp.md), including Exchange Online DLP, is offered in the [Microsoft 365 Compliance center](https://compliance.microsoft.com/datalossprevention?viewid=policies). You can use the DLP policy migration wizard to help you bring your Exchange Online DLP policies over to the Compliance center where you'll manage them. + +[Exchange Online data loss prevention (DLP) policies](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention) are being deprecated. [Much richer DLP functionality](dlp-learn-about-dlp.md), including Exchange Online DLP, is offered in the [Microsoft Purview compliance portal](https://compliance.microsoft.com/datalossprevention?viewid=policies). You can use the DLP policy migration wizard to help you bring your Exchange Online DLP policies over to the Compliance center where you'll manage them. The migration wizard works by reading the configuration of your DLP policies in Exchange and then creating duplicate policies in the Compliance center. By default the wizard creates the new versions of the policies in Test mode, so you can see what impact they'd have in your environment without enforcing any of the actions. Once you're ready to fully transition to the Compliance center versions, *you must: The account that you use to run the migration wizard must have access to both th 1. If you are unfamiliar with DLP, the Compliance center DLP console, or the Exchange Admin center DLP console, you should familiarize yourself before attempting a policy migration. 1. [Exchange Online data loss prevention (DLP) policies](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention) - 1. [Learn about Microsoft 365 Endpoint data loss prevention](endpoint-dlp-learn-about.md#learn-about-microsoft-365-endpoint-data-loss-prevention) + 1. [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) 1. [Create, Test, and Tune a DLP policy](create-test-tune-dlp-policy.md) 1. Evaluate your Exchange DLP and Compliance center policies by asking these questions: The account that you use to run the migration wizard must have access to both th After you have evaluated all your Exchange and Compliance center DLP policies for need and compatibility, you can use the migration wizard. -1. Open the [Microsoft 365 Compliance center](https://compliance.microsoft.com/datalossprevention?viewid=policies) DLP console. +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com/datalossprevention?viewid=policies) DLP console. 2. If there are Exchange DLP policies that can be migrated, a banner will appear at the top of the page letting you know. 3. Choose Migrate policies* in the banner to open the migration wizard. All the Exchange DLP policies are listed. Previously migrated policies cannot be selected. 4. Select the policies you want to migrate. You can migrate them individually, or in groups using a phased approach or all at once. Select Next. After you have evaluated all your Exchange and Compliance center DLP policies fo 6. Select the mode you want the new Compliance center policy created in, Active, Test, or Disabled. The default is Test. Select Next. 7. If desired, you can create more policies that are based on the Exchange DLP policies for other unified DLP locations. This will result in one new unified DLP policy for the migrated Exchange policy and one new unified DLP policy for any other locations that you pick here. - > [!IMPORTANT] - > Any Exchange DLP policy conditions and actions that are not supported by other DLP locations, like Devices, SharePoint, OneDrive, On-premises, MCAS or Teams chat and channel messages will be dropped from the additional policy. Also, there is pre-work that must be done for the other locations. See: - > - > - [Learn about Microsoft 365 Endpoint data loss prevention](endpoint-dlp-learn-about.md#learn-about-microsoft-365-endpoint-data-loss-prevention) - > - [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md#get-started-with-endpoint-data-loss-prevention) - > - [Using Endpoint data loss prevention](endpoint-dlp-using.md#using-endpoint-data-loss-prevention) - > - [Learn about the Microsoft 365 data loss prevention on-premises scanner](dlp-on-premises-scanner-learn.md#learn-about-the-microsoft-365-data-loss-prevention-on-premises-scanner) - > - [Get started with the data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md#get-started-with-the-data-loss-prevention-on-premises-scanner) - > - [Use the Microsoft 365 data loss prevention on-premises scanner](dlp-on-premises-scanner-use.md#use-the-microsoft-365-data-loss-prevention-on-premises-scanner) - > - [Use data loss prevention policies for non-Microsoft cloud apps](dlp-use-policies-non-microsoft-cloud-apps.md#use-data-loss-prevention-policies-for-non-microsoft-cloud-apps) - +> [!IMPORTANT] +> Any Exchange DLP policy conditions and actions that are not supported by other DLP locations, like Devices, SharePoint, OneDrive, On-premises, MCAS or Teams chat and channel messages will be dropped from the additional policy. Also, there is pre-work that must be done for the other locations. See: +>- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) +>- [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md) +>- [Using Endpoint data loss prevention](endpoint-dlp-using.md) +>- [Learn about the data loss prevention on-premises scanner](dlp-on-premises-scanner-learn.md) +>- [Get started with the data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md) +>- [Use the Microsoft Purview data loss prevention on-premises scanner](dlp-on-premises-scanner-use.md) +>- [Use data loss prevention policies for non-Microsoft cloud apps](dlp-use-policies-non-microsoft-cloud-apps.md) + 8. Review the migration wizard session settings. Select Next. 9. Review the migration report. Pay attention to any failures involving Exchange mail flow rules. You can fix them and remigrate the associated policies. Test and review your policies. 1. Follow the [Test a DLP policy](create-test-tune-dlp-policy.md#test-a-dlp-policy) procedures. 2. Review the events created by the policy in [Activity explorer](data-classification-activity-explorer.md). -## Review the policy matches between Exchange Admin Center DLP and Microsoft 365 Unified DLP +## Review the policy matches between Exchange Admin Center DLP and Microsoft Purview Unified DLP To ensure that the migrated policies behave as expected, you can export the reports from both admin centers and do a comparison of the policy matches. Once you are satisfied with how your migrated policies are functioning, you can 1. Open the Exchange Admin Center DLP console. 2. Deactivate or delete the source policy. -3. Open the [Microsoft 365 Compliance center](https://compliance.microsoft.com/datalossprevention?viewid=policies) DLP console and select the policy you want to make active to edit it. +3. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com/datalossprevention?viewid=policies) DLP console and select the policy you want to make active to edit it. 4. Change the status to Turn on. ## Related articles - [Exchange Online data loss prevention (DLP) policies](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention)-- [Learn about data loss prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) +- [Learn about data loss prevention](dlp-learn-about-dlp.md) - [Get started with Activity explorer](data-classification-activity-explorer.md) - [Create, Test, and Tune a DLP policy](create-test-tune-dlp-policy.md) - [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md)
compliance	Dlp On Premises Scanner Get Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-on-premises-scanner-get-started.md	Title: "Get started with Microsoft 365 data loss prevention on-premises scanner" + Title: "Get started with data loss prevention on-premises scanner" f1.keywords: - CSH search.appverid: - MET150 -description: "Set up Microsoft 365 data loss prevention on-premises scanner" +description: "Set up data loss prevention on-premises scanner" # Get started with the data loss prevention on-premises scanner -This article walks you through the prerequisites and configuration for the Microsoft 365 data loss prevention on-premises scanner. + +This article walks you through the prerequisites and configuration for the Microsoft Purview data loss prevention on-premises scanner. ## Before you begin Data from DLP on-premises scanner can be viewed in [Activity explorer](data-clas There are roles and role groups in preview that you can test out to fine tune your access controls. -Here's a list of Microsoft Information Protection (MIP) roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) +Here's a list of applicable roles that are in preview. To learn more about them, see [Roles in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center) - Information Protection Admin - Information Protection Analyst - Information Protection Investigator - Information Protection Reader -Here's a list of MIP role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) +Here's a list of applicable role groups that are in preview. To learn more about the, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center) - Information Protection - Information Protection Admins Here's a list of MIP role groups that are in preview. To learn more about the, s > [!IMPORTANT] > Remember that the scanner runs a delta scan of the repository by default and the files that were already scanned in the previous scan cycle will be skipped unless the file was changed or you initiated a full rescan. Full rescan can be initiated by using Rescan all files option in the UI or by running Start-AIPScan-Reset. -6. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) in the Microsoft 365 Compliance center. +6. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) in the Microsoft Purview compliance portal. 7. Choose Create policy and create a test DLP policy. See [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md) if you need help creating a policy. Be sure to run it in test until you are comfortable with this feature. Use these parameters for your policy: 1. Scope the DLP on-premises scanner rule to specific locations if needed. If you scope locations to All, all files scanned by the scanner will be subject to the DLP rule matching and enforcement. Here's a list of MIP role groups that are in preview. To learn more about the, s ### Viewing DLP on-premises scanner alerts in DLP Alerts Management dashboard -1. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) in the Microsoft 365 Compliance center and select Alerts. +1. Open the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention?viewid=policies) in the Microsoft Purview compliance portal and select Alerts. 2. Refer to the procedures in [How to configure and view alerts for your DLP policies](dlp-configure-view-alerts-policies.md) to view alerts for your Endpoint DLP policies. Here's a list of MIP role groups that are in preview. To learn more about the, s > [!NOTE] > The on-premises scanner requires that auditing be enabled. In Microsoft 365 auditing is enabled by default. -1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft 365 Compliance center and select Activity explorer. +1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft Purview compliance portal and select Activity explorer. 2. Refer to the procedures in [Get started with Activity explorer](data-classification-activity-explorer.md) to access and filter all the data for your on-premises scanner locations.
compliance	Dlp On Premises Scanner Learn	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-on-premises-scanner-learn.md	Title: "Learn about Microsoft 365 data loss prevention on-premises scanner" + Title: "Learn about data loss prevention on-premises scanner" f1.keywords: - CSH - m365initiative-compliance search.appverid: - MET150 -description: "Microsoft 365 data loss prevention on-premises scanner extends monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries. Files are scanned and protected by Azure Information Protection (AIP) scanner" +description: "The data loss prevention on-premises scanner extends monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries. Files are scanned and protected by Azure Information Protection (AIP) scanner" -# Learn about the Microsoft 365 data loss prevention on-premises scanner +# Learn about the data loss prevention on-premises scanner -Microsoft data loss prevention on-premises scanner is part of the Microsoft 365 data loss prevention (DLP) suite of features that you can use to discover and protect sensitive items across Microsoft 365 services. For more information about all of MicrosoftΓÇÖs DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). + +Data loss prevention on-premises scanner is part of the Microsoft Purview Data Loss Prevention (DLP) suite of features that you can use to discover and protect sensitive items across Microsoft 365 services. For more information about all of MicrosoftΓÇÖs DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). The DLP on-premises scanner crawls on-premises data-at-rest in file shares and SharePoint document libraries and folders for sensitive items that, if leaked, would pose a risk to your organization or pose a risk of compliance policy violation. This gives you the visibility and control you need to ensure that sensitive items are used and protected properly, and to help prevent risky behavior that might compromise them. The DLP on-premises scanner detects sensitive information by using [built-in](sensitive-information-type-entity-definitions.md) or [custom sensitive information](create-a-custom-sensitive-information-type.md) types, [sensitivity labels](sensitivity-labels.md) or file properties. The information about what users are doing with sensitive items is made visible in [activity explorer](data-classification-activity-explorer.md) and you can enforce protective actions on those items via [DLP policies](create-test-tune-dlp-policy.md). Now that you've learned about DLP on-premises scanner, your next steps are: ## See also -- [Getting started with the Microsoft data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md)-- [Use the Microsoft data loss prevention on-premises scanner](dlp-on-premises-scanner-use.md) +- [Getting started with the data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md) +- [Use the data loss prevention on-premises scanner](dlp-on-premises-scanner-use.md) - [Learn about data loss prevention](dlp-learn-about-dlp.md) - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md)-- [Get started with Activity explorer](data-classification-activity-explorer.md) +- [Get started with Activity explorer](data-classification-activity-explorer.md)
compliance	Dlp On Premises Scanner Use	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-on-premises-scanner-use.md	Title: "Use Microsoft 365 data loss prevention on-premises scanner" + Title: "Use data loss prevention on-premises scanner" f1.keywords: - CSH - m365initiative-compliance search.appverid: - MET150 -description: "Learn how to use the Microsoft 365 data loss prevention on premises scanner to scan data at rest and implement protective actions for on premises file shares and on-premises SharePoint folders and document libraries." +description: "Learn how to use the data loss prevention on premises scanner to scan data at rest and implement protective actions for on premises file shares and on-premises SharePoint folders and document libraries." -# Use the Microsoft 365 data loss prevention on-premises scanner +# Use the data loss prevention on-premises scanner -To help familiarize you with DLP on-premises features and how they surface in DLP policies, we've put together some scenarios for you to follow. + +To help familiarize you with Microsoft Purview Data Loss Prevention on-premises features and how they surface in DLP policies, we've put together some scenarios for you to follow. > [!IMPORTANT] > These DLP on-premises scenarios are not the official procedures for creating and tuning DLP policies. Refer to the below topics when you need to work with DLP policies in general situations: Data from DLP on-premises scanner surfaces in several areas #### Microsoft 365 Audit log -The DLP rule matches are available in Audit log UI, see [Search the audit log in the compliance center](search-the-audit-log-in-security-and-compliance.md) or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) PowerShell. +The DLP rule matches are available in Audit log UI, see [Search the audit log in the Microsoft Purview compliance portal](search-the-audit-log-in-security-and-compliance.md) or accessible by [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) PowerShell. #### AIP
compliance	Dlp Overview Plan For Dlp	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-overview-plan-for-dlp.md	description: "Overview of the planning process for data loss prevention" # Plan for data loss prevention (DLP) + Every organization will plan for and implement data loss prevention (DLP) differently, because every organization's business needs, goals, resources, and situation are unique to them. However, there are elements that are common to all successful DLP implementations. This article presents the best practices that are used by organizations in their DLP planning. ## Multiple starting points Organizations can start their DLP journey: - knowing what sensitive information they want to prioritize protecting, like health care records, and going straight to defining policies to protect it - without knowing what their sensitive information is, where it is, and who is doing what with it so they start with discovery and categorization and take a more methodical approach - without knowing what their sensitive information is, or where it is, or who is doing what with it, but they will move straight to defining policies and use those outcomes as a starting place and then refine their policies from there-- knowing that they need to implement the full Microsoft 365 Information Protection stack and so intend to take a longer term, methodical approach +- knowing that they need to implement the full Microsoft Purview Information Protection stack and so intend to take a longer term, methodical approach -These are just some examples of how customers can approach DLP and it doesn't matter where you start from, Microsoft 365 DLP is flexible enough to accommodate various types of information protection journeys from start to a fully realized data loss prevention strategy. +These are just some examples of how customers can approach DLP and it doesn't matter where you start from, DLP is flexible enough to accommodate various types of information protection journeys from start to a fully realized data loss prevention strategy. ## Overview of planning process -The [Learn about data loss prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) introduces the three different aspects of the [DLP planning process](dlp-learn-about-dlp.md#plan-for-dlp). We'll go into more detail here on the elements that are common to all DLP plans. +The [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) introduces the three different aspects of the [DLP planning process](dlp-learn-about-dlp.md#plan-for-dlp). We'll go into more detail here on the elements that are common to all DLP plans. ### Identify stakeholders In general these needs tend to be 85% regulatory and compliance protection, and ### Describe the categories of sensitive information to protect -The stakeholders then describe the categories of sensitive information to be protected and the business process that they're used in. For example, Microsoft 365 DLP defines these categories: +The stakeholders then describe the categories of sensitive information to be protected and the business process that they're used in. For example, DLP defines these categories: - Financial - Medical and health information Because many organizations come to DLP with the goal of regulatory compliance, a ##### What sensitive items does your organization have that must be protected from leakage? -Once your organization knows where it stands in terms of regulatory compliance needs, you'll have some idea of what sensitive items need to be protected from leakage and how you want to prioritize policy implementation to protect them. This will help you choose the most appropriate DLP policy templates. Microsoft 365 comes with pre-configured DLP templates for Financial, Medical and health, Privacy, and you can build your own using the Custom template. As you design and create your actual DLP policies, knowing the answer to this question will also help you choose the right [sensitive information type](sensitive-information-type-learn-about.md#learn-about-sensitive-information-types). +Once your organization knows where it stands in terms of regulatory compliance needs, you'll have some idea of what sensitive items need to be protected from leakage and how you want to prioritize policy implementation to protect them. This will help you choose the most appropriate DLP policy templates. Microsoft Purview comes with pre-configured DLP templates for Financial, Medical and health, Privacy, and you can build your own using the Custom template. As you design and create your actual DLP policies, knowing the answer to this question will also help you choose the right [sensitive information type](sensitive-information-type-learn-about.md#learn-about-sensitive-information-types). Example To get started quickly, you pick the `U.K. Financial Data` policy template, which includes the `Credit Card Number`, `EU Debit Card Number`, and `SWIFT Code` sensitive information types. ##### Where are the sensitive items and what business processes are they involved in? -The items that contain your organizations sensitive information are used every day in the course of doing business. You need to know where instances of that sensitive information may occur and what business processes they are used in. This will help you choose the right locations to apply your DLP policies to. Microsoft 365 DLP policies are applied to locations: +The items that contain your organizations sensitive information are used every day in the course of doing business. You need to know where instances of that sensitive information may occur and what business processes they are used in. This will help you choose the right locations to apply your DLP policies to. DLP policies are applied to locations: - Exchange email - SharePoint sites Before you can monitor some DLP locations, there are prerequisites that must be - [Get started with the data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-get-started.md#before-you-begin) - [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md#before-you-begin)-- [Get started with the Microsoft compliance extension (preview)](dlp-chrome-get-started.md#before-you-begin) +- [Get started with the Microsoft compliance extension](dlp-chrome-get-started.md#before-you-begin) - [Use data loss prevention policies for non-Microsoft cloud apps (preview)](dlp-use-policies-non-microsoft-cloud-apps.md#before-you-begin) #### Policy deployment The regulations, laws, and industry standards that your organization is subject \|Customer business needs description \| approach \| \|\|\| -\|Contoso Bank is in a highly regulated industry and has many different types of sensitive items in many different locations. </br> - knows which types of sensitive information are top priority. </br> - must minimize business disruption as policies are rolled out. </br> - has IT resources and can hire experts to help plan, design deploy </br> - has a premier support contract with Microsoft\| - Take the time to understand what regulations they must comply with and how they are going to comply. </br> -Take the time to understand the better together value of the Microsoft 365 Information Protection stack </br> - Develop sensitivity labeling scheme for prioritized items and apply </br> - Involve business process owners </br>- Design/code policies, deploy in test mode, train users </br>- repeat\| +\|Contoso Bank is in a highly regulated industry and has many different types of sensitive items in many different locations. </br> - knows which types of sensitive information are top priority. </br> - must minimize business disruption as policies are rolled out. </br> - has IT resources and can hire experts to help plan, design deploy </br> - has a premier support contract with Microsoft\| - Take the time to understand what regulations they must comply with and how they are going to comply. </br> -Take the time to understand the better together value of the Microsoft Purview Information Protection stack </br> - Develop sensitivity labeling scheme for prioritized items and apply </br> - Involve business process owners </br>- Design/code policies, deploy in test mode, train users </br>- repeat\| \|TailSpin Toys doesnΓÇÖt know what they have or where it is, and have little to no resource depth. They use Teams, OneDrive for Business and Exchange extensively. \|- Start with simple policies on the prioritized locations. </br>- Monitor what gets identified </br>- Apply sensitivity labels accordingly </br>- Refine policies, train users \| \|Fabrikam is a small startup and wants to protect its intellectual property, and must move quickly. They are willing to dedicate some resources, but can't afford to hire outside experts. </br>- Sensitive items are all in Microsoft 365 OneDrive for Business/SharePoint </br>- Adoption of OneDrive for Business and SharePoint is slow, employees/shadow IT use DropBox and Google drive to share/store items </br>- Employees value speed of work over data protection discipline </br>- Customer splurged and bought all 18 employees new Windows 10 devices \|- Take advantage of the default DLP policy in Teams </br>- Use restricted by default setting for SharePoint items </br>- Deploy policies that prevent external sharing </br>- Deploy policies to prioritized locations </br>- Deploy policies to Windows 10 devices </br>- Block uploads to non-OneDrive for Business cloud storage \|
compliance	Dlp Policy Design	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-policy-design.md	description: "Learn how to design a data loss prevention (DLP) policy" # Design a data loss prevention policy + Taking the time to design a policy before you implement it will get you to the desired results faster, and with fewer unintended issues, than creating it and then tuning by trial and error alone. Having your policy designs documented will also help you in communications, policy reviews, troubleshooting, and further tuning. <!--, but excessive tuning to get the intended results can be time consuming. if you have to do a lot of tuning to get a policy to yield the intended results can be time consuming .--> -If you are new to Microsoft 365 DLP, it's helpful to work through these articles before you start designing a policy: +If you are new to Microsoft Purview DLP, it's helpful to work through these articles before you start designing a policy: -- [Learn about data loss prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) - this article introduces you to the data loss prevention discipline and Microsoft's implementation of DLP +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md#learn-about-data-loss-prevention) - this article introduces you to the data loss prevention discipline and Microsoft's implementation of DLP - [Plan for data loss prevention (DLP)](dlp-overview-plan-for-dlp.md#plan-for-data-loss-prevention-dlp) - by working through this article you will: - [Identify stakeholders](dlp-overview-plan-for-dlp.md#identify-stakeholders) - [Describe the categories of sensitive information to protect](dlp-overview-plan-for-dlp.md#describe-the-categories-of-sensitive-information-to-protect) Here are some examples of more detailed policy intent statement to configuration - [Plan for data loss prevention (DLP)](dlp-overview-plan-for-dlp.md#plan-for-data-loss-prevention-dlp) - [Data Loss Prevention policy reference](dlp-policy-reference.md#data-loss-prevention-policy-reference) - [Data Loss Prevention policy tips reference](dlp-policy-tips-reference.md#data-loss-prevention-policy-tips-reference)-- [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md#create-test-and-tune-a-dlp-policy) +- [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md#create-test-and-tune-a-dlp-policy)
compliance	Dlp Policy Reference	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-policy-reference.md	# Data Loss Prevention policy reference -Data loss prevention (DLP) policies have many components to configure. To create an effective policy, you need to understand what the purpose of each component is and how its configuration alters the behavior of the policy. This article provides a detailed anatomy of a DLP policy. + +Microsoft Purview Data Loss Prevention (DLP) policies have many components to configure. To create an effective policy, you need to understand what the purpose of each component is and how its configuration alters the behavior of the policy. This article provides a detailed anatomy of a DLP policy. ## Policy templates A DLP policy can find and protect items that contain sensitive information acros \|OneDrive for Business accounts\| account or distribution group \|data-at-rest </br> data-in-use\|No\| \|Teams chat and channel messages \| account or distribution group \|data-in-motion </br> data-in-use \| No \| \|Microsoft Defender for Cloud Apps \| cloud app instance \|data-at-rest \| - [Use data loss prevention policies for non-Microsoft cloud apps](dlp-use-policies-non-microsoft-cloud-apps.md#use-data-loss-prevention-policies-for-non-microsoft-cloud-apps) \| -\|Devices \|user or group \|data-at-rest </br> data-in-use </br> data-in-motion \|- [Learn about Microsoft 365 Endpoint data loss prevention](endpoint-dlp-learn-about.md#learn-about-microsoft-365-endpoint-data-loss-prevention) </br>- [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md#get-started-with-endpoint-data-loss-prevention) </br>- [Configure device proxy and internet connection settings for Information Protection](device-onboarding-configure-proxy.md#configure-device-proxy-and-internet-connection-settings-for-information-protection) \| -\|On-premises repositories (file shares and SharePoint) \|repository \| data-at-rest \| - [Learn about the Microsoft 365 data loss prevention on-premises scanner](dlp-on-premises-scanner-learn.md#learn-about-the-microsoft-365-data-loss-prevention-on-premises-scanner) </br> - [Get started with the data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md#get-started-with-the-data-loss-prevention-on-premises-scanner) \| +\|Devices \|user or group \|data-at-rest </br> data-in-use </br> data-in-motion \|- [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) </br>- [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md) </br>- [Configure device proxy and internet connection settings for Information Protection](device-onboarding-configure-proxy.md#configure-device-proxy-and-internet-connection-settings-for-information-protection) \| +\|On-premises repositories (file shares and SharePoint) \|repository \| data-at-rest \| - [Learn about the data loss prevention on-premises scanner](dlp-on-premises-scanner-learn.md) </br> - [Get started with the data loss prevention on-premises scanner](dlp-on-premises-scanner-get-started.md#get-started-with-the-data-loss-prevention-on-premises-scanner) \| \|PowerBI\| workspaces \| data-in-use \| No\| If you choose to include specific distribution groups in Exchange, the DLP policy will be scoped only to the members of that group. Similarly excluding a distribution group will exclude all the members of that distribution group from policy evaluation. You can choose to scope a policy to the members of distribution lists, dynamic distribution groups, and security groups. A DLP policy can contain no more than 50 such inclusions and exclusions. https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-configure-view-ale When a rule is matched, you can send an incident report to your compliance officer (or any people you choose) with details of the event. The report includes information about the item that was matched, the actual content that matched the rule, and the name of the person who last modified the content. For email messages, the report also includes as an attachment the original message that matches a DLP policy. -DLP feeds incident information to other Microsoft 365 information protection services, like [Insider Risk management in Microsoft 365](insider-risk-management.md#learn-about-insider-risk-management-in-microsoft-365). In order to get incident information to insider risk management, you must set the Incident reports severity level to High. +DLP feeds incident information to other Microsoft Purview information protection services, like [insider risk management](insider-risk-management.md). In order to get incident information to insider risk management, you must set the Incident reports severity level to High. <!--![Page for configuring incident reports](../media/31c6da0e-981c-415e-91bf-d94ca391a893.png)-->
compliance	Dlp Policy Tips Reference	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-policy-tips-reference.md	# Data Loss Prevention policy tips reference + DLP policy tips in Outlook Web Access is supported for all the conditions, exceptions and actions that are applicable on Exchange workload in a DLP policy except the following: Conditions: Please note that custom sensitive information types will also be detected in add \|Word, Excel, PowerPoint Mobile Client\|:::image type="icon" source="../media/crsmrk.png" border="false":::\|none\|none\|DLP policy tips are not supported in mobile apps for Office.\| \|Teams Web/ Teams Desktop/ Teams Mobile/ Teams Mac\|:::image type="icon" source="../media/rightmrk.png" border="false":::\|all\|all Teams predicates in DLP policy\|Policy tips will show when a message is flagged as ΓÇ£This message has been flagged. What can I do?ΓÇ¥ When clicking the link, the user can review the sensitive info types detected and override or report an issue if allowed by the admin. Note that no policy tips are shown for files. When the recipient tries to access the document, they might get access denied if not allowed.\| \|Win32 Endpoint Devices\|:::image type="icon" source="../media/rightmrk.png" border="false":::\|subset\|all Endpoint DLP predicates and actions in DLP policy\|See [Data Loss Prevention on Endpoint supports policy tips for only some sensitive information types](#data-loss-prevention-on-endpoint-devices-supports-policy-tips-for-only-some-sensitive-information-types)\| -\|macOS devices (preview)\|default tips only\|all\|subset\|Data loss prevention policies are enforceable on macOS devices. Custom policy tips are not supported.\| +\|macOS devices\|default tips only\|all\|subset\|Data loss prevention policies are enforceable on macOS devices. Custom policy tips are not supported.\| \|3rd party cloud apps\|:::image type="icon" source="../media/crsmrk.png" border="false":::\|none\|none\|Data Loss Prevention policy tips are not supported on 3rd party cloud apps\| \|On-prem\|:::image type="icon" source="../media/crsmrk.png" border="false":::\|none\|none\|\| \|Word, Excel, PowerPoint Win32 Client\|:::image type="icon" source="../medi#policy-tips-in-excel-powerpoint-and-word) for more details\|
compliance	Dlp Powerbi Get Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-powerbi-get-started.md	Title: "Get started with Data loss prevention for Power BI" + Title: "Get started with DLP for Power BI" f1.keywords: - CSH description: "Prepare for and deploy DLP to PowerBI locations." # Get started with Data loss prevention policies for Power BI (preview) -To help organizations detect and protect their sensitive data, [Microsoft 365 data loss prevention (DLP) polices](/microsoft-365/compliance/dlp-learn-about-dlp) support Power BI. When a PowerBI data set matches the criteria in a DLP policy, an alert that explains the nature of the sensitive content can be triggered. This alert is also registered in the data loss prevention Alerts tab in the Microsoft compliance portal for monitoring and management by administrators. In addition, email alerts can be sent to administrators and specified users. + +To help organizations detect and protect their sensitive data, [Microsoft Purview data loss prevention (DLP) polices](/microsoft-365/compliance/dlp-learn-about-dlp) support Power BI. When a PowerBI data set matches the criteria in a DLP policy, an alert that explains the nature of the sensitive content can be triggered. This alert is also registered in the data loss prevention Alerts tab in the Microsoft compliance portal for monitoring and management by administrators. In addition, email alerts can be sent to administrators and specified users. ## Considerations and limitations When a dataset matches a DLP policy: >[!NOTE] > If you hide the policy tip, it doesnΓÇÖt get deleted. It will appear the next time you visit the page. -- If alerts are enabled in the policy, an alert will be recorded on the dlp Alerts tab in the compliance center, and (if configured) an email will be sent to administrators and/or specified users. The following image shows the Alerts tab in the data loss prevention section of the compliance center. +- If alerts are enabled in the policy, an alert will be recorded on the dlp Alerts tab in the compliance center, and (if configured) an email will be sent to administrators and/or specified users. The following image shows the Alerts tab in the data loss prevention section of the Microsoft Purview compliance portal. ![Screenshot of Alerts tab in the compliance center.](../media/dlp-power-bi-alerts-tab.png) Follow the procedures in [Create, test, and tune a DLP policy](create-test-tune- > [!IMPORTANT] > When you select the locations for your DLP policy for Power BI, select only the Power BI location. Do not select any other locations, this configuration is not supported. -<!--1. Log into the [Microsoft 365 compliance portal](https://compliance.microsoft.com). +<!--1. Log into the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 1. Choose the Data loss prevention solution in the navigation pane, select the Policies tab, choose Create policy. Assign a severity level that will be shown in alerts generated from this policy. ## Monitor and manage policy alerts -Log into the Microsoft 365 compliance portal and navigate to Data loss prevention > Alerts. +Log into the Microsoft Purview compliance portal and navigate to Data loss prevention > Alerts. ![Screenshot of D L P Alerts tab.](media/service-security-dlp-policies-for-power-bi/power-bi-dlp-alerts-tab.png) Click on an alert to start drilling down to its details and to see management op - [Learn about data loss prevention](/microsoft-365/compliance/dlp-learn-about-dlp) - [Sensitivity labels in Power BI](/power-bi/enterprise/service-security-sensitivity-label-overview)-- [Audit schema for sensitivity labels in Power BI](/power-bi/enterprise/service-security-sensitivity-label-audit-schema) +- [Audit schema for sensitivity labels in Power BI](/power-bi/enterprise/service-security-sensitivity-label-audit-schema)
compliance	Dlp Sensitivity Label As Condition	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-sensitivity-label-as-condition.md	description: Learn about the services and item types that you can use sensitivit # Use sensitivity labels as conditions in DLP policies + You can use [sensitivity labels](sensitivity-labels.md) as a condition in DLP policies for these locations: - Exchange Online email messages
compliance	Dlp Teams Default Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-teams-default-policy.md	Title: "Learn about the default data loss prevention policy in Microsoft Teams (preview)" + Title: "Learn about the default DLP policy in Microsoft Teams (preview)" f1.keywords: - NOCSH description: "Learn about the default data loss prevention policy in Microsoft T # Learn about the default data loss prevention policy in Microsoft Teams (preview) -[Data loss prevention](dlp-learn-about-dlp.md) capabilities have been extended to include Microsoft Teams chat and channel messages, including private channel messages. As a part of this release, we created a default DLP policy for Microsoft Teams for first-time customers to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. + +[Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) capabilities have been extended to include Microsoft Teams chat and channel messages, including private channel messages. As a part of this release, we created a default DLP policy for Microsoft Teams for first-time customers to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. ## Licensing For complete licensing information for DLP in Microsoft Teams, see [Information The default DLP policy for Teams tracks all the credit card numbers shared internally and externally to the organization. This policy is on by default for all users of the tenant. It does not generate any policy tips for end users but does generate an Alert event and also triggers a low severity email to the admin (added in the policy). Administrator can view the activities and edit the policies details by logging into the Compliance center. -Admins can view this policy in the [Compliance center](https://compliance.microsoft.com/compliancesettings) > Data Loss prevention policies page. +Admins can view this policy in the [Microsoft Purview compliance portal](https://compliance.microsoft.com/compliancesettings) > Data Loss prevention policies page. > [!div class="mx-imgBorder"]
compliance	Dlp Use Policies Non Microsoft Cloud Apps	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-use-policies-non-microsoft-cloud-apps.md	Title: "Use Data loss prevention policies for non-Microsoft cloud apps" + Title: "Use DLP policies for non-Microsoft cloud apps" f1.keywords: - CSH description: Learn how to use dlp policies for non-Microsoft cloud apps. # Use data loss prevention policies for non-Microsoft cloud apps -Data loss prevention (DLP) policies to non-Microsoft cloud apps are part of the Microsoft 365 DLP suite of features; using these features, you can discover and protect sensitive items across Microsoft 365 services. For more information about all Microsoft DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). + +Microsoft Purview Data Loss Prevention (DLP) policies to non-Microsoft cloud apps are part of the DLP suite of features; using these features, you can discover and protect sensitive items across Microsoft 365 services. For more information about all Microsoft DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). You can use DLP policies to non-Microsoft cloud apps to monitor and detect when sensitive items are used and shared via non-Microsoft cloud apps. Using these policies gives you the visibility and control that you need to ensure that they're correctly used and protected, and it helps prevent risky behavior that might compromise them. To use DLP policy to a specific non-Microsoft cloud app, the app must be connect After you connect your cloud apps to Defender for Cloud Apps, you can create Microsoft 365 DLP policies for them. > [!NOTE] -> It's also possible to use Microsoft Defender for Cloud Apps to create DLP policies to Microsoft cloud apps. However, it's recommended to use Microsoft 365 to create and manage DLP policies to Microsoft cloud apps. +> It's also possible to use Microsoft Defender for Cloud Apps to create DLP policies to Microsoft cloud apps. However, it's recommended to use Microsoft Purview compliance portal to create and manage DLP policies to Microsoft cloud apps. ## Create a DLP policy to a non-Microsoft cloud app
compliance	Document Fingerprinting	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/document-fingerprinting.md	Title: "Document Fingerprinting" + Title: "About Document Fingerprinting" f1.keywords: - NOCSH description: "Information workers in your organization handle many kinds of sens # Document Fingerprinting + Information workers in your organization handle many kinds of sensitive information during a typical day. In the Security & Compliance Center, Document Fingerprinting makes it easier for you to protect this information by identifying standard forms that are used throughout your organization. This topic describes the concepts behind Document Fingerprinting and how to create one by using PowerShell. ## Basic scenario for Document Fingerprinting -Document Fingerprinting is a Data Loss Prevention (DLP) feature that converts a standard form into a sensitive information type, which you can use in the rules of your DLP policies. For example, you can create a document fingerprint based on a blank patent template and then create a DLP policy that detects and blocks all outgoing patent templates with sensitive content filled in. Optionally, you can set up [policy tips](use-notifications-and-policy-tips.md) to notify senders that they might be sending sensitive information, and the sender should verify that the recipients are qualified to receive the patents. This process works with any text-based forms used in your organization. Additional examples of forms that you can upload include: +Document Fingerprinting is a Microsoft Purview Data Loss Prevention (DLP) feature that converts a standard form into a sensitive information type, which you can use in the rules of your DLP policies. For example, you can create a document fingerprint based on a blank patent template and then create a DLP policy that detects and blocks all outgoing patent templates with sensitive content filled in. Optionally, you can set up [policy tips](use-notifications-and-policy-tips.md) to notify senders that they might be sending sensitive information, and the sender should verify that the recipients are qualified to receive the patents. This process works with any text-based forms used in your organization. Additional examples of forms that you can upload include: - Government forms - Health Insurance Portability and Accountability Act (HIPAA) compliance forms
compliance	Document Metadata Fields In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/document-metadata-fields-in-Advanced-eDiscovery.md	Title: "Document metadata fields in Advanced eDiscovery" + Title: "Document metadata fields in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: "This article defines the metadata fields for documents in a review set in a case in Advanced eDiscovery in Microsoft 365." +description: "This article defines the metadata fields for documents in a review set in a case in Microsoft Purview eDiscovery (Premium) in Microsoft 365." -# Document metadata fields in Advanced eDiscovery +# Document metadata fields in eDiscovery (Premium) -The following table lists the metadata fields for documents in a review set in a case in Advanced eDiscovery. The table provides the following information: +The following table lists the metadata fields for documents in a review set in a case in Microsoft Purview eDiscovery (Premium). The table provides the following information: - Field name and Display field name: The name of the metadata field and the name of the field that's displayed when viewing the file metadata of a selected document in a review set. Some metadata fields aren't included when viewing the file metadata of a document. These fields are highlighted with an asterisk (). The following table lists the metadata fields for documents in a review set in a \|Compound Path\|CompoundPath\|Compound_path\|Human readable path that describes the source of the item.\| \|Content\|Content\|\|Extracted text of the item.\| \|Conversation Body\|ConversationBody\|\|Conversation body of the item.\| -\|Conversation ID\|ConversationId\|Conversation_ID\|Conversation Id from the message. For Teams 1:1 and group chats, all transcript files and their family items within the same conversation share the same Conversation ID. For more information, see [Advanced eDiscovery workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md).\| +\|Conversation ID\|ConversationId\|Conversation_ID\|Conversation Id from the message. For Teams 1:1 and group chats, all transcript files and their family items within the same conversation share the same Conversation ID. For more information, see [eDiscovery (Premium) workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md).\| \|Conversation Family ID\|ConversationFamilyID\|ConversationFamilyID\|The Id that identifies individual elements of a conversation as well as the related items in the conversation.\| \|Conversation Index\|\|Conversation_index\|Conversation index from the message.\| \|Conversation Name\|\|ConversationName\|This field depends on content type.<br>Teams 1:1 chat: first 40 characters of first message.<br>Teams 1:N chat: Name of group chat; if not available, the first 40 characters of the first message.<br>Teams Channel Post: Post title or announcement subhead; if not available, the first 40 characters of the first message.\| The following table lists the metadata fields for documents in a review set in a \|\|\|\|\| > [!NOTE] -> For more information about searchable properties when searching Office 365 content locations when you're collecting data for an Advanced eDiscovery case, see [Keyword queries and search conditions for Content Search](keyword-queries-and-search-conditions.md). +> For more information about searchable properties when searching Office 365 content locations when you're collecting data for an eDiscovery (Premium) case, see [Keyword queries and search conditions for Content Search](keyword-queries-and-search-conditions.md).
compliance	Double Key Encryption Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/double-key-encryption-overview.md	# required metadata- Title: Double Key Encryption overview and FAQ -description: Frequently asked questions about Double Key Encryption for Microsoft 365. +description: Frequently asked questions about Double Key Encryption. # Double Key Encryption frequently asked questions + Have a question about how Double Key Encryption works? Check for an answer here. -## What is Double Key Encryption for Microsoft 365 (DKE)? +## What is Double Key Encryption (DKE)? -Double Key Encryption for Microsoft 365 enables customers to protect their highly sensitive data to meet specialized requirements. It helps customers maintain full control of their encryption keys. It uses two keys to protect data; one key in your control and a second key stored securely in Microsoft Azure. Viewing data protected with Double Key Encryption requires access to both keys. Since Microsoft can access only one of these keys, protected data remains inaccessible to Microsoft, ensuring that you have full control over your data privacy and security. +Double Key Encryption enables customers to protect their highly sensitive data to meet specialized requirements. It helps you maintain full control of their encryption keys. It uses two keys to protect data; one key in your control and a second key stored securely in Microsoft Azure. Viewing data protected with Double Key Encryption requires access to both keys. Since Microsoft can access only one of these keys, protected data remains inaccessible to Microsoft, ensuring that you have full control over your data privacy and security. You can host the Double Key Encryption service used to request your key, in a location of your choice (on-premises key management server or in the cloud). You maintain the service as you would any other application. Double Key Encryption enables you to control access to the Double Key Encryption service. You can store your highly sensitive data on-premises or move it to the cloud. You can be confident about preventing third-party access because you maintain full control of your key. Double Key Encryption allows you to store your data and key in the same location. You can store Double Key Encrypted documents on-premises or in the cloud. In the ## What regions and languages is Double Key Encryption available in? Is Double Key Encryption available worldwide? -DKE labels are localized to the same languages as other sensitivity labels in Microsoft Information Protection. Double Key Encryption is available worldwide. +DKE labels are localized to the same languages as other sensitivity labels in Microsoft Purview Information Protection. Double Key Encryption is available worldwide. ## Can I convert a non-DKE label to a DKE label? For instructions on rolling (also called rotating or rekeying) the key you store See [Tenant and key settings](double-key-encryption.md#tenant-and-key-settings) for information on creating a new key for the DKE service. -When you create a key, you set up a name and a GUID. Then, if you rotate a key, you keep the old record with the name and GUID but add a new record with the same name but different GUID. The new key gets set as active so that the public key API starts returning it for new encryption. Both keys are available for decryption so that new content and old content can be decrypted. +When you create a key, you set up a name and a GUID. Then, if you rotate a key, you keep the old record with the name and GUID but add a new record with the same name but different GUID. The new key gets set as active so that the public key API starts returning it for new encryption. Both keys are available for decryption so that new content and old content can be decrypted.
compliance	Double Key Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/double-key-encryption.md	# required metadata- Title: Double Key Encryption (DKE) description: DKE enables you to protect highly sensitive data while maintaining full control of your key. -# Double Key Encryption for Microsoft 365 +# Double Key Encryption + -> Applies to: Double Key Encryption for Microsoft 365, [Microsoft 365 Compliance](https://www.microsoft.com/microsoft-365/business/compliance-management), [Azure Information Protection](https://azure.microsoft.com/pricing/details/information-protection) +> Applies to: Microsoft Purview Double Key Encryption, [Microsoft Purview](https://www.microsoft.com/microsoft-365/business/compliance-management), [Azure Information Protection](https://azure.microsoft.com/pricing/details/information-protection) > > Instructions for: [Azure Information Protection unified labeling client for Windows](/azure/information-protection/faqs#whats-the-difference-between-the-azure-information-protection-classic-and-unified-labeling-clients) - -> Service description for: [Microsoft 365 Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) +> Service description for: [Microsoft Purview](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) Double Key Encryption (DKE) uses two keys together to access protected content. Microsoft stores one key in Microsoft Azure, and you hold the other key. You maintain full control of one of your keys using the Double Key Encryption service. You apply protection using The Azure Information Protection unified labeling client to your highly sensitive content. For more information about the default, cloud-based tenant root keys, see [Plann ## When your organization should adopt DKE -Double Key Encryption is intended for your most sensitive data that is subject to the strictest protection requirements. DKE isn't intended for all data. In general, you'll be using Double Key Encryption to protect only a small part of your overall data. You should do due diligence in identifying the right data to cover with this solution before you deploy. In some cases, you might need to narrow your scope and use other solutions for most of your data, such as Microsoft Information Protection with Microsoft-managed keys or BYOK. These solutions are sufficient for documents that aren't subject to enhanced protections and regulatory requirements. Also, these solutions enable you to use the most powerful Office 365 services; services that you can't use with DKE encrypted content. For example: +Double Key Encryption is intended for your most sensitive data that is subject to the strictest protection requirements. DKE isn't intended for all data. In general, you'll be using Double Key Encryption to protect only a small part of your overall data. You should do due diligence in identifying the right data to cover with this solution before you deploy. In some cases, you might need to narrow your scope and use other solutions for most of your data, such as Microsoft Purview Information Protection with Microsoft-managed keys or BYOK. These solutions are sufficient for documents that aren't subject to enhanced protections and regulatory requirements. Also, these solutions enable you to use the most powerful Office 365 services; services that you can't use with DKE encrypted content. For example: - Transport rules including anti-malware and spam that require visibility into the attachment - Microsoft Delve Any external applications or services that aren't integrated with DKE through th The Microsoft Information Protection SDK 1.7+ supports Double Key Encryption. Applications that integrate with our SDK can reason over this data with sufficient permissions and integrations in place. -Use Microsoft Information protection capabilities (classification and labeling) to protect most of your sensitive data and only use DKE for your mission-critical data. Double Key Encryption is relevant for sensitive data in highly regulated industries such as Financial services and Healthcare. +Use Microsoft Purview Information Protection capabilities (classification and labeling) to protect most of your sensitive data and only use DKE for your mission-critical data. Double Key Encryption is relevant for sensitive data in highly regulated industries such as Financial services and Healthcare. If your organizations have any of the following requirements, you can use DKE to help secure your content: If your organizations have any of the following requirements, you can use DKE to ## System and licensing requirements for DKE -Double Key Encryption for Microsoft 365 comes with Microsoft 365 E5. If you donΓÇÖt have a Microsoft 365 E5 license, you can sign up for a [trial](https://aka.ms/M365E5ComplianceTrial). For more information about these licenses, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +Double Key Encryption comes with Microsoft 365 E5. If you donΓÇÖt have a Microsoft 365 E5 license, you can sign up for a [trial](https://aka.ms/M365E5ComplianceTrial). For more information about these licenses, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Azure Information Protection. DKE works with sensitivity labels and requires Azure Information Protection. You'll follow these general steps to set up DKE. Once you've completed these ste 1. Deploy the DKE service as described in this article. -2. Create a label with Double Key Encryption. In the Microsoft 365 compliance center, navigate to Information protection and create a new label with Double Key Encryption. See [Restrict access to content by using sensitivity labels to apply encryption](./encryption-sensitivity-labels.md). +2. Create a label with Double Key Encryption. In the Microsoft Purview compliance portal, navigate to Information protection and create a new label with Double Key Encryption. See [Restrict access to content by using sensitivity labels to apply encryption](./encryption-sensitivity-labels.md). 3. Use Double Key Encryption labels. Protect data by selecting the Double Key Encrypted label from the Sensitivity ribbon in Microsoft Office. Your DKE service is now registered. Continue by [creating labels using DKE](#cre ## Create sensitivity labels using DKE -In the Microsoft 365 compliance center, create a new sensitivity label and apply encryption as you would otherwise. Select Use Double Key Encryption and enter the endpoint URL for your key. You need to include the key name you've provided within the "TestKeys" section of the appsettings.json file in the URL. +In the Microsoft Purview compliance portal, create a new sensitivity label and apply encryption as you would otherwise. Select Use Double Key Encryption and enter the endpoint URL for your key. You need to include the key name you've provided within the "TestKeys" section of the appsettings.json file in the URL. For example: `https://testingdke1.azurewebsites.net/KEYNAME` > [!div class="mx-imgBorder"] -> ![Select Use Double Key Encryption in the Microsoft 365 compliance center.](../media/dke-use-dke.png) +> ![Select Use Double Key Encryption in the Microsoft Purview compliance portal.](../media/dke-use-dke.png) Any DKE labels you add will start appearing for users in the latest versions of Microsoft 365 Apps for enterprise.
compliance	Download Documents From Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-documents-from-review-set.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to select and download content from a review set in Advanced eDiscovery for presentations or external reviews." +description: "Learn how to select and download content from a review set in eDiscovery (Premium) for presentations or external reviews." # Download selected documents from a review set -Download offers a simple way to download content from a review set in native format. The download tool in Advanced eDiscovery uses the browser's data transfer features. A browser prompt will appear when a download is ready. Files downloaded using this method are zipped in a container file and will contain item-level files. It means that if you select to download an attachment, you will receive the email message with the attachment included. Similarly, if you export an Excel spreadsheet that is embedded in a Word document, the Word document and the embedded Excel spreadsheet are included in the download. When you downloaded items, the Last Modified Data property is preserved and can be viewed as a file property. +Download offers a simple way to download content from a review set in native format. The download tool in eDiscovery (Premium) uses the browser's data transfer features. A browser prompt will appear when a download is ready. Files downloaded using this method are zipped in a container file and will contain item-level files. It means that if you select to download an attachment, you will receive the email message with the attachment included. Similarly, if you export an Excel spreadsheet that is embedded in a Word document, the Word document and the embedded Excel spreadsheet are included in the download. When you downloaded items, the Last Modified Data property is preserved and can be viewed as a file property. -To download content from a review set in an Advanced eDiscovery case, start by selecting the files you want to download then select Action items > Download. +To download content from a review set in an eDiscovery (Premium) case, start by selecting the files you want to download then select Action items > Download. -![Download action in Advanced eDiscovery review set.](../media/eDiscoDownload.png) +![Download action in eDiscovery (Premium) review set.](../media/eDiscoDownload.png)
compliance	Download Export Jobs	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-export-jobs.md	Title: Export documents to your organization's Azure Storage account + Title: Export documents to an organization Azure Storage account f1.keywords: - NOCSH description: "Export documents in a review set to an Azure Storage account and t # Export documents in a review set to an Azure Storage account -When you export documents from a review set in an Advanced eDiscovery case, you have the option to export them to an Azure Storage account managed by your organization. If you use this option, the documents are uploaded to your Azure Storage location. After they are exported, you can access the documents (and download them to a local computer or other location) by using the Azure Storage Explorer. This article provides instructions for how to export documents to your Azure Storage account and the use the Azure Storage Explorer to connect to an Azure Storage location to download the exported documents. For more information about Azure Storage Explorer, see [Use Azure Storage Explorer](/azure/storage/blobs/storage-quickstart-blobs-storage-explorer). +When you export documents from a review set in an eDiscovery (Premium) case, you have the option to export them to an Azure Storage account managed by your organization. If you use this option, the documents are uploaded to your Azure Storage location. After they are exported, you can access the documents (and download them to a local computer or other location) by using the Azure Storage Explorer. This article provides instructions for how to export documents to your Azure Storage account and the use the Azure Storage Explorer to connect to an Azure Storage location to download the exported documents. For more information about Azure Storage Explorer, see [Use Azure Storage Explorer](/azure/storage/blobs/storage-quickstart-blobs-storage-explorer). ## Before you export documents from a review set When you export documents from a review set in an Advanced eDiscovery case, you The first step is to create an export job to export documents out of a review set. For more detailed instructions about all the export options, see [Export documents from a review set](export-documents-from-review-set.md). The following procedure highlights the settings to export documents to your organization's Azure Storage account. -1. In the Microsoft 365 compliance center, open the Advanced eDiscovery case, select the Review sets tab, and then select the review set that you want to export. +1. In the Microsoft Purview compliance portal, open the eDiscovery (Premium) case, select the Review sets tab, and then select the review set that you want to export. 2. In the review set, click Action > Export. The first step is to create an export job to export documents out of a review se The next step is to obtain the SAS URL that's generated after you create the export job in Step 1. You use the SAS URL to connect to the container in your Azure Storage account that you exported the review set documents to. -1. On the Advanced eDiscovery page, go to the case, and then click the Exports tab. +1. On the eDiscovery (Premium) page, go to the case, and then click the Exports tab. 2. On the Exports tab, click the export job that you want to download. This is the export job that you created in Step 1. The final step is to use the Azure Storage Explorer and the SAS URL to connect t ![Export jobs in the Blobs containers node.](../media/AzureStorageConnect5.png) - It contains a container named with the display name from step 5. This container contains a folder for each export job that you've downloaded to the container in your Azure Storage account. These folders are named with an ID that corresponds to the ID of the export job. You can find these export IDs (and the name of the export) under Support information on the flyout page for each Preparing data for export job listed on the Jobs tab in the Advanced eDiscovery case. + It contains a container named with the display name from step 5. This container contains a folder for each export job that you've downloaded to the container in your Azure Storage account. These folders are named with an ID that corresponds to the ID of the export job. You can find these export IDs (and the name of the export) under Support information on the flyout page for each Preparing data for export job listed on the Jobs tab in the eDiscovery (Premium) case. 7. Double-click the export job folder to open it. The final step is to use the Azure Storage Explorer and the SAS URL to connect t - The export job folder contains the following items. The actual items in the export folder are determined by the export options configured when the export job was created. For more information about these options, see [Export documents from a review set](export-documents-from-review-set.md). - - Export_load_file.csv: This CSV file is a detail export report that contains information about each exported document. The file consists of a column for each metadata property for a document. For a list and description of the metadata that's included in this report, see the Exported field name column in the table in [Document metadata fields in Advanced eDiscovery](document-metadata-fields-in-advanced-ediscovery.md). + - Export_load_file.csv: This CSV file is a detail export report that contains information about each exported document. The file consists of a column for each metadata property for a document. For a list and description of the metadata that's included in this report, see the Exported field name column in the table in [Document metadata fields in eDiscovery (Premium)](document-metadata-fields-in-advanced-ediscovery.md). - Summary.txt: A text file that contains a summary of the export including export statistics.
compliance	Ediscovery Cjk Support	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-cjk-support.md	Title: "CJK/Double Byte support for Advanced eDiscovery" + Title: "CJK/Double Byte support for eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 - seo-marvel-apr2020 -description: "Learn how Advanced eDiscovery in Microsoft 365 supports Chinese, Japanese, and Korean (CJK) languages, which use a double-byte character set." +description: "Learn how Microsoft Purview eDiscovery (Premium) in Microsoft 365 supports Chinese, Japanese, and Korean (CJK) languages, which use a double-byte character set." -# CJK language support for Advanced eDiscovery +# CJK language support for eDiscovery (Premium) -Advanced eDiscovery supports double-byte character set languages (these include Simplified Chinese, Traditional Chinese, Japanese, and Korean, which are collectively known as CJK languages) for the following advanced scenarios in a review set: +Microsoft Purview eDiscovery (Premium) supports double-byte character set languages (these include Simplified Chinese, Traditional Chinese, Japanese, and Korean, which are collectively known as CJK languages) for the following advanced scenarios in a review set: - When you [query the data in a review set](review-set-search.md). Advanced eDiscovery supports double-byte character set languages (these include How do I create a search to collect items that contains CJK characters? -You can use CJK characters for [keyword searches](building-search-queries.md#keyword-searches), [keyword queries and search conditions](keyword-queries-and-search-conditions.md) when searching for content in Advanced eDiscovery. Searching for CJK characters is also supported when searching for content in Core eDiscovery and Content Search. +You can use CJK characters for [keyword searches](building-search-queries.md#keyword-searches), [keyword queries and search conditions](keyword-queries-and-search-conditions.md) when searching for content in eDiscovery (Premium). Searching for CJK characters is also supported when searching for content in Microsoft Purview eDiscovery (Standard) and Content Search. We provide CJK support for all [search operators](keyword-queries-and-search-conditions.md#search-operators) and [search conditions](keyword-queries-and-search-conditions.md#search-conditions), including the boolean operators AND, OR, NOT, and NEAR. If you're certain that content locations or items contain CJK characters, but se It depends on your search scenario. -- When you [query data in a review set](review-set-search.md) in Advanced eDiscovery, you can search for multiple languages. +- When you [query data in a review set](review-set-search.md) in eDiscovery (Premium), you can search for multiple languages. - When you [create a search to collect data](create-draft-collection.md), create separate collections for each language you're targeting. For example, if you are searching for a document that contains both Chinese and Korean, select Chinese for your first collection and select Korean for your second collection. I don't see the query language-country/region icon to select a language for queries in a review set. How can I specify a query language in a review set search? -For review set queries, you don't need to specify a document language. Advanced eDiscovery automatically detects document languages when you add content to a review set. This helps you optimize your query results in a review set. +For review set queries, you don't need to specify a document language. eDiscovery (Premium) automatically detects document languages when you add content to a review set. This helps you optimize your query results in a review set. Can I see detected languages in [file metadata](view-documents-in-review-set.md#file-metadata)?
compliance	Ediscovery Decryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-decryption.md	description: "Learn about how Microsoft 365 eDiscovery tools handle encrypted do Encryption is an important part of your file protection and information protection strategy. Organizations of all types use encryption technology to protect sensitive content within their organization and ensure that only the right people have access to that content. -To execute common eDiscovery tasks on encrypted content, eDiscovery managers were required to decrypt email message content as it was exported from content searches, Core eDiscovery cases, and Advanced eDiscovery cases. Content encrypted with Microsoft encryption technologies wasn't available for review until after it was exported. +To execute common eDiscovery tasks on encrypted content, eDiscovery managers were required to decrypt email message content as it was exported from content searches, Microsoft Purview eDiscovery (Standard) cases, and Microsoft Purview eDiscovery (Premium) cases. Content encrypted with Microsoft encryption technologies wasn't available for review until after it was exported. -To make it easier to manage encrypted content in the eDiscovery workflow, Microsoft 365 eDiscovery tools now incorporate the decryption of encrypted files attached to email messages and sent in Exchange Online.<sup>1</sup> Additionally, encrypted documents stored in SharePoint Online and OneDrive for Business are decrypted in Advanced eDiscovery. +To make it easier to manage encrypted content in the eDiscovery workflow, Microsoft 365 eDiscovery tools now incorporate the decryption of encrypted files attached to email messages and sent in Exchange Online.<sup>1</sup> Additionally, encrypted documents stored in SharePoint Online and OneDrive for Business are decrypted in eDiscovery (Premium). -Prior to this new capability, only the content of an email message protected by rights management (and not attached files) were decrypted. Encrypted documents in SharePoint and OneDrive couldn't be decrypted during the eDiscovery workflow. Now, files that are encrypted with a Microsoft encryption technology is located on a SharePoint or OneDrive account are searchable and decrypted when the search results are prepared for preview, added to a review set in Advanced eDiscovery, and exported. Additionally, encrypted documents in SharePoint and OneDrive that are attached to an email message are searchable. This decryption capability allows eDiscovery managers to view the content of encrypted email attachments and site documents when previewing search results, and review them after they have been added to a review set in Advanced eDiscovery. +Prior to this new capability, only the content of an email message protected by rights management (and not attached files) were decrypted. Encrypted documents in SharePoint and OneDrive couldn't be decrypted during the eDiscovery workflow. Now, files that are encrypted with a Microsoft encryption technology is located on a SharePoint or OneDrive account are searchable and decrypted when the search results are prepared for preview, added to a review set in eDiscovery (Premium), and exported. Additionally, encrypted documents in SharePoint and OneDrive that are attached to an email message are searchable. This decryption capability allows eDiscovery managers to view the content of encrypted email attachments and site documents when previewing search results, and review them after they have been added to a review set in eDiscovery (Premium). ## Supported encryption technologies -Microsoft eDiscovery tools support items encrypted with Microsoft encryption technologies. These technologies are Azure Rights Management and Microsoft Information Protection (specifically sensitivity labels). For more information about Microsoft encryption technologies, see [Encryption](encryption.md). Content encrypted by third-party encryption technologies isn't supported. For example, previewing or exporting content encrypted with non-Microsoft technologies isn't supported. +Microsoft eDiscovery tools support items encrypted with Microsoft encryption technologies. These technologies are Azure Rights Management and Microsoft Purview Information Protection (specifically sensitivity labels). For more information about Microsoft encryption technologies, see [Encryption](encryption.md). Content encrypted by third-party encryption technologies isn't supported. For example, previewing or exporting content encrypted with non-Microsoft technologies isn't supported. > [!NOTE] -> The decryption of email messages sent with an [Office 365 Message Encryption (OME) custom branding template](add-your-organization-brand-to-encrypted-messages.md) is not supported by Microsoft eDiscovery tools. When using an OME custom branding template, email messages are delivered to the OME portal instead of the recipient's mailbox. Therefore, you won't be able to use eDiscovery tools to search for OME-encrypted messages because those messages are never received by the recipient's mailbox. +> The decryption of email messages sent with an [Microsoft Purview Message Encryption custom branding template](add-your-organization-brand-to-encrypted-messages.md) is not supported by Microsoft eDiscovery tools. When using an OME custom branding template, email messages are delivered to the OME portal instead of the recipient's mailbox. Therefore, you won't be able to use eDiscovery tools to search for encrypted messages because those messages are never received by the recipient's mailbox. ## eDiscovery activities that support encrypted items The following table identifies the supported tasks that can be performed in Microsoft 365 eDiscovery tools on encrypted files attached to email messages and encrypted documents in SharePoint and OneDrive. These supported tasks can be performed on encrypted files that match the criteria of a search. A value of `N/A` indicates the functionality isn't available in the corresponding eDiscovery tool. -\|eDiscovery task \|Content search \|Core eDiscovery \|Advanced eDiscovery \| +\|eDiscovery task \|Content search \|eDiscovery (Standard) \|eDiscovery (Premium) \| \|:\|:\|:\|:\| \|Search for content in encrypted files in sites and email attachments<sup>1</sup> \|No \|No \|Yes \| \|Preview encrypted files attached to email \|Yes \|Yes \|Yes \| eDiscovery doesn't support encrypted files in SharePoint and OneDrive when a sen For more information about these settings, see the "Configure encryption settings" section in [Restrict access to content by using sensitivity labels to apply encryption](encryption-sensitivity-labels.md#configure-encryption-settings). -Documents encrypted with the previous settings can still be returned by an eDiscovery search. This may happen when a document property (such as the title, author, or modified date) matches the search criteria. Although these documents might be included in search results, they can't be previewed or reviewed. These documents will also remain encrypted when they're exported in Advanced eDiscovery. +Documents encrypted with the previous settings can still be returned by an eDiscovery search. This may happen when a document property (such as the title, author, or modified date) matches the search criteria. Although these documents might be included in search results, they can't be previewed or reviewed. These documents will also remain encrypted when they're exported in eDiscovery (Premium). > [!IMPORTANT] > Decryption isn't supported for files that are locally encrypted and then uploaded to SharePoint or OneDrive. For example, local files that are encrypted by the Azure Information Protection (AIP) client and then uploaded to Microsoft 365 aren't supported. Only files that are encrypted in the SharePoint or OneDrive service are supported for decryption. In both these scenarios, email messages with encrypted file attachments can be r ## Requirements for decryption in eDiscovery -You have to be assigned the RMS Decrypt role to preview, review, and export files encrypted with Microsoft encryption technologies. You also have to be assigned this role to review and query encrypted files that are added to a review set in Advanced eDiscovery. +You have to be assigned the RMS Decrypt role to preview, review, and export files encrypted with Microsoft encryption technologies. You also have to be assigned this role to review and query encrypted files that are added to a review set in eDiscovery (Premium). -This role is assigned by default to the eDiscovery Manager role group on the Permissions page in the Microsoft 365 compliance center. For more information about the RMS Decrypt role, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md#rms-decrypt). +This role is assigned by default to the eDiscovery Manager role group on the Permissions page in the Microsoft Purview compliance portal. For more information about the RMS Decrypt role, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md#rms-decrypt). -### Decrypting RMS-protected email messages and encrypted file attachments using Content search or Core eDiscovery +### Decrypting RMS-protected email messages and encrypted file attachments using Content search or eDiscovery (Standard) Any rights-protected (RMS-protected) email messages included in the results of a Content search will be decrypted when you export them. Additionally, any file that's encrypted with a [Microsoft encryption technology](encryption.md) and is attached to an email message that's included in the search results will be decrypted when it's exported. This decryption capability is enabled by default for members of the eDiscovery Manager role group. This is because the RMS Decrypt management role is assigned to this role group by default. Keep the following things in mind when exporting encrypted email messages and attachments:
compliance	Ediscovery Diagnostic Info	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-diagnostic-info.md	description: "Learn about how to collect eDiscovery diagnostic information for a # Collect eDiscovery diagnostic information -Occasionally Microsoft Support engineers require specific information about your issue when you open a support case related to Core eDiscovery or Advanced eDiscovery. This article provides guidance on how to collect diagnostic information to help support engineers investigate and resolve issues. Typically, you don't need to collect this information until asked to do so by a Microsoft Support engineer. +Occasionally Microsoft Support engineers require specific information about your issue when you open a support case related to Microsoft Purview eDiscovery (Standard) or Microsoft Purview eDiscovery (Premium). This article provides guidance on how to collect diagnostic information to help support engineers investigate and resolve issues. Typically, you don't need to collect this information until asked to do so by a Microsoft Support engineer. > [!IMPORTANT] > The output from the cmdlets and diagnostic information described in this article may include sensitive information about litigation or internal investigations in your organization. Before sending the raw diagnostic information to Microsoft Support, you should review the information and redact any sensitive information (such as names or other information about parties to litigation or investigation) by replacing it with `XXXXXXX`. Using this method will also indicate to the Microsoft Support engineer that information was redacted. -## Collect diagnostic information for Core eDiscovery +## Collect diagnostic information for eDiscovery (Standard) -Collecting diagnostic information for Core eDiscovery is cmdlet-based, so you'll have to use Security & Compliance Center PowerShell. The following PowerShell examples will run cmdlets and then save the output to a specified text file. In most support cases, you should only have to run one of these commands. +Collecting diagnostic information for eDiscovery (Standard) is cmdlet-based, so you'll have to use Security & Compliance Center PowerShell. The following PowerShell examples will run cmdlets and then save the output to a specified text file. In most support cases, you should only have to run one of these commands. To run the following cmdlets, [connect to Security & Compliance Center PowerShell</span>](/powershell/exchange/connect-to-scc-powershell). After you're connected, run one or more of the following commands and be sure to replace placeholders with the actual object names. After reviewing the generated text file and redacting sensitive information, send it to the Microsoft Support engineer working on your case. > [!NOTE] -> You can also run the commands in this section to collect diagnostic information for the searches and exports listed on the Content search page in the Microsoft 365 compliance center. +> You can also run the commands in this section to collect diagnostic information for the searches and exports listed on the Content search page in the Microsoft Purview compliance portal. ### Collect information about searches -The following command collects information that's helpful when investigating issues with a Content search or a search associated with a Core eDiscovery case. +The following command collects information that's helpful when investigating issues with a Content search or a search associated with a eDiscovery (Standard) case. ```powershell Get-ComplianceSearch "<Search name>" \| FL > "ComplianceSearch.txt" Get-ComplianceSearch "<Search name>" \| FL > "ComplianceSearch.txt" ### Collect information about search actions -The following command collects information to investigate problems with previewing, exporting, or purging the results of a Content search or a search associated with a Core eDiscovery case. You can identify the name of the search action by clicking an export that's listed on the Exports tab. To identify the names of preview and purge actions, you can run the Get-ComplianceSearchAction cmdlet to display a list of all actions. The format for the search action name is constructed by appending `_Preview`, `_Export`, or `_Purge` to the name of the corresponding search. +The following command collects information to investigate problems with previewing, exporting, or purging the results of a Content search or a search associated with a eDiscovery (Standard) case. You can identify the name of the search action by clicking an export that's listed on the Exports tab. To identify the names of preview and purge actions, you can run the Get-ComplianceSearchAction cmdlet to display a list of all actions. The format for the search action name is constructed by appending `_Preview`, `_Export`, or `_Purge` to the name of the corresponding search. ```powershell Get-ComplianceSearchAction "<Search action name>" \| FL > "ComplianceSearchAction.txt" Get-ComplianceSearchAction "<Search action name>" \| FL > "ComplianceSearchAction ### Collect information about eDiscovery holds -When an eDiscovery hold associated with a Core eDiscovery case isn't functioning as expected, run the following command to collect information about the Case Hold Policy and associated Case Hold Rule for the eDiscovery hold. The Case hold policy name in the following command is the same as the name of the eDiscovery hold. You can identify this name on the Holds tabs in the Core eDiscovery case. +When an eDiscovery hold associated with a eDiscovery (Standard) case isn't functioning as expected, run the following command to collect information about the Case Hold Policy and associated Case Hold Rule for the eDiscovery hold. The Case hold policy name in the following command is the same as the name of the eDiscovery hold. You can identify this name on the Holds tabs in the eDiscovery (Standard) case. ```powershell Get-CaseHoldPolicy "<Case hold policy name>" \| %{"--CaseHoldPolicy--";$_\|FL;"--CaseHoldRule--";Get-CaseHoldRule -Policy $_.Name \| FL} > "eDiscoveryCaseHold.txt" Get-CaseHoldPolicy "<Case hold policy name>" \| %{"--CaseHoldPolicy--";$_\|FL;"--C ### Collect all case information -Sometimes, it's not apparent what information is required by Microsoft Support to investigate your issue. In this situation, you can collect all of the diagnostics information for a Core eDiscovery case. The Core eDiscovery case name in the following command is the same as the name of a case that's displayed on the Core eDiscovery page in the Microsoft 365 compliance center. +Sometimes, it's not apparent what information is required by Microsoft Support to investigate your issue. In this situation, you can collect all of the diagnostics information for a eDiscovery (Standard) case. The eDiscovery (Standard) case name in the following command is the same as the name of a case that's displayed on the eDiscovery (Standard) page in the compliance portal. ```powershell -Get-ComplianceCase "<Core eDiscovery case name>"\| %{$_\|fl;"`t==Searches==";Get-ComplianceSearch -Case $_.Name \| FL;"`t==Search Actions==";Get-ComplianceSearchAction -Case $_.Name \|FL;"`t==Holds==";Get-CaseHoldPolicy -Case $_.Name \| %{$_\|FL;"`t`t ==$($_.Name) Rules==";Get-CaseHoldRule -Policy $_.Name \| FL}} > "eDiscoveryCase.txt" +Get-ComplianceCase "<eDiscovery (Standard) case name>"\| %{$_\|fl;"`t==Searches==";Get-ComplianceSearch -Case $_.Name \| FL;"`t==Search Actions==";Get-ComplianceSearchAction -Case $_.Name \|FL;"`t==Holds==";Get-CaseHoldPolicy -Case $_.Name \| %{$_\|FL;"`t`t ==$($_.Name) Rules==";Get-CaseHoldRule -Policy $_.Name \| FL}} > "eDiscoveryCase.txt" ``` -## Collect diagnostic information for Advanced eDiscovery +## Collect diagnostic information for eDiscovery (Premium) -The Settings tab in an Advanced eDiscovery case lets you quickly copy the diagnostic information for the case. The diagnostic information is saved to the clipboard so you can paste it to a text file and send to Microsoft Support. +The Settings tab in an eDiscovery (Premium) case lets you quickly copy the diagnostic information for the case. The diagnostic information is saved to the clipboard so you can paste it to a text file and send to Microsoft Support. -1. Go to the Microsoft 365 compliance center, and select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174006" target="_blank">Advanced</a>. +1. Go to the compliance portal, and select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174006" target="_blank">Advanced</a>. 2. Select a case and then click the Settings tab.
compliance	Ediscovery Kql Editor	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-kql-editor.md	search.appverid: - MOE150 - MET150 -description: "You can use the KQL editor to configure eDiscovery search queries in Content search, Core eDiscovery, and Advanced eDiscovery." +description: "You can use the KQL editor to configure eDiscovery search queries in Content search, eDiscovery (Standard), and eDiscovery (Premium)." # Use the KQL editor to build search queries -The new KQL query experience in Microsoft 365 eDiscovery tools search provides feedback and guidance when you build search queries in Content search, Core eDiscovery, and Advanced eDiscovery. When you type queries in the editor, it provides autocompletion for supported searchable properties and conditions and provides lists of supported values for standard properties and conditions. For example, if you specify the `kind` email property in your query, the editor will present a list of supported values that you can select. The KQL editor also displays potential query errors in real time that you can fix before you run the search. Best of all, you can paste complex queries directly into the editor without having to manually build queries using the keywords and conditions cards in the standard condition builder. +The new KQL query experience in Microsoft 365 eDiscovery tools search provides feedback and guidance when you build search queries in Content search, Microsoft Purview eDiscovery (Standard), and eDiscovery (Premium). When you type queries in the editor, it provides autocompletion for supported searchable properties and conditions and provides lists of supported values for standard properties and conditions. For example, if you specify the `kind` email property in your query, the editor will present a list of supported values that you can select. The KQL editor also displays potential query errors in real time that you can fix before you run the search. Best of all, you can paste complex queries directly into the editor without having to manually build queries using the keywords and conditions cards in the standard condition builder. Here are the key benefits to using the KQL editor: Here are the key benefits to using the KQL editor: - Quickly identifies potential errors and displays hints about how to resolve issues. -The KQL editor is also available when you create query-based holds in Core eDiscovery and Advanced eDiscovery. +The KQL editor is also available when you create query-based holds in eDiscovery (Standard) and eDiscovery (Premium). ## Displaying the KQL editor When you create or edit an eDiscovery search, the option to display and use the KQL editor is located on the Conditions page in the search or collections wizard. -### KQL editor in Content search and Core eDiscovery +### KQL editor in Content search and eDiscovery (Standard) -![KQL editor in Content search and Core eDiscovery](../media/KQLEditorCore.png) +![KQL editor in Content search and eDiscovery (Standard)](../media/KQLEditorCore.png) -### KQL editor in Advanced eDiscovery +### KQL editor in eDiscovery (Premium) -![KQL editor in Advanced eDiscovery](../media/KQLEditorAdvanced.png) +![KQL editor in eDiscovery (Premium)](../media/KQLEditorAdvanced.png) ## Using the KQL editor
compliance	Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery.md	Title: "Microsoft 365 eDiscovery solutions" + Title: "Microsoft Purview eDiscovery solutions" f1.keywords: - NOCSH search.appverid: - SPO160 - MOE150 - MET150 -description: "Microsoft 365 offers three eDiscovery tools that you can use to search for and export content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations. Core eDiscovery and Advanced eDiscovery provide many additional features to help you manage your investigations." +description: "Microsoft Purview offers three eDiscovery tools that you can use to search for and export content found in different locations such as Exchange mailboxes, SharePoint and OneDrive for Business sites, Microsoft 365 Groups, Microsoft Teams, and Skype for Business conversations. eDiscovery (Standard) and eDiscovery (Premium) provide many additional features to help you manage your investigations." -# eDiscovery solutions in Microsoft 365 +# Microsoft Purview eDiscovery solutions -Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery tools in Microsoft 365 to search for content in Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer teams. You can search mailboxes and sites in the same eDiscovery search, and then export the search results. You can use Core eDiscovery cases to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can further manage custodians and analyze content by using the feature-rich Advanced eDiscovery solution in Microsoft 365. +Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery tools in Microsoft Purview to search for content in Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer teams. You can search mailboxes and sites in the same eDiscovery search, and then export the search results. You can use Microsoft Purview eDiscovery (Standard) cases to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can further manage custodians and analyze content by using the feature-rich Microsoft Purview eDiscovery (Premium) solution in Microsoft 365. ## eDiscovery solutions -Microsoft 365 provides three eDiscovery solutions: Content search, Core eDiscovery, and Advanced eDiscovery. +Microsoft Purview provides three eDiscovery solutions: Content search, eDiscovery (Standard), and eDiscovery (Premium). -![Key capabilities of Microsoft 365 eDiscovery tools.](..\media\m365-ediscovery-solution-graphic.png) +![Key capabilities of Microsoft Purview eDiscovery tools.](..\media\m365-ediscovery-solution-graphic.png) - Content search. Use the Content search tool to search for content across Microsoft 365 data sources and then export the search results to a local computer. -- Core eDiscovery. Core eDiscovery builds on the basic search and export functionality of Content search by enabling you to create eDiscovery cases and assign eDiscovery managers to specific cases. eDiscovery managers can only access the cases of which they are members. Core eDiscovery also lets you associate searches and exports with a case and lets you place an eDiscovery hold on content locations relevant to the case. +- eDiscovery (Standard). eDiscovery (Standard) builds on the basic search and export functionality of Content search by enabling you to create eDiscovery cases and assign eDiscovery managers to specific cases. eDiscovery managers can only access the cases of which they are members. eDiscovery (Standard) also lets you associate searches and exports with a case and lets you place an eDiscovery hold on content locations relevant to the case. -- Advanced eDiscovery. The Advanced eDiscovery tool builds on the existing case management, preservation, search, and export capabilities in Core eDiscovery. Advanced eDiscovery provides an end-to-end workflow to identify, preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It lets legal teams manage custodians and the legal hold notification workflow to communicate with custodians involved in a case. It allows you to collect and copy data from the live service into review sets, when you can filter, search, and tag content to cull non-relevant content from further review so your workflow can identify and focus on content that's most relevant. Advanced eDiscovery provides analytics and machine learning-based predictive coding models to further narrow to scope of your investigation to the most relevant content. +- eDiscovery (Premium). The eDiscovery (Premium) tool builds on the existing case management, preservation, search, and export capabilities in eDiscovery (Standard). eDiscovery (Premium) provides an end-to-end workflow to identify, preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It lets legal teams manage custodians and the legal hold notification workflow to communicate with custodians involved in a case. It allows you to collect and copy data from the live service into review sets, when you can filter, search, and tag content to cull non-relevant content from further review so your workflow can identify and focus on content that's most relevant. eDiscovery (Premium) provides analytics and machine learning-based predictive coding models to further narrow to scope of your investigation to the most relevant content. ## Comparison of key capabilities -The following table compares the key capabilities available in Content search, Core eDiscovery, and Advanced eDiscovery. +The following table compares the key capabilities available in Content search, eDiscovery (Standard), and eDiscovery (Premium). -\|Capability\|Content search\|Core eDiscovery\|Advanced eDiscovery\| +\|Capability\|Content search\|eDiscovery (Standard)\|eDiscovery (Premium)\| \|:\|:-\|:-\|:-\| \|Search for content\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| \|Keyword queries and search conditions\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\|![Supported.](../media/check-mark.png)\| Here's a description of each eDiscovery capability. - Role-based permissions. Use role-based access (RBAC) permissions to control what eDiscovery-related tasks that different users can perform. You can use a built-in eDiscovery-related role group or create custom role groups that assign specific eDiscovery permissions. -- Case management. eDiscovery cases in Core eDiscovery and Advanced eDiscovery let you associate specific searches and exports with a specific investigation. You can also assign members to a case to control who can access the case and view the contents of the case. +- Case management. eDiscovery cases in eDiscovery (Standard) and eDiscovery (Premium) let you associate specific searches and exports with a specific investigation. You can also assign members to a case to control who can access the case and view the contents of the case. - Place content locations on legal hold. Preserve content relevant to your investigation by placing a legal hold on the content locations in a case. This lets you secure electronically stored information from inadvertent (or intentional) deletion during your investigation. - Custodian management. Manage the people that you've identified as people of interest in the case (called custodians) and other data sources that may not be associated with a custodian. When you add custodians and non-custodial data sources to a case, you can place a legal hold on these data sources, communicate with custodians by using the legal hold notification process, and search custodian and non-custodial data sources to collect content relevant to the case. -- Legal hold notifications. Manage the process of communicating with case custodians. A legal hold notification instructs custodians to preserve content that's relevant to the case. You can track the notices that were received, read, and acknowledged by custodians. The communications workflow in Advanced eDiscovery allows you to create and send initial notifications, reminders, and escalations if custodians fail to acknowledge a hold notification. +- Legal hold notifications. Manage the process of communicating with case custodians. A legal hold notification instructs custodians to preserve content that's relevant to the case. You can track the notices that were received, read, and acknowledged by custodians. The communications workflow in eDiscovery (Premium) allows you to create and send initial notifications, reminders, and escalations if custodians fail to acknowledge a hold notification. - Advanced indexing. When you add custodial and non-custodian data sources to a case, the associated content locations are reindexed (in a process called Advanced indexing) so that any content deemed as partially indexed is reprocessed to make it fully searchable when you collect data for an investigation. -- Error remediation. Fix processing errors using a process called error remediation. Error remediation allows you to rectify data issues that prevent Advanced eDiscovery from properly processing the content during Advanced indexing. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, you can download files with errors, remove the password protection, and then upload the remediated files. +- Error remediation. Fix processing errors using a process called error remediation. Error remediation allows you to rectify data issues that prevent eDiscovery (Premium) from properly processing the content during Advanced indexing. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, you can download files with errors, remove the password protection, and then upload the remediated files. - Review sets. Add relevant data to a review set. A review set is a secure, Microsoft-provided Azure Storage location in the Microsoft cloud. When you add data to a review set, the collected items are copied from their original content location to the review set. Review sets provide a static, known set of content that you can search, filter, tag, analyze, and predict relevancy using predictive coding models. You can also track and report on what content gets added to the review set. Here's a description of each eDiscovery capability. - Tagging. Tags also help you cull non-relevant content and identify the most relevant content. When experts, attorneys, or other users review content in a review set, their opinions related to the content can be captured by using tags. For example, if the intent is to cull unnecessary content, a user can tag documents with a tag such as "non-responsive". After content has been reviewed and tagged, a review set query can be created to exclude any content tagged as "non-responsive". This process eliminates the non-responsive content from subsequent steps in the eDiscovery workflow. -- Analytics. Advanced eDiscovery provides tools to analyze review set documents to help you organize the documents in a coherent manner and reduce the volume of documents to be reviewed. Near duplicate detection groups textually similar documents together to help you make your review process more efficient. Email threading identifies specific email messages that give a complete context of the conversation in an email thread. Themes functionality attempts to analyze themes in review set documents and assign a theme to documents so that you can review documents with related theme. These analytics capabilities help make your review process more efficient so that reviewers can review a fraction of collected documents. +- Analytics. eDiscovery (Premium) provides tools to analyze review set documents to help you organize the documents in a coherent manner and reduce the volume of documents to be reviewed. Near duplicate detection groups textually similar documents together to help you make your review process more efficient. Email threading identifies specific email messages that give a complete context of the conversation in an email thread. Themes functionality attempts to analyze themes in review set documents and assign a theme to documents so that you can review documents with related theme. These analytics capabilities help make your review process more efficient so that reviewers can review a fraction of collected documents. - Predictive coding models. Use predictive coding models to reduce and cull large volumes of case content to a relevant set of items that you can prioritize for review. This is accomplished by creating and training your own predictive coding models that help you prioritize the review of the most relevant items in a review set. The system uses the training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first. -- Computed document metadata. Many of the Advanced eDiscovery features, such as Advanced indexing, conversation threading, analytics, and predictive coding add metadata properties to review set documents. This metadata contains information related to the function performed by a specific feature. When reviewing documents, you can filter on metadata properties to display documents that match your filter criteria. This metadata can be imported into third-party review applications after review set documents are exported. +- Computed document metadata. Many of the eDiscovery (Premium) features, such as Advanced indexing, conversation threading, analytics, and predictive coding add metadata properties to review set documents. This metadata contains information related to the function performed by a specific feature. When reviewing documents, you can filter on metadata properties to display documents that match your filter criteria. This metadata can be imported into third-party review applications after review set documents are exported. -- Transparency of long-running jobs. Jobs in Advanced eDiscovery are typically long-running processes that are triggered by user actions, such as the adding custodians to a case, adding content to a review set, running analytics, and training predictive coding models. You can track the status of these jobs and get support information if you need to escalate issues to MS Support. +- Transparency of long-running jobs. Jobs in eDiscovery (Premium) are typically long-running processes that are triggered by user actions, such as the adding custodians to a case, adding content to a review set, running analytics, and training predictive coding models. You can track the status of these jobs and get support information if you need to escalate issues to MS Support. -- Export to customer-owned Azure Storage location. When you export documents from a review set, you have the option to export them to an Azure Storage account managed by your organization. Additionally, Advanced eDiscovery lets you customize what data is exported. This includes exporting file metadata, native files, text files, tags, and redacted documents saved to a PDF file. +- Export to customer-owned Azure Storage location. When you export documents from a review set, you have the option to export them to an Azure Storage account managed by your organization. Additionally, eDiscovery (Premium) lets you customize what data is exported. This includes exporting file metadata, native files, text files, tags, and redacted documents saved to a PDF file. ## eDiscovery subscription comparison -The following sections show the minimum subscription requirements for Content search, Core eDiscovery, and Advanced eDiscovery. Subscriptions that support Core eDiscovery also support Content search. Subscriptions that support Advanced eDiscovery also support Content search and Core eDiscovery. +The following sections show the minimum subscription requirements for Content search, eDiscovery (Standard), and eDiscovery (Premium). Subscriptions that support eDiscovery (Standard) also support Content search. Subscriptions that support eDiscovery (Premium) also support Content search and eDiscovery (Standard). ### Content search The following sections show the minimum subscription requirements for Content se - Office 365 E1 subscription -### Core eDiscovery +### eDiscovery (Standard) - Microsoft 365 E3 subscription - Microsoft 365 G3 subscription The following sections show the minimum subscription requirements for Content se - Microsoft 365 Education A3 or Office 365 Education A3 subscription - Office 365 E3 subscription -### Advanced eDiscovery +### eDiscovery (Premium) - Microsoft 365 E5 or Office 365 E5 subscription - Microsoft 365 E3 subscription with E5 Compliance add-on See the following articles to help you learn more and get started using the eDis - [Create a search](content-search.md) -### Core eDiscovery +### eDiscovery (Standard) -- [Get started with Core eDiscovery](get-started-core-ediscovery.md) +- [Get started with eDiscovery (Standard)](get-started-core-ediscovery.md) -### Advanced eDiscovery +### eDiscovery (Premium) -- [Overview of Advanced eDiscovery](overview-ediscovery-20.md) +- [Overview of eDiscovery (Premium)](overview-ediscovery-20.md) -- [Set up Advanced eDiscovery](get-started-with-advanced-ediscovery.md) +- [Set up eDiscovery (Premium)](get-started-with-advanced-ediscovery.md) -- [Create and manage an Advanced eDiscovery case](create-and-manage-advanced-ediscoveryv2-case.md) +- [Create and manage an eDiscovery (Premium) case](create-and-manage-advanced-ediscoveryv2-case.md) ## eDiscovery roadmap To see what eDiscovery features have been launched, are rolling out, or in devel ## Training -Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Content search, Core eDiscovery, and Advanced eDiscovery can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365). +Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Content search, eDiscovery (Standard), and eDiscovery (Premium) can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance	Email Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/email-encryption.md	- M365-security-compliance - m365solution-mip - m365initiative-compliance -description: "Compare Microsoft 365 encryption options including Office 365 Message Encryption (OME), S/MIME, Information Rights Management (IRM), and learn about Transport Layer Security (TLS)." +description: "Compare Microsoft 365 encryption options including Microsoft Purview Message Encryption, S/MIME, Information Rights Management (IRM), and learn about Transport Layer Security (TLS)." # Email encryption -This article compares encryption options in Microsoft 365 including Office 365 Message Encryption (OME), S/MIME, Information Rights Management (IRM), and introduces Transport Layer Security (TLS). + +This article compares encryption options in Microsoft 365 including Microsoft Purview Message Encryption, S/MIME, Information Rights Management (IRM), and introduces Transport Layer Security (TLS). Microsoft 365 delivers multiple encryption options to help you meet your business needs for email security. This article presents three ways to encrypt email in Office 365. If you want to learn more about all security features in Office 365, visit the [Office 365 Trust Center](https://go.microsoft.com/fwlink/p/?LinkID=282470). This article introduces the three types of encryption available for Microsoft 365 administrators to help secure email in Office 365: -- Office Message Encryption (OME). +- Microsoft Purview Message Encryption. - Secure/Multipurpose Internet Mail Extensions (S/MIME). For more information on how Microsoft 365 secures communication between servers, \|Email encryption technology\|![Conceptual artwork that describes OME.](../media/2bf27b5e-bbb3-46d1-95bf-884dc27a746c.png)\|![Conceptual artwork that describes IRM](../media/9c0cc444-9448-40c6-b244-8fcc593a64e0.png)\|![Conceptual artwork that describes SMIME](../media/ae4613a8-c17e-47e1-8e13-12e891e43744.png)\| \|:--\|:--\|:--\|:--\| -\|What is it?\|Office 365 Message Encryption (OME) is a service built on Azure Rights Management (Azure RMS) that lets you send encrypted email to people inside or outside your organization, regardless of the destination email address (Gmail, Yahoo! Mail, Outlook.com, etc.). <br/> As an admin, you can set up transport rules that define the conditions for encryption. When a user sends a message that matches a rule, encryption is applied automatically. <br/> To view encrypted messages, recipients can either get a one-time passcode, sign in with a Microsoft account, or sign in with a work or school account associated with Office 365. Recipients can also send encrypted replies. They don't need a Microsoft 365 subscription to view encrypted messages or send encrypted replies.\|IRM is an encryption solution that also applies usage restrictions to email messages. It helps prevent sensitive information from being printed, forwarded, or copied by unauthorized people. <br/> IRM capabilities in Microsoft 365 use Azure Rights Management (Azure RMS).\|S/MIME is a certificate-based encryption solution that allows you to both encrypt and digitally sign a message. The message encryption helps ensure that only the intended recipient can open and read the message. A digital signature helps the recipient validate the identity of the sender. <br/> Both digital signatures and message encryption are made possible through the use of unique digital certificates that contain the keys for verifying digital signatures and encrypting or decrypting messages. <br/> To use S/MIME, you must have public keys on file for each recipient. Recipients have to maintain their own private keys, which must remain secure. If a recipient's private keys are compromised, the recipient needs to get a new private key and redistribute public keys to all potential senders.\| +\|What is it?\|Message encryption is a service built on Azure Rights Management (Azure RMS) that lets you send encrypted email to people inside or outside your organization, regardless of the destination email address (Gmail, Yahoo! Mail, Outlook.com, etc.). <br/> As an admin, you can set up transport rules that define the conditions for encryption. When a user sends a message that matches a rule, encryption is applied automatically. <br/> To view encrypted messages, recipients can either get a one-time passcode, sign in with a Microsoft account, or sign in with a work or school account associated with Office 365. Recipients can also send encrypted replies. They don't need a Microsoft 365 subscription to view encrypted messages or send encrypted replies.\|IRM is an encryption solution that also applies usage restrictions to email messages. It helps prevent sensitive information from being printed, forwarded, or copied by unauthorized people. <br/> IRM capabilities in Microsoft 365 use Azure Rights Management (Azure RMS).\|S/MIME is a certificate-based encryption solution that allows you to both encrypt and digitally sign a message. The message encryption helps ensure that only the intended recipient can open and read the message. A digital signature helps the recipient validate the identity of the sender. <br/> Both digital signatures and message encryption are made possible through the use of unique digital certificates that contain the keys for verifying digital signatures and encrypting or decrypting messages. <br/> To use S/MIME, you must have public keys on file for each recipient. Recipients have to maintain their own private keys, which must remain secure. If a recipient's private keys are compromised, the recipient needs to get a new private key and redistribute public keys to all potential senders.\| \|What does it do?\|OME: <br/> Encrypts messages sent to internal or external recipients. <br/> Allows users to send encrypted messages to any email address, including Outlook.com, Yahoo! Mail, and Gmail. <br/> Allows you, as an admin, to customize the email viewing portal to reflect your organization's brand. <br/> Microsoft securely manages and stores the keys, so you don't have to. <br/> No special client side software is needed as long as the encrypted message (sent as an HTML attachment) can be opened in a browser.\|IRM: <br/> Uses encryption and usage restrictions to provide online and offline protection for email messages and attachments. <br/> Gives you, as an admin, the ability to set up transport rules or Outlook protection rules to automatically apply IRM to select messages. <br/> Lets users manually apply templates in Outlook or Outlook on the web (formerly known as Outlook Web App).\|S/MIME addresses sender authentication with digital signatures, and message confidentiality with encryption.\| \|What does it not do?\|OME doesn't let you apply usage restrictions to messages. For example, you can't use it to stop a recipient from forwarding or printing an encrypted message.\|Some applications may not support IRM emails on all devices. For more information about these and other products that support IRM email, see [Client device capabilities](/azure/information-protection/requirements#BKMK_ClientCapabilities).\|S/MIME doesn't allow encrypted messages to be scanned for malware, spam, or policies.\| \|Recommendations and example scenarios\|We recommend using OME when you want to send sensitive business information to people outside your organization, whether they're consumers or other businesses. For example: <br/> A bank employee sending credit card statements to customers <br/> A doctor's office sending medical records to a patient <br/> An attorney sending confidential legal information to another attorney\|We recommend using IRM when you want to apply usage restrictions as well as encryption. For example: <br/> A manager sending confidential details to her team about a new product applies the "Do Not Forward" option. <br/> An executive needs to share a bid proposal with another company, which includes an attachment from a partner who is using Office 365, and require both the email and the attachment to be protected.\|We recommend using S/MIME when either your organization or the recipient's organization requires true peer-to-peer encryption. <br/> S/MIME is most commonly used in the following scenarios: <br/> Government agencies communicating with other government agencies <br/> A business communicating with a government agency\| For more information on how Microsoft 365 secures communication between servers, For information about email encryption options for your Microsoft 365 subscription see the [Exchange Online service description](/office365/servicedescriptions/exchange-online-service-description/exchange-online-service-description). Here, you can find information about the following encryption features: -- Azure RMS, including both IRM capabilities and OME +- Azure RMS, including both IRM capabilities and Microsoft Purview Message Encryption - S/MIME You can also use third-party encryption tools with Microsoft 365, for example, P For more information about the email encryption options in this article as well as TLS, see these articles: -OME +Microsoft Purview Message Encryption -[Office 365 Message Encryption (OME)](ome.md) +[Message encryption](ome.md) IRM
compliance	Email Threading In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/email-threading-in-advanced-ediscovery.md	Title: Email threading in Advanced eDiscovery + Title: Email threading in eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "When conducting an Advanced eDiscovery analysis, email threading parses an email conversation and separates each message into different categories." +description: "When conducting an eDiscovery (Premium) analysis, email threading parses an email conversation and separates each message into different categories." -# Email threading in Advanced eDiscovery +# Email threading in eDiscovery (Premium) Consider an email conversation that has been going on for a while. In most cases, the last message in the email thread will include the contents of all the preceding messages. Therefore, reviewing the last message will give a complete context of the conversation that happened in the thread. Email threading identifies such messages so that reviewers can review a fraction of collected documents without losing any context. ## What does email threading do? -Email threading parses each email thread and deconstructs it to individual messages. Each email thread is a chain of individual messages. Advanced eDiscovery analyzes all email messaes in the review set to determine whether an email message has unique content or if the chain (parent messages) are wholly contained in the final message in the email thread. Email messages are divided into four inclusive values: +Email threading parses each email thread and deconstructs it to individual messages. Each email thread is a chain of individual messages. Microsoft Purview eDiscovery (Premium) analyzes all email messaes in the review set to determine whether an email message has unique content or if the chain (parent messages) are wholly contained in the final message in the email thread. Email messages are divided into four inclusive values: - Inclusive: An Inclusive email is the final email message in an email thread and contains all the previous content of that email thread.
compliance	Enable Archive Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-archive-mailboxes.md	Title: "Enable archive mailboxes for Microsoft 365 Compliance" + Title: "Enable archive mailboxes for Microsoft 365" f1.keywords: - NOCSH description: "Learn how to enable or disable archive mailboxes to support your organization's message retention, eDiscovery, and hold requirements." -# Enable archive mailboxes in the compliance center +# Enable archive mailboxes in the Microsoft Purview compliance portal + Archiving in Microsoft 365 (also called In-Place Archiving) provides users with additional mailbox storage space. For more information, see [Learn about archive mailboxes](archive-mailboxes.md). -Use the information in this article to enable or disable an archive mailbox in the Microsoft 365 compliance center, or by using PowerShell. Also learn how to run an automated diagnostic check on a user's archive mailbox to identify any problems and suggested resolutions. +Use the information in this article to enable or disable an archive mailbox in the Microsoft Purview compliance portal, or by using PowerShell. Also learn how to run an automated diagnostic check on a user's archive mailbox to identify any problems and suggested resolutions. ## Get the necessary permissions You must be assigned the Mail Recipients role in Exchange Online to enable or disable archive mailboxes. By default, this role is assigned to the Recipient Management and Organization Management role groups on the Permissions page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. -If you don't see the Archive page in the Microsoft 365 compliance center, ask your administrator to assign you the necessary permissions. +If you don't see the Archive page in the Microsoft Purview compliance portal, ask your administrator to assign you the necessary permissions. ## Enable an archive mailbox -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in. -2. In the left pane of the Microsoft 365 compliance center, click Information governance, and then click the Archive tab. +2. In the left pane of the Microsoft Purview compliance portal, click Data lifecycle management, and then click the Archive tab. The Archive page is displayed. The Archive mailbox column indicates whether an archive mailbox is enabled or disabled for each user. If you don't see the Archive page in the Microsoft 365 compliance center, as ## Disable an archive mailbox -You can also use the Archive page in the Microsoft 365 compliance center to disable a user's archive mailbox. After you disable an archive mailbox, you can reconnect it to the user's primary mailbox within 30 days of disabling it. In this case, the original contents of the archive mailbox are restored. After 30 days, the contents of the original archive mailbox are permanently deleted and can't be recovered. So if you re-enable the archive more than 30 days after disabling it, a new archive mailbox is created. +You can also use the Archive page in the Microsoft Purview compliance portal to disable a user's archive mailbox. After you disable an archive mailbox, you can reconnect it to the user's primary mailbox within 30 days of disabling it. In this case, the original contents of the archive mailbox are restored. After 30 days, the contents of the original archive mailbox are permanently deleted and can't be recovered. So if you re-enable the archive more than 30 days after disabling it, a new archive mailbox is created. The default archive policy assigned to users' mailboxes moves items to the archive mailbox two years after the date the item is delivered. If you disable a user's archive mailbox, no action will be taken on mailbox items and they will remain in the user's primary mailbox. To disable an archive mailbox: -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in. - -2. In the left pane of the Microsoft 365 compliance center, click Information governance, and then click the Archive tab. - - The Archive page is displayed. The Archive mailbox column indicates whether an archive mailbox is enabled or disabled for each user. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in. - > [!NOTE] - > The Archive page shows a maximum of 500 users. +2. In the left pane of the Microsoft Purview compliance portal, click Data lifecycle management, and then click the Archive tab. + + The Archive page is displayed. The Archive mailbox column indicates whether an archive mailbox is enabled or disabled for each user. + + > [!NOTE] + > The Archive page shows a maximum of 500 users. 3. In the list of mailboxes, select the user that you want to disable the archive mailbox for and select Disable Archive.
compliance	Enable Autoexpanding Archiving	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-autoexpanding-archiving.md	# Enable auto-expanding archiving + You can use the Exchange Online auto-expanding archiving feature to enable additional storage space for archive mailboxes. When auto-expanding archiving is turned on, additional storage space is automatically added to a user's archive mailbox until it reaches the storage limit of 1.5 TB. You can turn on auto-expanding archiving for everyone in your organization or just for specific users. For more information about auto-expanding archiving, see [Learn about auto-expanding archiving](autoexpanding-archiving.md). ## Before you enable auto-expanding archiving You can use the Exchange Online auto-expanding archiving feature to enable addit - Auto-expanding archiving also supports shared mailboxes. To enable the archive for a shared mailbox, an Exchange Online Plan 2 license or an Exchange Online Plan 1 license with an Exchange Online Archiving license is required. -- Auto-expanding archiving prevents you from recovering or restoring an [inactive mailbox](inactive-mailboxes-in-office-365.md#what-are-inactive-mailboxes). That means if you enable auto-expanding archiving for a mailbox and the mailbox is made inactive at a later date, you won't be able to [recover the inactive mailbox](recover-an-inactive-mailbox.md) (by converting it to an active mailbox) or [restore it](restore-an-inactive-mailbox.md) (by merging the contents to an existing mailbox). If auto-expanding archiving is enabled on an inactive mailbox, the only way to recover data is by using the Content search tool in the Microsoft 365 compliance center to export the data from the mailbox and import to another mailbox. For more information, see the "Inactive mailboxes and auto-expanding archives" section in [Learn about inactive mailboxes](inactive-mailboxes-in-office-365.md#inactive-mailboxes-and-auto-expanding-archives). +- Auto-expanding archiving prevents you from recovering or restoring an [inactive mailbox](inactive-mailboxes-in-office-365.md#what-are-inactive-mailboxes). That means if you enable auto-expanding archiving for a mailbox and the mailbox is made inactive at a later date, you won't be able to [recover the inactive mailbox](recover-an-inactive-mailbox.md) (by converting it to an active mailbox) or [restore it](restore-an-inactive-mailbox.md) (by merging the contents to an existing mailbox). If auto-expanding archiving is enabled on an inactive mailbox, the only way to recover data is by using the Content search tool in the Microsoft Purview compliance portal to export the data from the mailbox and import to another mailbox. For more information, see the "Inactive mailboxes and auto-expanding archives" section in [Learn about inactive mailboxes](inactive-mailboxes-in-office-365.md#inactive-mailboxes-and-auto-expanding-archives). -- You can't use the Exchange admin center or the Microsoft 365 compliance center to enable auto-expanding archiving. You have to use Exchange Online PowerShell. To connect to your Exchange Online organization using remote PowerShell, see [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). +- You can't use the Exchange admin center or the Microsoft Purview compliance portal to enable auto-expanding archiving. You have to use Exchange Online PowerShell. To connect to your Exchange Online organization using remote PowerShell, see [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). ## Enable auto-expanding archiving for your entire organization
compliance	Enable Mailbox Auditing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-mailbox-auditing.md	description: "Mailbox audit logging is turned on by default in Microsoft 365 (al # Manage mailbox auditing -In January 2019, Microsoft turned on mailbox audit logging by default for all organizations. This configuration means that certain actions by mailbox owners, delegates, and admins are automatically logged. It also means the corresponding mailbox audit records will be available when you search for them in the mailbox audit log. Before mailbox auditing was turned on by default, you had to manually enable it for every user mailbox in your organization. + +Starting in January 2019, Microsoft is turning on mailbox audit logging by default for all organizations. This means that certain actions performed by mailbox owners, delegates, and admins are automatically logged, and the corresponding mailbox audit records will be available when you search for them in the mailbox audit log. Before mailbox auditing was turned on by default, you had to manually enable it for every user mailbox in your organization. Here are some benefits of mailbox auditing on by default: Here are some benefits of mailbox auditing on by default: > [!NOTE] > > - The important thing to remember about the release of mailbox auditing on by default is: you don't need to do anything to manage mailbox auditing. However, to learn more, customize mailbox auditing from the default settings, or turn it off altogether, this article can help you. -> - By default, only mailbox audit events for users with licenses that include the [Advanced Audit](advanced-audit.md) feature are available in audit log searches in the Microsoft 365 compliance center or via the Office 365 Management Activity API. These licenses are described [here](auditing-solutions-overview.md#advanced-audit-1). For brevity, this article will collectively refer to licenses that include Advanced Audit as E5/A5/G5 licenses. -> For more information about how licensing affects mailbox auditing events in the M365 compliance center, see the [More information](#more-information) section later in this article. +> - By default, only mailbox audit events for E5 users are available in audit log searches in the Microsoft Purview compliance portal or via the Office 365 Management Activity API. For more information, see the [More information](#more-information) section in this article. ## Verify mailbox auditing on by default is turned on Logon types classify the user that did the audited actions on the mailbox. The f - Admin: - The mailbox is searched with one of the following Microsoft eDiscovery tools: - Content Search in the Compliance center. - - eDiscovery or Advanced eDiscovery in the Compliance center. + - eDiscovery or eDiscovery (Premium) in the Compliance center. - In-Place eDiscovery in Exchange Online. - The mailbox is accessed by using the Microsoft Exchange Server MAPI Editor. The following table describes the mailbox actions that are available in mailbox \|FolderBind\|A mailbox folder was accessed. This action is also logged when the admin or delegate opens the mailbox. <br/><br/> Note: Audit records for folder bind actions performed by delegates are consolidated. One audit record is generated for individual folder access within a 24-hour period.\|![Check mark.](../media/checkmark.png)\|![Check mark.](../media/checkmark.png)\|\| \|HardDelete\|A message was purged from the Recoverable Items folder.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\| \|MailboxLogin\|The user signed into their mailbox.\|\|\|![Check mark](../media/checkmark.png)\| -\|MailItemsAccessed\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Advanced Audit in Microsoft 365](set-up-advanced-audit.md). <br/><br/> Mail data is accessed by mail protocols and clients.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\| +\|MailItemsAccessed\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Microsoft Purview Audit (Premium)](set-up-advanced-audit.md). <br/><br/> Mail data is accessed by mail protocols and clients.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\| \|MessageBind\|Note: This value is available only for users without* E5/A5/G5 licenses. <br/><br/> A message was viewed in the preview pane or opened by an admin.\|![Check mark](../media/checkmark.png)\|\|\| \|ModifyFolderPermissions\|Although this value is accepted as a mailbox action, it's already included in the UpdateFolderPermissions action and isn't audited separately. In other words, don't use this value.\|\|\|\| \|Move\|A message was moved to another folder.\|![Check mark.](../media/checkmark.png)\|![Check mark](../media/checkmark.png)\|![Check mark](../media/checkmark.png)\| \|MoveToDeletedItems\|A message was deleted and moved to the Deleted Items folder.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\| \|RecordDelete\|An item that's labeled as a record was soft-deleted (moved to the Recoverable Items folder). Items labeled as records can't be permanently deleted (purged from the Recoverable Items folder).\|![Check mark.](../media/checkmark.png)\|![Check mark](../media/checkmark.png)\|![Check mark](../media/checkmark.png)\| \|RemoveFolderPermissions\|Although this value is accepted as a mailbox action, it's already included in the UpdateFolderPermissions* action and isn't audited separately. In other words, don't use this value.\|\|\|\| -\|SearchQueryInitiated\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Advanced Audit in Microsoft 365](set-up-advanced-audit.md). <br/><br/> A person uses Outlook (Windows, Mac, iOS, Android, or Outlook on the web) or the Mail app for Windows 10 to search for items in a mailbox.\|\|\|![Check mark](../media/checkmark.png)\| -\|Send\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Advanced Audit in Microsoft 365](set-up-advanced-audit.md). <br/><br/> The user sends an email message, replies to an email message, or forwards an email message.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|\|![Check mark](../media/checkmark.png)<sup>\</sup>\| +\|SearchQueryInitiated\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Microsoft Purview Audit (Premium)](set-up-advanced-audit.md). <br/><br/> A person uses Outlook (Windows, Mac, iOS, Android, or Outlook on the web) or the Mail app for Windows 10 to search for items in a mailbox.\|\|\|![Check mark](../media/checkmark.png)\| +\|Send\|Note: This value is available only for users with E5/A5/G5 licenses. For more information, see [Set up Microsoft Purview Audit (Premium)](set-up-advanced-audit.md). <br/><br/> The user sends an email message, replies to an email message, or forwards an email message.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|\|![Check mark](../media/checkmark.png)<sup>\</sup>\| \|SendAs\|A message was sent using the SendAs permission. This means another user sent the message as though it came from the mailbox owner.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\|\| \|SendOnBehalf\|A message was sent using the SendOnBehalf permission. This means another user sent the message on behalf of the mailbox owner. The message indicates to the recipient who the message was sent on behalf of and who actually sent the message.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\|\| \|SoftDelete\|A message was permanently deleted or deleted from the Deleted Items folder. Soft-deleted items are moved to the Recoverable Items folder.\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark.](../media/checkmark.png)<sup>\</sup>\|![Check mark](../media/checkmark.png)<sup>\</sup>\| The value True* indicates that mailbox audit logging is bypassed for the user ## More information -- Although mailbox audit logging on by default is enabled for all organizations, only users with [licenses that include the Advanced Audit feature](auditing-solutions-overview.md#advanced-audit-1) (collectively referred to as E5/A5/G5 licenses) will return mailbox audit log events in [audit log searches in the Microsoft 365 compliance center](search-the-audit-log-in-security-and-compliance.md) or via the [Office 365 Management Activity API](/office/office-365-management-api/office-365-management-activity-api-reference) by default. +- Although mailbox audit logging on by default is enabled for all organizations, only users with E5 licenses will return mailbox audit log events in [audit log searches in the Microsoft Purview compliance portal](search-the-audit-log-in-security-and-compliance.md) or via the [Office 365 Management Activity API](/office/office-365-management-api/office-365-management-activity-api-reference) by default. To retrieve mailbox audit log entries for users without E5/A5/G5 licenses, you can use any of the following workarounds: - - Manually enable mailbox auditing on the affected user mailboxes by running the following command: `Set-Mailbox -Identity <MailboxIdentity> -AuditEnabled $true`. After you enable mailbox auditing on the mailbox, you can use audit log searches in the Microsoft 365 compliance center or via the Office 365 Management Activity API. + - Manually enable mailbox auditing on individual mailboxes (run the command, `Set-Mailbox -Identity <MailboxIdentity> -AuditEnabled $true`). After you do this, you can use audit log searches in the Microsoft Purview compliance portal or via the Office 365 Management Activity API. > [!NOTE] > If mailbox auditing already appears to be enabled on the mailbox, but your searches return no results, change the value of the AuditEnabled parameter to `$false` and then back to `$true`.
compliance	Enable Message Encryption And Decryption In Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/enable-message-encryption-and-decryption-in-office-365.md	ms.localizationpriority: medium ms.assetid: e313c489-ce5e-4015-aadf-981c697ab51f - M365-security-compliance -description: "Office 365 Message Encryption lets email users send encrypted messages to people inside our outside their organization. As an administrator, you can enable Office 365 Message Encryption by creating mail flow rules (also known as transport rules) that set the conditions for encryption." +description: "Microsoft Purview Message Encryption lets email users send encrypted messages to people inside our outside their organization. As an administrator, you can enable Microsoft Purview Message Encryption by creating mail flow rules (also known as transport rules) that set the conditions for encryption." # Enable message encryption and decryption -Office 365 Message Encryption lets email users send encrypted messages to people inside our outside their organization. As an administrator, you can enable Office 365 Message Encryption by creating mail flow rules (also known as transport rules) that set the conditions for encryption. When one of your users sends a message that matches the conditions of the rule, the message is encrypted. + +Microsoft Purview Message Encryption lets email users send encrypted messages to people inside our outside their organization. As an administrator, you can enable Microsoft Purview Message Encryption by creating mail flow rules (also known as transport rules) that set the conditions for encryption. When one of your users sends a message that matches the conditions of the rule, the message is encrypted. To learn how to create mail flow rules for encryption, see [Define rules to encrypt or decrypt email messages](./define-mail-flow-rules-to-encrypt-email.md). ## See also -[Encryption in Office 365](./encryption.md) +[Encryption in Office 365](./encryption.md)
compliance	Encryption Office 365 Certificate Chains Itar	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-office-365-certificate-chains-itar.md	description: "View a complete list of DOD and GCC High root certificates and cer # Microsoft 365 encryption chains - DOD and GCC High + Microsoft 365 leverages a number of different certificate providers. The following describes the complete list of known Microsoft 365 root certificates that DOD and GCC High customers may encounter when accessing Microsoft 365. For information on the certificates you may need to install in your own infrastructure, see [Plan for third-party SSL certificates for Microsoft 365](../enterprise/plan-for-third-party-ssl-certificates.md). The following certificate information applies to all DOD and GCC High customers. Expand the root and intermediate sections below to see additional details about \| Thumbprint (SHA-1) \| B0C2D2D13CDD56CDAA6AB6E2C04440BE4A429C75 \| \| Thumbprint (SHA-256) \| 05E4005DB0C382F3BD66B47729E9011577601BF6F7B287E9A52CED710D258346 \| \| CRL URLs \| http://crl3.digicert.com/Omniroot2025.crl \| -\| OCSP URLs \| http://ocsp.digicert.com \| +\| OCSP URLs \| http://ocsp.digicert.com \|
compliance	Encryption Office 365 Certificate Chains	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-office-365-certificate-chains.md	description: "View a complete list of root certificates and certificate authorit # Microsoft 365 encryption chains + Microsoft 365 leverages a number of different certificate providers. The following describes the complete list of known Microsoft 365 root certificates that customers may encounter when accessing Microsoft 365. For information on the certificates you may need to install in your own infrastructure, see [Plan for third-party SSL certificates for Microsoft 365](../enterprise/plan-for-third-party-ssl-certificates.md). The following certificate information applies to all worldwide and national cloud instances of Microsoft 365. Last updated: 10/16/2020
compliance	Encryption Office 365 Tls Certificates Changes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-office-365-tls-certificates-changes.md	Title: Office TLS Certificate Changes + Title: Office TLS certificate changes description: How to prepare for upcoming changes to Office TLS certificates. ms.localizationpriority: medium # Office TLS Certificate Changes + Microsoft 365 is updating services powering messaging, meetings, telephony, voice, and video to use TLS certificates from a different set of Root Certificate Authorities (CAs). This change is being made because the current Root CA will expire in May 2025. Affected products include:
compliance	Encryption Sensitivity Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-sensitivity-labels.md	Title: Restrict access to content using sensitivity labels to apply encryption + Title: Apply encryption using sensitivity labels f1.keywords: - NOCSH # Restrict access to content by using sensitivity labels to apply encryption + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). When you create a sensitivity label, you can restrict access to content that the label will be applied to. For example, with the encryption settings for a sensitivity label, you can protect content so that: Finally, as an admin, when you configure a sensitivity label to apply encryption - Assign permissions now, so that you determine exactly which users get which permissions to content with that label. - Let users assign permissions when they apply the label to content. This way, you can allow people in your organization some flexibility that they might need to collaborate and get their work done. -The encryption settings are available when you [create a sensitivity label](create-sensitivity-labels.md) in the Microsoft 365 compliance center. You can also use the older portal, the Security & Compliance Center. +The encryption settings are available when you [create a sensitivity label](create-sensitivity-labels.md) in the Microsoft Purview compliance portal. ## Understand how the encryption works
compliance	Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption.md	description: "With Office 365, your content is encrypted at rest and in transit # Encryption + Encryption is an important part of your file protection and information protection strategy. This article provides an overview of encryption for Office 365. Get help with encryption tasks like how to set up encryption for your organization and how to password-protect Office documents. - For information about certificates and technologies like TLS, see [Technical reference details about encryption in Office 365](technical-reference-details-about-encryption.md). With Office 365, multiple layers and kinds of encryption work together to secure \|:--\|:--\|:--\| \|Files on a device. These files can include email messages saved in a folder, Office documents saved on a computer, tablet, or phone, or data saved to the Microsoft cloud. <br/> \|BitLocker in Microsoft datacenters. BitLocker can also be used on client machines, such as Windows computers and tablets <br/> Distributed Key Manager (DKM) in Microsoft datacenters <br/> Customer Key for Microsoft 365 <br/> \|[Windows IT Center: BitLocker](/windows/device-security/bitlocker/bitlocker-overview) <br/> [Microsoft Trust Center: Encryption](https://www.microsoft.com/TrustCenter/Security/Encryption) <br/> [Cloud security controls series: Encrypting Data at Rest](https://blogs.microsoft.com/microsoftsecure/2015/09/10/cloud-security-controls-series-encrypting-data-at-rest) <br/> [How Exchange Online secures your email secrets](exchange-online-secures-email-secrets.md) <br/> [Service encryption with Customer Key](customer-key-overview.md) <br/> \| \|Files in transit between users. These files can include Office documents or SharePoint list items shared between users. <br/> \|TLS for files in transit <br/> \|[Data Encryption in OneDrive for Business and SharePoint Online](data-encryption-in-odb-and-spo.md) <br/> [Skype for Business Online: Security and Archiving](/office365/servicedescriptions/skype-for-business-online-service-description/skype-for-business-online-features) <br/> \| -\|Email in transit between recipients. This email includes email hosted by Exchange Online. <br/> \|Office 365 Message Encryption with Azure Rights Management, S/MIME, and TLS for email in transit <br/> \|[Office 365 Message Encryption (OME)](ome.md) <br/> [Email encryption in Office 365](email-encryption.md) <br/> [How Exchange Online uses TLS to secure email connections in Office 365](exchange-online-uses-tls-to-secure-email-connections.md) <br/> \| +\|Email in transit between recipients. This email includes email hosted by Exchange Online. <br/> \|Microsoft Purview Message Encryption with Azure Rights Management, S/MIME, and TLS for email in transit <br/> \|[essage Encryption](ome.md) <br/> [Email encryption in Office 365](email-encryption.md) <br/> [How Exchange Online uses TLS to secure email connections in Office 365](exchange-online-uses-tls-to-secure-email-connections.md) <br/> \| \|Chats, messages, and files in transit between recipients using Microsoft Teams. <br/> \|Teams uses TLS and MTLS to encrypt instant messages. Media traffic is encrypted using Secure RTP (SRTP). Teams uses FIPS (Federal Information Processing Standard) compliant algorithms for encryption key exchanges. <br/> \|[Encryption for Teams](/microsoftteams/teams-security-guide#encryption-for-teams) <br/> \| ## What if I need more control over encryption to meet security and compliance requirements? To learn more, see the following resources: - [Set up Information Rights Management (IRM) in SharePoint admin center](set-up-irm-in-sp-admin-center.md) -- [Service encryption with Customer Key in Office 365](customer-key-overview.md) +- [Service encryption with Microsoft Purview Customer Key](customer-key-overview.md) -- [Double Key Encryption for Microsoft 365](double-key-encryption.md) +- [Double Key Encryption](double-key-encryption.md) ## How do I... To learn more, see the following resources: [Top 10 ways to secure Microsoft 365 for business plans](/office365/admin/security-and-compliance/secure-your-business-data) -[Microsoft Stream Video level encryption and playback flow](/stream/network-overview#video-level-encryption-and-playback-flow) +[Microsoft Stream Video level encryption and playback flow](/stream/network-overview#video-level-encryption-and-playback-flow)
compliance	Endpoint Dlp Getting Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/endpoint-dlp-getting-started.md	Title: "Get started with Microsoft 365 Endpoint data loss prevention" + Title: "Get started with Endpoint data loss prevention" f1.keywords: - CSH search.appverid: - MET150 -description: "Set up Microsoft 365 Endpoint data loss prevention to monitor file activities and implement protective actions for those files to endpoints." +description: "Set up Endpoint data loss prevention to monitor file activities and implement protective actions for those files to endpoints." # Get started with Endpoint data loss prevention -Microsoft Endpoint data loss prevention (Endpoint DLP) is part of the Microsoft 365 data loss prevention (DLP) suite of features you can use to discover and protect sensitive items across Microsoft 365 services. For more information about all of MicrosoftΓÇÖs DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). To learn more about Endpoint DLP, see [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) -Microsoft Endpoint DLP allows you to monitor [onboarded Windows 10, and Windows 11](device-onboarding-overview.md) and [onboarded macOS devices (preview)](device-onboarding-macos-overview.md) running Catalina 10.15 and higher. Once a device is onboarded, DLP will detect when sensitive items are used and shared. This gives you the visibility and control you need to ensure that they are used and protected properly, and to help prevent risky behavior that might compromise them. +Endpoint data loss prevention (Endpoint DLP) is part of the Microsoft Purview Data Loss Prevention (DLP) suite of features you can use to discover and protect sensitive items across Microsoft 365 services. For more information about all of MicrosoftΓÇÖs DLP offerings, see [Learn about data loss prevention](dlp-learn-about-dlp.md). To learn more about Endpoint DLP, see [Learn about Endpoint data loss prevention](endpoint-dlp-learn-about.md) + +Microsoft Endpoint DLP allows you to monitor [onboarded Windows 10, and Windows 11](device-onboarding-overview.md) and [onboarded macOS devices](device-onboarding-macos-overview.md) running Catalina 10.15 and higher. Once a device is onboarded, DLP will detect when sensitive items are used and shared. This gives you the visibility and control you need to ensure that they are used and protected properly, and to help prevent risky behavior that might compromise them. ## Before you begin If you are onboarding Windows 10 or Windows 11 devices, check to make sure that For a general introduction to onboarding Windows devices, see: -- [Onboard Windows 10 and Windows 11 devices into Microsoft 365 overview](device-onboarding-overview.md#onboard-windows-10-and-windows-11-devices-into-microsoft-365-overview) +- [Onboard Windows 10 and Windows 11 devices into Microsoft Purview overview](device-onboarding-overview.md#onboard-windows-10-and-windows-11-devices-into-microsoft-365-overview) For specific guidance to onboarding Windows devices, see: Topic \| Description For a general introduction to onboarding macOS devices, see: -- [Onboard macOS devices into Microsoft 365 overview (preview)](device-onboarding-macos-overview.md#onboard-macos-devices-into-microsoft-365-overview-preview) +- [Onboard macOS devices into Microsoft Purview](device-onboarding-macos-overview.md) For specific guidance to onboarding macOS devices, see: Topic \| Description :\|: -\|[Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md#onboard-and-offboard-macos-devices-into-microsoft-365-compliance-solutions-using-intune-preview)\|For macOS devices that are managed through Intune -\|[Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md#onboard-and-offboard-macos-devices-into-compliance-solutions-using-intune-for-microsoft-defender-for-endpoint-customers-preview) \|For macOS devices that are managed through Intune and that have Microsoft Defender for Endpoint (MDE) deployed to them -\|[Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md#onboard-and-offboard-macos-devices-into-microsoft-365-compliance-solutions-using-jamf-pro-preview) \| For macOS devices that are managed through JAMF Pro -\|[Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md#onboard-and-offboard-macos-devices-into-compliance-solutions-using-jamf-pro-for-microsoft-defender-for-endpoint-customers-preview)\|For macOS devices that are managed through JAMF Pro and that have Microsoft Defender for Endpoint (MDE) deployed to them +\|[Onboard and offboard macOS devices into Microsoft Purview solutions using Intune](device-onboarding-offboarding-macos-intune.md)\|For macOS devices that are managed through Intune +\|[Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers](device-onboarding-offboarding-macos-intune-mde.md) \|For macOS devices that are managed through Intune and that have Microsoft Defender for Endpoint (MDE) deployed to them +\|[Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro)](device-onboarding-offboarding-macos-jamfpro.md) \| For macOS devices that are managed through JAMF Pro +\|[Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers)](device-onboarding-offboarding-macos-jamfpro-mde.md)\|For macOS devices that are managed through JAMF Pro and that have Microsoft Defender for Endpoint (MDE) deployed to them Once an device is onboarded, it should be visible in the devices list and also start reporting audit activity to Activity explorer. See, [Onboard macOS devices into Microsoft 365 overview (preview)](device-onboar <!--## Onboarding Windows 10 and Windows 11 devices into device management -You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft 365 Compliance portal. +You must enable device monitoring and onboard your endpoints before you can monitor and protect sensitive items on a device. Both of these actions are done in the Microsoft Purview compliance portal. When you want to onboard devices that haven't been onboarded yet, you'll download the appropriate script and deploy it to those devices. Follow the [Onboarding devices procedure](endpoint-dlp-getting-started.md#onboarding-devices). If you already have devices onboarded into [Microsoft Defender for Endpoint](/wi In this deployment scenario, you'll onboard devices that have not been onboarded yet, and you just want to monitor and protect sensitive items from unintentional sharing on Windows 10 or Windows 11 devices. -1. Open the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Open the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. Choose Settings > Device onboarding. Once done and endpoint is onboarded, it should be visible in the devices list an In this scenario, Microsoft Defender for Endpoint is already deployed and there are endpoints reporting in. All these endpoints will appear in the managed devices list. You can continue to onboard new devices into Endpoint DLP to expand coverage by using the [Onboarding devices procedure](endpoint-dlp-getting-started.md#onboarding-devices). -1. Open the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +1. Open the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. 2. Open the Compliance Center settings page and choose Enable device monitoring. Once done and endpoint is onboarded, it should be visible under the Devices ### Viewing Endpoint DLP alerts in DLP Alerts Management dashboard -1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and choose Alerts. +1. Open the Data loss prevention page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and choose Alerts. 2. Refer to the procedures in [How to configure and view alerts for your DLP policies](dlp-configure-view-alerts-policies.md) to view alerts for your Endpoint DLP policies. ### Viewing Endpoint DLP data in activity explorer -1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft 365 Compliance center and choose Activity explorer. +1. Open the [Data classification page](https://compliance.microsoft.com/dataclassification?viewid=overview) for your domain in the Microsoft Purview compliance portal and choose Activity explorer. 2. Refer to the procedures in [Get started with Activity explorer](data-classification-activity-explorer.md) to access and filter all the data for your Endpoint devices.
compliance	Endpoint Dlp Learn About	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/endpoint-dlp-learn-about.md	Title: "Learn about Microsoft 365 Endpoint data loss prevention" + Title: "Learn about Endpoint data loss prevention" f1.keywords: - CSH - m365initiative-compliance search.appverid: - MET150 -description: "Microsoft 365 Endpoint data loss prevention extends monitoring of file activities and protective actions for those files to endpoints. Files are made visible in the Compliance solutions " +description: "Endpoint data loss prevention extends monitoring of file activities and protective actions for those files to endpoints. Files are made visible in the Compliance solutions " -# Learn about Microsoft 365 Endpoint data loss prevention +# Learn about Endpoint data loss prevention -You can use Microsoft 365 data loss prevention (DLP) to monitor the actions that are being taken on items you've determined to be sensitive and to help prevent the unintentional sharing of those items. For more information on DLP, see [Learn about data loss prevention](dlp-learn-about-dlp.md). -Endpoint data loss prevention (Endpoint DLP) extends the activity monitoring and protection capabilities of DLP to sensitive items that are physically stored on Windows 10, Windows 11, and macOS (Catalina 10.15 and higher) devices. Once devices are onboarded into the Microsoft 365 compliance solutions, the information about what users are doing with sensitive items is made visible in [activity explorer](data-classification-activity-explorer.md) and you can enforce protective actions on those items via [DLP policies](create-test-tune-dlp-policy.md). +You can use Microsoft Purview Data Loss Prevention (DLP) to monitor the actions that are being taken on items you've determined to be sensitive and to help prevent the unintentional sharing of those items. For more information on DLP, see [Learn about data loss prevention](dlp-learn-about-dlp.md). + +Endpoint data loss prevention (Endpoint DLP) extends the activity monitoring and protection capabilities of DLP to sensitive items that are physically stored on Windows 10, Windows 11, and macOS (Catalina 10.15 and higher) devices. Once devices are onboarded into the Microsoft Purview solutions, the information about what users are doing with sensitive items is made visible in [activity explorer](data-classification-activity-explorer.md) and you can enforce protective actions on those items via [DLP policies](create-test-tune-dlp-policy.md). > [!TIP] > If you are looking for device control for removable storage, see [Microsoft Defender for Endpoint Device Control Removable Storage Access Control](../security/defender-endpoint/device-control-removable-storage-access-control.md#microsoft-defender-for-endpoint-device-control-removable-storage-access-control). > [!NOTE] -> In Microsoft 365 Compliance, DLP policy evaluation of sensitive items occurs centrally, so there is no time lag for policies and policy updates to be distributed to individual devices. When a policy is updated in compliance center, it generally takes about an hour for those updates to be synchronized across the service. Once policy updates are synchronized, items on targeted devices are automatically re-evaluated the next time they are accessed or modified. +> In Microsoft Purview, DLP policy evaluation of sensitive items occurs centrally, so there is no time lag for policies and policy updates to be distributed to individual devices. When a policy is updated in compliance center, it generally takes about an hour for those updates to be synchronized across the service. Once policy updates are synchronized, items on targeted devices are automatically re-evaluated the next time they are accessed or modified. ## Endpoint activities you can monitor and take action on -Microsoft Endpoint DLP enables you to audit and manage the following types of activities users take on sensitive items that are physically stored Windows 10, Windows 11, or macOS devices. +Endpoint DLP enables you to audit and manage the following types of activities users take on sensitive items that are physically stored Windows 10, Windows 11, or macOS devices. -\|Activity \|Description \|Windows 10 1809 and later/ Windows 11\| macOS Catalina 10.15 (preview) \| Auditable/restrictable\| +\|Activity \|Description \|Windows 10 1809 and later/ Windows 11\| macOS Catalina 10.15\| Auditable/restrictable\| \|\|\|\|\|\| -\|upload to cloud service, or access by unallowed browsers \| Detects when a user attempts to upload an item to a restricted service domain or access an item through a browser. If they are using a browser that is listed in DLP as an unallowed browser, the upload activity will be blocked and the user is redirected to use Microsoft Edge . Microsoft Edge will then either allow or block the upload or access based on the DLP policy configuration \|supported \| supported\|auditable and restrictable\| +\|upload to cloud service, or access by unallowed browsers \| Detects when a user attempts to upload an item to a restricted service domain or access an item through a browser. If they are using a browser that is listed in DLP as an unallowed browser, the upload activity will be blocked and the user is redirected to use Microsoft Edge. Microsoft Edge will then either allow or block the upload or access based on the DLP policy configuration \|supported \| supported\|auditable and restrictable\| \|copy to other app \|Detects when a user attempts to copy information from a protected item and then paste it into another app, process or item. Copying and pasting information within the same app, process, or item is not detected by this activity.\|supported\|supported \| auditable and restrictable\| \|copy to USB removable media \|Detects when a user attempts to copy an item or information to removable media or USB device.\|supported\|supported \| auditable and restrictable\| \|copy to a network share \|Detects when a user attempts to copy an item to a network share or mapped network drive \|supported\|supported \|auditable and restrictable\| There are a few extra concepts that you need to be aware of before you dig into ### Enabling Device management -Device management is the functionality that enables the collection of telemetry from devices and brings it into Microsoft 365 compliance solutions like Endpoint DLP and [Insider Risk management](insider-risk-management.md). You'll need to onboard all devices you want to use as locations in DLP policies. +Device management is the functionality that enables the collection of telemetry from devices and brings it into Microsoft Purview solutions like Endpoint DLP and [insider risk management](insider-risk-management.md). You'll need to onboard all devices you want to use as locations in DLP policies. > [!div class="mx-imgBorder"] > ![enable device management.](../media/endpoint-dlp-learn-about-1-enable-device-management.png) For example, if a file is copied to removable USB media, you'd see these attribu Now that you've learned about Endpoint DLP, your next steps are: -1. [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](device-onboarding-overview.md) -1. [Onboard macOS devices into Microsoft 365 overview (preview)](device-onboarding-macos-overview.md) +1. [Onboard Windows 10 or Windows 11 devices into Microsoft Purview overview](device-onboarding-overview.md) +1. [Onboard macOS devices into Microsoft Purview overview](device-onboarding-macos-overview.md) 1. [Configure endpoint data loss prevention settings](dlp-configure-endpoint-settings.md) -1. [Using Microsoft Endpoint data loss prevention](endpoint-dlp-using.md) +1. [Using Endpoint data loss prevention](endpoint-dlp-using.md) ## See also Now that you've learned about Endpoint DLP, your next steps are: - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Get started with Activity explorer](data-classification-activity-explorer.md) - [Microsoft Defender for Endpoint](/windows/security/threat-protection/)-- [Insider Risk management](insider-risk-management.md) +- [Insider risk management](insider-risk-management.md)
compliance	Endpoint Dlp Using	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/endpoint-dlp-using.md	Title: "Using Endpoint data loss prevention" + Title: "Using Endpoint DLP" f1.keywords: - CSH - SPO_Content search.appverid: - MET150 -description: "Learn how to configure data loss prevention (DLP) policies to use Microsoft 365 Endpoint data loss prevention (EPDLP) locations." +description: "Learn how to configure data loss prevention (DLP) policies to use Endpoint data loss prevention locations." # Using Endpoint data loss prevention + To help familiarize you with Endpoint DLP features and how they surface in DLP policies, we've put together some scenarios for you to follow. > [!IMPORTANT] > These Endpoint DLP scenarios are not the official procedures for creating and tuning DLP policies. Refer to the below topics when you need to work with DLP policies in general situations: > ->- [Learn about data loss prevention](dlp-learn-about-dlp.md) +>- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) >- [Get started with the default DLP policy](get-started-with-the-default-dlp-policy.md) >- [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md) >- [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) This configuration will help ensure your data remains safe while also avoiding u - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Get started with Activity explorer](data-classification-activity-explorer.md) - [Microsoft Defender for Endpoint](/windows/security/threat-protection/)-- [Onboard Windows 10 and Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview) +- [Onboard Windows 10 and Windows 11 devices into Microsoft Purview overview](/microsoft-365/compliance/device-onboarding-overview) - [Microsoft 365 subscription](https://www.microsoft.com/microsoft-365/compare-microsoft-365-enterprise-plans?rtc=1) - [Azure Active Directory (AAD) joined](/azure/active-directory/devices/concept-azure-ad-join) - [Download the new Microsoft Edge based on Chromium](https://support.microsoft.com/help/4501095/download-the-new-microsoft-edge-based-on-chromium)
compliance	Error Remediation When Processing Data In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/error-remediation-when-processing-data-in-advanced-ediscovery.md	search.appverid: - MET150 ms.assetid: -description: Learn how to use error remediation to correct data issues in Advanced eDiscovery that might prevent proper processing of content. +description: Learn how to use error remediation to correct data issues in eDiscovery (Premium) that might prevent proper processing of content. # Error remediation when processing data -Error remediation allows eDiscovery administrators the ability to rectify data issues that prevent Advanced eDiscovery from properly processing the content. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, eDiscovery administrators can download files with such errors, remove the password protection, and then upload the remediated files. +Error remediation allows eDiscovery administrators the ability to rectify data issues that prevent Microsoft Purview eDiscovery (Premium) from properly processing the content. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, eDiscovery administrators can download files with such errors, remove the password protection, and then upload the remediated files. -Use the following workflow to remediate files with errors in Advanced eDiscovery cases. +Use the following workflow to remediate files with errors in eDiscovery (Premium) cases. ## Create an error remediation session to remediate files with processing errors > [!NOTE] > If the the error remediation wizard is closed at any time during the following procedure, you can return to the error remediation session from the Processing tab by selecting Remediations in the View drop-down menu. -1. On the Processing tab in the Advanced eDiscovery case, select Errors in the View drop-down menu and then select a review set or the entire case in the Scope drop-down menu. This section displays all errors from the case or error from a specific review set. +1. On the Processing tab in the eDiscovery (Premium) case, select Errors in the View drop-down menu and then select a review set or the entire case in the Scope drop-down menu. This section displays all errors from the case or error from a specific review set. ![Error remediation.](../media/8c2faf1a-834b-44fc-b418-6a18aed8b81a.png) Use the following workflow to remediate files with errors in Advanced eDiscovery ![Prepare for error remediation.](../media/f364ab4d-31c5-4375-b69f-650f694a2f69.png) > [!NOTE] - > You must use AzCopy v8.1 to successfully use the command that's provided on the Download files page. You also must use AzCopy v8.1 to upload the files in step 10. To install this version of AzCopy, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). If the supplied AzCopy command fails, please see [Troubleshoot AzCopy in Advanced eDiscovery](troubleshooting-azcopy.md). + > You must use AzCopy v8.1 to successfully use the command that's provided on the Download files page. You also must use AzCopy v8.1 to upload the files in step 10. To install this version of AzCopy, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). If the supplied AzCopy command fails, please see [Troubleshoot AzCopy in eDiscovery (Premium)](troubleshooting-azcopy.md). The files that you selected are downloaded to the location that you specified in step 5. In the parent folder (for example, C:\Remediation), the following subfolder structure is automatically created: Use the following workflow to remediate files with errors in Advanced eDiscovery 7. After downloading the files, you can remediate them with an appropriate tool. For password-protected files, there are several password cracking tools you can use. If you know the passwords for the files, you can open them and remove the password protection. -8. Return to Advanced eDiscovery and the error remediation wizard and then click Next: Upload files. This moves to the next page where you can now upload the files. +8. Return to eDiscovery (Premium) and the error remediation wizard and then click Next: Upload files. This moves to the next page where you can now upload the files. ![Upload Files.](../media/af3d8617-1bab-4ecd-8de0-22e53acba240.png) Use the following workflow to remediate files with errors in Advanced eDiscovery ## Remediating errors in container files -In situations when the contents of a container file (such as a .zip file) can't be extracted by Advanced eDiscovery, the containers can be downloaded and the contents expanded into the same folder in which the original container resides. The expanded files will be attributed to the parent container as if it was originally expanded by Advanced eDiscovery. The process works as described as above except for uploading a single file as the replacement file. When you upload remediated files, don't include the original container file. +In situations when the contents of a container file (such as a .zip file) can't be extracted by eDiscovery (Premium), the containers can be downloaded and the contents expanded into the same folder in which the original container resides. The expanded files will be attributed to the parent container as if it was originally expanded by eDiscovery (Premium). The process works as described as above except for uploading a single file as the replacement file. When you upload remediated files, don't include the original container file. ## Remediating errors by uploading the extracted text -Sometimes it's not possible to remediate a file to native format that Advanced eDiscovery can interpret. But you can replace the original file with a text file that contains the original text of the native file (in a process called text overlay). To do this, follow the steps described in this article but instead of remediating the original file in the native format, you would create a text file that contains the extracted text from the original file, and then upload the text file using the original filename appended with a .txt suffix. For example, you download a file during error remediation with the filename 335850cc-6602-4af0-acfa-1d14d9128ca2.abc. You open the file in the native application, copy the text, and then paste it into a new file named 335850cc-6602-4af0-acfa-1d14d9128ca2.abc.txt. When you do this, be sure to remove the original file in the native format from the remediated file location on your local computer before uploading the remediated text file to Advanced eDiscovery. +Sometimes it's not possible to remediate a file to native format that eDiscovery (Premium) can interpret. But you can replace the original file with a text file that contains the original text of the native file (in a process called text overlay). To do this, follow the steps described in this article but instead of remediating the original file in the native format, you would create a text file that contains the extracted text from the original file, and then upload the text file using the original filename appended with a .txt suffix. For example, you download a file during error remediation with the filename 335850cc-6602-4af0-acfa-1d14d9128ca2.abc. You open the file in the native application, copy the text, and then paste it into a new file named 335850cc-6602-4af0-acfa-1d14d9128ca2.abc.txt. When you do this, be sure to remove the original file in the native format from the remediated file location on your local computer before uploading the remediated text file to eDiscovery (Premium). ## What happens when files are remediated When remediated files are uploaded, the original metadata is preserved except fo - WordCount - WorkingsetId -For a definition of all metadata fields in Advanced eDiscovery, see [Document metadata fields](document-metadata-fields-in-advanced-ediscovery.md). +For a definition of all metadata fields in eDiscovery (Premium), see [Document metadata fields](document-metadata-fields-in-advanced-ediscovery.md).
compliance	Event Driven Retention	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/event-driven-retention.md	description: Typically part of a records management solution, you can configure # Start retention when an event occurs + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). When you retain content, the retention period is often based on the age of the content. For example, you might retain documents for seven years after they're created and then delete them. But when you configure [retention labels](retention.md#retention-labels), you can also base a retention period on when a specific type of event occurs. The event triggers the start of the retention period, and all content with a retention label applied for that type of event get the label's retention actions enforced on them. High-level workflow for event-driven retention: ### Step 1: Create a label whose retention period is based on an event -To create and configure your retention label, see the instructions for [Create retention labels](file-plan-manager.md#create-retention-labels) for records management, or [How to create retention labels for information governance](create-retention-labels-information-governance.md). But specific to event-based retention, on the Define retention settings page when you create the retention label, after Start the retention period based on, select one of the default event types from the dropdown list, or create your own by selecting Create new event type: +To create and configure your retention label, see the instructions for [Create retention labels](file-plan-manager.md#create-retention-labels) for records management, or [How to create retention labels for data lifecycle management](create-retention-labels-data-lifecycle-management.md). But specific to event-based retention, on the Define retention settings page when you create the retention label, after Start the retention period based on, select one of the default event types from the dropdown list, or create your own by selecting Create new event type: ![Create a new event type for a retention label.](../media/SPRetention6.png) Asset ID is simply another document property that's available in SharePoint and ### Step 5: Create an event -When a particular instance of that event type occurs, such as a product reaches its end of life, go to the Records management > Events page in the Microsoft 365 compliance center, and select + Create to create an event. You trigger the event by creating it, here. +When a particular instance of that event type occurs, such as a product reaches its end of life, go to the Records management > Events page in the Microsoft Purview compliance portal, and select + Create to create an event. You trigger the event by creating it, here. ![Create an event to trigger start of retention for event-based retention labels.](../media/create-event-records-management.png) https://ps.compliance.protection.outlook.com/psws/service.svc/ComplianceRetentio Check the response code. If it's 302, get the redirected URL from the Location property of the response header and use that URL instead of `https://ps.compliance.protection.outlook.com/psws/service.svc/ComplianceRetentionEvent` in the instructions that follow. -The events that get automatically created can be confirmed by viewing them in the Microsoft 365 compliance center > Records management > Events. +The events that get automatically created can be confirmed by viewing them in the Microsoft Purview compliance portal > Records management > Events. ### Use Microsoft Power Automate to create the event
compliance	Exchange Online Secures Email Secrets	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/exchange-online-secures-email-secrets.md	description: "In addition to the Office 365 Trust Center that provides Security, # How Exchange Online secures your email secrets + This article describes how Microsoft secures your email secrets in its datacenters. ## How do we secure secret information provided by you?
compliance	Exchange Online Uses Tls To Secure Email Connections	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/exchange-online-uses-tls-to-secure-email-connections.md	Title: "How Exchange Online uses Transport Layer Security (TLS) to secure email connections" + Title: "How Exchange Online uses TLS to secure email connections" f1.keywords: - NOCSH description: "Learn how Exchange Online and Microsoft 365 use Transport Layer Se # How Exchange Online uses TLS to secure email connections + Learn how Exchange Online and Microsoft 365 use Transport Layer Security (TLS) and Forward Secrecy (FS) to secure email communications. Also provides information about the certificate issued by Microsoft for Exchange Online. ## TLS basics for Microsoft 365 and Exchange Online Transport Layer Security (TLS), and SSL that came before TLS, are cryptographic protocols that secure communication over a network by using security certificates to encrypt a connection between computers. TLS supersedes Secure Sockets Layer (SSL) and is often referred to as SSL 3.1. Exchange Online uses TLS to encrypt the connections between Exchange servers and the connections between Exchange servers and other servers such as your on-premises Exchange servers or your recipients' mail servers. Once the connection is encrypted, all data sent through that connection is sent through the encrypted channel. However, if you forward a message that was sent through a TLS-encrypted connection, that message isn't necessarily encrypted. TLS doesn't encrypt the message, just the connection. -If you want to encrypt the message, use an encryption technology that encrypts the message contents. For example, you can use Office Message Encryption or S/MIME. See [Email encryption in Office 365](email-encryption.md) and [Office 365 Message Encryption (OME)](ome.md) for information on message encryption in Office 365. +If you want to encrypt the message, use an encryption technology that encrypts the message contents. For example, you can use Microsoft Purview Message Encryption or S/MIME. See [Email encryption in Office 365](email-encryption.md) and [Message encryption](ome.md) for information on message encryption in Office 365. Use TLS in situations where you want to set up a secure channel of correspondence between Microsoft and your on-premises organization or another organization, such as a partner. Exchange Online always attempts to use TLS first to secure your email but can't if the other party does not offer TLS security. Keep reading to find out how you can secure all mail to your on-premises servers or important partners by using connectors.
compliance	Export A Content Search Report	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-a-content-search-report.md	search.appverid: - MBS150 - MET150 ms.assetid: 5c8c1db6-d8ac-4dbb-8a7a-f65d452169b9 -description: "Instead of exporting the actual results of a Content search in the Microsoft 365 compliance center, you can export a search results report. The report contains a summary of the search results and a document with detailed information about each item that would be exported." +description: "Instead of exporting the actual results of a Content search in the Microsoft Purview compliance portal, you can export a search results report. The report contains a summary of the search results and a document with detailed information about each item that would be exported." # Export a Content search report -Instead of exporting the full set of search results from a Content search in the Microsoft 365 compliance center (or from a search that's associated with a Core eDiscovery case), you can export the same reports that are generated when you export the actual search results. +Instead of exporting the full set of search results from a Content search in the Microsoft Purview compliance portal (or from a search that's associated with a Microsoft Purview eDiscovery (Standard) case), you can export the same reports that are generated when you export the actual search results. When you export a report, the report files are downloaded to a folder on your local computer that has the same name as the Content Search, but that's appended with _ReportsOnly. For example, if the Content Search is named ContosoCase0815, then the report is downloaded to a folder named ContosoCase0815_ReportsOnly. For a list of documents that are included in the report, see [What's included in the report](#whats-included-in-the-report). ## Before you export a search report -- To export a search report, you have to be assigned the Compliance Search management role in Microsoft 365 compliance center. This role is assigned by default to the built-in eDiscovery Manager and Organization Management role groups. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- To export a search report, you have to be assigned the Compliance Search management role in compliance portal. This role is assigned by default to the built-in eDiscovery Manager and Organization Management role groups. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). - When you export a report, the data is temporarily stored in an Azure Storage location in the Microsoft cloud before it's downloaded to your local computer. Be sure that your organization can connect to the endpoint in Azure, which is *\.blob.core.windows.net (the wildcard represents a unique identifier for your export). The search results data is deleted from the Azure Storage location two weeks after it's created. When you export a report, the report files are downloaded to a folder on your lo The first step is to prepare the report for downloading to your computer exporting. When you export the report, the report documents are uploaded to an Azure Storage area in the Microsoft cloud. -1. In the Microsoft 365 compliance center, select the Content search that you want to export the report from. +1. In the compliance portal, select the Content search that you want to export the report from. 2. On the Actions menu at the bottom of the search flyout page, click Export report. The next step is to download the report from the Azure Storage area to your loca > [!NOTE] > The exported search report must be downloaded within 14 days after you generated the report in Step 1. -1. On the Content search page in the Microsoft 365 compliance center, select the Exports tab +1. On the Content search page in the compliance portal, select the Exports tab You may have to click Refresh to update the list of export jobs so that it shows the export job you created. Export report jobs have the same name as the corresponding search with _ReportsOnly** appended to the search name.
compliance	Export Content In Core Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-content-in-core-ediscovery.md	Title: "Export and download content from a Core eDiscovery case" + Title: "Export and download content from a eDiscovery (Standard) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Describes how to export and download content from a Core eDiscovery case in Microsoft 365." +description: "Describes how to export and download content from a eDiscovery (Standard) case in Microsoft 365." -# Export content from a Core eDiscovery case +# Export content from a eDiscovery (Standard) case -After a search associated with a Core eDiscovery case is successfully run, you can export the search results. When you export search results, mailbox items are downloaded in PST files or as individual messages. When you export content from SharePoint and OneDrive for Business sites, copies of native Office documents and other documents are exported. A Results.csv file that contains information about every item that's exported and a manifest file (in XML format) that contains information about every search result is also exported. +After a search associated with a Microsoft Purview eDiscovery (Standard) case is successfully run, you can export the search results. When you export search results, mailbox items are downloaded in PST files or as individual messages. When you export content from SharePoint and OneDrive for Business sites, copies of native Office documents and other documents are exported. A Results.csv file that contains information about every item that's exported and a manifest file (in XML format) that contains information about every search result is also exported. ## Export search results -1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for user account that has been assigned the appropriate eDiscovery permissions. +1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in using the credentials for user account that has been assigned the appropriate eDiscovery permissions. -2. In the left navigation pane of the Microsoft 365 compliance center, select Show all, and then select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>. +2. In the left navigation pane of the compliance portal, select Show all, and then select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>. -3. On the Core eDiscovery page, click the name of the case that you want to create the hold in. +3. On the eDiscovery (Standard) page, click the name of the case that you want to create the hold in. 4. On the Home page for the case, click the Searches tab. After a search associated with a Core eDiscovery case is successfully run, you c ![Export results option in Actions menu.](../media/ActionMenuExportResults.png) - The workflow to export the results of a search associated with a Core eDiscovery case is that same as exporting the search results for a search on the Content search page. For step-by-step instructions, see [Export content search results](export-search-results.md). + The workflow to export the results of a search associated with a eDiscovery (Standard) case is that same as exporting the search results for a search on the Content search page. For step-by-step instructions, see [Export content search results](export-search-results.md). > [!NOTE] > When you export search results, you have the option to enable de-duplication so that only one copy of an email message is exported even though multiple instances of the same message might have been found in the mailboxes that were searched. For more information about de-duplication and how duplicate items are identified, see [De-duplication in eDiscovery search results](de-duplication-in-ediscovery-search-results.md). After a search associated with a Core eDiscovery case is successfully run, you c 6. Click the Exports tab in the case to display the list of export jobs. - ![Export jobs on the Export tab in Core eDiscovery case.](../media/CoreeDiscoveryExport.png) + ![Export jobs on the Export tab in eDiscovery (Standard) case.](../media/CoreeDiscoveryExport.png) You may have to click Refresh to update the list of export jobs so that it shows the export job you created. Export jobs have the same name as the corresponding search with _Export appended to the search name.
compliance	Export Documents From Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-documents-from-review-set.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to select and export content from an Advanced eDiscovery review set for presentations or external reviews." +description: "Learn how to select and export content from an eDiscovery (Premium) review set for presentations or external reviews." -# Export documents from a review set in Advanced eDiscovery +# Export documents from a review set in eDiscovery (Premium) -Export allows users to customize the content that is included in the download package when you export document from a review set in Advanced eDiscovery. +Export allows users to customize the content that is included in the download package when you export document from a review set in eDiscovery (Premium). To export documents from a review set: -1. In the Microsoft 365 compliance center, open the Advanced eDiscovery case, select the Review sets tab, and then select the review set that you want to export. +1. In the Microsoft Purview compliance portal, open the eDiscovery (Premium) case, select the Review sets tab, and then select the review set that you want to export. 2. In the review set, click Action > Export.
compliance	Export Search Results	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-search-results.md	search.appverid: - MED150 - MET150 ms.assetid: ed48d448-3714-4c42-85f5-10f75f6a4278 -description: "Export the search results from a Content search in the Microsoft 365 compliance center to a local computer. Email results are exported as PST files. Content from SharePoint and OneDrive for Business sites are exported as native Office documents." +description: "Export the search results from a Content search in the Microsoft Purview compliance portal to a local computer. Email results are exported as PST files. Content from SharePoint and OneDrive for Business sites are exported as native Office documents." After a Content search is successfully run, you can export the search results to a local computer. When you export email results, they're downloaded to your computer as PST files. When you export content from SharePoint and OneDrive for Business sites, copies of native Office documents are exported. There are other documents and reports included with the exported search results. -Exporting the results of a Content search involves preparing the results, and then downloading them to a local computer. These steps for exporting search results also apply to exporting the results of a search that's associated with Core eDiscovery cases. +Exporting the results of a Content search involves preparing the results, and then downloading them to a local computer. These steps for exporting search results also apply to exporting the results of a search that's associated with Microsoft Purview eDiscovery (Standard) cases. ## Before you export search results -- To export search results, you have to be assigned the Export management role in Microsoft 365 compliance center. This role is assigned to the built-in eDiscovery Manager role group. It isn't assigned by default to the Organization Management role group. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- To export search results, you have to be assigned the Export management role in Microsoft Purview compliance portal. This role is assigned to the built-in eDiscovery Manager role group. It isn't assigned by default to the Organization Management role group. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). - The computer you use to export the search results has to meet the following system requirements: Exporting the results of a Content search involves preparing the results, and th The first step is to prepare the search results for exporting. When you prepare results, they are uploaded to a Microsoft-provided Azure Storage location in the Microsoft cloud. Content from mailboxes and sites is uploaded at a maximum rate of 2 GB per hour. -1. In the Microsoft 365 compliance center, select the content search that you want to export results from. +1. In the compliance portal, select the content search that you want to export results from. 2. On the Actions menu at the bottom of the flyout page, click Export results. The next step is to download the search results from the Azure Storage location > [!NOTE] > The exported search results must be downloaded within 14 days after you created the export job in Step 1. -1. On the Content search page in the Microsoft 365 compliance center, select the Exports tab +1. On the Content search page in the compliance portal, select the Exports tab You may have to click Refresh to update the list of export jobs so that it shows the export job you created. Export jobs have the same name as the corresponding search with _Export appended to the search name. For information about limits when exporting content search results, see the "Exp - If you're exporting mailbox items from a content search that returns all mailbox items in the search results (because no keywords where included in the search query), partially indexed items won't be copied to the PST file that contains the unindexed items. This is because all items, including any partially indexed items, are automatically included in the regular search results. This means that partially indexed items will be included in a PST file (or as individual messages) that contains the other, indexed items. - If you export both the indexed and partially indexed items or if you export only the indexed items from a content search that returns all items, the same number of items will be downloaded. This happens even though the estimated search results for the content search (displayed in the search statistics in the Microsoft 365 compliance center) will still include a separate estimate for the number of partially indexed items. For example, let's say that the estimate for a search that includes all items (no keywords in the search query) shows that 1,000 items were found and that 200 partially indexed items were also found. In this case, the 1,000 items include the partially indexed items because the search returns all items. In other words, there are 1,000 total items returned by the search, and not 1,200 items (as you might expect). If you export the results of this search and choose to export indexed and partially indexed items (or export only partially indexed items), then 1,000 items will be downloaded. Again, that's because partially indexed items are included with the regular (indexed) results when you use a blank search query to return all items. In this same example, if you choose to export only partially indexed items, then only the 200 unindexed items would be downloaded. + If you export both the indexed and partially indexed items or if you export only the indexed items from a content search that returns all items, the same number of items will be downloaded. This happens even though the estimated search results for the content search (displayed in the search statistics in the compliance portal) will still include a separate estimate for the number of partially indexed items. For example, let's say that the estimate for a search that includes all items (no keywords in the search query) shows that 1,000 items were found and that 200 partially indexed items were also found. In this case, the 1,000 items include the partially indexed items because the search returns all items. In other words, there are 1,000 total items returned by the search, and not 1,200 items (as you might expect). If you export the results of this search and choose to export indexed and partially indexed items (or export only partially indexed items), then 1,000 items will be downloaded. Again, that's because partially indexed items are included with the regular (indexed) results when you use a blank search query to return all items. In this same example, if you choose to export only partially indexed items, then only the 200 unindexed items would be downloaded. Also note that in the previous example (when you export indexed and partially indexed items or you export only indexed items), the Export Summary report included with the exported search results would list 1,000 items estimated items and 1,000 downloaded items for the same reasons as previously described.
compliance	Export View Audit Log Records	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-view-audit-log-records.md	The next step is to use the JSON transform feature in the Power Query Editor in ## Use PowerShell to search and export audit log records -Instead of using the audit log search tool in the Microsoft 365 compliance center, you can use the [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) cmdlet in Exchange Online PowerShell to export the results of an audit log search to a CSV file. Then you can follow the same procedure described in Step 2 to format the audit log using the Power Query editor. One advantage of using the PowerShell cmdlet is that you can search for events from a specific service by using the RecordType parameter. Here are few examples of using PowerShell to export audit records to a CSV file so you can use the Power Query editor to transform the JSON object in the AuditData column as described in Step 2. +Instead of using the audit log search tool in the Microsoft Purview compliance portal, you can use the [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog) cmdlet in Exchange Online PowerShell to export the results of an audit log search to a CSV file. Then you can follow the same procedure described in Step 2 to format the audit log using the Power Query editor. One advantage of using the PowerShell cmdlet is that you can search for events from a specific service by using the RecordType parameter. Here are few examples of using PowerShell to export audit records to a CSV file so you can use the Power Query editor to transform the JSON object in the AuditData column as described in Step 2. In this example, run the following commands to return all records related to SharePoint sharing operations. Here are some tips and examples of exporting and viewing the audit log before an - Filter the RecordType column to display only the records from a specific service or functional area. For example, to show events related to SharePoint sharing, you would select 14 (the enum value for records triggered by SharePoint sharing activities). For a list of the services that correspond to the enum values displayed in the RecordType column, see [Detailed properties in the audit log](detailed-properties-in-the-office-365-audit-log.md). -- Filter the Operations column to display the records for specific activities. For a list of most operations that correspond to a searchable activity in the audit log search tool in the Microsoft 365 compliance center, see the "Audited activities" section in [Search the audit log](search-the-audit-log-in-security-and-compliance.md#audited-activities). +- Filter the Operations column to display the records for specific activities. For a list of most operations that correspond to a searchable activity in the audit log search tool in the compliance portal, see the "Audited activities" section in [Search the audit log](search-the-audit-log-in-security-and-compliance.md#audited-activities).
compliance	Exporting Data Ediscover20	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/exporting-data-ediscover20.md	Title: "Export case data in Advanced eDiscovery" + Title: "Export case data in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to export or download content from a review set for presentations or external reviews in an Advanced eDiscovery case." +description: "Learn how to export or download content from a review set for presentations or external reviews in an eDiscovery (Premium) case." -# Export case data in Advanced eDiscovery +# Export case data in eDiscovery (Premium) There are three ways to export data from a review set:
compliance	File Plan Manager	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/file-plan-manager.md	Title: Use file plan to manage retention labels throughout the content lifecycle + Title: Use file plan to manage retention labels f1.keywords: - NOCSH # Use file plan to create and manage retention labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Although you can create and manage retention labels from Information governance in the Microsoft 365 compliance center, file plan from Records management has additional management capabilities: +Although you can create and manage retention labels from Data lifecycle management in the Microsoft Purview compliance portal, file plan from Records management has additional management capabilities: - You can bulk-create retention labels by importing the relevant information from a spreadsheet. To access file plan, you must have one of the following admin roles: - View-only Retention Manager -In the Microsoft 365 compliance center, go to Solutions > Records management > File plan: +In the Microsoft Purview compliance portal, go to Solutions > Records management > File plan: ![File plan page](../media/compliance-file-plan.png). If Records management doesn't display in the navigation pane, first scroll d ## Navigating your file plan -If you've already created retention labels from Information governance in the Microsoft 365 compliance center, these labels automatically display in your file plan. +If you've already created retention labels from Data lifecycle management in the Microsoft Purview compliance portal, these labels automatically display in your file plan. -Similarly, if you now create retention labels in file plan, they are also available from Information governance if the labels aren't configured to mark content as a record. +Similarly, if you now create retention labels in file plan, they are also available from Data lifecycle management if the labels aren't configured to mark content as a record. On the File plan page, you see all your labels with their status and settings, optional file plan descriptors, an export option to analyze or enable offline reviews of your labels, and an import option to create retention labels. Use the following information to help you fill out the downloaded template to im \|Property\|Type\|Required\|Valid values\| \|:--\|:--\|:--\|:--\| \|LabelName\|String\|Yes\|This property specifies the name of the retention label and must be unique in your tenant. Supported characters for import: a-z, A-Z, 0-9, hyphen (-) and the space character.\| -\|Comment\|String\|No\|Use this property to add a description about the retention label for admins. This description appears only to admins who manage the retention label in the compliance center.\| +\|Comment\|String\|No\|Use this property to add a description about the retention label for admins. This description appears only to admins who manage the retention label in the Microsoft Purview compliance portal.\| \|Notes\|String\|No\|Use this property to add a description about the retention label for users. This description appears when users hover over the label in apps like Outlook, SharePoint, and OneDrive. If you leave this property blank, a default description is displayed, which explains the label's retention settings. \| \|IsRecordLabel\|String\|No, unless Regulatory is TRUE\|This property specifies whether the label marks the content as a record. Valid values are: </br>TRUE: The label marks the item as a record and as a result, the item can't be deleted. </br>FALSE: The label doesn't mark the content as a record. This is the default value. </br> </br> Group dependencies: When this property is specified, RetentionAction, RetentionDuration, and RetentionType must also be specified.\| \|RetentionAction\|String\|No, unless RetentionDuration, RetentionType, or ReviewerEmail are specified\|This property specifies what action to take after the value specified by the RetentionDuration property (if specified) expires. Valid values are: </br>Delete: Items older than the value specified by the RetentionDuration property are deleted.</br>Keep: Retain items for the duration specified by the RetentionDuration property and then do nothing when the duration period expires. </br>KeepAndDelete: Retain items for the duration specified by the RetentionDuration property and then delete them when the duration period expires. </br> </br> Group dependencies: When this property is specified, RetentionDuration and RetentionType must also be specified. \| Label settings not currently supported for import: Now you've created retention labels, they are ready to be added to items by publishing the labels, or automatically applying them: - [Publish retention labels and apply them in apps](create-apply-retention-labels.md)-- [Apply a retention label to content automatically](apply-retention-labels-automatically.md) +- [Apply a retention label to content automatically](apply-retention-labels-automatically.md)
compliance	Filter Data When Importing Pst Files	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/filter-data-when-importing-pst-files.md	The following graphic shows the Intelligent Import process, and highlights the t After you've created a PST import job, follow these steps to filter the data before you import it to Office 365. -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for an administrator account in your organization. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> and sign in using the credentials for an administrator account in your organization. -2. In the left pane of the Microsoft 365 compliance center, click Information governance \> Import. +2. In the left pane of the compliance portal, click Information governance \> Import. The import jobs for your organization are listed on the Import tab. The Analysis completed value in the Status column indicates the import jobs that have been analyzed by Microsoft 365 and are ready for you to import.
compliance	Form A Query To Find Sensitive Data Stored On Sites	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/form-a-query-to-find-sensitive-data-stored-on-sites.md	description: Use data loss prevention (DLP) in SharePoint Online to discover doc # Form a query to find sensitive data stored on sites -Users often store sensitive data, such as credit card numbers, social security numbers, or personal, on their sites, and over time this can expose an organization to significant risk of data loss. Documents stored on sitesΓÇöincluding OneDrive for Business sitesΓÇöcould be shared with people outside the organization who shouldn't have access to the information. With data loss prevention (DLP) in SharePoint Online, you can discover documents that contain sensitive data throughout your tenant. After discovering the documents, you can work with the document owners to protect the data. This topic can help you form a query to search for sensitive data. + +Users often store sensitive data, such as credit card numbers, social security numbers, or personal, on their sites, and over time this can expose an organization to significant risk of data loss. Documents stored on sitesΓÇöincluding OneDrive for Business sitesΓÇöcould be shared with people outside the organization who shouldn't have access to the information. With Microsoft Purview Data Loss Prevention (DLP) in SharePoint Online, you can discover documents that contain sensitive data throughout your tenant. After discovering the documents, you can work with the document owners to protect the data. This topic can help you form a query to search for sensitive data. > [!NOTE] > Electronic discovery, or eDiscovery, and DLP are premium features that require [SharePoint Online Plan 2](https://go.microsoft.com/fwlink/?LinkId=510080).
compliance	Get Started Core Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-core-ediscovery.md	Title: "Get started with Core eDiscovery cases in Microsoft 365" + Title: "Get started with eDiscovery (Standard) cases in Microsoft Purview" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Describes how to get started using Core eDiscovery in Microsoft 365. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export content that's relevant to your investigation." +description: "Describes how to get started using eDiscovery (Standard) in Microsoft Purview. After you assign eDiscovery permissions and create a case, you can add members, create eDiscovery holds, and then search for and export content that's relevant to your investigation." -# Get started with Core eDiscovery in Microsoft 365 +# Get started with eDiscovery (Standard) in Microsoft Purview -Core eDiscovery in Microsoft 365 provides a basic eDiscovery tool that organizations can use to search and export content in Microsoft 365 and Office 365. You can also use Core eDiscovery to place an eDiscovery hold on content locations, such as Exchange mailboxes, SharePoint sites, OneDrive accounts, and Microsoft Teams. Nothing is needed to deploy Core eDiscovery, but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start using Core eDiscovery to search, export, and preserve content. +Microsoft Purview eDiscovery (Standard) in Microsoft Purview provides a basic eDiscovery tool that organizations can use to search and export content in Microsoft 365 and Office 365. You can also use eDiscovery (Standard) to place an eDiscovery hold on content locations, such as Exchange mailboxes, SharePoint sites, OneDrive accounts, and Microsoft Teams. Nothing is needed to deploy eDiscovery (Standard), but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start using eDiscovery (Standard) to search, export, and preserve content. -This article discusses the steps necessary to set up Core eDiscovery. This includes ensuring the proper licensing required to access Core eDiscovery and place an eDiscovery hold on content locations, as well as assigning permissions to your IT, legal, and investigation team so they can access and manage cases. This article also provides a high-level overview of using cases to search for and export content. +This article discusses the steps necessary to set up eDiscovery (Standard). This includes ensuring the proper licensing required to access eDiscovery (Standard) and place an eDiscovery hold on content locations, as well as assigning permissions to your IT, legal, and investigation team so they can access and manage cases. This article also provides a high-level overview of using cases to search for and export content. ## Step 1: Verify and assign appropriate licenses -Licensing for Core eDiscovery requires the appropriate organization subscription and per-user licensing. +Licensing for eDiscovery (Standard) requires the appropriate organization subscription and per-user licensing. -- Organization subscription: To access Core eDiscovery in the Microsoft 365 compliance center and use the hold and export features, your organization must have a Microsoft 365 E3 or Office 365 E3 subscription or higher. Microsoft 365 Frontline organizations must have an F5 subscription. +- Organization subscription: To access eDiscovery (Standard) in the Microsoft Purview compliance portal and use the hold and export features, your organization must have a Microsoft 365 E3 or Office 365 E3 subscription or higher. Microsoft 365 Frontline organizations must have an F5 subscription. - Per-user licensing: To place an eDiscovery hold on mailboxes and sites, users must be assigned one of the following licenses, depending on your organization subscription: For information and guidance on security and compliance: ## Step 2: Assign eDiscovery permissions -To access Core eDiscovery or be added as a member of a Core eDiscovery case, a user must be assigned the appropriate permissions. Specifically, a user must be added as a member of the eDiscovery Manager role group in the Microsoft 365 compliance center. Members of this role group can create and manage Core eDiscovery cases. They can add and remove members, place an eDiscovery hold on users, create and edit searches, and export content from a Core eDiscovery case. +To access eDiscovery (Standard) or be added as a member of a eDiscovery (Standard) case, a user must be assigned the appropriate permissions. Specifically, a user must be added as a member of the eDiscovery Manager role group in the compliance portal. Members of this role group can create and manage eDiscovery (Standard) cases. They can add and remove members, place an eDiscovery hold on users, create and edit searches, and export content from a eDiscovery (Standard) case. Complete the following steps to add users to the eDiscovery Manager role group: -1. Go to the Microsoft 365 compliance center and sign in using the credentials for an admin account in your Microsoft 365 or Office 365 organization. +1. Go to the compliance portal and sign in using the credentials for an admin account in your Microsoft 365 or Office 365 organization. 2. On the <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> page, select the eDiscovery Manager role group. Complete the following steps to add users to the eDiscovery Manager role group: There are two subgroups in the eDiscovery Manager role group. The difference between these subgroups is based on scope. -- eDiscovery Manager: Can view and manage the Core eDiscovery cases they create or are a member of. If another eDiscovery Manager creates a case but doesn't add a second eDiscovery Manager as a member of that case, the second eDiscovery Manager won't be able to view or open the case on the Core eDiscovery page in the compliance center. In general, most people in your organization can be added to the eDiscovery Manager subgroup. +- eDiscovery Manager: Can view and manage the eDiscovery (Standard) cases they create or are a member of. If another eDiscovery Manager creates a case but doesn't add a second eDiscovery Manager as a member of that case, the second eDiscovery Manager won't be able to view or open the case on the eDiscovery (Standard) page in the compliance center. In general, most people in your organization can be added to the eDiscovery Manager subgroup. - eDiscovery Administrator: Can perform all case management tasks that an eDiscovery Manager can do. Additionally, an eDiscovery Administrator can: - - View all cases that are listed on the Core eDiscovery page. + - View all cases that are listed on the eDiscovery (Standard) page. - Manage any case in the organization after they add themselves as a member of the case. There are two subgroups in the eDiscovery Manager role group. The difference bet For more information about eDiscovery permissions and a description of each role that's assigned to the eDiscovery Manager role group, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). -## Step 3: Create a Core eDiscovery case +## Step 3: Create a eDiscovery (Standard) case -The next step is to create a case and start using Core eDiscovery. Complete the following steps to create a case and add members. The user who creates the case is automatically added as a member. +The next step is to create a case and start using eDiscovery (Standard). Complete the following steps to create a case and add members. The user who creates the case is automatically added as a member. -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> and sign in using the credentials for a user account that has been assigned the appropriate eDiscovery permissions. Members of the Organization Management role group can also create Core eDiscovery cases. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a> and sign in using the credentials for a user account that has been assigned the appropriate eDiscovery permissions. Members of the Organization Management role group can also create eDiscovery (Standard) cases. -2. In the left navigation pane of the Microsoft 365 compliance center, click Show all, and then click eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>. +2. In the left navigation pane of the compliance portal, click Show all, and then click eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>. -3. On the Core eDiscovery page, click Create a case. +3. On the eDiscovery (Standard) page, click Create a case. 4. On the New case flyout page, give the case a name (required) and then type an optional description. The case name must be unique in your organization. 5. Click Save to create the case. - The new case is created and displayed on the Core eDiscovery page. You may have to click Refresh to display the new case. + The new case is created and displayed on the eDiscovery (Standard) page. You may have to click Refresh to display the new case. -## Step 4 (optional): Add members to a Core eDiscovery case +## Step 4 (optional): Add members to a eDiscovery (Standard) case If you create a case in Step 3 and you're the only person who will use the case, then you don't have to perform this step. You can start using the case to create eDiscovery holds, search for content, and export search results. Perform this step if you want to give other users (or roles group) access to the case. -1. On the Core eDiscovery page in the Microsoft 365 compliance center, click the name of the case that you want to add members to. +1. On the eDiscovery (Standard) page in the compliance portal, click the name of the case that you want to add members to. 2. On the case home page, select the Settings tab, and then select Access & permissions. If you create a case in Step 3 and you're the only person who will use the case, >- As previously explained, only an eDiscovery Administrator can remove members from a case. Users who are members of the eDiscovery Manager subgroup can't remove members from a case, even if the user created the case. > -## Explore the Core eDiscovery workflow +## Explore the eDiscovery (Standard) workflow -To get you started using core eDiscovery, here's a simple workflow of creating eDiscovery holds for people of interest, searching for content that relevant to your investigation, and then exporting that data for further review. In each of these steps, we'll also highlight some extended Core eDiscovery functionality that you can explore. +To get you started using eDiscovery (Standard), here's a simple workflow of creating eDiscovery holds for people of interest, searching for content that relevant to your investigation, and then exporting that data for further review. In each of these steps, we'll also highlight some extended eDiscovery (Standard) functionality that you can explore. -![Core eDiscovery workflow.](../media/CoreEdiscoveryWorkflow.png) +![eDiscovery (Standard) workflow.](../media/CoreEdiscoveryWorkflow.png) 1. [Create an eDiscovery hold](create-ediscovery-holds.md). The first step after creating a case is placing a hold (also called an eDiscovery hold) on the content locations of the people of interest in your investigation. Content locations include Exchange mailboxes, SharePoint sites, OneDrive accounts, and the mailboxes and sites associated with Microsoft Teams and Microsoft 365 Groups. While this step is optional, creating an eDiscovery hold preserves content that may be relevant to the case during the investigation. When you create an eDiscovery hold you can preserve all content in specific content locations or you can create a query-based hold to preserve only the content that matches a hold query. In addition to preserving content, another good reason to create eDiscovery holds is to quickly search the content locations on hold (instead of having to select each location to search) when you create and run searches in the next step. After you complete your investigation, you can release any hold that you created.
compliance	Get Started With Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-advanced-ediscovery.md	Title: "Set up Advanced eDiscovery in Microsoft 365" + Title: "Set up eDiscovery (Premium) in Microsoft Purview" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "This article describes how to set up Advanced eDiscovery so you can start creating and managing cases. It also describes the required Microsoft subscriptions and licensing. After you complete a few quick steps, the Advanced eDiscovery tool is ready to use." +description: "This article describes how to set up eDiscovery (Premium) so you can start creating and managing cases. It also describes the required Microsoft subscriptions and licensing. After you complete a few quick steps, the eDiscovery (Premium) tool is ready to use." -# Set up Microsoft 365 Advanced eDiscovery +# Set up Microsoft Purview eDiscovery (Premium) -Advanced eDiscovery in Microsoft 365 provides an end-to-end workflow to preserve, collect, review, analyze, and export data that's responsive to your organization's internal and external investigations. Nothing is needed to deploy Advanced eDiscovery, but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start to create and use Advanced eDiscovery cases to manage your investigations. +Microsoft Purview eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, review, analyze, and export data that's responsive to your organization's internal and external investigations. Nothing is needed to deploy eDiscovery (Premium), but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start to create and use eDiscovery (Premium) cases to manage your investigations. -This article discusses the following steps necessary to set up Advanced eDiscovery. +This article discusses the following steps necessary to set up eDiscovery (Premium). -![Steps to set up Advanced eDiscovery.](../media/set-up-advanced-ediscovery.png) +![Steps to set up eDiscovery (Premium).](../media/set-up-advanced-ediscovery.png) -This includes ensuring the proper licensing required to access Advanced eDiscovery and add custodians to cases, and assigning permissions to your legal and investigation team so they can access and manage cases. +This includes ensuring the proper licensing required to access eDiscovery (Premium) and add custodians to cases, and assigning permissions to your legal and investigation team so they can access and manage cases. ## Step 1: Verify and assign appropriate licenses -Licensing for Advanced eDiscovery requires the appropriate organization subscription and per-user licensing. For a list of licensing requirements for Advanced eDiscovery, see [Subscriptions and licensing](overview-ediscovery-20.md#subscriptions-and-licensing). +Licensing for eDiscovery (Premium) requires the appropriate organization subscription and per-user licensing. For a list of licensing requirements for eDiscovery (Premium), see [Subscriptions and licensing](overview-ediscovery-20.md#subscriptions-and-licensing). ## Step 2: Assign eDiscovery permissions -To access Advanced eDiscovery or added as a member of an Advanced eDiscovery case, a user must be assigned the appropriate permissions. Specifically, a user must be added as a member of the eDiscovery Manager role group in the Microsoft 365 compliance center. Members of this role group can create and manage Advanced eDiscovery cases. They can add and remove members, place custodians and content locations on hold, manage legal hold notifications, create and edit searches associated in a case, add search results to a review set, analyze data in a review set, and export and download from an Advanced eDiscovery case. +To access eDiscovery (Premium) or added as a member of an eDiscovery (Premium) case, a user must be assigned the appropriate permissions. Specifically, a user must be added as a member of the eDiscovery Manager role group in the Microsoft Purview compliance portal. Members of this role group can create and manage eDiscovery (Premium) cases. They can add and remove members, place custodians and content locations on hold, manage legal hold notifications, create and edit searches associated in a case, add search results to a review set, analyze data in a review set, and export and download from an eDiscovery (Premium) case. Complete the following steps to add users to the eDiscovery Manager role group: -1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Microsoft 365 compliance center</a>and sign in using the credentials for an admin account in your Microsoft 365 organization. +1. Go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">compliance portal</a>and sign in using the credentials for an admin account in your Microsoft 365 organization. 2. On the Permissions page, select the eDiscovery Manager role group. Complete the following steps to add users to the eDiscovery Manager role group: There are two subgroups in the eDiscovery Manager role group. The difference between these subgroups is based on scope. -- eDiscovery Manager: Can view and manage the Advanced eDiscovery cases they create or are a member of. If another eDiscovery Manager creates a case but doesn't add a second eDiscovery Manager as a member of that case, the second eDiscovery Manager won't be able to view or open the case on the Advanced eDiscovery page in the compliance center. In general, most people in your organization can be added to the eDiscovery Manager subgroup. +- eDiscovery Manager: Can view and manage the eDiscovery (Premium) cases they create or are a member of. If another eDiscovery Manager creates a case but doesn't add a second eDiscovery Manager as a member of that case, the second eDiscovery Manager won't be able to view or open the case on the eDiscovery (Premium) page in the compliance center. In general, most people in your organization can be added to the eDiscovery Manager subgroup. - eDiscovery Administrator: Can perform all case management tasks that an eDiscovery Manager can do. Additionally, an eDiscovery Administrator can: - - View all cases that are listed on the Advanced eDiscovery page. + - View all cases that are listed on the eDiscovery (Premium) page. - Manage any case in the organization after they add themselves as a member of the case. There are two subgroups in the eDiscovery Manager role group. The difference bet For more information about eDiscovery permissions and a description of each role that's assigned to the eDiscovery Manager role group, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). -## Step 3: Configure global settings for Advanced eDiscovery +## Step 3: Configure global settings for eDiscovery (Premium) The last step to complete before people in your organization start to create and use cases is to configure global settings that apply to all cases in your organization. At this time, the only global setting is attorney-client privilege detection (more global settings will be available in the future). This setting enables the attorney-client privilege model to run when you analyze data in a review set. The model uses machine learning to determine the likelihood that a document contains content that is legal in nature. It also compares the participants of documents with an attorney list (that you submit when setting up the model) to determine if a document has at least one participant who is an attorney. -For more information about setting up and using the attorney-client privilege detection model, see [Set up attorney-client privilege detection in Advanced eDiscovery](attorney-privilege-detection.md). +For more information about setting up and using the attorney-client privilege detection model, see [Set up attorney-client privilege detection in eDiscovery (Premium)](attorney-privilege-detection.md). > [!NOTE] -> This is an optional step that you can perform anytime. Not implementing the attorney-client privilege detection model doesn't prevent you from creating and using Advanced eDiscovery cases. +> This is an optional step that you can perform anytime. Not implementing the attorney-client privilege detection model doesn't prevent you from creating and using eDiscovery (Premium) cases. ## Next steps -After you set up Advanced eDiscovery, you're ready to [create a case](create-and-manage-advanced-ediscoveryv2-case.md). +After you set up eDiscovery (Premium), you're ready to [create a case](create-and-manage-advanced-ediscoveryv2-case.md).
compliance	Get Started With Data Lifecycle Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-data-lifecycle-management.md	+ + Title: "Get started with data lifecycle management" +f1.keywords: +- NOCSH +++ Last updated : +audience: Admin ++ +ms.localizationpriority: high + +- M365-security-compliance +- SPO_Content +- m365initiative-compliance + +search.appverid: +- MOE150 +- MET150 +description: Ready to start governing your organization's data, but not sure where to start? Read some prescriptive guidance to get started. ++ +# Get started with data lifecycle management ++ +>[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). + +Ready to start governing your organization's data by retaining the content that you need to keep, and deleting the content that you don't? To get started, use the following guidance for Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance): + +1. Understand how retention and deletion works in Microsoft 365, and then identify the workloads that need a retention policy and whether you need to create retention labels for exceptions: [Learn about retention](retention.md) + + > [!NOTE] + > If you need to manage high-value items for business, legal, or regulatory record-keeping requirements: Use retention labels with [records management](records-management.md) rather than data lifecycle management. + +2. Create retention policies for the workloads you identified, specifying retention settings and actions that are required by your organization policies or industry regulations: [Create retention policies](create-retention-policies.md) + + If needed, [create and apply retention labels for your exceptions](create-retention-labels-information-governance.md). + +3. Enable mailbox archiving to provide users with additional mailbox storage space: [Enable archive mailboxes in the Microsoft Purview compliance portal](enable-archive-mailboxes.md) + + If required to support archive mailboxes: + + - [Enable auto-expanding archiving](enable-autoexpanding-archiving.md) for mailboxes that need more than 100 GB storage. + + - Use [retention tags with a retention policy from messaging records management (MRM)](set-up-an-archive-and-deletion-policy-for-mailboxes.md) if you need to customize how emails are automatically moved from a user's primary mailbox to their archive mailbox, or if you need to specify retention and deletion settings for specific folders rather than the whole mailbox. + +4. Understand and manage inactive mailboxes that retain mailbox content after employees leave the organization: [Learn about inactive mailboxes](inactive-mailboxes-in-office-365.md) + +5. If you have PST files that contain data you want to govern: Import PST files to online mailboxes by using network upload or drive shipping: [Learn about importing your organization's PST files](importing-pst-files-to-office-365.md) + +## Subscription and licensing requirements + +A number of different subscriptions support data lifecycle management capabilities. + +To see the options for licensing your users to benefit from Microsoft Purview features, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For the features listed on this page, see the [Microsoft Purview Data Lifecycle Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-data-lifecycle-management) section and related [PDF download](https://go.microsoft.com/fwlink/?linkid=2139145) for feature-level licensing requirements. + +## Permissions + +See the following section for information about roles and role groups to manage Microsoft 365 retention. + +For permissions to manage mailboxes for archiving, inactive mailboxes, and import, these typically require Exchange permissions, such as the Mail Recipients role. By default, this role is assigned to the Recipient Management and Organization Management role groups. For the exact permissions requirement for each management task, see the documentation that accompanies the admin instructions. + +### Permissions for retention policies and retention labels + +Members of your compliance team who will create and manage retention policies and retention labels need permissions to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. By default, the tenant admin (global administrator) has access to this location and can give compliance officers and other people access without giving them all the permissions of a tenant admin. To grant permissions for this limited administration, we recommend that you add users to the Compliance Administrator admin role group. + +Alternatively to using this default role, you can create a new role group and add the Retention Management role to this group. For a read-only role, use View-Only Retention Management. + +For instructions to add users to the default roles or create your own role groups, see [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md). + +These permissions are required only to create, configure, and apply retention policies and retention labels. The person configuring these policies and labels doesn't require access to the content. + +## Common scenarios + +Use the following table to help you map your business requirements to the most common scenarios for data lifecycle management. + +\|I want to ...\|Documentation\| +\|-\|\| +\|Efficiently retain or delete data for Microsoft 365 +\|Provide users with additional mailbox storage \|[Enable archive mailboxes in the Microsoft Purview compliance portal](enable-archive-mailboxes.md)\| +\|Retain mailbox data after employees leave the organization \|[Create and manage inactive mailboxes](create-and-manage-inactive-mailboxes.md)\| +\|Upload mailbox data from PST files \|[Use network upload to import PST files](use-network-upload-to-import-pst-files.md)\| ++ +If you have a scenario that requires data management of individual items, see the [common scenarios for records management](get-started-with-records-management.md#common-scenarios). + +## End-user documentation + +See the following section for information about end-user documentation to support Microsoft 365 retention. + +The data lifecycle management capabilities that support mailbox management (archiving, inactive mailboxes, and import) typically don't require end-user documentation. + +### End-user documentation for retention and deletion + +Most retention policies work unobtrusively in the background without user interaction, and so need little documentation for users. Retention policies for Teams inform users when their messages have been deleted with a link to [Teams messages about retention policies](https://support.microsoft.com/office/teams-messages-about-retention-policies-c151fa2f-1558-4cf9-8e51-854e925b483b). + +However, if you supplement retention policies with retention labels, these labels do have a UI presence in Microsoft 365 apps. Before you deploy these labels to your production network, make sure you provide information and instructions for end users and your help desk. To help users apply retention labels in SharePoint and OneDrive, see [Apply retention labels to files in SharePoint or OneDrive](https://support.microsoft.com/office/apply-retention-labels-to-files-in-sharepoint-or-onedrive-11a6835b-ec9f-40db-8aca-6f5ef18132df). + +The most effective end-user documentation will always be customized guidance and instructions you provide for the retention label names and configurations you choose. See the following page and downloads that you can use to help train your users: [End User Training for Retention Labels](https://microsoft.github.io/ComplianceCxE/enduser/retention/). +
compliance	Get Started With Records Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-records-management.md	description: Need a records management solution for Microsoft 365 that manages h # Get started with records management + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Ready to start managing your organization's high-value content for legal, business, or regulatory obligations by using a records management solution in Microsoft 365? Use the following guidance to get started: Ready to start managing your organization's high-value content for legal, busine - [Publish retention labels and apply them in apps](create-apply-retention-labels.md) - [Apply a retention label to content automatically](apply-retention-labels-automatically.md) -Independently from these steps, Use connectors to import and archive third-party-data that includes data from social media platforms, instant messaging platforms, and document collaboration platforms. When this data is imported to online mailboxes, it supports not just records management from Microsoft 365 Compliance, but also other compliance solutions such as communication compliance, insider risk management, and eDiscovery. For more information, see [Learn about connectors for third-party data](archiving-third-party-data.md). - ## Subscription and licensing requirements A number of different subscriptions support records management and the licensing requirements for users depend on the features you use. -To see the options for licensing your users to benefit from Microsoft 365 compliance features, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For records management, see the [Records Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#records-management) section and related PDF download for feature-level licensing requirements. +To see the options for licensing your users to benefit from Microsoft Purview features, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For records management, see the [Microsoft Purview Records Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-records-management) section and related PDF download for feature-level licensing requirements. ## Permissions -Members of your compliance team who are responsible for records management need permissions to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. By default, the tenant admin (global administrator) has access to this location and can give compliance officers and other people access without giving them all the permissions of a tenant admin. To grant permissions for this limited administration, we recommend that you add users to the Records Management admin role group, which grants permissions for all features related to records management, including [disposition review and verification](disposition.md). +Members of your compliance team who are responsible for records management need permissions to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. By default, the tenant admin (global administrator) has access to this location and can give compliance officers and other people access without giving them all the permissions of a tenant admin. To grant permissions for this limited administration, we recommend that you add users to the Records Management admin role group, which grants permissions for all features related to records management, including [disposition review and verification](disposition.md). For a read-only role, you can create a new role group and add the View-Only Record Management role to this group. -For instructions to add users to the default roles or create your own role groups, see [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md). +For instructions to add users to the default roles or create your own role groups, see [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md). These permissions are required only to create, configure, and apply retention labels that declare records, and manage disposition. The person configuring these labels doesn't require access to the content. These permissions are required only to create, configure, and apply retention la Use the following table to help you map your business requirements to the scenarios that are supported by records management. > [!TIP] -> Need to comply with a specific industry regulation? Check [Regulatory requirements for information governance and records management](retention-regulatory-requirements.md) for regulation-specific guidance. +> Need to comply with a specific industry regulation? Check [Regulatory requirements for data lifecycle management and records management](retention-regulatory-requirements.md) for regulation-specific guidance. \|I want to ...\|Documentation\| \|-\|\|
compliance	Get Started With Sensitivity Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-sensitivity-labels.md	description: "Ready to deploy sensitivity labels to help protect your organizati # Get started with sensitivity labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For information about what sensitivity labels are and how they can help you protect your organization's data, see [Learn about sensitivity labels](sensitivity-labels.md). When you're ready to start protecting your organization's data by using sensitiv 3. Publish the labels. After your sensitivity labels are configured, publish them by using a label policy. Decide which users and groups should have the labels and what policy settings to use. A single label is reusableΓÇöyou define it once, and then you can include it in several label policies assigned to different users. So for example, you could pilot your sensitivity labels by assigning a label policy to just a few users. Then when you're ready to roll out the labels across your organization, you can create a new label policy for your labels and this time, specify all users. -> You might be eligible for the automatic creation of default labels and a default label policy that takes care of steps 1-3 for you. For more information, see [Default labels and policies for Microsoft Information Protection](mip-easy-trials.md). +> You might be eligible for the automatic creation of default labels and a default label policy that takes care of steps 1-3 for you. For more information, see [Default labels and policies for Microsoft Purview Information Protection](mip-easy-trials.md). The basic flow for deploying and applying sensitivity labels: The basic flow for deploying and applying sensitivity labels: A number of different subscriptions support sensitivity labels and the licensing requirements for users depend on the features you use. -To see the options for licensing your users to benefit from Microsoft 365 compliance features, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For sensitivity labels, see the [Information Protection: Sensitivity labeling](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#information-protection-sensitivity-labeling) section and related [PDF download](https://go.microsoft.com/fwlink/?linkid=2139145) for feature-level licensing requirements. +To see the options for licensing your users to benefit from Microsoft Purview features, see the [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). For sensitivity labels, see the [Microsoft Purview Information Protection: Sensitivity labeling](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-information-protection-sensitivity-labeling) section and related [PDF download](https://go.microsoft.com/fwlink/?linkid=2139145) for feature-level licensing requirements. ## Permissions required to create and manage sensitivity labels -Members of your compliance team who will create sensitivity labels need permissions to the Microsoft 365 compliance center. +Members of your compliance team who will create sensitivity labels need permissions to the Microsoft Purview compliance portal. By default, global administrators for your tenant have access to this admin center and can give compliance officers and other people access, without giving them all of the permissions of a tenant admin. For this delegated limited admin access, add users to the Compliance Data Administrator, Compliance Administrator, or Security Administrator role group. Alternatively to using the default roles, you can create a new role group and ad > - Information Protection Investigators > - Information Protection Readers > -> For an explanation of each one, and the new roles that they contain, select a role group in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> > Permissions & roles > Compliance center > Roles, and then review the description in the flyout pane. Or, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center). +> For an explanation of each one, and the new roles that they contain, select a role group in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> > Permissions & roles > Compliance center > Roles, and then review the description in the flyout pane. Or, see [Role groups in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#role-groups-in-the-security--compliance-center). -For instructions to add users to the default role group, roles, or create your own role groups, see [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md). +For instructions to add users to the default role group, roles, or create your own role groups, see [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md). These permissions are required only to create and configure sensitivity labels and their label policies. They are not required to apply the labels in apps or services. If additional permissions are needed for specific configurations that relate to sensitivity labels, those permissions will be listed in their respective documentation instructions. A successful strategy to deploy sensitivity labels for an organization is to cre Using the table in the next section, we recommend identifying your top one or two scenarios that map to your most impactful business requirements. After these scenarios are deployed, return to the list to identify the next one or two priorities for deployment. -You'll find additional general deployment guidance and best practices in the [Deployment Acceleration Guide for Microsoft Information Protection and Data Loss Prevention](https://microsoft.github.io/ComplianceCxE/dag/mip-dlp/), one of the resources from the [Customer Acceleration Team (CAT)](https://microsoft.github.io/ComplianceCxE/) site. - ## Common scenarios for sensitivity labels All scenarios require you to [Create and configure sensitivity labels and their policies](create-sensitivity-labels.md). All scenarios require you to [Create and configure sensitivity labels and their \|Apply and view labels in Power BI, and protect data when it's saved outside the service\|[Sensitivity labels in Power BI](/power-bi/admin/service-security-sensitivity-label-overview)\| \|Monitor and understand how sensitivity labels are being used in my organization\|[Learn about data classification](data-classification-overview.md)\| \|Extend sensitivity labels to third-party apps and services\|[Microsoft Information Protection SDK](/information-protection/develop/overview#microsoft-information-protection-sdk)\| -\|Extend sensitivity labels across content in my Azure Purview assets, such as Azure Blob Storage, Azure Files, Azure Data Lake Storage, and multi-cloud data sources\|[Labeling in Azure Purview](/azure/purview/create-sensitivity-label) \| - +\|Extend sensitivity labels across content in my Microsoft Purview Data Map assets, such as Azure Blob Storage, Azure Files, Azure Data Lake Storage, and multi-cloud data sources\|[Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label) \| ## End-user documentation for sensitivity labels
compliance	Get Started With Service Trust Portal	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-service-trust-portal.md	description: Learn how to access and use the Microsoft Service Trust Portal to h # Get started with the Microsoft Service Trust Portal + The Microsoft Service Trust Portal provides a variety of content, tools, and other resources about Microsoft security, privacy, and compliance practices. ## Accessing the Service Trust Portal The Service Trust Portal link displays the home page. It provides a quick wa ### Compliance Manager > [!IMPORTANT] -> Compliance Manager has moved from the Service Trust Portal to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. All customer data has been moved over to the new location, so you can continue using Compliance Manager without interruption. Refer to the [Compliance Manager documentation](compliance-manager.md) for setup information and to learn about new features. +> Compliance Manager has moved from the Service Trust Portal to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. All customer data has been moved over to the new location, so you can continue using Compliance Manager without interruption. Refer to the [Compliance Manager documentation](compliance-manager.md) for setup information and to learn about new features. ### Trust Documents
compliance	Get Started With The Default Dlp Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-the-default-dlp-policy.md	description: Learn how to use the report to refine your organization's default d # Get started with the default DLP policy -Before you even create your first data loss prevention (DLP) policy, DLP is helping to protect your sensitive information with a default policy. This default policy and its recommendation (shown below) help keep your sensitive content secure by notifying you when email or documents containing a credit card number were shared with someone outside your organization. You'll see this recommendation on the Home page of the Security & Compliance Center. + +Before you even create your first Microsoft Purview Data Loss Prevention (DLP) policy, DLP is helping to protect your sensitive information with a default policy. This default policy and its recommendation (shown below) help keep your sensitive content secure by notifying you when email or documents containing a credit card number were shared with someone outside your organization. You'll see this recommendation on the Home page of the Security & Compliance Center. You can use this widget to quickly view when and how much sensitive information was shared, and then refine the default DLP policy in just a click or two. You can also edit the default DLP policy at any time because it's fully customizable. Note that if you don't see the recommendation at first, try clicking +More at the bottom of the Recommended for you section. The widget named Further protect shared content appears in the **Recommended This widget appears only when: -- There are no data loss prevention policies in the Security & Compliance Center or Exchange admin center. This widget is intended to help you get started with DLP, so it doesn't appear if you already have DLP policies. +- There are no data loss prevention policies in the Microsoft Purview compliance portal or Exchange admin center. This widget is intended to help you get started with DLP, so it doesn't appear if you already have DLP policies. - Content containing least one credit card has been shared with someone outside your organization in the past 30 days.
compliance	How Dlp Works Between Admin Centers	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/how-dlp-works-between-admin-centers.md	- admindeeplinkEXCHANGE -# How DLP works between the Microsoft 365 Compliance Center and Exchange admin center +# How DLP works between the Compliance Center and Exchange admin center -In Microsoft 365, you can create a data loss prevention (DLP) policy in two different admin centers: + +In Microsoft Purview, you can create a data loss prevention (DLP) policy in two different admin centers: -- In the Microsoft 365 Compliance Center, you can create a single DLP policy to help protect content in SharePoint, OneDrive, Exchange, Teams, and now Endpoint Devices. We recommend that you create a DLP policy here. For more information, see [Data Loss Prevention reference](data-loss-prevention-policies.md). +- In the Microsoft Purview compliance portal, you can create a single DLP policy to help protect content in SharePoint, OneDrive, Exchange, Teams, and now Endpoint Devices. We recommend that you create a DLP policy here. For more information, see [Data Loss Prevention reference](data-loss-prevention-policies.md). - In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>, you can create a DLP policy to help protect content only in Exchange. This policy can use Exchange mail flow rules (also known as transport rules), so it has more options specific to handling email. For more information, see [DLP in the Exchange admin center](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention).
compliance	How Smtp Dane Works	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/how-smtp-dane-works.md	Title: "How SMTP DNS-based Authentication of Named Entities (DANE) works to secure email communications" + Title: "How SMTP DNS-based Authentication of Named Entities (DANE) secures email communications" f1.keywords: - NOCSH description: "Learn how SMTP DNS-based Authentication of Named Entities (DANE) w # How SMTP DNS-based Authentication of Named Entities (DANE) works -The SMTP protocol is the main protocol used to transfer messages between mail servers and is, by default, not secure. The Transport Layer Security (TLS) protocol was introduced years ago to support encrypted transmission of messages over SMTP. It's commonly used opportunistically rather than as a requirement, leaving much email traffic in clear text, vulnerable to interception by nefarious actors. Furthermore, SMTP determines the IP addresses of destination servers through the public DNS infrastructure, which is susceptible to spoofing and Man-in-the-Middle (MITM) attacks. This has led to many new standards being created to increase security for sending and receiving email, one of those is DNS-based Authentication of Named Entities (DANE). + +The SMTP protocol is the main protocol used to transfer messages between mail servers and is, by default, not secure. The Transport Layer Security (TLS) protocol was introduced years ago to support encrypted transmission of messages over SMTP. ItΓÇÖs commonly used opportunistically rather than as a requirement, leaving much email traffic in clear text, vulnerable to interception by nefarious actors. Furthermore, SMTP determines the IP addresses of destination servers through the public DNS infrastructure, which is susceptible to spoofing and Man-in-the-Middle (MITM) attacks. This has led to many new standards being created to increase security for sending and receiving email, one of those is DNS-based Authentication of Named Entities (DANE). + +DANE for SMTP [RFC 7672](https://tools.ietf.org/html/rfc7672) uses the presence of a Transport Layer Security Authentication (TLSA) record in a domain's DNS record set to signal a domain and its mail server(s) support DANE. If there is no TLSA record present, DNS resolution for mail flow will work as usual without any DANE checks being attempted. The TLSA record securely signals TLS support and publishes the DANE policy for the domain. So, sending mail servers can successfully authenticate legitimate receiving mail servers using SMTP DANE. This makes it resistant to downgrade and MITM attacks. DANE has direct dependencies on DNSSEC, which works by digitally signing records for DNS lookups using public key cryptography. DNSSEC checks occur on recursive DNS resolvers, the DNS servers that make DNS queries for clients. DNSSEC ensures that DNS records arenΓÇÖt tampered with and are authentic. DANE for SMTP [RFC 7672](https://tools.ietf.org/html/rfc7672) uses the presence of a Transport Layer Security Authentication (TLSA) record in a domain's DNS record set to signal a domain and its mail server(s) support DANE. If there is no TLSA record present, DNS resolution for mail flow will work as usual without any DANE checks being attempted. The TLSA record securely signals TLS support and publishes the DANE policy for the domain. So, sending mail servers can successfully authenticate legitimate receiving mail servers using SMTP DANE. This makes it resistant to downgrade and MITM attacks. DANE has direct dependencies on DNSSEC, which works by digitally signing records for DNS lookups using public key cryptography. DNSSEC checks occur on recursive DNS resolvers, the DNS servers that make DNS queries for clients. DNSSEC ensures that DNS records aren't tampered with and are authentic.
compliance	Identify A Hold On An Exchange Online Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/identify-a-hold-on-an-exchange-online-mailbox.md	Title: "How to identify the type of hold placed on an Exchange Online mailbox" + Title: "How to identify the hold on an Exchange Online mailbox" f1.keywords: - NOCSH Microsoft 365 offers several ways that your organization can prevent mailbox con - [Litigation Hold](create-a-litigation-hold.md): Holds that are applied to user mailboxes in Exchange Online. -- [eDiscovery hold](create-ediscovery-holds.md): Holds that are associated with a Core eDiscovery case in the security and compliance center. eDiscovery holds can be applied to user mailboxes and to the corresponding mailbox for Microsoft 365 Groups and Microsoft Teams. +- [eDiscovery hold](create-ediscovery-holds.md): Holds that are associated with a Microsoft Purview eDiscovery (Standard) case in the security and compliance center. eDiscovery holds can be applied to user mailboxes and to the corresponding mailbox for Microsoft 365 Groups and Microsoft Teams. - [In-Place Hold](/Exchange/security-and-compliance/create-or-remove-in-place-holds): Holds that are applied to user mailboxes by using the In-Place eDiscovery & Hold tool in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> in Exchange Online.
compliance	Import Epic Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-epic-data.md	description: "Administrators can set up a data connector to import electronic he # Set up a connector to import Epic EHR audit data (preview) -You can set up a data connector in the Microsoft 365 compliance center to import audit records for user activity in your organization's Epic Electronic Healthcare Records (EHR) system. Audit records from your Epic EHR system include records for events related to accessing a patient's health records. Epic EHR audit records can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. +You can set up a data connector in the Microsoft Purview compliance portal to import audit records for user activity in your organization's Epic Electronic Healthcare Records (EHR) system. Audit records from your Epic EHR system include records for events related to accessing a patient's health records. Epic EHR audit records can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. Setting up an Epic connector consists of the following tasks: Setting up an Epic connector consists of the following tasks: - Creating a text file with all the required fields as defined in the connector schema. -- Creating an Epic connector instance in the Microsoft 365 compliance center. +- Creating an Epic connector instance in the compliance portal. - Running a script to push Epic EHR audit records to the API endpoint. Setting up an Epic connector consists of the following tasks: ## Before you set up the connector -- The user who creates the Epic connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Epic connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). - You need to determine how to retrieve or export the data from your organization's Epic EHR system (on a daily basis) and create a text file that's described in Step 2. The script that you run in Step 4 will push the data in the text file to the API endpoint. The following table lists the fields that are required to enable insider risk ma ## Step 3: Create the Epic connector -The next step is to create an Epic connector in the Microsoft 365 compliance center. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. +The next step is to create an Epic connector in the compliance portal. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. 1. Go to <https://compliance.microsoft.com> and then click Data connectors in the left nav. If the upload is successful, the script displays the Upload Successful messa ## Step 5: Monitor the Epic connector -After you create the Epic connector and push your EHR audit records, you can view the connector and upload status in the Microsoft 365 compliance center. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. +After you create the Epic connector and push your EHR audit records, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Import Healthcare Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-healthcare-data.md	description: "Administrators can set up a data connector to import electronic he # Set up a connector to import healthcare EHR audit data (preview) -You can set up a data connector in the Microsoft 365 compliance center to import auditing data for user activity in your organization's Electronic Healthcare Records (EHR) system. Auditing data from your healthcare EHR system include data for events related to accessing a patient's health records. Healthcare EHR auditing data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. +You can set up a data connector in the Microsoft Purview compliance portal to import auditing data for user activity in your organization's Electronic Healthcare Records (EHR) system. Auditing data from your healthcare EHR system include data for events related to accessing a patient's health records. Healthcare EHR auditing data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. Setting up a Healthcare connector consists of the following tasks: Setting up a Healthcare connector consists of the following tasks: - Creating a text file with all the required fields as defined in the connector schema. -- Creating a Healthcare connector instance in the Microsoft 365 compliance center. +- Creating a Healthcare connector instance in the compliance portal. - Running a script to push healthcare EHR auditing data to the API endpoint. Setting up a Healthcare connector consists of the following tasks: ## Before you set up the connector -- The user who creates the Healthcare connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the Healthcare connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). - You need to determine how to retrieve or export the data from your organization's healthcare EHR system (on a daily basis) and create a text file that's described in Step 2. The script that you run in Step 4 will push the data in the text file to the API endpoint. The following table lists the fields that are required to enable insider risk ma ## Step 3: Create the Healthcare connector -The next step is to create a Healthcare connector in the Microsoft 365 compliance center. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. +The next step is to create a Healthcare connector in the compliance portal. After you run the script in Step 4, the text file that you created in Step 2 will be processed and pushed to the API endpoint you set up in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. 1. Go to <https://compliance.microsoft.com> and then click Data connectors in the left nav. If the upload is successful, the script displays the Upload Successful messa ## Step 5: Monitor the Healthcare connector -After you create the Healthcare connector and push your EHR auditing data, you can view the connector and upload status in the Microsoft 365 compliance center. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. +After you create the Healthcare connector and push your EHR auditing data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. 1. Go to <https://compliance.microsoft.com> and click Data connectors in the left nav.
compliance	Import Hr Data US Government	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data-US-government.md	description: "Administrators in the US Government cloud can set up a data connec # Set up a connector to import HR data in US Government -You can set up a data connector in the Microsoft 365 compliance center to import human resources (HR) data to your US Government organization. HR-related data includes the date an employee submitted their resignation and date of the employee's last day. This HR data can then be used by Microsoft information protection solutions, such as the [insider risk management solution](insider-risk-management.md), to help protect your organization from malicious activity or data theft inside your organization. Setting up an HR connector consists of creating an app in Azure Active Directory that's used for authentication by connector, creating a CSV mapping files that contains your HR data, creating a data connector in the compliance center, and then running a script (on a scheduled basis) that ingests the HR data in the CSV file to the Microsoft cloud. Then the data connector is used by the insider risk management tool to access the HR data that was imported to your Microsoft 365 US Government organization. +You can set up a data connector in the Microsoft Purview compliance portal to import human resources (HR) data to your US Government organization. HR-related data includes the date an employee submitted their resignation and date of the employee's last day. This HR data can then be used by Microsoft information protection solutions, such as the [insider risk management solution](insider-risk-management.md), to help protect your organization from malicious activity or data theft inside your organization. Setting up an HR connector consists of creating an app in Azure Active Directory that's used for authentication by connector, creating a CSV mapping files that contains your HR data, creating a data connector in the compliance center, and then running a script (on a scheduled basis) that ingests the HR data in the CSV file to the Microsoft cloud. Then the data connector is used by the insider risk management tool to access the HR data that was imported to your Microsoft 365 US Government organization. ## Before you begin -- The user who creates the HR connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the HR connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). > [!NOTE] > The Data Connector Admin role is currently not supported in US Government GCC High and DoD environments. Therefore, the user who creates the HR connector in GCC High and DoD environments must be assigned the Mailbox Import Export role in Exchange Online. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group in Exchange Online. Or you can create a new role group, assign the Mailbox Import Export role, and then add the appropriate users as members. For more information, see the [Create role groups](/Exchange/permissions-exo/role-groups#create-role-groups) or [Modify role groups](/Exchange/permissions-exo/role-groups#modify-role-groups) sections in the article "Manage role groups in Exchange Online". After you create the CSV file with the required HR data, store it on the same sy ## Step 3: Create the HR connector -The next step is to create an HR connector in the Microsoft 365 compliance center. After you run the script in Step 4, the HR connector that you create will ingest the HR data from the CSV file to your Microsoft 365 organization. In this step, be sure to copy the job ID that's generated when you create the connector. You'll use the job ID when you run the script. +The next step is to create an HR connector in the compliance portal. After you run the script in Step 4, the HR connector that you create will ingest the HR data from the CSV file to your Microsoft 365 organization. In this step, be sure to copy the job ID that's generated when you create the connector. You'll use the job ID when you run the script. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors page</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors page</a>. 2. On the Data connectors page under HR, click View. The last step in setting up an HR connector is to run a sample script that will ## Step 5: Monitor the HR connector -After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the Microsoft 365 compliance center. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. +After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. 2. Click the Connectors tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
compliance	Import Hr Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data.md	description: "Administrators can set up a data connector to import employee data # Set up a connector to import HR data -You can set up a data connector in the Microsoft 365 compliance center to import human resources (HR) data related to events such as a user's resignation or a change in a user's job level. The HR data can then be used by the [insider risk management solution](insider-risk-management.md) to generate risk indicators that can help you identity possible malicious activity or data theft by users inside your organization. +You can set up a data connector in the Microsoft Purview compliance portal to import human resources (HR) data related to events such as a user's resignation or a change in a user's job level. The HR data can then be used by the [insider risk management solution](insider-risk-management.md) to generate risk indicators that can help you identity possible malicious activity or data theft by users inside your organization. -Setting up a connector for HR data that insider risk management policies can use to generate risk indicators consists of creating a CSV file that contains that contains the HR data, creating an app in Azure Active Directory that's used for authentication, creating an HR data connector in the Microsoft 365 compliance center, and then running a script (on a scheduled basis) that ingests the HR data in CSV files to the Microsoft cloud so it's available to the insider risk management solution. +Setting up a connector for HR data that insider risk management policies can use to generate risk indicators consists of creating a CSV file that contains that contains the HR data, creating an app in Azure Active Directory that's used for authentication, creating an HR data connector in the compliance portal, and then running a script (on a scheduled basis) that ingests the HR data in CSV files to the Microsoft cloud so it's available to the insider risk management solution. > [!IMPORTANT] -> A new version of the HR connector is now available for public preview. To create a new HR connector or to import data for the [new employee profile scenario](#csv-file-for-employee-profile-data-preview) for the healthcare policy scenario for insider risk management, go to the Data connectors page in the Microsoft 365 compliance center, select the Connectors tab, and then click Add a connector > HR (preview) to start the set up. Existing HR connectors will continue to work without any disruption. +> A new version of the HR connector is now available for public preview. To create a new HR connector or to import data for the [new employee profile scenario](#csv-file-for-employee-profile-data-preview) for the healthcare policy scenario for insider risk management, go to the Data connectors page in the compliance portal, select the Connectors tab, and then click Add a connector > HR (preview) to start the set up. Existing HR connectors will continue to work without any disruption. ## Before you begin Setting up a connector for HR data that insider risk management policies can use - Determine how to retrieve or export the data from your organization's HR system (and on a regular basis) and add it to the CSV files that you create in Step 1. The script that you run in Step 4 will upload the HR data in the CSV files to the Microsoft cloud. -- The user who creates the HR connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the HR connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). - The sample script that you run in Step 4 will upload your HR data to the Microsoft cloud so that it can be used by the insider risk management solution. This sample script isn't supported under any Microsoft standard support program or service. The sample script is provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample script and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. -- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. For step-by-step instructions for setting up an HR connector in a GCC environment, see [Set up a connector to import HR data in US Government](import-hr-data-US-government.md). +- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. For step-by-step instructions for setting up an HR connector in a GCC environment, see [Set up a connector to import HR data in US Government](import-hr-data-US-government.md). ## Step 1: Prepare a CSV file with your HR data The following table describes each column in the CSV file for performance review ### CSV file for employee profile data (preview) > [!NOTE] -> The capability to create an HR connector for employee profile data is in public preview. To create an HR connector that supports employee profile data, go to the Data connectors page in the Microsoft 365 compliance center, select the Connectors tab, and then click Add a connector > HR (preview). Follow the steps to create a connector in [Step 3: Create the HR connector](#step-3-create-the-hr-connector). +> The capability to create an HR connector for employee profile data is in public preview. To create an HR connector that supports employee profile data, go to the Data connectors page in the compliance portal, select the Connectors tab, and then click Add a connector > HR (preview). Follow the steps to create a connector in [Step 3: Create the HR connector](#step-3-create-the-hr-connector). Here's an example of a CSV file for the data for the employee profile data. For step-by-step instructions for creating an app in Azure AD, see [Register an ## Step 3: Create the HR connector -The next step is to create an HR connector in the Microsoft 365 compliance center. After you run the script in Step 4, the HR connector that you create will ingest the HR data from the CSV file to your Microsoft 365 organization. Before you create a connector, be sure that you have a list of the HR scenarios and the corresponding CSV column names for each one. You have to map the data required for each scenario to the actual column names in your CSV file when configuring the connector. Alternatively, you can upload a sample CSV file when configuring the connector and the wizard will help you map the name of the columns to the required data types. +The next step is to create an HR connector in the compliance portal. After you run the script in Step 4, the HR connector that you create will ingest the HR data from the CSV file to your Microsoft 365 organization. Before you create a connector, be sure that you have a list of the HR scenarios and the corresponding CSV column names for each one. You have to map the data required for each scenario to the actual column names in your CSV file when configuring the connector. Alternatively, you can upload a sample CSV file when configuring the connector and the wizard will help you map the name of the columns to the required data types. After you complete this step, be sure to copy the job ID that's generated when you create the connector. You'll use the job ID when you run the script. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. 2. On the Data connectors page, click HR (preview). The last step in setting up an HR connector is to run a sample script that will ## Step 5: Monitor the HR connector -After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the Microsoft 365 compliance center. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. +After you create the HR connector and run the script to upload your HR data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. 2. Click the Connectors tab and then select the HR connector to display the flyout page. This page contains the properties and information about the connector.
compliance	Import Physical Badging Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-physical-badging-data.md	description: "Administrators can set up a data connector to import data from the # Set up a connector to import physical badging data (preview) -You can set up a data connector in the Microsoft 365 compliance center to import physical badging data, such as employeeΓÇÖs raw physical access events or any physical access alarms generated by your organization's badging system. Examples of physical access points are an entry to a building or an entry to server room or data center. Physical badging data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from malicious activity or data theft inside your organization. +You can set up a data connector in the Microsoft Purview compliance portal to import physical badging data, such as employeeΓÇÖs raw physical access events or any physical access alarms generated by your organization's badging system. Examples of physical access points are an entry to a building or an entry to server room or data center. Physical badging data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from malicious activity or data theft inside your organization. Setting up a physical badging connector consists of the following tasks: Setting up a physical badging connector consists of the following tasks: - Creating the JSON payload with a schema defined by physical badging data connector. -- Creating a physical badging data connector in the Microsoft 365 compliance center. +- Creating a physical badging data connector in the compliance portal. - Running a script to push the physical badging data to the API endpoint. Setting up a physical badging connector consists of the following tasks: ## Before you set up the connector -- The user who creates the physical badging connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the Microsoft 365 compliance center. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft 365 compliance center](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). +- The user who creates the physical badging connector in Step 3 must be assigned the Data Connector Admin role. This role is required to add connectors on the Data connectors page in the compliance portal. This role is added by default to multiple role groups. For a list of these role groups, see the "Roles in the security and compliance centers" section in [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md#roles-in-the-security--compliance-center). Alternatively, an admin in your organization can create a custom role group, assign the Data Connector Admin role, and then add the appropriate users as members. For instructions, see the "Create a custom role group" section in [Permissions in the Microsoft Purview compliance portal](microsoft-365-compliance-center-permissions.md#create-a-custom-role-group). > [!NOTE] > The Data Connector Admin role is currently not supported in US Government GCC High and DoD environments. Therefore, the user who creates the HR connector in GCC High and DoD environments must be assigned the Mailbox Import Export role in Exchange Online. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group in Exchange Online. Or you can create a new role group, assign the Mailbox Import Export role, and then add the appropriate users as members. For more information, see the [Create role groups](/Exchange/permissions-exo/role-groups#create-role-groups) or [Modify role groups](/Exchange/permissions-exo/role-groups#modify-role-groups) sections in the article "Manage role groups in Exchange Online". Setting up a physical badging connector consists of the following tasks: - The sample script that you run in Step 4 pushes the physical badging data from JSON file to the connector API so that it can be used by the insider risk management solution. This sample script isn't supported under any Microsoft standard support program or service. The sample script is provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample script and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages. -- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft 365 compliance and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. +- This connector is available in GCC environments in the Microsoft 365 US Government cloud. Third-party applications and services might involve storing, transmitting, and processing your organization's customer data on third-party systems that are outside of the Microsoft 365 infrastructure and therefore are not covered by the Microsoft Purview and data protection commitments. Microsoft makes no representation that use of this product to connect to third-party applications implies that those third-party applications are FEDRAMP compliant. ## Step 1: Create an app in Azure Active Directory You can also download the following schema definition for the JSON file from the ## Step 3: Create the physical badging connector -The next step is to create a physical badging connector in the Microsoft 365 compliance center. After you run the script in Step 4, the JSON file that you created in Step 3 will be processed and pushed to the API endpoint you configured in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. +The next step is to create a physical badging connector in the compliance portal. After you run the script in Step 4, the JSON file that you created in Step 3 will be processed and pushed to the API endpoint you configured in Step 1. In this step, be sure to copy the JobId that's generated when you create the connector. You'll use the JobId when you run the script. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. 2. On the Data connectors page under Physical badging, click View. After you run the script, the JSON file containing the physical badging data is ## Step 5: Monitor the physical badging connector -After you create the physical badging connector and push your physical badging data, you can view the connector and upload status in the Microsoft 365 compliance center. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. +After you create the physical badging connector and push your physical badging data, you can view the connector and upload status in the compliance portal. If you schedule the script to run automatically on a regular basis, you can also view the current status after the last time the script ran. -1. Go to the Microsoft 365 compliance center, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. +1. Go to the compliance portal, and select <a href="https://go.microsoft.com/fwlink/p/?linkid=2173865" target="_blank">Data connectors</a>. 2. Click the Connectors tab and then select the physical badging connector to display the flyout page. This page contains the properties and information about the connector.
compliance	Importing Pst Files To Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/importing-pst-files-to-office-365.md	Title: "Learn about importing your organization's PST files" + Title: "Learn about importing organization PST files" f1.keywords: - NOCSH ms.assetid: ba688e0a-0fcb-4bd7-8e57-2b669564ea84 - seo-marvel-apr2020 - admindeeplinkMAC -description: Learn how to use the Import service in the Microsoft 365 compliance center to bulk-import email data (PST files) to user mailboxes. +description: Learn how to use the Import service in the Microsoft Purview compliance portal to bulk-import email data (PST files) to user mailboxes. # Learn about importing your organization's PST files description: Learn how to use the Import service in the Microsoft 365 compliance > [!NOTE] > This article is for administrators. Are you trying to import PST files to your own mailbox? See [Import email, contacts, and calendar from an Outlook .pst file](https://go.microsoft.com/fwlink/p/?LinkID=785075). -You can use the Import service in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> to quickly bulk-import PST files to Exchange Online mailboxes in your organization. There are two ways you can import PST files to Microsoft 365: +You can use the Import service in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> to quickly bulk-import PST files to Exchange Online mailboxes in your organization. There are two ways you can import PST files to Microsoft 365: - Network upload ![Cloud upload.](../media/54ab16ee-3822-4551-abef-3d926f4e1c01.png) - Upload the PST files over the network to a temporary Azure Storage location in the Microsoft cloud. Then you use the Microsoft 365 Import service to import the PST data to mailboxes in your organization. Here's an illustration and description of the complete PST import process. The i ![Workflow of PST import process.](../media/76997b69-67d7-433a-a0ca-9389f85a36a1.png) -1. Download the PST import tools and key to private Azure Storage location - The first step is to download the tool and access key used to upload the PST files or copy them to a hard drive. You obtain these from the Import page in the Microsoft 365 compliance center. The key provides you (or Microsoft data center personnel in the case of drive shipping) with the necessary permissions to upload PST files to a private and secure Azure Storage location. This access key is unique to your organization and helps prevent unauthorized access to your PST files after they're uploaded to the Microsoft cloud. Importing PST files to Microsoft 365 doesn't require your organization to have a separate Azure subscription. +1. Download the PST import tools and key to private Azure Storage location - The first step is to download the tool and access key used to upload the PST files or copy them to a hard drive. You obtain these from the Import page in the compliance portal. The key provides you (or Microsoft data center personnel in the case of drive shipping) with the necessary permissions to upload PST files to a private and secure Azure Storage location. This access key is unique to your organization and helps prevent unauthorized access to your PST files after they're uploaded to the Microsoft cloud. Importing PST files to Microsoft 365 doesn't require your organization to have a separate Azure subscription. 2. Upload or copy the PST files - The next step depends on whether you're using network upload or drive shipping to import PST files. In both cases, you'll use the tool and secure storage key that you obtained in the previous step. Here's an illustration and description of the complete PST import process. The i 3. Create a PST import mapping file - After the PST files have been uploaded to the Azure Storage location or copied to a hard drive, the next step is to create a comma-separated value (CSV) file that specifies which user mailboxes the PST files will be imported to (and a PST file can be imported to a user's primary mailbox or their archive mailbox). [Download a copy of the PST Import mapping file](https://go.microsoft.com/fwlink/p/?LinkId=544717). The Microsoft 365 Import service will use the information to import the PST files. -4. Create a PST import job - The next step is to create a PST import job on the Import PST files page in the Microsoft 365 compliance center and submit the PST import mapping file created in the previous step. For network upload (because the PST files have been uploaded to Azure) Microsoft 365 analyzes the data in the PST files and then gives you an opportunity to set filters that control what data actually gets imported to the mailboxes specified in the PST import mapping file. +4. Create a PST import job - The next step is to create a PST import job on the Import PST files page in the compliance portal and submit the PST import mapping file created in the previous step. For network upload (because the PST files have been uploaded to Azure) Microsoft 365 analyzes the data in the PST files and then gives you an opportunity to set filters that control what data actually gets imported to the mailboxes specified in the PST import mapping file. For drive shipping, a few other things happen at this point in the process. Here's an illustration and description of the complete PST import process. The i 5. Filter the PST data that will be imported to mailboxes - After the import job is created (and after the PST files from a drive shipping job are uploaded to the Azure Storage location) Microsoft 365 analyzes the data in the PST files (safely and securely) by identifying the age of the items and the different message types included in the PST files. When the analysis is completed and the data is ready to import, you have the option to import all the data contained in the PST files or you can trim the data that's imported by setting filters that control what data gets imported. -6. Start the PST import job - After the import job is started, Microsoft 365 uses the information in the PST import mapping file to import the PST files from the Azure Storage location to user mailboxes. Status information about the import job (including information about each PST file being imported) is displayed on the Import PST files page in the Microsoft 365 compliance center. When the import job is finished, the status for the job is set to Complete. +6. Start the PST import job - After the import job is started, Microsoft 365 uses the information in the PST import mapping file to import the PST files from the Azure Storage location to user mailboxes. Status information about the import job (including information about each PST file being imported) is displayed on the Import PST files page in the compliance portal. When the import job is finished, the status for the job is set to Complete. ## Why import email data to Microsoft 365? Here's an illustration and description of the complete PST import process. The i - Use [eDiscovery cases](./get-started-core-ediscovery.md) to manage your organization's legal investigations - - Use [retention policies](retention.md) in the Microsoft 365 compliance center to control how long mailbox content is retained, and then delete content after the retention period expires. + - Use [retention policies](retention.md) in the compliance portal to control how long mailbox content is retained, and then delete content after the retention period expires. - Use [Communication compliance policies](communication-compliance.md) to examine messages to make sure they are compliant with message standards and add a classification type. Here are some frequently asked questions about using the Microsoft 365 Import se You have to be assigned the Mailbox Import Export role in Exchange Online to import PST files to Microsoft 365 mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a new role group, assign the Mailbox Import Export role, and then add yourself or other users as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups in Exchange Online](/Exchange/permissions-exo/role-groups). -Additionally, to create import jobs in the Microsoft 365 compliance center, one of the following must be true: +Additionally, to create import jobs in the compliance portal, one of the following must be true: - You have to be assigned the Mail Recipients role in Exchange Online. By default, this role is assigned to the Organization Management and Recipient Management roles groups. Additionally, PST files from Outlook 2007 and later versions can be imported to #### After I upload my PST files to the Azure Storage area, how long are they kept in Azure before they're deleted? -When you use the network upload method to import PST files, you upload them to an Azure blob container named `ingestiondata`. If there are no import jobs in progress on the Import PST files page in the Microsoft 365 compliance center), then all PST files in the `ingestiondata` container in Azure are deleted 30 days after the most recent import job was created in the Microsoft 365 compliance center. That also means you have to create a new import job in the Microsoft 365 compliance center (described in Step 5 in the network upload instructions) within 30 days of uploading PST files to Azure. +When you use the network upload method to import PST files, you upload them to an Azure blob container named `ingestiondata`. If there are no import jobs in progress on the Import PST files page in the compliance portal), then all PST files in the `ingestiondata` container in Azure are deleted 30 days after the most recent import job was created in the compliance portal. That also means you have to create a new import job in the compliance portal (described in Step 5 in the network upload instructions) within 30 days of uploading PST files to Azure. -This also means that after PST files are deleted from the Azure Storage area, they're no longer displayed in the list of files for a completed import job in the Microsoft 365 compliance center. Although an import job might still be listed on the Import PST files page in the Microsoft 365 compliance center, the list of PST files might be empty when you view the details of older import jobs. +This also means that after PST files are deleted from the Azure Storage area, they're no longer displayed in the list of files for a completed import job in the compliance portal. Although an import job might still be listed on the Import PST files page in the compliance portal, the list of PST files might be empty when you view the details of older import jobs. #### How long does it take to import a PST file to a mailbox using network upload? No, you can't import PST files to public folders. You have to be assigned the Mailbox Import Export role to import PST files to Microsoft 365 mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a new role group, assign the Mailbox Import Export role, and then add yourself or other users as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups in Exchange Online](/Exchange/permissions-exo/role-groups). -Additionally, to create import jobs in the Microsoft 365 compliance center, one of the following must be true: +Additionally, to create import jobs in the compliance portal, one of the following must be true: - You have to be assigned the Mail Recipients role in Exchange Online. By default, this role is assigned to the Organization Management and Recipient Management roles groups. If different PST files are imported to different target mailboxes, the import pr #### After Microsoft uploads my PST files to Azure, how long are they kept in Azure before they're deleted? -All PST files in the Azure Storage location for your organization (in blob container named `ingestiondata`), are deleted 30 days after the most recent import job was created on the Import PST files page in the Microsoft 365 compliance center. +All PST files in the Azure Storage location for your organization (in blob container named `ingestiondata`), are deleted 30 days after the most recent import job was created on the Import PST files page in the compliance portal. -This also means that after PST files are deleted from the Azure Storage area, they're no longer displayed in the list of files for a completed import job in the Microsoft 365 compliance center. Although an import job might still be listed on the Import PST files page in the Microsoft 365 compliance center, the list of PST files might be empty when you view the details of older import jobs. +This also means that after PST files are deleted from the Azure Storage area, they're no longer displayed in the list of files for a completed import job in the compliance portal. Although an import job might still be listed on the Import PST files page in the compliance portal, the list of PST files might be empty when you view the details of older import jobs. #### What version of the PST file format is supported for importing to Microsoft 365?
compliance	Inactive Mailboxes In Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/inactive-mailboxes-in-office-365.md	description: Learn how to retain mailbox content for former employees by turning # Learn about inactive mailboxes + Your organization might need to retain former employees' email after they leave the organization. Depending on your organization's retention requirements, you might need to retain mailbox content for a few months or years after employment ends, or you might need to retain mailbox content indefinitely. Regardless of how long you need to retain email, you can create inactive mailboxes to retain the mailbox of former employees. ## What are inactive mailboxes? If you don't use [adaptive policy scopes](retention.md#adaptive-or-static-policy ## Inactive mailboxes and eDiscovery case holds -If a hold that's associated with an [eDiscovery case](./get-started-core-ediscovery.md) in Microsoft 365 compliance center is placed on a mailbox and then the mailbox or the user's account is deleted, the mailbox becomes an inactive mailbox. However, we don't recommend using eDiscovery case holds to make a mailbox inactive. That's because eDiscovery cases are intended for specific, time-bound cases related to a legal issue. At some point, a legal case will probably end and the holds associated with the case will be removed and the eDiscovery case will be closed. In fact, if a hold that's placed on an inactive mailbox is associated with an eDiscovery case, and then the hold is released or the eDiscovery case is closed (or deleted), the inactive mailbox will be permanently deleted. Also, you can't create a time-based eDiscovery hold. This means that content in an inactive mailbox is retained forever or until the hold is removed and the inactive mailbox is deleted. Therefore, we recommend using Microsoft 365 retention for inactive mailboxes. +If a hold that's associated with an [eDiscovery case](./get-started-core-ediscovery.md) in the Microsoft Purview compliance portal is placed on a mailbox and then the mailbox or the user's account is deleted, the mailbox becomes an inactive mailbox. However, we don't recommend using eDiscovery case holds to make a mailbox inactive. That's because eDiscovery cases are intended for specific, time-bound cases related to a legal issue. At some point, a legal case will probably end and the holds associated with the case will be removed and the eDiscovery case will be closed. In fact, if a hold that's placed on an inactive mailbox is associated with an eDiscovery case, and then the hold is released or the eDiscovery case is closed (or deleted), the inactive mailbox will be permanently deleted. Also, you can't create a time-based eDiscovery hold. This means that content in an inactive mailbox is retained forever or until the hold is removed and the inactive mailbox is deleted. Therefore, we recommend using Microsoft 365 retention for inactive mailboxes. For more information about the differences between eDiscovery holds and Microsoft 365 retention, see [When to use retention policies and retention labels or eDiscovery holds](retention.md#when-to-use-retention-policies-and-retention-labels-or-ediscovery-holds).
compliance	Indexing Custodian Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/indexing-custodian-data.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "When a custodian is added to an Advanced eDiscovery case, any content that was deemed as partially indexed is reprocessed to make it fully searchable." +description: "When a custodian is added to an eDiscovery (Premium) case, any content that was deemed as partially indexed is reprocessed to make it fully searchable." # Advanced indexing of custodian data -When a custodian is added to an Advanced eDiscovery case, any content that was deemed as partially indexed or had indexing errors is reindexed. This reindexing process is called Advanced indexing. There are many reasons that content is partially indexed or has indexing errors. This includes image files or the presence of images in a file, unsupported file types, or file sized indexing limits. For SharePoint files, Advanced indexing only runs on items are marked as partially indexed or that have indexing errors. In Exchange, email messages that have image attachments are not marked as partially indexed or with indexing errors. This means that those files will not be reindexed by the Advanced indexing process. +When a custodian is added to an eDiscovery (Premium) case, any content that was deemed as partially indexed or had indexing errors is reindexed. This reindexing process is called Advanced indexing. There are many reasons that content is partially indexed or has indexing errors. This includes image files or the presence of images in a file, unsupported file types, or file sized indexing limits. For SharePoint files, Advanced indexing only runs on items are marked as partially indexed or that have indexing errors. In Exchange, email messages that have image attachments are not marked as partially indexed or with indexing errors. This means that those files will not be reindexed by the Advanced indexing process. To learn more about processing support and partially indexed items, see: -- [Supported file types in Advanced eDiscovery](supported-filetypes-ediscovery20.md) +- [Supported file types in eDiscovery (Premium)](supported-filetypes-ediscovery20.md) - [Partially indexed items in eDiscovery](partially-indexed-items-in-content-search.md) To learn more about processing support and partially indexed items, see: ## Viewing Advanced indexing results -After the Advanced indexing process is completed, you can get an understanding of the effectiveness of reprocessing. In the Advanced indexing results view on the Processing tab for a case, the graph lists the number of items added to the hybrid index. The hybrid index is where Advanced eDiscovery stores the reprocessed content. +After the Advanced indexing process is completed, you can get an understanding of the effectiveness of reprocessing. In the Advanced indexing results view on the Processing tab for a case, the graph lists the number of items added to the hybrid index. The hybrid index is where eDiscovery (Premium) stores the reprocessed content. This view also includes the number of items that require remediation and another graph of errors by file type. For more information, see: This view also includes the number of items that require remediation and anothe ## Updating the Advanced index for custodians -When a custodian is added to an Advanced eDiscovery case, all partially indexed items are reprocessed. However, as time passes, more partially indexed items may be added to a user's mailbox or OneDrive account. If necessary, you can update the index for specific custodian. For more information, see [Manage custodians in an Advanced eDiscovery case](manage-new-custodians.md#reindex-custodian-data). You can also update the index for all custodians in a case by clicking the Update index on the Processing tab. +When a custodian is added to an eDiscovery (Premium) case, all partially indexed items are reprocessed. However, as time passes, more partially indexed items may be added to a user's mailbox or OneDrive account. If necessary, you can update the index for specific custodian. For more information, see [Manage custodians in an eDiscovery (Premium) case](manage-new-custodians.md#reindex-custodian-data). You can also update the index for all custodians in a case by clicking the Update index on the Processing tab. > [!NOTE] > Updating custodian indexes is a long running process. It's recommended that you don't update indexes more than once a day in a case.
compliance	Information Barriers Attributes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-attributes.md	Title: "Information barriers attributes" -description: This article is a reference for the Azure Active Directory user account attributes that you can use to define information barrier segments. +description: This article is a reference for the Azure Active Directory user account attributes that you can use to define information barriers segments. +keywords: Microsoft 365, Microsoft Purview, compliance, information barriers # Information barriers attributes + Certain attributes in Azure Active Directory can be used to segment users. Once segments are defined, those segments can be used as filters for information barrier policies. For example, you might use Department to define segments of users by department within your organization (assuming no single employee works for two departments at the same time). This article describes how to use attributes with information barriers, and it provides a list of attributes that can be used. To learn more about information barriers, see the following resources: The following table lists the attributes that you can use with information barri - [Define policies for information barriers in Microsoft Teams](information-barriers-policies.md) - [Troubleshooting information barriers](/office365/troubleshoot/information-barriers/information-barriers-troubleshooting)-- [Information barriers](information-barriers.md) +- [Information barriers](information-barriers.md)
compliance	Information Barriers Edit Segments Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-edit-segments-policies.md	Title: "Manage information barriers policies" -description: "Learn how to edit or remove policies and segments for information barriers." + Title: "Manage information barrier policies" +description: "Learn how to edit or remove policies for information barriers." +keywords: Microsoft 365, Microsoft Purview, compliance, information barriers f1.keywords: # Manage information barriers policies -After you have [defined information barriers policies](information-barriers-policies.md), you might need to make changes to policies or user segments as part of [troubleshooting](/office365/troubleshoot/information-barriers/information-barriers-troubleshooting) or for regular maintenance. + +After you have [defined information barrier policies](information-barriers-policies.md), you may need to make changes to those policies or to your user segments, as part of [troubleshooting](/office365/troubleshoot/information-barriers/information-barriers-troubleshooting) or as regular maintenance. ## What do you want to do? After you have started applying information barriers policies, if you want to st - [Learn more about information barriers in Microsoft Teams](/MicrosoftTeams/information-barriers-in-teams) - [Learn more about information barriers in SharePoint Online](/sharepoint/information-barriers) - [Learn more about information barriers in OneDrive](/onedrive/information-barriers)-- [Attributes for information barriers policies](information-barriers-attributes.md)-- [Troubleshooting information barriers](/office365/troubleshoot/information-barriers/information-barriers-troubleshooting) +- [Attributes for information barrier policies](information-barriers-attributes.md) +- [Troubleshooting information barriers](/office365/troubleshoot/information-barriers/information-barriers-troubleshooting)
compliance	Information Barriers Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-policies.md	Title: "Get started with information barriers" -description: Learn how to get started with information barriers. +description: Learn how to get started with information barriers in Microsoft Purview. +keywords: Microsoft 365, Microsoft Purview, compliance, information barriers # Get started with information barriers -With information barriers, you can define policies that are designed to prevent certain segments of users from communicating with each other or allow specific segments to communicate only with certain other segments. Information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, and avoid potential conflicts of interest. For more information, see [Learn about information barriers](information-barriers.md). + +With Microsoft Purview Information Barriers, you can define policies that are designed to prevent certain segments of users from communicating with each other or allow specific segments to communicate only with certain other segments. Information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, and avoid potential conflicts of interest. For more information, see [Learn about information barriers](information-barriers.md). This article describes how to configure information barrier policies. Several steps are involved, so make sure you review entire process before you begin configuring information barrier policies. This article describes how to configure information barrier policies. Several st When you define policies for information barriers, you'll work with user account attributes, segments, 'block' and/or 'allow' policies, and policy application. - User account attributes are defined in Azure Active Directory (or Exchange Online). These attributes can include department, job title, location, team name, and other job profile details.-- Segments are sets of users that are defined in the Microsoft 365 compliance center using a selected user account attribute. (See the [list of supported attributes](information-barriers-attributes.md).) +- Segments are sets of users that are defined in the Microsoft Purview compliance portal using a selected user account attribute. (See the [list of supported attributes](information-barriers-attributes.md).) - Information barrier policies determine communication limits or restrictions. When you define information barrier policies, you choose from two kinds of policies: - Block policies prevent one segment from communicating with another segment. - Allow policies allow one segment to communicate with only certain other segments. With PowerShell, you can view status of user accounts, segments, policies, and p \| The most recent information barrier policy application \| Use the Get-InformationBarrierPoliciesApplicationStatus cmdlet. <p> Syntax: `Get-InformationBarrierPoliciesApplicationStatus`<p> This cmdlet will display information about whether policy application completed, failed, or is in progress. \| \| All information barrier policy applications\|Use `Get-InformationBarrierPoliciesApplicationStatus -All`<p> This cmdlet will display information about whether policy application completed, failed, or is in progress.\| -<!-- IN the " The most recent information barrier policy application, add link to troubleshooting topic --> - ### What if I need to remove or change policies? Resources are available to help you manage your information barrier policies.
compliance	Information Barriers Solution Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers-solution-overview.md	Title: Information barriers in Microsoft 365 -description: Learn how to configure information barriers in Microsoft 365. -keywords: Microsoft 365, insider risk, compliance + Title: Information barriers +description: Learn how to configure information barriers in Microsoft Purview. +keywords: Microsoft 365, Microsoft Purview, compliance, information barriers ms.localizationpriority: medium - m365solution-scenario -# Information barriers in Microsoft 365 +# Information barriers + Microsoft 365 enables communication and collaboration across groups and organizations and supports ways to restrict communication and collaboration among specific groups of users when necessary. This may include situations or scenarios where you want to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. This may also include situations when you need to restrict communication and collaboration between certain people inside your organization to safeguard internal information. -Information barriers are supported in Microsoft Teams, SharePoint Online, and OneDrive for Business. A compliance administrator or information barriers administrator can define policies to allow or prevent communications between groups of users in Microsoft Teams. Information barrier policies can be used for situations like these: +Microsoft Purview Information Barriers is supported in Microsoft Teams, SharePoint Online, and OneDrive for Business. A compliance administrator or information barriers administrator can define policies to allow or prevent communications between groups of users in Microsoft Teams. Information barrier policies can be used for situations like these: - User in the day trader group should not communicate or share files with the marketing team - Finance personnel working on confidential company information should not communicate or share files with certain groups within their organization - An internal team with trade secret material should not call or chat online with people in certain groups within their organization - A research team should only call or chat online with a product development team -## Configure information barriers for Microsoft 365 +## Configure information barriers Use the following steps to configure information barriers for your organization: ![Insider risk solution information barriers steps.](../media/ir-solution-ib-steps.png) -1. Learn about [information barriers](information-barriers.md) in Microsoft 365 +1. Learn about [information barriers](information-barriers.md) 2. Configure [prerequisites and permissions](information-barriers-policies.md#step-1-make-sure-prerequisites-are-met) 3. Segment [users in your organization](information-barriers-policies.md#step-2-segment-users-in-your-organization) 4. Create and configure [information barrier policies](information-barriers-policies.md#step-3-define-information-barrier-policies) Use the following steps to configure information barriers for your organization: ## More information about information barriers - [Attributes for information barrier policies](information-barriers-attributes.md)-- [Edit or remove information barrier policies](information-barriers-edit-segments-policies.md) +- [Edit or remove information barrier policies](information-barriers-edit-segments-policies.md)
compliance	Information Barriers	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers.md	Title: "Learn about information barriers in Microsoft 365" -description: "Use information barriers to ensure communication compliance using Microsoft Teams within your organization." + Title: "Learn about information barriers" +description: "Learn about information barriers in Microsoft Purview." +keywords: Microsoft 365, Microsoft Purview, compliance, information barriers f1.keywords: -# Learn about information barriers in Microsoft 365 +# Learn about information barriers -Microsoft cloud services include powerful communication and collaboration capabilities. But suppose that you want to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. Or, perhaps you want to restrict communication and collaboration between certain people inside your organization in order to safeguard internal information. Microsoft 365 enables communication and collaboration across groups and organizations, so is there a way to restrict communication and collaboration among specific groups of users when necessary? With information barriers, you can! + +Microsoft cloud services include powerful communication and collaboration capabilities. But suppose that you want to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. Or, perhaps you want to restrict communication and collaboration between certain people inside your organization in order to safeguard internal information. Microsoft 365 enables communication and collaboration across groups and organizations, so is there a way to restrict communication and collaboration among specific groups of users when necessary? With Microsoft Purview Information Barriers, you can! Microsoft Teams, SharePoint Online, and OneDrive for Business support information barriers. Assuming your [subscription](#required-licenses-and-permissions) includes information barriers, a compliance administrator, or information barriers administrator can define policies to allow or prevent communications between groups of users in Microsoft Teams. Information barrier policies can be used for situations like these:
compliance	Information Protection Solution	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection-solution.md	Title: "Deploy a Microsoft Information Protection solution" + Title: "Deploy an information protection solution with Microsoft Purview" f1.keywords: - NOCSH - m365solution-overview - m365solution-mip - m365initiative-compliance -description: "Prescriptive guidance to deploy Microsoft Information Protection (MIP) for your organization." +description: "Prescriptive guidance to deploy Microsoft Purview Information Protection for your organization." -# Deploy a Microsoft Information Protection solution +# Deploy an information protection solution with Microsoft Purview + >[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) Your information protection strategy is driven by your business needs. Many organizations must comply with regulations, laws, and business practices. Additionally, organizations need to protect proprietary information, such as data for specific projects. -Microsoft Information Protection (MIP) provides a framework, process, and capabilities you can use to accomplish your specific business objectives. +Microsoft Purview Information Protection (formerly Microsoft Information Protection) provides a framework, process, and capabilities you can use to accomplish your specific business objectives. -## Microsoft Information Protection framework +## Microsoft Purview Information Protection framework -Use Microsoft Information Protection to help you discover, classify, protect, and govern sensitive information wherever it lives or travels. +Use Microsoft Purview Information Protection to help you discover, classify, protect, and govern sensitive information wherever it lives or travels. -![MIP solution overview](../media/mip-solution-overview-extended.png) +![Microsoft Purview Information Protection solution overview](../media/mip-solution-overview-extended.png) Watch the following Ignite session to see how these capabilities support and build on each other: [Know your data, protect your data, and prevent data loss with Microsoft Information Protection](https://myignite.microsoft.com/archives/IG20-OD273). -For information about governing your data, see [Microsoft Information Governance in Microsoft 365](manage-Information-governance.md). +For information about governing your data, see [Govern your data with Microsoft Purview](manage-Information-governance.md). ## Licensing -MIP capabilities are included with Microsoft 365 Compliance. The licensing requirements can vary even within capabilities, depending on configuration options. To identify licensing requirements and options, see the [Microsoft 365 guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). +Microsoft Purview Information Protection capabilities are included with Microsoft Purview. The licensing requirements can vary even within capabilities, depending on configuration options. To identify licensing requirements and options, see the [Microsoft 365 guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). ## Know your data -![Know your data for MIP solution overview](../media/knowyourdata-mipsolution.png) +![Know your data for Microsoft Purview Information Protection solution overview](../media/knowyourdata-mipsolution.png) -Knowing where your sensitive data resides is often the biggest challenge for many organizations. MIP data classification helps you to discover and accurately classify ever-increasing amounts of data that your organization creates. Graphical representations help you gain insights into this data so you can set up and monitor policies to protect and govern it. +Knowing where your sensitive data resides is often the biggest challenge for many organizations. Microsoft Purview Information Protection data classification helps you to discover and accurately classify ever-increasing amounts of data that your organization creates. Graphical representations help you gain insights into this data so you can set up and monitor policies to protect and govern it. \|Step\|Description\|More information\| Knowing where your sensitive data resides is often the biggest challenge for man ## Protect your data -![Protect your data for MIP solution overview](../media/protect-mipsolution.png) +![Protect your data for Microsoft Purview Information Protection solution overview](../media/protect-mipsolution.png) Use the information from knowing where your sensitive data resides to help you more efficiently protect it. But there's no need to waitΓÇöyou can start to protect your data immediately with a combination of manual, default, and automatic labeling. Then use [content explorer](data-classification-content-explorer.md) and [activity explorer](data-classification-activity-explorer.md) from the previous section to confirm what items are labeled and how your labels are being used. Use the information from knowing where your sensitive data resides to help you m \| 2\|Label and protect items for Microsoft 365 apps and services. <br /><br />Sensitivity labels are supported for Microsoft 365 Word, Excel, PowerPoint, Outlook, and containers that include SharePoint and OneDrive sites, and Microsoft 365 groups. Use a combination of labeling methods such as manual labeling, automatic labeling, a default label, and mandatory labeling.\| [Manage sensitivity labels in Office apps](sensitivity-labels-office-apps.md) <br /><br /> [Enable sensitivity labels for Office files in SharePoint and OneDrive](sensitivity-labels-sharepoint-onedrive-files.md) <br /><br /> [Enable co-authoring for files encrypted with sensitivity labels](sensitivity-labels-coauthoring.md) <br /><br /> [Apply a sensitivity label to content automatically](apply-sensitivity-label-automatically.md) <br /><br /> [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](sensitivity-labels-teams-groups-sites.md) <br /><br /> [Use sensitivity labels to set the default sharing link for sites and documents in SharePoint and OneDrive](sensitivity-labels-default-sharing-link.md) <br /><br /> [Apply a sensitivity label to a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-sensitivity-label-to-a-model) <br /><br /> [Sensitivity labels in Power BI](/power-bi/admin/service-security-sensitivity-label-overview) \| \|3\|Discover, label, and protect sensitive items that reside in data stores in the cloud by using [Microsoft Defender for Cloud Apps](/cloud-app-security/what-is-cloud-app-security) with your sensitivity labels.\| [Discover, classify, label, and protect regulated and sensitive data stored in the cloud](/cloud-app-security/best-practices#discover-classify-label-and-protect-regulated-and-sensitive-data-stored-in-the-cloud)\| \|4\|Discover, label, and protect sensitive items that reside in data stores on premises by deploying the [Azure Information Protection unified labeling scanner](/azure/information-protection/deploy-aip-scanner) with your sensitivity labels.\| [Configuring and installing the Azure Information Protection unified labeling scanner](/azure/information-protection/deploy-aip-scanner-configure-install)\| -\|5\|Extend your sensitivity labels to Azure by using [Azure Purview](/azure/purview/overview), to discover and label items for Azure Blob Storage, Azure files, Azure Data Lake Storage Gen1, and Azure Data Lake Storage Gen12. \| [Labeling in Azure Purview](/azure/purview/create-sensitivity-label)\| +\|5\|Extend your sensitivity labels to Azure by using [Microsoft Purview Data Map](/azure/purview/overview), to discover and label items for Azure Blob Storage, Azure files, Azure Data Lake Storage Gen1, and Azure Data Lake Storage Gen12. \| [Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label)\| If you are a developer who wants to extend sensitivity labels to line-of-business apps or third-party SaaS apps, see [Microsoft Information Protection (MIP) SDK setup and configuration](/information-protection/develop/setup-configure-mip). ### Additional protection capabilities -Microsoft 365 includes additional capabilities to help protect data. Not every customer needs these capabilities, and some might be superseded by more recent releases. +Microsoft Purview includes additional capabilities to help protect data. Not every customer needs these capabilities, and some might be superseded by more recent releases. -Use the [Microsoft Information Protection in Microsoft 365](information-protection.md) page for the full list of protection capabilities. +Use the [Protect your data with Microsoft Purview](information-protection.md) page for the full list of protection capabilities. ## Prevent data loss -![Prevent data loss for MIP solution overview](../media/dlp-mipsolution.png) +![Prevent data loss for Microsoft Purview Information Protection solution overview](../media/dlp-mipsolution.png) -Deploy data loss prevention (DLP) policies to govern and prevent the inappropriate sharing, transfer, or use of sensitive data across apps and services. These policies help users make the right decisions and take the right actions when they're using sensitive data. +Deploy Microsoft Purview Data Loss Prevention (DLP) policies to govern and prevent the inappropriate sharing, transfer, or use of sensitive data across apps and services. These policies help users make the right decisions and take the right actions when they're using sensitive data. \|Step\|Description\|More information\| \|:\|:-\|:\|
compliance	Information Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection.md	Title: "Microsoft Information Protection in Microsoft 365" + Title: "Microsoft Purview Information Protection" f1.keywords: - NOCSH - m365solution-mip - m365initiative-compliance recommendations: false -description: "Implement Microsoft Information Protection (MIP) capabilities to help you protect sensitive information wherever it lives or travels." +description: "Implement Microsoft Purview Information Protection capabilities to help you protect sensitive information wherever it lives or travels." -# Microsoft Information Protection in Microsoft 365 +# Protect your sensitive data with Microsoft Purview + >[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) -Implement capabilities from Microsoft Information Protection (MIP) to help you discover, classify, and protect sensitive information wherever it lives or travels. +Implement capabilities from Microsoft Purview Information Protection (formerly Microsoft Information Protection) to help you discover, classify, and protect sensitive information wherever it lives or travels. -MIP capabilities are included with Microsoft 365 Compliance and give you the tools to [know your data](#know-your-data), [protect your data](#protect-your-data), and [prevent data loss](#prevent-data-loss). +These information protection capabilities give you the tools to [know your data](#know-your-data), [protect your data](#protect-your-data), and [prevent data loss](#prevent-data-loss). -![Image of how MIP helps you discover, classify, and protect sensitive data.](../media/powered-by-intelligent-platform.png) +![Image of how Microsoft Purview Information Protection helps you discover, classify, and protect sensitive data.](../media/powered-by-intelligent-platform.png) -For prescriptive guidance to deploy a MIP solution for your organization, see [Deploy a Microsoft Information Protection solution](information-protection-solution.md). +For prescriptive guidance to deploy a Microsoft Purview Information Protection solution for your organization, see [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md). -For information about governing your data, see [Microsoft Information Governance in Microsoft 365](manage-Information-governance.md). +For information about governing your data, see [Govern your data with Microsoft Purview](manage-Information-governance.md). ## Know your data To apply flexible protection actions that include encryption, access restriction [Rights Management connector](/azure/information-protection/deploy-rms-connector) \|Protection-only for existing on-premises deployments that use Exchange or SharePoint Server, or file servers that run Windows Server and File Classification Infrastructure (FCI). \| [Steps to deploy the RMS connector](/azure/information-protection/deploy-rms-connector#steps-to-deploy-the-rms-connector) \|[Azure Information Protection unified labeling scanner](/azure/information-protection/deploy-aip-scanner)\| Discovers, labels, and protects sensitive information that resides in data stores that are on premises. \| [Configuring and installing the Azure Information Protection unified labeling scanner](/azure/information-protection/deploy-aip-scanner-configure-install)\| \|[Microsoft Defender for Cloud Apps](/cloud-app-security/what-is-cloud-app-security)\| Discovers, labels, and protects sensitive information that resides in data stores that are in the cloud. \| [Discover, classify, label, and protect regulated and sensitive data stored in the cloud](/cloud-app-security/best-practices#discover-classify-label-and-protect-regulated-and-sensitive-data-stored-in-the-cloud)\| -\|[Azure Purview](/azure/purview/overview) \|Identifies sensitive data and applies automatic labeling to content in Azure Purview assets. These include files in storage such as Azure Data Lake and Azure Files, and schematized data such as columns in Azure SQL DB, and Cosmos DB. \|[Labeling in Azure Purview](/azure/purview/create-sensitivity-label) \| +\|[Microsoft Purview Data Map](/azure/purview/overview) \|Identifies sensitive data and applies automatic labeling to content in Microsoft Purview Data Map assets. These include files in storage such as Azure Data Lake and Azure Files, and schematized data such as columns in Azure SQL DB, and Cosmos DB. \|[Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label) \| \|[Microsoft Information Protection SDK](/information-protection/develop/overview#microsoft-information-protection-sdk)\|Extends sensitivity labels to third-party apps and services. <br /><br /> Example scenario: [Set and get a sensitivity label (C++)](/information-protection/develop/quick-file-set-get-label-cpp) \|[Microsoft Information Protection (MIP) SDK setup and configuration](/information-protection/develop/setup-configure-mip)\| To help prevent accidental oversharing of sensitive information, use the followi \|Capability\|What problems does it solve?\|Get started\| \|:\|:\|:\| -\|[Data loss prevention](dlp-learn-about-dlp.md)\| Helps prevent unintentional sharing of sensitive items. \| [Get started with the default DLP policy](get-started-with-the-default-dlp-policy.md)\| +\|[Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md)\| Helps prevent unintentional sharing of sensitive items. \| [Get started with the default DLP policy](get-started-with-the-default-dlp-policy.md)\| \|[Endpoint data loss prevention](endpoint-dlp-learn-about.md)\| Extends DLP capabilities to items that are used and shared on Windows 10 computers. \| [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md)\| \|[Microsoft Compliance Extension](dlp-chrome-learn-about.md) \| Extends DLP capabilities to the Chrome browser \| [Get started with the Microsoft Compliance Extension](dlp-chrome-get-started.md)\| -\|[Microsoft 365 data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-learn.md)\|Extends DLP monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries.\|[Get started with Microsoft 365 data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-get-started.md)\| +\|[Microsoft Purview data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-learn.md)\|Extends DLP monitoring of file activities and protective actions for those files to on-premises file shares and SharePoint folders and document libraries.\|[Get started with Microsoft Purview data loss prevention on-premises scanner (preview)](dlp-on-premises-scanner-get-started.md)\| \|[Protect sensitive information in Microsoft Teams chat and channel messages](dlp-microsoft-teams.md) \| Extends some DLP functionality to Teams chat and channel messages \| [Learn about the default data loss prevention policy in Microsoft Teams (preview)](dlp-teams-default-policy.md)\| ## Licensing requirements -License requirements for MIP depend on the scenarios and features you use, rather than set licensing requirements for each capability listed on this page. To understand your licensing requirements and options for MIP, see the Information Protection sections from [Microsoft 365 guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) and the related [PDF download](https://go.microsoft.com/fwlink/?linkid=2139145) for feature-level licensing requirements. +License requirements for Microsoft Purview Information Protection depend on the scenarios and features you use, rather than set licensing requirements for each capability listed on this page. To understand your licensing requirements and options for Microsoft Purview Information Protection, see the Information Protection sections from [Microsoft 365 guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance) and the related [PDF download](https://go.microsoft.com/fwlink/?linkid=2139145) for feature-level licensing requirements.
compliance	Information Rights Management In Exchange Online	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-rights-management-in-exchange-online.md	description: Learn how to configure Exchange Online IRM to use on-premises Activ # Exchange Online mail encryption with AD RMS -To help prevent information leakage, Exchange Online includes Information Rights Management (IRM) functionality that provides online and offline protection of email messages and attachments. You can configure Exchange Online IRM to use on-premises Active Directory Rights Management Service (AD RMS), if needed, to satisfy your organization requirements. This is not common. If you do not have a requirement to use AD RMS, use [Office 365 Message Encryption](ome.md) instead. + +To help prevent information leakage, Exchange Online includes Information Rights Management (IRM) functionality that provides online and offline protection of email messages and attachments. You can configure Exchange Online IRM to use on-premises Active Directory Rights Management Service (AD RMS), if needed, to satisfy your organization requirements. This is not common. If you do not have a requirement to use AD RMS, use [Microsoft Purview Message Encryption](ome.md) instead. IRM protection can be applied by users in Microsoft Outlook or Outlook on the web, and it can be applied by administrators using transport protection rules or Outlook protection rules. IRM helps you and your users control who can access, forward, print, or copy sensitive data within an email. -## Changes to how IRM works with Office 365 Message Encryption (OME) and Azure Active Directory +## Changes to how IRM works with message encryption and Azure Active Directory -As of September 2017, when you set up the new Office 365 Message Encryption capabilities for your organization, you also set up IRM for use with Azure Rights Management (Azure RMS). You no longer set up IRM with Azure RMS separately. Instead, OME and rights management work seamlessly together. For more details about the new capabilities, see [Office 365 Message Encryption FAQ](./ome-faq.yml). If you're ready to get started using the new OME capabilities within your organization, see [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection](./set-up-new-message-encryption-capabilities.md). +As of September 2017, when you set up Microsoft Purview Message Encryption for your organization, you also set up IRM for use with Azure Rights Management (Azure RMS). You no longer set up IRM with Azure RMS separately. Instead, message encryption and rights management work seamlessly together. For more details about Microsoft Purview Message Encryption, see [Message Encryption FAQ](./ome-faq.yml). If you're ready to get started using Microsoft Purview Message Encryption within your organization, see [Set up Microsoft Purview Message Encryption](./set-up-new-message-encryption-capabilities.md). ## How IRM works with Exchange Online and Active Directory Rights Management Services Exchange Online IRM uses on-premises Active Directory Rights Management Services Users can apply a template to an email message to control the permissions that recipients have on a message. Actions, such as forwarding, extracting information from a message, saving a message or printing a message can be controlled by applying an AD RMS rights policy to the message. -You can configure IRM to use an AD RMS server running Windows Server 2008 or later. You can use this AD RMS server to manage the AD RMS rights policy templates for your cloud-based organization. Outlook also relies on the AD RMS server to enable users to apply IRM protection to messages they send. For details, see [Configure IRM to use an on-premises AD RMS server](configure-irm-to-use-an-on-premises-ad-rms-server.md). +You can configure IRM to use an AD RMS server running Windows Server 2008 or later. You can use this AD RMS server to manage the AD RMS rights policy templates for your cloud-based organization. Outlook also relies on the AD RMS server to enable users to apply IRM protection to messages they send. For details, see [Configure IRM to use an on-premises AD RMS server](configure-irm-to-use-an-on-premises-ad-rms-server.md). After it's enabled, IRM protection can be applied to messages as follows: -- Users can manually apply a template using Outlook and Outlook on the web. Users can apply an AD RMS rights policy template to an email message by selecting the template from the Set permissions list. When users send an IRM-protected message, any attached files that use a supported format also receive the same IRM protection as the message. IRM protection is applied to files associated with Word, Excel, and PowerPoint, as well as .xps files and attached email messages. - +- Users can manually apply a template using Outlook and Outlook on the web. Users can apply an AD RMS rights policy template to an email message by selecting the template from the Set permissions list. When users send an IRM-protected message, any attached files that use a supported format also receive the same IRM protection as the message. IRM protection is applied to files associated with Word, Excel, and PowerPoint, as well as .xps files and attached email messages. + - Administrators can use transport protection rules to apply IRM protection automatically to both Outlook and Outlook on the web. You can create transport protection rules to IRM-protect messages. Configure the transport protection rule action to apply an AD RMS rights policy template to messages that meet the rule condition. After you enable IRM, your organization's AD RMS rights policy templates are available to use with the transport protection rule action called Apply rights protection to the message with. - + - Administrators can create Outlook protection rules. Outlook protection rules automatically apply IRM-protection to messages in Outlook 2010 (not Outlook on the web) based on message conditions that include the sender's department, who the message is sent to, and whether recipients are inside or outside your organization. For details, see [Create an Outlook Protection Rule](/exchange/create-an-outlook-protection-rule-exchange-2013-help).
compliance	Insider Risk Management Activities	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-activities.md	Title: Investigate insider risk management activities -description: Learn about investigating insider risk management activities in Microsoft 365 -keywords: Microsoft 365, insider risk, risk management, compliance +description: Learn about investigating insider risk management activities in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Investigate insider risk management activities + Investigating risky user activities is an important first step in minimizing insider risks for your organization. These risks may be activities that generate alerts from insider risk management policies, or risks from activities that are detected by policies but don't immediately create an insider risk management alert for users. You can investigate these types of activities by using the User activity reports (preview) or with the Alert dashboard. ## User activity reports (preview) It may help save triage time for analysts and investigators to immediately dismi To dismiss an insider risk alert, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. 2. On the Alerts dashboard, select the alert (or alerts) with a Needs review status that you want to dismiss. 3. On the Alerts command bar, select Dismiss alerts. 4. On the Dismiss alerts detail pane, you can review the user and policy details associated with the selected alerts. To dismiss an insider risk alert, complete the following steps: To triage an insider risk alert, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. 2. On the Alerts dashboard, select the alert you want to triage. 3. On the Alert detail page, you can review information about the alert. You can confirm the alert and create a new case, confirm the alert and add to an existing case, or dismiss the alert. This page also includes the current status for the alert and the alert risk severity level, listed as High, Medium, or Low. The severity level may increase or decrease over time if the alert isn't triaged. Use the Activity scope and Risk insight filters to display and sort activities a To use the Activity explorer, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. 2. On the Alerts dashboard, select the alert you want to triage. 3. On the Alerts detail pane, select Open expanded view. 4. On the page for the selected alert, select the Activity explorer tab. When selecting an activity's events from the activity timeline, the number of ac As alert is reviewed and triaged, you can create a new case to further investigate the risk activity. To create a case for an alert, follow these steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Alerts tab. 2. On the Alerts dashboard, select the alert you want to confirm and create a new case for. 3. On the Alerts details pane, select Actions > Confirm alerts & create case. 4. On the Confirm alert and create insider risk case dialog, enter a name for the case, select users to add as contributors, and add comments as applicable. Comments are automatically added to the case as a case note.
compliance	Insider Risk Management Audit Log	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-audit-log.md	Title: Insider risk management audit log -description: Learn about the insider risk management audit log in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about the insider risk management audit log in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management audit log + The insider risk management audit log enables you to stay informed on the actions that were taken on insider risk management features. This log allows independent review of the actions taken by users assigned to one or more insider risk management role groups. The insider risk management audit log is automatically enabled in your organization and cannot be disabled. ![Insider risk management audit log.](../media/insider-risk-audit-log.png) The file contains activity information for the following fields: - Category: The category of the item modified. Values are Policies, Cases, Users, Alerts, Settings, and Notice templates. - Date: Date and time, listed in your organization's local date and time. - Description: The description input by the user for the object being acted on (such as a policy or a priority user group).-- DLP policy: The data loss prevention (DLP) policy selected to trigger inclusion in an insider risk management policy. +- DLP policy: The Microsoft Purview Data Loss Prevention (DLP) policy selected to trigger inclusion in an insider risk management policy. - Indicator: The indicator in the within insider risk settings that the activity was performed on (such as adding or removing an indicator). - Notice template: The notice template the activity was performed on. - Number of days: The policy activation window defined in insider risk settings.
compliance	Insider Risk Management Browser Support	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-browser-support.md	Title: Learn about and configure insider risk management browser signal detection -description: Learn about insider risk management browser signal detection in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management browser signal detection in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Learn about and configure insider risk management browser signal detection + Web browsers are often used by users to access both sensitive and non-sensitive files within an organization. Insider risk management allows your organization to detect and act on browser exfiltration signals for all non-executable files viewed in [Microsoft Edge](https://www.microsoft.com/edge) and [Google Chrome](https://www.google.com/chrome) browsers. With these signals, analysts and investigators can quickly act when any of the following activities are performed by in-scope policy users when using these browsers: - Files copied to personal cloud storage Before installing the Microsoft Edge add-on or Google Chrome extension, customer - Latest Windows 10 x64 build is recommended, minimum Windows 10 x64 build 1809 for signal detection support. Browser signal detection isn't currently supported on non-Windows devices. - Current [Microsoft 365 subscription](/microsoft-365/compliance/insider-risk-management-configure#subscriptions-and-licensing) with insider risk management support.-- Devices must be [onboarded](/microsoft-365/compliance/insider-risk-management-settings#enable-device-indicators-and-onboard-devices) to the Microsoft 365 Compliance portal. +- Devices must be [onboarded](/microsoft-365/compliance/insider-risk-management-settings#enable-device-indicators-and-onboard-devices) to the Microsoft Purview compliance portal. For specific browser configuration requirements, see the Microsoft Edge and Google Chrome sections later in this article.
compliance	Insider Risk Management Cases	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-cases.md	Title: Insider risk management cases -description: Learn about insider risk management cases in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management cases in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management cases + Cases are the heart of insider risk management and allow you to deeply investigate and act on issues generated by risk indicators defined in your policies. Cases are manually created from alerts in situations where further action is needed to address a compliance-related issue for a user. Each case is scoped to a single user and multiple alerts for the user can be added to an existing case or to a new case. After investigating the details of a case, you can take action by: After investigating the details of a case, you can take action by: - sending the user a notice - resolving the case as benign - sharing the case with your ServiceNow instance or with an email recipient-- escalating the case for an Advanced eDiscovery investigation +- escalating the case for an eDiscovery (Premium) investigation Check out the [Insider Risk Management Investigation and Escalation video](https://www.youtube.com/watch?v=UONUSmkRC8s) for an overview of how cases are investigated and managed in insider risk management. The case notes dashboard displays notes by the user that created the note and th To add a note to a case: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. 2. Select a case, then select the Case notes tab. 3. Select Add case note. 4. On the Add case note dialog, type your note for the case. Select Save to add the note to the case or select Cancel close without saving the note to the case. Temporary access to a case can be granted by adding a user as a contributor. Con To add a contributor to a case: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. 2. Select a case, then select the Contributors tab. 3. Select Add contributor. 4. On the Add contributor dialog, start typing the name of the user you want to add and then select the user from the suggested user list. This list is generated from the Azure Active Directory of your tenant subscription. To add a contributor to a case: ## Case actions -Risk investigators can take action on a case in one of several methods, depending on the severity of the case, the history of risk of the user, and the risk guidelines of your organization. In some situations, you may need to escalate a case to a user or data investigation to collaborate with other areas of your organization and to dive deeper into risk activities. Insider risk management is tightly integrated with other Microsoft 365 compliance solutions to help you with end-to-end resolution management. +Risk investigators can take action on a case in one of several methods, depending on the severity of the case, the history of risk of the user, and the risk guidelines of your organization. In some situations, you may need to escalate a case to a user or data investigation to collaborate with other areas of your organization and to dive deeper into risk activities. Insider risk management is tightly integrated with other Microsoft Purview solutions to help you with end-to-end resolution management. ### Send email notice It's important to remember that sending an email notice to a user *does not* To send a notice to the user assigned to a case: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. 2. Select a case, then select the Send email notice button on the case action toolbar. 3. On the Send e-mail notice dialog, select the Choose a notice template dropdown control to select the notice template for the notice. This selection pre-fills the other fields on the notice. 4. Review the notice fields and update as appropriate. The values entered here will override the values on the template. To send a notice to the user assigned to a case: ### Escalate for investigation -Escalate the case for user investigation in situations where additional legal review is needed for the user's risk activity. This escalation opens a new Advanced eDiscovery case in your Microsoft 365 organization. Advanced eDiscovery provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external legal investigations. It also lets your legal team manage the entire legal hold notification workflow to communicate with custodians involved in a case. Assigning a reviewer as a custodian in an Advanced eDiscovery case created from an insider risk management case helps your legal team take appropriate action and manage content preservation. To learn more about Advanced eDiscovery cases, see [Overview of Advanced eDiscovery in Microsoft 365](overview-ediscovery-20.md). +Escalate the case for user investigation in situations where additional legal review is needed for the user's risk activity. This escalation opens a new Microsoft Purview eDiscovery (Premium) case in your Microsoft 365 organization. eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external legal investigations. It also lets your legal team manage the entire legal hold notification workflow to communicate with custodians involved in a case. Assigning a reviewer as a custodian in an eDiscovery (Premium) case created from an insider risk management case helps your legal team take appropriate action and manage content preservation. To learn more about eDiscovery (Premium) cases, see [Overview of Microsoft Purview eDiscovery (Premium)](overview-ediscovery-20.md). To escalate a case to a user investigation: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. 2. Select a case, then select the Escalate for investigation button on the case action toolbar. 3. On the Escalate for investigation dialog, enter a name for the new user investigation. If needed, enter notes about the case and select Escalate. 4. Review the notice fields and update as appropriate. The values entered here will override the values on the template. 5. Select Confirm to create the user investigation case or select Cancel to close the dialog without creating a new user investigation case. -After the insider risk management case has been escalated to a new user investigation case, you can review the new case in the eDiscovery > Advanced area in the Microsoft 365 compliance center. +After the insider risk management case has been escalated to a new user investigation case, you can review the new case in the eDiscovery > Advanced area in the Microsoft Purview compliance portal. ### Run automated tasks with Power Automate flows for the case After risk analysts and investigators have completed their review and investigat To resolve a case: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Cases tab. 2. Select a case, then select the Resolve case button on the case action toolbar. 3. On the Resolve case dialog, select the Resolve as dropdown control to select the resolution classification for the case. The options are Benign or Confirmed policy violation. 4. On the Resolve case dialog, enter the reasons for the resolution classification in the Action taken text field.
compliance	Insider Risk Management Configure	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-configure.md	Title: Get started with insider risk management description: Configure insider risk management in your organization. -keywords: Microsoft 365, insider risk management, risk management, compliance +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Get started with insider risk management + Use insider risk management policies to identify risky activities and management tools to act on risk alerts in your organization. Complete the following steps to set up prerequisites and configure an insider risk management policy. > [!IMPORTANT] -> The Microsoft 365 insider risk management solution provides a tenant level option to help customers facilitate internal governance at the user level. Tenant level administrators can set up permissions to provide access to this solution for members of your organization and set up data connectors in the Microsoft 365 compliance center to import relevant data to support user level identification of potentially risky activity. Customers acknowledge insights related to the individual user's behavior, character, or performance materially related to employment can be calculated by the administrator and made available to others in the organization. In addition, customers acknowledge that they must conduct their own full investigation related to the individual user's behavior, character, or performance materially related to employment, and not just rely on insights from the insider risk management service. Customers are solely responsible for using the Microsoft 365 insider risk management service, and any associated feature or service in compliance with all applicable laws, including laws relating to individual user identification and any remediation actions. +> The insider risk management solution provides a tenant level option to help customers facilitate internal governance at the user level. Tenant level administrators can set up permissions to provide access to this solution for members of your organization and set up data connectors in the Microsoft Purview compliance portal to import relevant data to support user level identification of potentially risky activity. Customers acknowledge insights related to the individual user's behavior, character, or performance materially related to employment can be calculated by the administrator and made available to others in the organization. In addition, customers acknowledge that they must conduct their own full investigation related to the individual user's behavior, character, or performance materially related to employment, and not just rely on insights from the insider risk management service. Customers are solely responsible for using the insider risk management service, and any associated feature or service in compliance with all applicable laws, including laws relating to individual user identification and any remediation actions. -For more information about how insider risk policies can help you manage risk in your organization, see [Insider risk management in Microsoft 365](insider-risk-management.md). +For more information about how insider risk policies can help you manage risk in your organization, see [Learn about insider risk management](insider-risk-management.md). ## Subscriptions and licensing Select a recommendation from the list to get started with configuring insider ri > [!IMPORTANT] > After configuring your role groups, it may take up to 30 minutes for the role group permissions to apply to assigned users across your organization. -There are six role groups used to configure insider risk management features. To make Insider risk management available as a menu option in Microsoft 365 compliance center and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: +There are six role groups used to configure insider risk management features. To make Insider risk management available as a menu option in Microsoft Purview compliance portal and to continue with these configuration steps, you must be assigned to one of the following roles or role groups: - Azure Active Directory [Global Administrator](/azure/active-directory/roles/permissions-reference#global-administrator) role - Azure Active Directory [Compliance Administrator](/azure/active-directory/roles/permissions-reference#compliance-administrator) role-- Microsoft 365 compliance center [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group-- Microsoft 365 compliance center [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Organization Management](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group +- Microsoft Purview compliance portal [Compliance Administrator](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center) role group - Insider Risk Management role group - Insider Risk Management Admin role group Members of the following roles can assign users to insider risk management role - Azure Active Directory Global Administrator - Azure Active Directory Compliance Administrator-- Microsoft 365 compliance center Organization Management-- Microsoft 365 compliance center Compliance Administrator +- Microsoft Purview compliance portal Organization Management +- Microsoft Purview compliance portal Compliance Administrator > [!NOTE] > These role groups are currently not supported on Privileged Identity Management (PIM). To learn more about PIM, see [Assign Azure AD roles in Privileged Identity Management](/azure/active-directory/privileged-identity-management/pim-how-to-add-role-to-user). Members of the following roles can assign users to insider risk management role Complete the following steps to add users to an insider risk management role group: -1. Sign into [Microsoft 365 compliance center](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. +1. Sign into [Microsoft Purview compliance portal](https://compliance.microsoft.com) using credentials for an admin account in your Microsoft 365 organization. 2. In the Security & Compliance Center, go to Permissions. Select the link to view and manage roles in Office 365. To enable insider risk Analytics, you must be a member of the Insider Risk Mana Complete the following steps to enable insider risk analytics: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management. 2. Select Run scan* on the Scan for insider risks in your organization card on the insider risk management Overview tab. This action turns on analytics scanning for your organization. You can also turn on scanning in your organization by navigating to Insider risk settings > Analytics and enabling Scan your tenant's user activity to identify potential insider risks. 3. On the Analytics details pane, select Run scan to start the scan for your organization. Analytics scan results may take up to 48 hours before insights are available as reports for review. See the [Configure advanced features in Defender for Endpoint](/windows/security Before configuring a policy, define the following insider risk settings: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings from the top-right corner of any page. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings from the top-right corner of any page. 2. On the Privacy page, select a privacy setting for displaying usernames for policy alerts. 3. On the Indicators page, select the alert indicators you want to apply to all insider risk policies. Before configuring a policy, define the following insider risk settings: Insider risk management policies include assigned users and define which types of risk indicators are configured for alerts. Before activities can trigger alerts, a policy must be configured. Use the policy wizard to create new insider risk management policies. -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. Select Create policy to open the policy wizard. 3. On the Policy template page, choose a policy category and then select the template for the new policy. These templates are made up of conditions and indicators that define the risk activities you want to detect and investigate. Review the template prerequisites, triggering events, and detected activities to confirm this policy template fits your needs.
compliance	Insider Risk Management Content Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-content-explorer.md	Title: Insider risk management Content explorer -description: Learn about insider risk management Content explorer in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management Content explorer in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management Content explorer + The insider risk management Content explorer allows users assigned the Insider Risk Management Investigators role to examine the context and details of content associated with activity in alerts. The case data in Content explorer is refreshed daily to include new activity. For all alerts that are confirmed to a case, copies of data and message files are archived as a snapshot in time of the items, while maintaining the original files and messages in the storage sources. If needed, case data files may be exported as a portable document file (PDF) or in the original file format. For new cases, it usually takes about an hour for content to populate in Content explorer. For cases with large amounts of content, it may take longer to create a snapshot. If content is still loading in Content explorer, you will see a progress indicator that displays the completion percentage.
compliance	Insider Risk Management Notices	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-notices.md	Title: Insider risk management notice templates -description: Learn about insider risk management notice templates in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management notice templates in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management notice templates + Insider risk management notice templates allow you to automatically send email messages to users when a case is created for activities that have generated a policy match and confirmed alert. For most alerts that generate cases, user actions are the result of mistakes or inadvertent activities without ill intent. Notices serve as simple reminders to users to be more careful, to provide links to information for refresher training, or to corporate policy resources. Notices can be an important part of your internal compliance training program and can help create a documented audit trail for users with recurring risk activities. Create notice templates if you want to send users an email reminder notice for policy matches as part of the case resolution process. Notices can only be sent to the user email address associated with the specific case being reviewed. When selecting a notice template to apply to a policy match, you can choose to accept the field values defined in the template or overwrite the fields as needed If you'd like to create more than a simple text-based email message for notifica ## Create a new notice template -To create a new insider risk management notice template, you'll use the notice creation tool in Insider risk management solution in the Microsoft 365 compliance center. +To create a new insider risk management notice template, you'll use the notice creation tool in Insider risk management solution in the Microsoft Purview compliance portal. Complete the following steps to create a new insider risk management notice template: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. 2. Select Create notice template to open the notice creation tool. 3. On the Create a new notice template page, complete the following fields: - Template name: Enter a friendly name for the notice. This name appears on the list of notices on the notice dashboard and in the notice selection list when sending notices from a case. Complete the following steps to create a new insider risk management notice temp To update an existing insider risk management notice template, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. 2. On the notice dashboard, select the notice template you want to manage. 3. On the notice details page, select Edit 4. On the Edit page, you can edit the following fields: To update an existing insider risk management notice template, complete the foll To delete an existing insider risk management notice template, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Notice templates tab. 2. On the notice dashboard, select the notice template you want to delete. 3. Select the Delete icon on the toolbar. 4. To delete the notice template, select Yes in the delete dialog. To cancel the deletion, select Cancel.
compliance	Insider Risk Management Plan	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-plan.md	Title: Plan for insider risk management description: Learn how to plan for using insider risk management policies in your organization. -keywords: Microsoft 365, insider risk, risk management, compliance +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Plan for insider risk management + Before getting started with [insider risk management](insider-risk-management.md) in your organization, there are important planning activities and considerations that should be reviewed by your information technology and compliance management teams. Thoroughly understanding and planning for deployment in the following areas will help ensure that your implementation and use of insider risk management features goes smoothly and is aligned with the best practices for the solution. Watch the video below to learn how the insider risk management workflow can help your organization prevent, detect, and contain risks while prioritizing your organization values, culture, and user experience: Members of the following roles can assign users to insider risk management role - Azure Active Directory Global Administrator - Azure Active Directory Compliance Administrator-- Microsoft 365 compliance center Organization Management-- Microsoft 365 compliance center Compliance Administrator +- Microsoft Purview compliance portal Organization Management +- Microsoft Purview compliance portal Compliance Administrator ## Understand requirements and dependencies If you don't have an existing Microsoft 365 Enterprise E5 plan and want to try i Policy template requirements: Depending on the policy template you choose, there are requirements that you need to understand and plan for prior to configuring insider risk management in your organization: - When using the Data theft by departing users template, you must configure a Microsoft 365 HR connector to periodically import resignation and termination date information for users in your organization. See the [Import data with the HR connector](import-hr-data.md) article for step-by-step guidance to configure the Microsoft 365 HR connector for your organization.-- When using Data leaks templates, you must configure at least one Data Loss Prevention (DLP) policy to define sensitive information in your organization and to receive insider risk alerts for High Severity DLP policy alerts. See the [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) article for step-by-step guidance to configure DLP policies for your organization. +- When using Data leaks templates, you must configure at least one Microsoft Purview Data Loss Prevention (DLP) policy to define sensitive information in your organization and to receive insider risk alerts for High Severity DLP policy alerts. See the [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) article for step-by-step guidance to configure DLP policies for your organization. - When using Security policy violation templates, you must enable Microsoft Defender for Endpoint for insider risk management integration in the Defender Security Center to import security violation alerts. For step-by-step guidance to enable Defender for Endpoint integration with insider risk management, see [Configure advanced features in Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/advanced-features). - When using Disgruntled user templates, you must configure a Microsoft 365 HR connector to periodically import performance or demotion status information for users in your organization. See the [Import data with the HR connector](import-hr-data.md) article for step-by-step guidance to configure the Microsoft 365 HR connector for your organization.
compliance	Insider Risk Management Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-policies.md	Title: Insider risk management policies -description: Learn about insider risk management policies in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management policies in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management policies + Insider risk management policies determine which users are in-scope and which types of risk indicators are configured for alerts. You can quickly create a policy that applies to all users in your organization or define individual users or groups for management in a policy. Policies support content priorities to focus policy conditions on multiple or specific Microsoft Teams, SharePoint sites, data sensitivity types, and data labels. Using templates, you can select specific risk indicators and customize event thresholds for policy indicators, effectively customizing risk scores, and level and frequency of alerts. Additionally, risk score boosters and anomaly detections help identify user activity that is of higher importance or more unusual. Policy windows allow you to define the time frame to apply the policy to alert activities and are used to determine the duration of the policy once activated. Check out the [Insider Risk Management Policies Configuration video](https://www.youtube.com/watch?v=kudK5ajZTUo) for an overview of how policies created with built-in policy templates can help you to quickly act on potential risks. When users leave your organization, there are specific risk indicators typically ### General data leaks -Protecting data and preventing data leaks is a constant challenge for most organizations, particularly with the rapid grow of new data created by users, devices, and services. Users are empowered to create, store, and share information across services and devices that make managing data leaks increasingly more complex and difficult. Data leaks can include accidental oversharing of information outside your organization or data theft with malicious intent. With an assigned Data Loss Prevention (DLP) policy, built-in, or customizable triggering events, this template starts scoring real-time detections of suspicious SharePoint Online data downloads, file and folder sharing, printing files, and copying data to personal cloud messaging and storage services. +Protecting data and preventing data leaks is a constant challenge for most organizations, particularly with the rapid grow of new data created by users, devices, and services. Users are empowered to create, store, and share information across services and devices that make managing data leaks increasingly more complex and difficult. Data leaks can include accidental oversharing of information outside your organization or data theft with malicious intent. With an assigned Microsoft Purview Data Loss Prevention (DLP) policy, built-in, or customizable triggering events, this template starts scoring real-time detections of suspicious SharePoint Online data downloads, file and folder sharing, printing files, and copying data to personal cloud messaging and storage services. When using a Data leaks template, you can assign a DLP policy to trigger indicators in the insider risk policy for high severity alerts in your organization. Whenever a high severity alert is generated by a DLP policy rule is added to the Office 365 audit log, insider risk policies created with this template automatically examine the high severity DLP alert. If the alert contains an in-scope user defined in the insider risk policy, the alert is processed by the insider risk policy as a new alert and assigned an insider risk severity and risk score. You can also choose to assign selected indicators as triggering events for a policy. This flexibility and customization helps scope the policy to only the activities covered by the indicators. This policy allows you to evaluate this alert in context with other activities included in the case. See the [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) ar ### Data leaks by priority users (preview) -Protecting data and preventing data leaks for users in your organization may depend on their position, level of access to sensitive information, or risk history. Data leaks can include accidental oversharing of highly sensitive information outside your organization or data theft with malicious intent. With an assigned Data Loss Prevention (DLP) policy as a triggering event option, this template starts scoring real-time detections of suspicious activity and result in an increased likelihood of insider risk alerts and alerts with higher severity levels. Priority users are defined in [priority user groups](insider-risk-management-settings.md#priority-user-groups-preview) configured in the insider risk management settings area. +Protecting data and preventing data leaks for users in your organization may depend on their position, level of access to sensitive information, or risk history. Data leaks can include accidental oversharing of highly sensitive information outside your organization or data theft with malicious intent. With an assigned data loss prevention (DLP) policy as a triggering event option, this template starts scoring real-time detections of suspicious activity and result in an increased likelihood of insider risk alerts and alerts with higher severity levels. Priority users are defined in [priority user groups](insider-risk-management-settings.md#priority-user-groups-preview) configured in the insider risk management settings area. As with the General data leaks template, you can choose a DLP policy to trigger indicators in the insider risk policy for high severity alerts in your organization. Follow the Data leaks policy guidelines for DLP policies when creating a policy with the DLP option when using this template. You can also choose to assign selected indicators as triggering events for a policy. This flexibility and customization help scope the policy to only the activities covered by the indicators. Additionally, you'll need to assign priority user groups created in Insider risk management > Settings > Priority user groups to the policy. Depending on the template you choose for an insider risk management policy, the The following table lists the triggering events and prerequisites for policies created from each insider risk management policy template: -\|Policy template\|Triggering events for policies\|Prerequisites\| -\|\|\|\| -\|Data theft by departing users\|Resignation or termination date indicator from HR connector or Azure Active Directory account deletion\|(optional) Microsoft 365 HR connector configured for termination and resignation date indicators\| -\|General data leaks\|Data leak policy activity that creates a High severity alert or built-in exfiltration event triggers\|DLP policy configured for High severity alerts <br><br> OR <br><br> Customized triggering indicators\| -\|Data leaks by priority users\|Data leak policy activity that creates a High severity alert or built-in exfiltration event triggers\|DLP policy configured for High severity alerts <br><br> OR <br><br> Customized triggering indicators <br><br> Priority user groups configured in insider risk settings\| -\|Data leaks by disgruntled users\|Performance improvement, poor performance, or job level change indicators from HR connector\|Microsoft 365 HR connector configured for disgruntlement indicators\| -\|General security policy violations\|Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint\|Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft 365 compliance center configured\| -\|General patient data misuse\|Defense evasion of security controls from EMR systems <br><br> User and patient address matching indicators from HR systems\|Healthcare access indicators selected in policy or insider risk settings <br><br> Microsoft 365 HR connector configured for address matching <br><br> Microsoft Healthcare or Epic connector configured\| -\|Security policy violations by departing users\|Resignation or termination date indicators from HR connector or Azure Active Directory account deletion\|(optional) Microsoft 365 HR connector configured for termination and resignation date indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft 365 compliance center configured\| -\|Security policy violations by priority users\|Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint\|Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft 365 compliance center configured <br><br> Priority user groups configured in insider risk settings\| -\|Security policy violations by disgruntled user\|Performance improvement, poor performance, or job level change indicators from HR connector\|Microsoft 365 HR connector configured for disgruntlement indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft 365 compliance center configured\| +\| Policy template \| Triggering events for policies \| Prerequisites \| +\| : \| : \| :- \| +\| Data theft by departing users \| Resignation or termination date indicator from HR connector or Azure Active Directory account deletion \| (optional) Microsoft 365 HR connector configured for termination and resignation date indicators \| +\| General data leaks \| Data leak policy activity that creates a High severity alert or built-in exfiltration event triggers \| DLP policy configured for High severity alerts <br><br> OR <br><br> Customized triggering indicators \| +\| Data leaks by priority users \| Data leak policy activity that creates a High severity alert or built-in exfiltration event triggers \| DLP policy configured for High severity alerts <br><br> OR <br><br> Customized triggering indicators <br><br> Priority user groups configured in insider risk settings \| +\| Data leaks by disgruntled users \| Performance improvement, poor performance, or job level change indicators from HR connector \| Microsoft 365 HR connector configured for disgruntlement indicators \| +\| General security policy violations \| Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint \| Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured \| +\| General patient data misuse \| Defense evasion of security controls from EMR systems <br><br> User and patient address matching indicators from HR systems \| Healthcare access indicators selected in policy or insider risk settings <br><br> Microsoft 365 HR connector configured for address matching <br><br> Microsoft Healthcare or Epic connector configured \| +\| Security policy violations by departing users \| Resignation or termination date indicators from HR connector or Azure Active Directory account deletion \| (optional) Microsoft 365 HR connector configured for termination and resignation date indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured \| +\| Security policy violations by priority users \| Defense evasion of security controls or unwanted software detected by Microsoft Defender for Endpoint \| Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured <br><br> Priority user groups configured in insider risk settings \| +\| Security policy violations by disgruntled user \| Performance improvement, poor performance, or job level change indicators from HR connector \| Microsoft 365 HR connector configured for disgruntlement indicators <br><br> Active Microsoft Defender for Endpoint subscription <br><br> Microsoft Defender for Endpoint integration with Microsoft Purview compliance portal configured \| ## Prioritize content in policies To learn more about sequence detection management in the User activity view, Insider risk indicators help identify unusual levels of risk activities when evaluated daily for users that are in-scope for insider risk policies. Cumulative exfiltration detection uses machine learning models to help you identify when exfiltration activities that a user performs over a certain time exceeds the normal amount performed by users in your organization for the past 30 days over multiple exfiltration activity types. For example, if a user shared more files than most users over the past month, this activity would be detected and classified as a cumulative exfiltration activity. -Insider risk management analysts and investigators may use cumulative exfiltration detection insights to help identify exfiltration activities that may not typically generate alerts but are above what is typical for their organization. Some examples may be departing users slowly exfiltrate data across a range of days, or when users repeatedly share data across multiple channels more than usual for data sharing for your organization. Higher risk scores are assigned to cumulative exfiltration activities for SharePoint sites, sensitive information types, and content with [sensitivity labels](/microsoft-365/compliance/sensitivity-labels#label-priority-order-matters) configured as priority content in a policy or for activity involving labels configured as high priority in Microsoft Information Protection. +Insider risk management analysts and investigators may use cumulative exfiltration detection insights to help identify exfiltration activities that may not typically generate alerts but are above what is typical for their organization. Some examples may be departing users slowly exfiltrate data across a range of days, or when users repeatedly share data across multiple channels more than usual for data sharing for your organization. Higher risk scores are assigned to cumulative exfiltration activities for SharePoint sites, sensitive information types, and content with [sensitivity labels](/microsoft-365/compliance/sensitivity-labels#label-priority-order-matters) configured as priority content in a policy or for activity involving labels configured as high priority in Microsoft Purview Information Protection. Cumulative exfiltration detection is enabled by default when using the following policy templates: Use the following table to determine the maximum number of in-scope users suppor ## Create a new policy -To create a new insider risk management policy, you'll use the policy wizard in Insider risk management solution in the Microsoft 365 compliance center. +To create a new insider risk management policy, you'll use the policy wizard in Insider risk management solution in the Microsoft Purview compliance portal. Complete the following steps to create a new policy: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. Select Create policy to open the policy wizard. 3. On the Policy template page, choose a policy category and then select the template for the new policy. These templates are made up of conditions and indicators that define the risk activities you want to detect and investigate. Review the template prerequisites, triggering events, and detected activities to confirm this policy template fits your needs. Complete the following steps to create a new policy: ## Update a policy -To update an existing insider risk management policy, you'll use the policy wizard in Insider risk management solution in the Microsoft 365 compliance center. +To update an existing insider risk management policy, you'll use the policy wizard in Insider risk management solution in the Microsoft Purview compliance portal. Complete the following steps to manage an existing policy: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. On the policy dashboard, select the policy you want to manage. 3. On the policy details page, select Edit policy 4. In the policy wizard, you canΓÇÖt edit the following: You may need to create a new policy that is similar to an existing policy but ne Complete the following steps to copy an existing policy: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. On the policy dashboard, select the policy you want to copy. 3. On the policy details page, select Copy. 4. In the policy wizard, name the new policy and update the policy configuration as needed. Some scenarios where you may want to immediately start scoring user activities: To manually start scoring activity for users in one or more insider risk management policies, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. On the policy dashboard, select the policy or policies you want to add users to. 3. Select Start scoring activity for users. 4. In the Reason field in the Add users to multiple policies pane, add a reason for adding the users. To stop scoring users in a policy, see the [Insider risk management users: Remov To delete an existing insider risk management policy, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Policies tab. 2. On the policy dashboard, select the policy you want to delete. 3. Select Delete on the dashboard toolbar. 4. On the Delete dialog, Select Yes to delete the policy, or select Cancel to close the dialog.
compliance	Insider Risk Management Settings	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-settings.md	Title: Insider risk management settings -description: Learn about insider risk management settings in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management settings in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Get started with insider risk management settings + Insider risk management settings apply to all insider risk management policies, regardless of the template you choose when creating a policy. Settings are configured using the Insider risk settings control located at the top of all insider risk management pages. These settings control policy components for the following areas: - Privacy Make sure that the Windows 10 devices that you plan on reporting in insider risk #### Step 2: Onboarding devices <a name="OnboardStep2"> </a> -You must enable device monitoring and onboard your endpoints before you can monitor for insider risk management activities on a device. Both actions are taken in the Microsoft 365 Compliance portal. +You must enable device monitoring and onboard your endpoints before you can monitor for insider risk management activities on a device. Both actions are taken in the Microsoft Purview compliance portal. When you want to onboard devices that haven't been onboarded yet, you'll download the appropriate script and deploy as outlined in the following steps. If you already have devices onboarded into [Microsoft Defender for Endpoint](/wi In this deployment scenario, you'll onboard devices that haven't been onboarded yet, and you just want to monitor insider risk activities on Windows 10 devices. -1. Open the [Microsoft 365 compliance center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Open the Compliance Center settings page and choose Onboard devices. > [!NOTE] Once done and endpoint is onboarded, it should be visible in the devices list an If Microsoft Defender for Endpoint is already deployed and there are endpoints reporting in, all these endpoints will appear in the managed devices list. You can continue to onboard new devices into insider risk management to expand coverage by using the [Step 2: Onboarding devices](insider-risk-management-settings.md#OnboardStep2) section. -1. Open the [Microsoft 365 compliance center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Open the Compliance Center settings page and choose Enable device monitoring. 3. Choose Device management to open the Devices list. You should see the list of devices that are already reporting into Microsoft Defender for Endpoint. 4. Choose Onboarding if you need to onboard more devices. For each of the following domain settings, you can enter up to 500 domains: Insider risk management alert information is exportable to security information and event management (SIEM) and security orchestration automated response (SOAR) solutions by using the [Office 365 Management Activity API schema](/office/office-365-management-api/office-365-management-activity-api-schema#security-and-compliance-alerts-schema). You can use the Office 365 Management Activity APIs to export alert information to other applications your organization may use to manage or aggregate insider risk information. Alert information is exported and available every 60 minutes via the Office 365 Management Activity APIs. -If your organization uses Microsoft Sentinel, you can also use the out-of-the-box insider risk management data connector to import insider risk alert information to Sentinel. For more information, see [Microsoft 365 Insider Risk Management (IRM) (Preview)](/azure/sentinel/data-connectors-reference#microsoft-365-insider-risk-management-irm-preview) in the Microsoft Sentinel article. +If your organization uses Microsoft Sentinel, you can also use the out-of-the-box insider risk management data connector to import insider risk alert information to Sentinel. For more information, see [Insider Risk Management (IRM) (Preview)](/azure/sentinel/data-connectors-reference#microsoft-365-insider-risk-management-irm-preview) in the Microsoft Sentinel article. >[!IMPORTANT] >To maintain referential integrity for users who have insider risk alerts or cases in Microsoft 365 or other systems, anonymization of usernames isn't preserved for exported alerts. Exported alerts will display usernames for each alert. For example, you need to protect against data leaks for a highly confidential pr ### Create a priority user group -To create a new priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft 365 compliance center. To create a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. +To create a new priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft Purview compliance portal. To create a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. Complete the following steps to create a priority user group: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. 2. Select the Priority user groups (preview) page. 3. On the Priority user groups (preview) page, select Create priority user group to start the group creation wizard. 4. On the Name and describe page, complete the following fields: Complete the following steps to create a priority user group: ### Update a priority user group -To update an existing priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft 365 compliance center. To update a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. +To update an existing priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft Purview compliance portal. To update a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. Complete the following steps to edit a priority user group: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. 2. Select the Priority user groups (preview) page. 3. Select the priority user group you want to edit and select Edit group. 4. On the Name and describe page, update the Description field if needed. You can't update the name of the priority user group. Select Next to continue. Complete the following steps to edit a priority user group: ### Delete a priority user group -To delete an existing priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft 365 compliance center. To delete a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. +To delete an existing priority user group, you'll use setting controls in the Insider risk management solution in the Microsoft Purview compliance portal. To delete a priority user group, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. > [!IMPORTANT] > Deleting a priority user group will remove it from any active policy to which it is assigned. If you delete a priority user group that is assigned to an active policy, the policy will not contain any in-scope users and will effectively be idle and will not create alerts. Complete the following steps to delete a priority user group: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings. 2. Select the Priority user groups (preview) page. 3. Select the priority user group you want to edit and select Delete from the dashboard menu. 4. On the Delete dialog, select Yes to delete the priority user group or select Cancel to return to the dashboard. You choose to enable the Physical badging data connector in Microsoft 365 to imp ### Configure priority physical assets -To configure priority physical assets, you'll configure the Physical badging connector and use setting controls in the Insider risk management solution in the Microsoft 365 compliance center. To configure priority physical assets, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. +To configure priority physical assets, you'll configure the Physical badging connector and use setting controls in the Insider risk management solution in the Microsoft Purview compliance portal. To configure priority physical assets, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. Complete the following steps to configure priority physical assets: Complete the following steps to configure priority physical assets: > [!IMPORTANT] > For insider risk management policies to use and correlate signal data related to departing and terminated users with event data from your physical control and access platforms, you must also configure the Microsoft 365 HR connector. If you enable the Physical badging connector without enabling the Microsoft 365 HR connector, insider risk management policies will only process events for physical access activities for users in your organization. -2. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Priority physical assets. +2. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Priority physical assets. 3. On the Priority physical assets page, you can either manually add the physical asset IDs you want to monitor for the asset events imported by the Physical badging connector or import a .csv file of all physical assets IDs imported by the Physical badging connector: a) To manually add physical assets IDs, choose Add priority physical assets, enter a physical asset ID, then select Add. Enter other physical asset IDs and then select Add priority physical assets to save all the assets entered. b) To add a list of physical asset IDs from a .csv file, choose Import priority physical assets. From the file explorer dialog, select the .csv file you wish to import, then select Open. The physical asset IDs from the .csv files are added to the list. Complete the following steps to configure priority physical assets: ### Delete a priority physical asset -To delete an existing priority physical asset, you'll use setting controls in the Insider risk management solution in the Microsoft 365 compliance center. To delete a priority physical asset, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. +To delete an existing priority physical asset, you'll use setting controls in the Insider risk management solution in the Microsoft Purview compliance portal. To delete a priority physical asset, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. > [!IMPORTANT] > Deleting a priority physical asset removes it from examination by any active policy to which it was previously included. Alerts generated by activities associated with the priority physical asset aren't deleted. Complete the following steps to delete a priority physical asset: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Priority physical assets. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Priority physical assets. 2. On the Priority physical assets page, select the asset you want to delete. 3. Select Delete on the action menu to delete the asset. Complete the following steps to delete a priority physical asset: [Microsoft Power Automate](/power-automate/getting-started) is a workflow service that automates actions across applications and services. By using flows from templates or created manually, you can automate common tasks associated with these applications and services. When you enable Power Automate flows for insider risk management, you can automate important tasks for cases and users. You can configure Power Automate flows to retrieve user, alert, and case information and share this information with stakeholders and other applications, as well as automate actions in insider risk management, such as posting to case notes. Power Automate flows are applicable for cases and any user in scope for a policy. -Customers with Microsoft 365 subscriptions that include insider risk management don't need additional Power Automate licenses to use the recommended insider risk management Power Automate templates. These templates can be customized to support your organization and cover core insider risk management scenarios. If you choose to use premium Power Automate features in these templates, create a custom template using the Microsoft 365 compliance connector, or use Power Automate templates for other compliance areas in Microsoft 365, you may need more Power Automate licenses. +Customers with Microsoft 365 subscriptions that include insider risk management don't need additional Power Automate licenses to use the recommended insider risk management Power Automate templates. These templates can be customized to support your organization and cover core insider risk management scenarios. If you choose to use premium Power Automate features in these templates, create a custom template using the Microsoft Purview connector, or use Power Automate templates for other compliance areas in Microsoft 365, you may need more Power Automate licenses. The following Power Automate templates are provided to customers to support process automation for insider risk management users and cases: The following Power Automate templates are provided to customers to support proc ### Create a Power Automate flow from insider risk management template -To create a Power Automate flow from a recommended insider risk management template, you'll use the settings controls in the Insider risk management solution in the Microsoft 365 compliance center or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. +To create a Power Automate flow from a recommended insider risk management template, you'll use the settings controls in the Insider risk management solution in the Microsoft Purview compliance portal or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. To create a Power Automate flow in the settings area, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. To create a Power Automate flow with the Manage Power Automate flows option, you must be a member of at least one insider risk management role group. Complete the following steps to create a Power Automate flow from a recommended insider risk management template: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. 2. On the Power Automate flows page, select a recommended template from the Insider risk management templates you may like section on the page. 3. The flow lists the embedded connections needed for the flow and will note if the connection statuses are available. If needed, update any connections that aren't displayed as available. Select Continue. 4. By default, the recommended flows are pre-configured with the recommended insider risk management and Microsoft 365 service data fields required to complete the assigned task for the flow. If needed, customize the flow components by using the Show advanced options control and configuring the available properties for the flow component. Complete the following steps to create a custom Power Automate template for insi 1. Check your Power Automate flow license: To create customized Power Automate flows that use insider risk management triggers, you'll need a Power Automate license. The recommended insider risk management flow templates don't require extra licensing and are included as part of your insider risk management license. 2. Create an automated flow: Create a flow that performs one or more tasks after it's triggered by an insider risk management event. For details on how to create an automated flow, see [Create a flow in Power Automate](/power-automate/get-started-logic-flow). -3. Select the Microsoft 365 compliance connector: Search for and select the Microsoft 365 compliance connector. This connector enables insider risk management triggers and actions. For more information on connectors, see the [Connector reference overview](/connectors/connector-reference/) article. +3. Select the Microsoft Purview connector: Search for and select the Microsoft Purview connector. This connector enables insider risk management triggers and actions. For more information on connectors, see the [Connector reference overview](/connectors/connector-reference/) article. 4. Choose insider risk management triggers for your flow: Insider risk management has two triggers available for custom Power Automate flows: - For a selected insider risk management case: Flows with this trigger can be selected from the insider risk management Cases dashboard page. - For a selected insider risk management user: Flows with this trigger can be selected from the insider risk management Users dashboard page. Complete the following steps to create a custom Power Automate template for insi ### Share a Power Automate flow -By default, Power Automate flows created by a user are only available to that user. For other insider risk management users to have access and use a flow, the flow must be shared by the flow creator. To share a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft 365 compliance center or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboard pages. Once you've shared a flow, everyone who it has been shared with can access the flow in the Automate control dropdown in the Case and User dashboards. +By default, Power Automate flows created by a user are only available to that user. For other insider risk management users to have access and use a flow, the flow must be shared by the flow creator. To share a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft Purview compliance portal or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboard pages. Once you've shared a flow, everyone who it has been shared with can access the flow in the Automate control dropdown in the Case and User dashboards. To share a Power Automate flow in the settings area, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. To share a Power Automate flow with the Manage Power Automate flows option, you must be a member of at least one insider risk management role group. Complete the following steps to share a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. 2. On the Power Automate flows page, select the My flows or Team flows tab. 3. Select the flow to share, then select Share from the flow options menu. 4. On the flow sharing page, enter the name of the user or group you want to add as an owner for the flow. Complete the following steps to share a Power Automate flow: ### Edit a Power Automate flow -To edit a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft 365 compliance center or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. +To edit a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft Purview compliance portal or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. To edit a Power Automate flow in the settings area, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. To edit a Power Automate flow with the Manage Power Automate flows option, you must be a member of at least one insider risk management role group. Complete the following steps to edit a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. 2. On the Power Automate flows page, select a flow to edit and select Edit from the flow control menu. 3. Select the ellipsis > Settings to change a flow component setting or ellipsis > Delete to delete a flow component. 4. Select Save and then Close to complete editing the flow. ### Delete a Power Automate flow -To delete a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft 365 compliance center or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. When a flow is deleted, it's removed as an option for all users. +To delete a flow, you'll use the settings controls in the Insider risk management solution in the Microsoft Purview compliance portal or the Manage Power Automate flows option from the Automate control when working directly in the Cases or Users dashboards. When a flow is deleted, it's removed as an option for all users. To delete a Power Automate flow in the settings area, you must be a member of the Insider Risk Management or Insider Risk Management Admin role group. To delete a Power Automate flow with the Manage Power Automate flows option, you must be a member of at least one insider risk management role group. Complete the following steps to delete a Power Automate flow: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select Insider risk settings > Power Automate flows. You can also access from the Cases or Users dashboards pages by choosing Automate > Manage Power Automate flows. 2. On the Power Automate flows page, select a flow to delete and select Delete from the flow control menu. 3. On the deletion confirmation dialog, select Delete to remove the flow or select Cancel to exit the deletion action. For more information on how to use teams and channels in Microsoft Teams, see [O Enabling Microsoft Teams support for cases is quick and easy to configure. To enable Microsoft Teams for insider risk management, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management > Insider risk settings. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management > Insider risk settings. 2. Select the Microsoft Teams page. 3. Enable Microsoft Teams integration for insider risk management. 4. Select Save to configure and exit. Users need permission to create Microsoft 365 groups in your organization to cre To create a team for a case, you'll use the Create Microsoft Team control when working directly in an existing case. Complete the following steps to create a new team: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management > Cases and select an existing case. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management > Cases and select an existing case. 2. On the case action menu, select Create Microsoft Team. 3. In the Team name field, enter a name for the new Microsoft Teams team. 4. Select Create Microsoft team and then select Close. Analytics insights from scans are based on the same risk activity signals used b To enable insider risk analytics, you must be a member of the Insider Risk Management, Insider Risk Management Admin, or Microsoft 365 Global admin role group. Complete the following steps to enable insider risk analytics: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management. 2. Select Run scan on the Scan for insider risks in your organization card on the insider risk management Overview tab. This turns on analytics scanning for your organization. You can also turn on scanning in your organization by navigating to Insider risk settings > Analytics and enabling Scan your tenant's user activity to identify potential insider risks. 3. On the Analytics details pane, select Run scan to start the scan for your organization. Analytics scan results may take up to 48 hours before insights are available as reports for review. To turn off insider risk analytics, you must be a member of the Insider Risk Ma Complete the following steps to turn off insider risk analytics: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management. 2. Select Insider risk settings* > Analytics page. 3. On the Analytics page, turn off Scan your tenant's user activity to identify potential insider risks. If you've enabled insider risk management analytics for your organization, membe If you prefer to disable admin and analytics notifications, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management > Insider risk settings. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management > Insider risk settings. 2. Select the Admin notifications page. 3. Clear the check box for the following options as applicable: - Send a notification email when the first alert is generated for a new policy
compliance	Insider Risk Management Solution Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-solution-overview.md	Title: Insider risk management in Microsoft 365 -description: Learn how to configure insider risk management in Microsoft 365. -keywords: Microsoft 365, insider risk, compliance + Title: Insider risk management +description: Learn how to configure insider risk management. +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium - m365solution-scenario -# Insider risk management in Microsoft 365 +# Insider risk management + Increasingly, employees have more access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent. -Insider risk management in Microsoft 365 uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators. After identifying the risks, you can take action to mitigate these risks. +Microsoft Purview Insider Risk Management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators. After identifying the risks, you can take action to mitigate these risks. Watch the videos below to learn how insider risk management can help your organization prevent, detect, and contain risks: <br> Watch the videos below to learn how insider risk management can help your organi Insider risk management workflow: >[!VIDEO https://www.microsoft.com/videoplayer/embed/RE4OUXB] -## Configure insider risk management for Microsoft 365 +## Configure insider risk management Use the following steps to configure insider risk management for your organization: ![Insider risk solution insider risk management steps.](../media/ir-solution-ir-steps.png) -1. Learn about [insider risk management](insider-risk-management.md) in Microsoft 365 +1. Learn about [insider risk management](insider-risk-management.md) 2. Plan for [insider risk management and verify licensing](insider-risk-management-plan.md) 3. Configure [insider risk management settings](insider-risk-management-settings.md) 4. Configure [permissions](insider-risk-management-configure.md#step-1-required-enable-permissions-for-insider-risk-management) and [policy prerequisites & connectors](insider-risk-management-configure.md#step-4-recommended-configure-prerequisites-for-policies) Use the following steps to configure insider risk management for your organizati - [Manage insider risk policies](insider-risk-management-policies.md) - [Investigate insider risk activities](insider-risk-management-activities.md)-- [Act on insider risk cases](insider-risk-management-cases.md) +- [Act on insider risk cases](insider-risk-management-cases.md)
compliance	Insider Risk Management Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management-users.md	Title: Insider risk management Users dashboard -description: Learn about insider risk management Users dashboard in Microsoft 365 -keywords: Microsoft 365, insider risk management, risk management, compliance +description: Learn about insider risk management Users dashboard in Microsoft Purview +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium # Insider risk management Users dashboard + The Users dashboard is an important tool in the insider risk management workflow and helps investigators and analysts have a more complete understanding of risk activities. This dashboard offers views and management features to meet administrative needs between the creating insider risk management policies and managing insider risk management cases. After users are added to insider risk management policies, background processes are automatically evaluating user activities for [triggering indicators](insider-risk-management-settings.md#indicators). After triggering indicators are present, user activities are assigned risk scores. Some of these activities may result in an insider risk alert, but some activities may not meet a minimum risk score level and an insider risk alert won't be created. The Users dashboard allows you to view users with these types of indicators and risk scores, as well users that have active insider risk alerts. There may be scenarios where you need to stop assigning risk scores to a user's To manually remove users from in-scope status in all insider risk management policies, complete the following steps: -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), go to Insider risk management and select the Users tab. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to Insider risk management and select the Users tab. 2. On the Users dashboard, select the user or users you want to remove from being in-scope in insider risk management policies. 3. Select Remove users. 4. On the Remove user pane, Select Remove or Cancel to discard the changes and close the dialog.
compliance	Insider Risk Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management.md	Title: Learn about insider risk management -description: Learn how to help minimize risk in your organization with insider risk management in Microsoft 365. -keywords: Microsoft 365, insider risk, risk management, compliance +description: Learn how to help minimize risk in your organization with insider risk management in Microsoft Purview. +keywords: Microsoft 365, Microsoft Purview, insider risk, risk management, compliance ms.localizationpriority: medium - m365initiative-compliance -# Learn about insider risk management in Microsoft 365 +# Learn about insider risk management -Insider risk management is a compliance solution in Microsoft 365 that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft Advanced eDiscovery if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards. + +Microsoft Purview Insider Risk Management is a compliance solution that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft eDiscovery (Premium) if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards. Watch the videos below to learn how insider risk management can help your organization prevent, detect, and contain risks while prioritizing your organization values, culture, and user experience: <br> Insider risk management is centered around the following principles: - Transparency: Balance user privacy versus organization risk with privacy-by-design architecture. - Configurable: Configurable policies based on industry, geographical, and business groups.-- Integrated: Integrated workflow across Microsoft 365 compliance solutions. +- Integrated: Integrated workflow across Microsoft Purview solutions. - Actionable: Provides insights to enable reviewer notifications, data investigations, and user investigations. ## Identifying potential risks with analytics Whether you're setting up insider risk management for the first time or getting The insider risk management workflow helps you identify, investigate, and take action to address internal risks in your organization. With focused policy templates, comprehensive activity signaling across the Microsoft 365 service, and alert and case management tools, you can use actionable insights to quickly identify and act on risky behavior. -Identifying and resolving internal risk activities and compliance issues with insider risk management in Microsoft 365 uses the following workflow: +Identifying and resolving internal risk activities and compliance issues with insider risk management uses the following workflow: ![Insider risk management workflow.](../media/insider-risk-workflow.png) Additionally, the new [Audit log (preview)](insider-risk-management-audit-log.md After cases are investigated, reviewers can quickly act to resolve the case or collaborate with other risk stakeholders in your organization. If users accidentally or inadvertently violate policy conditions, a simple reminder notice can be sent to the user from notice templates you can customize for your organization. These notices may serve as simple reminders or may direct the user to refresher training or guidance to help prevent future risky behavior. For more information, see [Insider risk management notice templates](insider-risk-management-notices.md). -In the more serious situations, you may need to share the insider risk management case information with other reviewers or services in your organization. Insider risk management is tightly integrated with other Microsoft 365 compliance solutions to help you with end-to-end risk resolution. +In the more serious situations, you may need to share the insider risk management case information with other reviewers or services in your organization. Insider risk management is tightly integrated with other Microsoft Purview solutions to help you with end-to-end risk resolution. -- Advanced eDiscovery: Escalating a case for investigation allows you to transfer data and management of the case to Advanced eDiscovery in Microsoft 365. Advanced eDiscovery provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It allows legal teams to manage the entire legal hold notification workflow. To learn more about Advanced eDiscovery cases, see [Overview of Advanced eDiscovery in Microsoft 365](overview-ediscovery-20.md). +- eDiscovery (Premium): Escalating a case for investigation allows you to transfer data and management of the case to Microsoft Purview eDiscovery (Premium). eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It allows legal teams to manage the entire legal hold notification workflow. To learn more about eDiscovery (Premium) cases, see [Overview of Microsoft Purview eDiscovery (Premium)](overview-ediscovery-20.md). - Office 365 Management APIs integration (preview): Insider risk management supports exporting alert information to security information and event management (SIEM) services via the Office 365 Management APIs. Having access to alert information in the platform the best fits your organization's risk processes gives you more flexibility in how to act on risk activities. To learn more about exporting alert information with Office 365 Management APIs, see [Export alerts](insider-risk-management-settings.md#export-alerts). > [!NOTE]
compliance	Insider Risk Solution Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-solution-overview.md	Title: Insider risk solutions -description: Learn how to help minimize risk in your organization with insider risk solutions in Microsoft 365. -keywords: Microsoft 365, insider risk, compliance + Title: Microsoft Purview insider risk solutions +description: Learn how to help minimize risk in your organization with insider risk solutions in Microsoft Purview. +keywords: Microsoft 365, Microsoft Purview, insider risks, compliance, insider risk management, communication compliance, information barriers, privileged access management ms.localizationpriority: medium - m365solution-overview -# Insider risk solutions in Microsoft 365 +# Microsoft Purview insider risk solutions + Insider risks are one of the top concerns of security and compliance professionals in the modern workplace. Industry studies have shown that insider risks are often associated with specific user events or activities. Protecting your organization against these risks can be challenging to identify and difficult to mitigate. Insider risks include vulnerabilities in a variety of areas and can cause major problems for your organization, ranging from the loss of intellectual property to workplace harassment, and more. The following figure outlines common insider risks: Microsoft 365 risk prevention features are designed and built-in to our insider \| ![Security violations icon.](../media/ir-risk-security-violations.png)\| Security violations \| \| ![Supported](../media/check-mark.png) \| \| ![Supported](../media/check-mark.png) \| \| ![Regulatory compliance violations icon.](../media/ir-risk-regulatory-compliance-violations.png)\| Regulatory compliance violations \| ![Supported](../media/check-mark.png) \| ![Supported](../media/check-mark.png) \| ![Supported](../media/check-mark.png) \| \| -## Microsoft 365 insider risk solutions +## Insider risk solutions -To help protect your organization against insider risks, use these Microsoft 365 capabilities and features. +To help protect your organization against insider risks, use these Microsoft Purview capabilities and features. ### Communication compliance -Communication compliance helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Communication compliance is available in the following subscriptions: +[Microsoft Purview Communication Compliance](communication-compliance.md) helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. + +Communication compliance is available in the following subscriptions: - Microsoft 365 E5/A5/F5/G5 subscription (paid or trial version) - Microsoft 365 E3/A3/F3/G5 subscription + the Microsoft 365 E5/A5/F5/G5 Compliance add-on Communication compliance helps minimize communication risks by helping you detec ### Insider risk management -Insider risk management helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. +[Microsoft Purview Insider Risk Management](insider-risk-management.md) helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk management is available in the following subscriptions: Insider risk management is available in the following subscriptions: ### Information barriers -Information barriers allow you to restrict communication and collaboration between two internal groups to avoid a conflict of interest from occurring in your organization. +[Microsoft Purview Information Barriers](information-barriers.md) allow you to restrict communication and collaboration between two internal groups to avoid a conflict of interest from occurring in your organization. Information barriers are available in the following subscriptions: Information barriers are available in the following subscriptions: ### Privileged access management -Privileged access management allows granular access control over privileged Exchange Online admin tasks in Office 365. It can help protect your organization from breaches that use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. +[Microsoft Purview Privileged Access Management](privileged-access-management-overview.md) allows granular access control over privileged Exchange Online admin tasks in Office 365. It can help protect your organization from breaches that use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. Privileged access management is available in the following subscriptions: Privileged access management is available in the following subscriptions: - Microsoft 365 A3 subscription + the Microsoft 365 A5 Compliance add-on - Microsoft 365 A3 subscription + the Microsoft 365 A5 Information Protection and Governance add-on -## Deploy Microsoft 365 insider risk solutions +## Deploy Microsoft Purview insider risk solutions -To help protect your organization against insider risks, set up and deploy the following Microsoft 365 solutions: +To help protect your organization against insider risks, set up and deploy the following Microsoft Purview solutions: ![Insider risk solution defense-in-depth.](../media/ir-solution-defense-in-depth.png) To help protect your organization against insider risks, set up and deploy the f ## Illustrations with examples -To help you plan an integrated strategy for implementing Microsoft 365 insider risk capabilities, download the Microsoft 365 information protection and compliance capabilities set of illustrations. For insider risk capabilities, see the architecture illustration pages 5-7. Feel free to adapt these illustrations for your own use. +To help you plan an integrated strategy for implementing Microsoft Purview insider risk capabilities, download the Microsoft 365 information protection and compliance capabilities set of illustrations. For insider risk capabilities, see the architecture illustration pages 5-7. Feel free to adapt these illustrations for your own use. \| Item \| Description \| \|:--\|:\| -\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Updated October 2020\|Includes: <ul><li> Microsoft information protection and data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk management</li><li>Third-party data ingestion</li>\| +\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Updated October 2020\|Includes: <ul><li> Information protection and data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk management</li><li>Third-party data ingestion</li>\| ## Training -Training your administrators and compliance team in the basics for each insider risk solution can help your organization get started more quickly with your deployment and implementation efforts. +Training your administrators and compliance team in the basics for each insider risk solution can help your organization get started more quickly with your deployment and implementation efforts. -Microsoft 365 provides the following resources to help inform and train these users in your organization: +Microsoft provides the following resources to help inform and train these users in your organization: \| Solution/Area \| Resources \| \|:\|:--\| \| Manage insider risk in Microsoft 365 \|[Complete learning path](/learn/paths/m365-compliance-insider) <br> This learning path includes all the individual solution modules for communication compliance, insider risk management, information barriers, and privileged access management. Select this learning path to complete all the modules. \| -\| Communication compliance \| [Learning module: Prepare communication compliance in Microsoft 365](/learn/modules/m365-compliance-insider-prepare-communication-compliance) <br> This module helps you learn the basics on how to identify and remediate code-of-conduct policy violations with communication compliance, cover the prerequisites needed before creating communication compliance policies, and learn about the types of built-in, pre-defined policy templates in communication compliance. \| -\| Insider risk management \| [Learning module: Insider risk management in Microsoft 365](/learn/modules/m365-compliance-insider-manage-insider-risk) <br> This module helps you learn how insider risk management in Microsoft 365 can help prevent, detect, and contain internal risks in an organization, learn about the types of built-in, pre-defined policy templates, understand the basic prerequisites needed before creating insider risk policies, and explains the types of actions you can take on insider risk management cases. \| +\| Communication compliance \| [Learning module: Prepare communication compliance](/learn/modules/m365-compliance-insider-prepare-communication-compliance) <br> This module helps you learn the basics on how to identify and remediate code-of-conduct policy violations with communication compliance, cover the prerequisites needed before creating communication compliance policies, and learn about the types of built-in, pre-defined policy templates in communication compliance. \| +\| Insider risk management \| [Learning module: Insider risk management](/learn/modules/m365-compliance-insider-manage-insider-risk) <br> This module helps you learn how insider risk management can help prevent, detect, and contain internal risks in an organization, learn about the types of built-in, pre-defined policy templates, understand the basic prerequisites needed before creating insider risk policies, and explains the types of actions you can take on insider risk management cases. \| \| Information barriers \| [Learning module: Plan for information barriers](/learn/modules/m365-compliance-insider-plan-information-barriers) <br> This module helps you learn how information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, lists the types of situations when information barriers would be applicable, helps explain the process of creating an information barrier policy, and helps explain how to troubleshoot unexpected issues after information barriers are in place. \| \| Privileged access management \| [Learning module: Implement privileged access management](/learn/modules/m365-compliance-insider-implement-privileged-access-management) <br> This module helps you understand the difference between privileged access management and privileged identity management, understand the privileged access management process flow, and understand the basics of how to configure and enable privileged access management. \|
compliance	Intro To Info Mgmt Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/intro-to-info-mgmt-policies.md	description: Learn how to use information management policies to control and tra # Introduction to information management policies + An information management policy is a set of rules for a type of content. Information management policies enable organizations to control and track things like how long content is retained or what actions users can take with that content. Information management policies can help organizations comply with legal or governmental regulations, or they can simply enforce internal business processes. For example, an organization that must follow government regulations requiring that they demonstrate "adequate controls" of their financial statements might create one or more information management policies that audit specific actions in the authoring and approval process for all documents related to financial filings.
compliance	Investigating Partially Indexed Items In Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/investigating-partially-indexed-items-in-ediscovery.md	description: "Learn how to manage partially indexed items (also called unindexed # Investigating partially indexed items in eDiscovery -An eDiscovery search that you run from the Microsoft 365 compliance center automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. Most email messages and site documents are successfully indexed because they fall within the [Indexing limits for email messages](limits-for-content-search.md#indexing-limits-for-email-messages). However, some items may exceed these indexing limits, and will be partially indexed. Here are other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: +An eDiscovery search that you run from the Microsoft Purview compliance portal automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. Most email messages and site documents are successfully indexed because they fall within the [Indexing limits for email messages](limits-for-content-search.md#indexing-limits-for-email-messages). However, some items may exceed these indexing limits, and will be partially indexed. Here are other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: - Email messages have an attached file that can't be opened, such as image files; this is the most common cause of partially indexed email items.
compliance	Keyword Queries And Search Conditions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/keyword-queries-and-search-conditions.md	description: "Learn about email and document properties that you can search by u # Keyword queries and search conditions for eDiscovery -This article describes the email and document properties that you can search for in email items and Microsoft Teams chat conversations in Exchange Online, and documents stored on SharePoint and OneDrive for Business sites using the eDiscovery search tools in the Microsoft 365 compliance center. This includes Content search, Core eDiscovery, and Advanced eDiscovery (eDiscovery searches in Advanced eDiscovery are called collections). You can also use the *\-ComplianceSearch** cmdlets in Security & Compliance Center PowerShell to search for these properties. The article also describes: +This article describes the email and document properties that you can search for in email items and Microsoft Teams chat conversations in Exchange Online, and documents stored on SharePoint and OneDrive for Business sites using the eDiscovery search tools in the Microsoft Purview compliance portal. This includes Content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) (eDiscovery searches in eDiscovery (Premium) are called collections). You can also use the *\-ComplianceSearch cmdlets in Security & Compliance Center PowerShell to search for these properties. The article also describes: - Using Boolean search operators, search conditions, and other search query techniques to refine your search results. - Searching for sensitive data types and custom sensitive data types in SharePoint and OneDrive for Business. This article describes the email and document properties that you can search for For step-by-step instructions on how to create different eDiscovery searches, see: - [Content search](content-search.md)-- [Search for content in Core eDiscovery](search-for-content-in-core-ediscovery.md)-- [Create a draft collection in Advanced eDiscovery](create-draft-collection.md) +- [Search for content in eDiscovery (Standard)](search-for-content-in-core-ediscovery.md) +- [Create a draft collection in eDiscovery (Premium)](create-draft-collection.md) > [!NOTE] -> eDiscovery searches in the Microsoft 365 compliance center and the corresponding \-ComplianceSearch* cmdlets in Security & Compliance Center PowerShell use the Keyword Query Language (KQL). For more detailed information, see [Keyword Query Language syntax reference](/sharepoint/dev/general-development/keyword-query-language-kql-syntax-reference). +> eDiscovery searches in the compliance portal and the corresponding *\-ComplianceSearch cmdlets in Security & Compliance Center PowerShell use the Keyword Query Language (KQL). For more detailed information, see [Keyword Query Language syntax reference](/sharepoint/dev/general-development/keyword-query-language-kql-syntax-reference). ## Searchable email properties -The following table lists email message properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance center or by using the New-ComplianceSearch or the Set-ComplianceSearch cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. You can type these `property:value` pairs in the keywords box for an eDiscovery search. +The following table lists email message properties that can be searched by using the eDiscovery search tools in the compliance portal or by using the New-ComplianceSearch or the Set-ComplianceSearch** cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. You can type these `property:value` pairs in the keywords box for an eDiscovery search. > [!NOTE] > When searching email properties, it's not possible to search for items in which the specified property is empty or blank. For example, using the property:value pair of subject:"" to search for email messages with an empty subject line will return zero results. This also applies when searching site and contact properties. To prevent recipient expansion, add a wild card character (asterisk) to the end However, be aware that preventing recipient expansion in the search query may result in relevant items not being returned in the search results. Email messages in Exchange can be saved with different text formats in the recipient fields. Recipient expansion is intended to help mitigate this fact by returning messages that may contain different text formats. So preventing recipient expansion may result in the search query not returning all items that may be relevant to your investigation. > [!NOTE] -> If you need to review or reduce the items returned by a search query due to recipient expansion, consider using Advanced eDiscovery. You can search for messages (taking advantage of recipient expansion), add them to a review set, and then use review set queries or filters to review or narrow the results. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md) and [Query the data in a review set](review-set-search.md). +> If you need to review or reduce the items returned by a search query due to recipient expansion, consider using eDiscovery (Premium). You can search for messages (taking advantage of recipient expansion), add them to a review set, and then use review set queries or filters to review or narrow the results. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md) and [Query the data in a review set](review-set-search.md). ## Searchable site properties -The following table lists some of the SharePoint and OneDrive for Business properties that can be searched by using the eDiscovery search tools in the Microsoft 365 compliance Center or by using the New-ComplianceSearch or the Set-ComplianceSearch cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. +The following table lists some of the SharePoint and OneDrive for Business properties that can be searched by using the eDiscovery search tools in the Microsoft Purview compliance portal or by using the New-ComplianceSearch or the Set-ComplianceSearch cmdlet. The table includes an example of the _property:value_ syntax for each property and a description of the search results returned by the examples. For a complete list of SharePoint properties that can be searched, see [Overview of crawled and managed properties in SharePoint](/SharePoint/technical-reference/crawled-and-managed-properties-overview). Properties marked with a Yes in the Queryable column can be searched. The following table lists the contact properties that are indexed and that you c ## Searchable sensitive data types -You can use eDiscovery search tools in the Microsoft 365 compliance center to search for sensitive data, such as credit card numbers or social security numbers, that is stored in documents on SharePoint and OneDrive for Business sites. You can do this by using the `SensitiveType` property and the name (or ID) of a sensitive information type in a keyword query. For example, the query `SensitiveType:"Credit Card Number"` returns documents that contain a credit card number. The query `SensitiveType:"U.S. Social Security Number (SSN)"` returns documents that contain a U.S. social security number. +You can use eDiscovery search tools in the compliance portal to search for sensitive data, such as credit card numbers or social security numbers, that is stored in documents on SharePoint and OneDrive for Business sites. You can do this by using the `SensitiveType` property and the name (or ID) of a sensitive information type in a keyword query. For example, the query `SensitiveType:"Credit Card Number"` returns documents that contain a credit card number. The query `SensitiveType:"U.S. Social Security Number (SSN)"` returns documents that contain a U.S. social security number. -To see a list of the sensitive information types that you can search for, go to Data classifications \> Sensitive info types in the Microsoft 365 compliance center. Or you can use the Get-DlpSensitiveInformationType cmdlet in Security & Compliance Center PowerShell to display a list of sensitive information types. +To see a list of the sensitive information types that you can search for, go to Data classifications \> Sensitive info types in the compliance portal. Or you can use the Get-DlpSensitiveInformationType cmdlet in Security & Compliance Center PowerShell to display a list of sensitive information types. For more information about creating queries using the `SensitiveType` property, see [Form a query to find sensitive data stored on sites](form-a-query-to-find-sensitive-data-stored-on-sites.md). Create a condition using common properties when searching mailboxes and sites in \|Sender/Author\|For email, the person who sent a message. For documents, the person cited in the author field from Office documents. You can type more than one name, separated by commas. Two or more values are logically connected by the OR operator.\| \|Size (in bytes)\|For both email and documents, the size of the item (in bytes).\| \|Subject/Title\|For email, the text in the subject line of a message. For documents, the title of the document. As previously explained, the Title property is metadata specified in Microsoft Office documents. You can type the name of more than one subject/title values, separated by commas. Two or more values are logically connected by the OR operator. <p> Note: Don't include double quotation marks to the values for this condition because quotation marks are automatically added when using this search condition. If you add quotation marks to the value, two pairs of double quotations will be added to the condition value, and the search query will return an error.\| -\|Retention label\|For both email and documents, retention labels that have been assigned to messages and documents automatically by auto-label policies or retention labels that have been manually assigned by users. Retention labels are used to classify email and documents for information governance and enforce retention rules based on the settings defined by the label. You can type part of the retention label name and use a wildcard or type the complete label name. For more information about retention labels, see [Learn about retention policies and retention labels](retention.md).\| +\|Retention label\|For both email and documents, retention labels that can be automatically or manually applied to messages and documents. Retention labels can be used to declare records and help you manage the data lifecycle of content by enforcing retention and deletion rules specified by the label. You can type part of the retention label name and use a wildcard or type the complete label name. For more information about retention labels, see [Learn about retention policies and retention labels](retention.md).\| ### Conditions for mail properties HereΓÇÖs how the total number of characters in the search query are calculated: For more information about character limits, see [eDiscovery search limits](limits-for-content-search.md#search-limits). > [!NOTE] -> The 4,000 character limit applies to Content search, Core eDiscovery, and Advanced eDiscovery. +> The 4,000 character limit applies to Content search, eDiscovery (Standard), and eDiscovery (Premium). ## Search tips and tricks
compliance	Legacy Ediscovery Retirement	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/legacy-ediscovery-retirement.md	Title: "Retirement of legacy eDiscovery tools" + Title: "Legacy eDiscovery tools retired" f1.keywords: - NOCSH search.appverid: - MET150 -description: "In-Place eDiscovery and In-Place Hold (and the corresponding PowerShell cmdlets) in Exchange Online will be retired in the first half of 2020. The Search-Mailbox cmdlet and Advanced eDiscovery v1.0 are also being retired within the same time period." +description: "In-Place eDiscovery and In-Place Hold (and the corresponding PowerShell cmdlets) in Exchange Online will be retired in the first half of 2020. The Search-Mailbox cmdlet and Microsoft Purview eDiscovery (Premium) v1.0 are also being retired within the same time period." # Retirement of legacy eDiscovery tools > [!IMPORTANT] -> The functionality of the legacy eDiscovery tools described in this article has either been removed from the Microsoft 365 service or is still available, but no longer supported. Any functionality that's still available may be removed without notice. If you're still using any of these legacy tools, consider migrating to the eDiscovery tools in the Microsoft 365 compliance center or one of the alternatives described in this article. +> The functionality of the legacy eDiscovery tools described in this article has either been removed from the Microsoft 365 service or is still available, but no longer supported. Any functionality that's still available may be removed without notice. If you're still using any of these legacy tools, consider migrating to the eDiscovery tools in the Microsoft Purview compliance portal or one of the alternatives described in this article. -Over the years, Microsoft has provided eDiscovery tools that let you search, preview, and export email content from Exchange Online. However, these tools no longer offer an effective way to search for non-Exchange content in other Microsoft 365 services, such as SharePoint Online and Microsoft 365 Groups. To address this, Microsoft offers other eDiscovery tools that help you search for a wide variety of Microsoft 365 content. And we've been working hard to incorporate the most current and powerful eDiscovery functionality in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. This allows organizations to respond to legal, internal, and other document requests for content across many Microsoft 365 services, including Exchange Online. +Over the years, Microsoft has provided eDiscovery tools that let you search, preview, and export email content from Exchange Online. However, these tools no longer offer an effective way to search for non-Exchange content in other Microsoft 365 services, such as SharePoint Online and Microsoft 365 Groups. To address this, Microsoft offers other eDiscovery tools that help you search for a wide variety of Microsoft 365 content. And we've been working hard to incorporate the most current and powerful eDiscovery functionality in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>. This allows organizations to respond to legal, internal, and other document requests for content across many Microsoft 365 services, including Exchange Online. -As a result of this new and improved eDiscovery functionality in the Microsoft 365 compliance center, we're retiring the following eDiscovery-related features and functionality related to searching for email content in Exchange Online and Microsoft 365: +As a result of this new and improved eDiscovery functionality in the compliance portal, we're retiring the following eDiscovery-related features and functionality related to searching for email content in Exchange Online and Microsoft 365: - [In-Place eDiscovery](/exchange/security-and-compliance/in-place-ediscovery/in-place-ediscovery) and [In-Place Holds](/exchange/security-and-compliance/create-or-remove-in-place-holds) in the Exchange admin center. As a result of this new and improved eDiscovery functionality in the Microsoft 3 - [GetHoldOnMailboxes](/exchange/client-developer/web-service-reference/getholdonmailboxes-operation) -- [Office 365 Advanced eDiscovery v1.0](./overview-ediscovery-20.md), which is the first version of Advanced eDiscovery that's accessed through a Core eDiscovery case in the Microsoft 365 compliance center. The retirement of Advanced eDiscovery v1.0 doesn't impact your ability to create and manage Core eDiscovery cases. +- [Microsoft Purview eDiscovery (Premium) v1.0](./overview-ediscovery-20.md), which is the first version of eDiscovery (Premium) that's accessed through a Microsoft Purview eDiscovery (Standard) case in the compliance portal. The retirement of eDiscovery (Premium) v1.0 doesn't impact your ability to create and manage eDiscovery (Standard) cases. > [!NOTE] > The eDiscovery functionality being retired only applies to cloud-based versions of Microsoft 365 and Office 365. eDiscovery functionality in on-premises versions of Exchange and SharePoint will still be supported until further notice. The following sections in this article provide guidance about each feature being As per the original announcement on July 1, 2017, the In-Place eDiscovery & Hold functionality in the Exchange admin center (EAC) is being retired. The In-Place eDiscovery & Holds page in the EAC allowed you to search, hold, and export content from Exchange Online. In-Place eDiscovery also let you copy search results to a discovery mailbox so that you or other eDiscovery managers could review content and make it available for legal, regulatory, and public requests. -Because all of these capabilities (except for copying search results to a discovery mailbox) are now available in the content search, eDiscovery and Advanced eDiscovery tools in the [Microsoft 365 compliance center](./microsoft-365-compliance-center.md) (with improved functionality, reliability, and support for a wide range of Microsoft 365 services), we recommend that you start using these tools as soon as possible. To help you in the transition to these other eDiscovery tools, the table below lists the tools you can use instead of In-Place eDiscovery and In-Place Hold. +Because all of these capabilities (except for copying search results to a discovery mailbox) are now available in the content search, eDiscovery and eDiscovery (Premium) tools in the [compliance portal](./microsoft-365-compliance-center.md) (with improved functionality, reliability, and support for a wide range of Microsoft 365 services), we recommend that you start using these tools as soon as possible. To help you in the transition to these other eDiscovery tools, the table below lists the tools you can use instead of In-Place eDiscovery and In-Place Hold. ### Scope of affected organizations The following table describes other tools that you can use to replace the existi <tbody> <tr class="odd"> <td>Search, export, and hold for legal purposes</td> -<td>Core eDiscovery cases in the Microsoft 365 compliance center </td> -<td><p>Using the capabilities of core eDiscovery cases provide the functional parity to In-Place eDiscovery and In-Place Holds. This includes the following:</p> +<td>eDiscovery (Standard) cases in the compliance portal </td> +<td><p>Using the capabilities of eDiscovery (Standard) cases provide the functional parity to In-Place eDiscovery and In-Place Holds. This includes the following:</p> <ul> <li> <p>Search scales to millions of locations</p> The following table describes other tools that you can use to replace the existi </tr> <tr class="even"> <td>Hold for retention purposes</td> -<td>Retention policies in the Microsoft 365 compliance center</td> +<td>Retention policies in the compliance portal</td> <td><p>You can use Retention policies to retain content and, if desired, delete it after the retention period expires. Other capabilities include:</p> <ul> <li> The following table describes other tools that you can use to replace the existi <p>For more information, see <a href="/microsoft-365/compliance/retention-policies"> Learn about retention policies and retention labels</a>.</td> </tr> <tr class="odd"> -<td>Copy email search results to a discovery mailbox for review</td><td>Review sets in Advanced eDiscovery v2.0</td> +<td>Copy email search results to a discovery mailbox for review</td><td>Review sets in eDiscovery (Premium) v2.0</td> <td><p>Reviewing content in Microsoft 365 has never been easier. Review sets have many great capabilities to help reduce the amount of time and data needed to review, including:</p> <ul> <li><p>Perform fast search queries and filter content in a review set</p></li> <li><p>Analyze content in a review set; this includes email threading, near-duplicate detection, Themes analysis, and Predictive coding</p></li> <li><p>Tag documents in a review set</p></li> <li><p>Tagging suggestions to help identify attorney client privilege content</p></li></ul> -<p>For more information, see <a href="/microsoft-365/compliance/overview-ediscovery-20">Overview of the Advanced eDiscovery solution in Microsoft 365</a>.</p> +<p>For more information, see <a href="/microsoft-365/compliance/overview-ediscovery-20">Overview of the eDiscovery (Premium) solution in Microsoft 365</a>.</p> <p> <p>Alternatively, you can export search results to PST files and then use Microsoft 365 Import service to import the PSTs to a discovery mailbox. For step-by-step instruction, see <a href="/microsoft-365/compliance/use-network-upload-to-import-pst-files">Use network upload to import PST files to Office 365</a>. </tr> The following table describes other tools that you can use to replace the existi I use the copy search results functionality of In-Place eDiscovery & Holds in the EAC to copy search results to a discovery mailbox for review by attorneys. What options do I have now? -There are two ways to replicate this functionality today. The first is to use [review sets in Advanced eDiscovery v2.0](./view-documents-in-review-set.md). Review sets have many of the same capabilities you see in a traditional review tool like fast search of documents, tagging, email threading, near duplicate grouping, themes analysis, and predictive coding. If you still want to use discovery mailboxes for review, the second option is to export search results to PST files and then import the PST files to a discovery mailbox by using the [PST import feature](use-network-upload-to-import-pst-files.md) in the Microsoft compliance center. +There are two ways to replicate this functionality today. The first is to use [review sets in eDiscovery (Premium) v2.0](./view-documents-in-review-set.md). Review sets have many of the same capabilities you see in a traditional review tool like fast search of documents, tagging, email threading, near duplicate grouping, themes analysis, and predictive coding. If you still want to use discovery mailboxes for review, the second option is to export search results to PST files and then import the PST files to a discovery mailbox by using the [PST import feature](use-network-upload-to-import-pst-files.md) in the Microsoft compliance center. How do I control which content locations (such as mailboxes or sites) that can an eDiscovery manager can search using the new tools? -The Microsoft 365 compliance center also uses [compliance boundaries](set-up-compliance-boundaries.md) to control which content locations an eDiscovery Manager can search. Compliance boundaries are useful in government entities that need to stay within agency boundaries or multi-national corporations required to respect geographical boarders. +The compliance portal also uses [compliance boundaries](set-up-compliance-boundaries.md) to control which content locations an eDiscovery Manager can search. Compliance boundaries are useful in government entities that need to stay within agency boundaries or multi-national corporations required to respect geographical boarders. -How can I move my current searches and holds to the Microsoft 365 compliance center? +How can I move my current searches and holds to the Microsoft Purview compliance portal? -It's possible to migrate In-Place eDiscovery searches and holds from the EAC by using PowerShell. For instructions, see [Migrate searches and holds from the EAC to the Microsoft 365 compliance center](./migrate-legacy-ediscovery-searches-and-holds.md). +It's possible to migrate In-Place eDiscovery searches and holds from the EAC by using PowerShell. For instructions, see [Migrate searches and holds from the EAC to the compliance portal](./migrate-legacy-ediscovery-searches-and-holds.md). ## \-MailboxSearch cmdlets As per the original notice announced on July 1, 2017 in the Exchange admin center, the In-Place eDiscovery & Hold functionality and the corresponding \-MailboxSearch** cmdlets are being retired. These cmdlets provide users the ability to search, hold, and export mailbox content for legal, regulatory, and public requests. -Because these capabilities are now available in the [<span class="underline">Microsoft 365 compliance center</span>](./microsoft-365-compliance-center.md) and Office 365 Security & Compliance Center PowerShell with improved performance and scalability, you should using these improved cmdlets. These cmdlets include [<span class="underline">\-ComplianceCase</span>](/powershell/module/exchange/get-compliancecase), [<span class="underline">\-ComplianceSearch</span>](/powershell/module/exchange/get-compliancesearch), [<span class="underline">\-CaseHoldPolicy</span>](/powershell/module/exchange/get-caseholdpolicy), [<span class="underline">\-CaseHoldRule</span>](/powershell/module/exchange/get-caseholdrule), and [<span class="underline">\-ComplianceSearchAction</span>](/powershell/module/exchange/get-compliancesearchaction). +Because these capabilities are now available in the [<span class="underline">compliance portal</span>](./microsoft-365-compliance-center.md) and Office 365 Security & Compliance Center PowerShell with improved performance and scalability, you should using these improved cmdlets. These cmdlets include [<span class="underline">\-ComplianceCase</span>](/powershell/module/exchange/get-compliancecase), [<span class="underline">\-ComplianceSearch</span>](/powershell/module/exchange/get-compliancesearch), [<span class="underline">\-CaseHoldPolicy</span>](/powershell/module/exchange/get-caseholdpolicy), [<span class="underline">\-CaseHoldRule</span>](/powershell/module/exchange/get-caseholdrule), and [<span class="underline">\-ComplianceSearchAction</span>](/powershell/module/exchange/get-compliancesearchaction). ### Scope of affected organizations The following table describes other tools that you can use to replace the existi <p><a href="/powershell/module/exchange/get-compliancesearchaction"><span class="underline">-ComplianceSearchAction</span></a></p> <p><a href="/powershell/module/exchange/get-compliancecase"><span class="underline">-ComplianceCase</span></a></p> <p> </p></td> -<td><p>The ComplianceSearch and ComplianceSearchAction cmdlets work together to help you search and export content. You can create a new search and view the search estimate by using the <strong>New-</strong>, <strong>Get-</strong>, and <strong>Start-ComplianceSearch</strong> cmdlets. Then you can use the <strong>New-ComplianceSearchAction</strong> cmdlet to export the search results. You'll still have to use the core eDiscovery tool in the Microsoft 365 compliance center to download those search results to your local computer.</p> +<td><p>The ComplianceSearch and ComplianceSearchAction cmdlets work together to help you search and export content. You can create a new search and view the search estimate by using the <strong>New-</strong>, <strong>Get-</strong>, and <strong>Start-ComplianceSearch</strong> cmdlets. Then you can use the <strong>New-ComplianceSearchAction</strong> cmdlet to export the search results. You'll still have to use the eDiscovery (Standard) tool in the compliance portal to download those search results to your local computer.</p> <p> -<p><strong>Note:</strong> If you use these cmdlets to create searches that aren't associated with a core eDiscovery case, these searches will be located on the <strong>Content search</strong> page in the Microsoft 365 compliance center.</p></td> +<p><strong>Note:</strong> If you use these cmdlets to create searches that aren't associated with a eDiscovery (Standard) case, these searches will be located on the <strong>Content search</strong> page in the compliance portal.</p></td> </tr> <tr class="even"> <td>Hold content in a mailbox</td> The following table describes other tools that you can use to replace the existi <p><a href="/powershell/module/exchange/get-caseholdrule"><span class="underline">-CaseHoldRule</span></a></p> <p><a href="/powershell/module/exchange/get-compliancecase"><span class="underline">-ComplianceCase</span></a></p> <p> </p></td> -<td><p>Holds in the Microsoft 365 compliance center must be associated with a ComplianceCase. First, create the compliance case, and then create a CaseHoldPolicy and a CaseHoldRule.</p> +<td><p>Holds in the compliance portal must be associated with a ComplianceCase. First, create the compliance case, and then create a CaseHoldPolicy and a CaseHoldRule.</p> <p><strong>Note:</strong> Creating a CaseHoldPolicy without a creating CaseHoldRule will render the hold inoperable until the CaseHoldRule is created and associated to the CaseHoldPolicy. See the cmdlet documentation for more information.</p></td> </tr> <tr class="odd"> The following table describes other tools that you can use to replace the existi The [<span class="underline">Microsoft Graph APIs</span>](https://developer.microsoft.com/en-us/graph) provide a number of methods for extracting data for analysis and other purposes that are far more resilient and scalable than the using the *\-MailboxSearch cmdlets. -How can I migrate my searches and holds to the Microsoft 365 compliance center? +How can I migrate my searches and holds to the compliance portal? -It's possible to migrate In-Place eDiscovery searches and holds from the Exchange admin center by using a PowerShell script. For more information, see [Migrate legacy eDiscovery searches and holds to the Microsoft 365 compliance center](migrate-legacy-eDiscovery-searches-and-holds.md). +It's possible to migrate In-Place eDiscovery searches and holds from the Exchange admin center by using a PowerShell script. For more information, see [Migrate legacy eDiscovery searches and holds to the compliance portal](migrate-legacy-eDiscovery-searches-and-holds.md). After the cmdlets are retired, will I still be able to remove or retrieve searches?** The following table describes other tools that you can use to replace the existi <td><p><a href="/powershell/module/exchange/get-compliancesearch"><span class="underline">-ComplianceSearch</span></a></p> <p><a href="/powershell/module/exchange/get-compliancesearchaction"><span class="underline">-ComplianceSearchAction</span></a></p> <p></a></p></td> -<td><p>The ComplianceSearch and ComplianceSearchAction cmdlets work together to help you search and export content. You can create a new search and view the search estimate by using the <strong>New-</strong>, <strong>Get-</strong>, and <strong>Start-ComplianceSearch</strong> cmdlets. Then you can use the <strong>New-ComplianceSearchAction -Export</strong> command to export the search results. You'll still have to use the core eDiscovery tool in the Microsoft 365 compliance center to download those search results to your local computer.</p></p> +<td><p>The ComplianceSearch and ComplianceSearchAction cmdlets work together to help you search and export content. You can create a new search and view the search estimate by using the <strong>New-</strong>, <strong>Get-</strong>, and <strong>Start-ComplianceSearch</strong> cmdlets. Then you can use the <strong>New-ComplianceSearchAction -Export</strong> command to export the search results. You'll still have to use the eDiscovery (Standard) tool in the compliance portal to download those search results to your local computer.</p></p> </td> </tr> <tr class="even"> These operations in the Exchange Web Services API are used by the In-Place eDisc - July 1, 2020: The GetSearchableMailboxes, SearchMailboxes, SetHoldOnMailboxes, and GetHoldOnMailboxes operations will no longer be available, and Microsoft Support will no longer provide assistance. -## Advanced eDiscovery v1.0 +## eDiscovery (Premium) v1.0 -Advanced eDiscovery v1.0, which is the version of Advanced eDiscovery available in a core eDiscovery case by clicking Switch to Advanced eDiscovery, is being retired. Its functionality has been replaced by the new [Advanced eDiscovery solution](./ediscovery.md) in the Microsoft 365 compliance center. +eDiscovery (Premium) v1.0, which is the version of eDiscovery (Premium) available in a eDiscovery (Standard) case by clicking Switch to eDiscovery (Premium), is being retired. Its functionality has been replaced by the new [eDiscovery (Premium) solution](./ediscovery.md) in the compliance portal. -To determine if your organization is using Advanced eDiscovery v1.0: +To determine if your organization is using eDiscovery (Premium) v1.0: -1. Go to the Microsoft 365 compliance center, select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>, and open a Core eDiscovery case. +1. Go to the compliance portal, select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174007" target="_blank">Core</a>, and open a eDiscovery (Standard) case. -1. If you see the Switch to Advanced eDiscovery button, then clicking it will take you to the 1.0 version of Advanced eDiscovery, which is being retired. The ability to create and manage cases in Core eDiscovery won't be affected. Only the ability to add and analyze case data in Advanced eDiscovery v1.0 (by clicking Switch to Advanced eDiscovery) is being retired. +1. If you see the Switch to eDiscovery (Premium) button, then clicking it will take you to the 1.0 version of eDiscovery (Premium), which is being retired. The ability to create and manage cases in eDiscovery (Standard) won't be affected. Only the ability to add and analyze case data in eDiscovery (Premium) v1.0 (by clicking Switch to eDiscovery (Premium)) is being retired. -The new Advanced eDiscovery solution in Microsoft 365 (also known as Advanced eDiscovery v2.0) provides all of the capabilities of the original solution, but now includes a custodian-based approach of identifying content in other Microsoft 365 services, collecting that content, and then adding it to a review set where reviewers can take advantage of fast search queries, tagging, and analytics features to help cull relevant documents. Advanced eDiscovery now includes improved processing and native viewers for both Microsoft and non-Microsoft file types, a full list of file types is [here](./supported-filetypes-ediscovery20.md) and supported metadata fields are [here](./document-metadata-fields-in-advanced-ediscovery.md). Also, the new Advanced eDiscovery solution provides a powerful custodian holds management feature that lets you apply holds to content in different services, notify users of the holds, and track custodian responses, all within an Advanced eDiscovery case. +The new eDiscovery (Premium) solution in Microsoft 365 (also known as eDiscovery (Premium) v2.0) provides all of the capabilities of the original solution, but now includes a custodian-based approach of identifying content in other Microsoft 365 services, collecting that content, and then adding it to a review set where reviewers can take advantage of fast search queries, tagging, and analytics features to help cull relevant documents. eDiscovery (Premium) now includes improved processing and native viewers for both Microsoft and non-Microsoft file types, a full list of file types is [here](./supported-filetypes-ediscovery20.md) and supported metadata fields are [here](./document-metadata-fields-in-advanced-ediscovery.md). Also, the new eDiscovery (Premium) solution provides a powerful custodian holds management feature that lets you apply holds to content in different services, notify users of the holds, and track custodian responses, all within an eDiscovery (Premium) case. -To access Advanced eDiscovery v2.0: +To access eDiscovery (Premium) v2.0: -Go to the Microsoft 365 compliance center, select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174006" target="_blank">Advanced</a>, and open a Core eDiscovery case. +Go to the compliance portal, select eDiscovery > <a href="https://go.microsoft.com/fwlink/p/?linkid=2174006" target="_blank">Advanced</a>, and open a eDiscovery (Standard) case. -At this time, we recommend that you begin to transition your eDiscovery workflow to the new Advanced eDiscovery functionality. If necessary, you can archive your Advanced eDiscovery 1.0 cases by exporting the content and storing it offline. Although you'll still be able to access Advanced eDiscovery v1.0 in existing cases until December 31, 2020, Microsoft Support won't provide support after October 1, 2020. See the following timeline for more details. +At this time, we recommend that you begin to transition your eDiscovery workflow to the new eDiscovery (Premium) functionality. If necessary, you can archive your eDiscovery (Premium) 1.0 cases by exporting the content and storing it offline. Although you'll still be able to access eDiscovery (Premium) v1.0 in existing cases until December 31, 2020, Microsoft Support won't provide support after October 1, 2020. See the following timeline for more details. ### Scope of affected organizations At this time, we recommend that you begin to transition your eDiscovery workflow ### Timeline -- July 1, 2020: You won't be able to create new Advanced eDiscovery v1.0 cases. +- July 1, 2020: You won't be able to create new eDiscovery (Premium) v1.0 cases. -- October 1, 2020: You won't be able to add new data (Prepare search results for Advanced eDiscovery) to any cases. You'll be able to continue working with data in existing cases at your own risk. Microsoft Support will no longer provide assistance. +- October 1, 2020: You won't be able to add new data (Prepare search results for eDiscovery (Premium)) to any cases. You'll be able to continue working with data in existing cases at your own risk. Microsoft Support will no longer provide assistance. -- December 31, 2020: You won't be able to access Advanced eDiscovery v1.0 cases. +- December 31, 2020: You won't be able to access eDiscovery (Premium) v1.0 cases. ### Alternative tools -The [Advanced eDiscovery solution](./overview-ediscovery-20.md) in the Microsoft 365 compliance center. +The [eDiscovery (Premium) solution](./overview-ediscovery-20.md) in the compliance portal.
compliance	Legacy Information For Message Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/legacy-information-for-message-encryption.md	description: Understand how to transition legacy files to Office 365 Message Enc # Legacy information for Office 365 Message Encryption -If you haven't yet moved your organization to the new OME capabilities, but you have already deployed OME, then the information in this article applies to your organization. Microsoft recommends that you make a plan to move to the new OME capabilities as soon as it is reasonable for your organization. For instructions, see [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection](set-up-new-message-encryption-capabilities.md). If you want to find out more about how the new capabilities work first, see [Office 365 Message Encryption](ome.md). The rest of this article refers to OME behavior before the release of the new OME capabilities. + +If you haven't yet moved your organization to Microsoft Purview Message Encryption, but you have already deployed OME, then the information in this article applies to your organization. Microsoft recommends that you make a plan to move to Microsoft Purview Message Encryption as soon as it is reasonable for your organization. For instructions, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). If you want to find out more about how the new message encryption first, see [Message encryption](ome.md). The rest of this article refers to OME behavior before the release of Microsoft Purview Message Encryption. With Office 365 Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Office 365 Message Encryption works with Outlook.com, Yahoo, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content. Here are some examples: Office 365 Message Encryption is an online service that's built on Microsoft Azure Rights Management (Azure RMS). With Azure RMS, administrators can define mail flow rules to determine the conditions for encryption. For example, a rule can require the encryption of all messages addressed to a specific recipient. -When someone sends an email message in Exchange Online that matches an encryption rule, the message is sent with an HTML attachment. The recipient opens the HTML attachment and follows instructions to view the encrypted message on the Office 365 Message Encryption portal. The recipient can choose to view the message by signing in with a Microsoft account or a work or school associated with Office 365, or by using a one-time pass code. Both options help ensure that only the intended recipient can view the encrypted message. This process is very different for the new OME capabilities. +When someone sends an email message in Exchange Online that matches an encryption rule, the message is sent with an HTML attachment. The recipient opens the HTML attachment and follows instructions to view the encrypted message on the Office 365 Message Encryption portal. The recipient can choose to view the message by signing in with a Microsoft account or a work or school associated with Office 365, or by using a one-time pass code. Both options help ensure that only the intended recipient can view the encrypted message. This process is very different for Microsoft Purview Message Encryption. The following diagram summarizes the passage of an email message through the encryption and decryption process. ![Diagram showing the path of an encrypted email.](../media/O365-Office365MessageEncryption-Concept.png) -For more information, see [Service information for legacy Office 365 Message Encryption prior to the release of the new OME capabilities](legacy-information-for-message-encryption.md#LegacyServiceInfo). +For more information, see [Service information for legacy Office 365 Message Encryption prior to the release of Microsoft Purview Message Encryption](legacy-information-for-message-encryption.md#LegacyServiceInfo). -## Defining mail flow rules for Office 365 Message Encryption that don't use the new OME capabilities +## Defining mail flow rules for Office 365 Message Encryption that don't use Microsoft Purview Message Encryption To enable Office 365 Message Encryption without the new capabilities, Exchange Online and Exchange Online Protection administrators define Exchange mail flow rules. These rules determine under what conditions email messages should be encrypted, as well as conditions for removing message encryption. When an encryption action is set for a rule, the service performs the action on any messages that match the rule conditions before sending the messages. Mail flow rules are flexible, letting you combine conditions so you can meet spe For more information about how to create Exchange mail flow rules, see [Define Rules for Office 365 Message Encryption](define-mail-flow-rules-to-encrypt-email.md). -### Use the EAC to create a mail flow rule for encrypting email messages without the new OME capabilities +### Use the EAC to create a mail flow rule for encrypting email messages without Microsoft Purview Message Encryption 1. In a web browser, using a work or school account that has been granted global administrator permissions, [sign in to Office 365](https://support.office.com/article/b9582171-fd1f-4284-9846-bdd72bb28426#ID0EAABAAA=Web_browser). For more information about how to create Exchange mail flow rules, see [Define R For detailed syntax and parameter information, see [New-TransportRule](/powershell/module/exchange/New-TransportRule). -### Remove encryption from email replies encrypted without the new OME capabilities +### Remove encryption from email replies encrypted without Microsoft Purview Message Encryption When your email users send encrypted messages, recipients of those messages can respond with encrypted replies. You can create mail flow rules to automatically remove encryption from replies so email users in your organization don't have to sign in to the encryption portal to view them. You can use the EAC or Windows PowerShell cmdlets to define these rules. You can decrypt messages that are sent from within your organization or messages that are replies to messages sent from within your organization. You cannot decrypt encrypted messages originating from outside of your organization. -#### Use the EAC to create a rule for removing encryption from email replies encrypted without the new OME capabilities +#### Use the EAC to create a rule for removing encryption from email replies encrypted without Microsoft Purview Message Encryption 1. In a web browser, using a work or school account that has been granted admin permissions, [sign in to Office 365](https://support.office.com/article/b9582171-fd1f-4284-9846-bdd72bb28426#ID0EAABAAA=Web_browser). The following example shows a custom logo for ContosoPharma in the email attachm ## Service information for legacy Office 365 Message Encryption prior to the release of the new OME capabilities <a name="LegacyServiceInfo"> </a> -The following table provides technical details for the Office 365 Message Encryption service prior to the release of the new OME capabilities. +The following table provides technical details for the Office 365 Message Encryption service prior to the release of Microsoft Purview Message Encryption. \|Service details\|Description\| \|\|\|
compliance	Limits Core Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-core-ediscovery.md	Title: "Limits in core eDiscovery case" + Title: "Limits in eDiscovery (Standard) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "This article describes the limits in core eDiscovery case in Microsoft 365." +description: "This article describes the limits in eDiscovery (Standard) case in Microsoft 365." -# Limits in Core eDiscovery +# Limits in eDiscovery (Standard) -The following table lists the limits for core eDiscovery cases and holds associated with a core eDiscovery case. For more information about Core eDiscovery, see [Overview of Core eDiscovery](./get-started-core-ediscovery.md). +The following table lists the limits for eDiscovery (Standard) cases and holds associated with a eDiscovery (Standard) case. For more information about Microsoft Purview eDiscovery (Standard), see [Overview of eDiscovery (Standard)](./get-started-core-ediscovery.md). \| Description of limit \| Limit \| \|:--\|:--\| The following table lists the limits for core eDiscovery cases and holds associa \|Maximum number of case holds for an organization. <br/> \|10,000 <br/> \| \|Maximum number of mailboxes in a single case hold. This limit includes the combined total of user mailboxes, and the mailboxes associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|1,000 <br/> \| \|Maximum number of sites in a single case hold. This limit includes the combined total of OneDrive for Business sites, SharePoint sites, and the sites associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|100 <br/> \| - \|Maximum number of cases displayed on the core eDiscovery home page, and the maximum number of items displayed on the Holds, Searches, and Export tabs within a case. <sup>1</sup> \|1,000\| + \|Maximum number of cases displayed on the eDiscovery (Standard) home page, and the maximum number of items displayed on the Holds, Searches, and Export tabs within a case. <sup>1</sup> \|1,000\| > [!NOTE] > <sup>1</sup> To view a list of more than 1,000 cases, holds, searches, or exports, you can use the corresponding Office 365 Security & Compliance PowerShell cmdlets: The following table lists the limits for core eDiscovery cases and holds associa > - [Get-ComplianceSearch](/powershell/module/exchange/get-compliancesearch) > - [Get-ComplianceSearchAction](/powershell/module/exchange/get-compliancesearchaction) -For more information about limits related to searches and exports associated with a Core eDiscovery case, see [Limits for Content search and Core eDiscovery](limits-for-content-search.md). +For more information about limits related to searches and exports associated with a eDiscovery (Standard) case, see [Limits for Content search and eDiscovery (Standard)](limits-for-content-search.md).
compliance	Limits Ediscovery20	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-ediscovery20.md	Title: "Advanced eDiscovery limits" + Title: "eDiscovery (Premium) limits" f1.keywords: - NOCSH search.appverid: - MET150 - seo-marvel-apr2020 -description: "Learn about the case limits, indexing limits, and search limits in effect for the Advanced eDiscovery solution in Microsoft 365." +description: "Learn about the case limits, indexing limits, and search limits in effect for the eDiscovery (Premium) solution in Microsoft 365." -# Limits in Advanced eDiscovery +# Limits in eDiscovery (Premium) -This article describes the limits in the Advanced eDiscovery solution in Microsoft 365. +This article describes the limits in the Microsoft Purview eDiscovery (Premium) solution in Microsoft 365. ## Case and review set limits -The following table lists the limits for cases and review sets in Advanced eDiscovery. +The following table lists the limits for cases and review sets in eDiscovery (Premium). \|Description of limit\|Limit\| \|\|\| The following table lists the limits for cases and review sets in Advanced eDisc ## Hold limits -The following table lists the limits for holds associated with an Advanced eDiscovery case. +The following table lists the limits for holds associated with an eDiscovery (Premium) case. -\|Description of limit\|Limit\| -\|\|\| -\|Maximum number of hold policies for an organization. This limit includes the combined total of hold policies in Core eDiscovery and Advanced eDiscovery cases.\|10,000\| -\|Maximum number of mailboxes in a single case hold. This limit includes the combined total of user mailboxes, and the mailboxes associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups.\|1,000<sup>3</sup>\| -\|Maximum number of sites in a single case hold. This limit includes the combined total of OneDrive for Business sites, SharePoint sites, and the sites associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups.\|100<sup>3</sup>\| +\| Description of limit \| Limit \| +\|:--\|:--\| +\|Maximum number of hold policies for an organization. This limit includes the combined total of hold policies in Microsoft Purview eDiscovery (Standard) and Microsoft Purview eDiscovery (Premium) cases. <br/> \|10,000<sup>3</sup> <br/> \| +\|Maximum number of mailboxes in a single case hold. This limit includes the combined total of user mailboxes, and the mailboxes associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|1,000 <br/> \| +\|Maximum number of sites in a single case hold. This limit includes the combined total of OneDrive for Business sites, SharePoint sites, and the sites associated with Microsoft 365 Groups, Microsoft Teams, and Yammer Groups. <br/> \|100 <br/> \| ## Indexing limits -The following table lists the indexing limits in Advanced eDiscovery. +The following table lists the indexing limits in eDiscovery (Premium). \|Description of limit\|Limit\| \|\|\| The following table lists the indexing limits in Advanced eDiscovery. ## Search limits -The limits described in this section are related to using the search tool on the Searches tab to collect data for a case. For more information, see [Collect data for a case in Advanced eDiscovery](collecting-data-for-ediscovery.md). +The limits described in this section are related to using the search tool on the Searches tab to collect data for a case. For more information, see [Collect data for a case in eDiscovery (Premium)](collecting-data-for-ediscovery.md). \|Description of limit\|Limit\| \|\|\| The limits described in this section are related to exporting documents out of a > [!NOTE] > <sup>1</sup> This is the maximum number of tags that you can create in a case. This limit isn't related to the number of documents that can be tagged. > -> <sup>2</sup> This limit is shared with exporting content in other eDiscovery tools. This means that concurrent exports in Content search and Core eDiscovery (and adding content to review sets in Advanced eDiscovery) are all applied against this limit. +> <sup>2</sup> This limit is shared with exporting content in other eDiscovery tools. This means that concurrent exports in Content search and eDiscovery (Standard) (and adding content to review sets in eDiscovery (Premium)) are all applied against this limit. > > <sup>3</sup> When you put more than 1,000 mailboxes or 100 sites on hold in a single hold policy, the system will automatically scale the hold as needed. This means the system will automatically add data locations to multiple hold policies, instead of adding them to a single hold policy. However, the limit of 10,000 case hold policies per organization still applies. > The limits described in this section are related to exporting documents out of a > > <sup>6</sup> For non-phrase queries (a keyword value that doesn't use double quotation marks) we use a special prefix index. This tells us that a word occurs in a document, but not where it occurs in the document. To do a phrase query (a keyword value with double quotation marks), we need to compare the position within the document for the words in the phrase. This means that we can't use the prefix index for phrase queries. In this case, we internally expand the query with all possible words that the prefix expands to; for example, time\* can expand to "time OR timer OR times OR timex OR timeboxed OR ...". The limit of 10,000 is the maximum number of variants the word can expand to, not the number of documents matching the query. There is no upper limit for non-phrase terms. > -> <sup>7</sup> This limit applies to downloading selected documents from a review set. It doesn't apply to exporting documents from a review set. For more information about downloading and exporting documents, see [Export case data in Advanced eDiscovery](exporting-data-ediscover20.md). +> <sup>7</sup> This limit applies to downloading selected documents from a review set. It doesn't apply to exporting documents from a review set. For more information about downloading and exporting documents, see [Export case data in eDiscovery (Premium)](exporting-data-ediscover20.md).
compliance	Limits For Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-for-content-search.md	Title: "Limits for Content search and Core eDiscovery in the compliance center" + Title: "Limits for Content search and eDiscovery (Standard) in the compliance center" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: 78fe3147-1979-4c41-83bb-aeccf244368d -description: "Learn about the limits in effect for the Content search and Core eDiscovery features in the Microsoft 365 compliance center." +description: "Learn about the limits in effect for the Content search and eDiscovery (Standard) features in the Microsoft Purview compliance portal." # Limits for eDiscovery search -Various limits are applied to eDiscovery search tools in the Microsoft 365 compliance center. This includes searches run on the Content search page and searches that are associated with an eDiscovery case on the Core eDiscovery page. These limits help to maintain the health and quality of services provided to organizations. There are also limits related to the indexing of email messages in Exchange Online for search. You can't modify the limits for eDiscovery searches or email indexing, but you should be aware of them so that you can take these limits into consideration when planning, running, and troubleshooting eDiscovery searches. +Various limits are applied to eDiscovery search tools in the Microsoft Purview compliance portal. This includes searches run on the Content search page and searches that are associated with an eDiscovery case on the eDiscovery (Standard) page. These limits help to maintain the health and quality of services provided to organizations. There are also limits related to the indexing of email messages in Exchange Online for search. You can't modify the limits for eDiscovery searches or email indexing, but you should be aware of them so that you can take these limits into consideration when planning, running, and troubleshooting eDiscovery searches. -For limits related to the Advanced eDiscovery tool, see [Limits in Advanced eDiscovery](limits-ediscovery20.md) +For limits related to the Microsoft Purview eDiscovery (Premium) tool, see [Limits in eDiscovery (Premium)](limits-ediscovery20.md) ## Search limits -The following table lists the search limits when using the content search tool in the Microsoft 365 compliance center and for searches that are associated with a Core eDiscovery case. +The following table lists the search limits when using the content search tool in the compliance portal and for searches that are associated with a Microsoft Purview eDiscovery (Standard) case. <br> The following table lists the search limits when using the content search tool i \|The maximum number of locations in a search that you can export items from. If the search that you're exporting has more locations than this limit, the export will fail. For more information, see [Export content search results](export-search-results.md).\|100,000\| > [!NOTE] -> <sup>1</sup> Although you can search an unlimited number of mailboxes in a single search, you can only download the exported search results from a maximum of 100,000 mailboxes using the eDiscovery Export Tool in the Microsoft 365 compliance center. +> <sup>1</sup> Although you can search an unlimited number of mailboxes in a single search, you can only download the exported search results from a maximum of 100,000 mailboxes using the eDiscovery Export Tool in the compliance portal. > > <sup>2</sup> The intent of the preview page is to show a limited sample of the results. Even for massive searches with thousands of results, the number of items that are shown on the preview page can, and often will, be much less than maximum possible value of 1000. To see the complete search results, you need to export the results. > Microsoft collects performance information for searches run by all organizations ## Export limits -The following table lists the limits when exporting the results of a content search. These limits also apply when you export content from a Core eDiscovery case. +The following table lists the limits when exporting the results of a content search. These limits also apply when you export content from a eDiscovery (Standard) case. <br> For information about content searches, see: - [Content search in Microsoft 365](content-search.md) -- [Search for content in a Core eDiscovery case](search-for-content-in-core-ediscovery.md) +- [Search for content in a eDiscovery (Standard) case](search-for-content-in-core-ediscovery.md) - [Keyword queries and search conditions for content search](keyword-queries-and-search-conditions.md) -For case limits related to Core eDiscovery and Advanced eDiscovery, see: +For case limits related to eDiscovery (Standard) and eDiscovery (Premium), see: -- [Limits in Core eDiscovery](limits-core-ediscovery.md) +- [Limits in eDiscovery (Standard)](limits-core-ediscovery.md) -- [Limits in Advanced eDiscovery](limits-ediscovery20.md) +- [Limits in eDiscovery (Premium)](limits-ediscovery20.md)
compliance	Load Non Office 365 Data Into A Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/load-non-Office-365-data-into-a-review-set.md	search.appverid: - MOE150 - MET150 -description: "Learn how to import non-Microsoft 365 data to a review set for analysis in an Advanced eDiscovery case." +description: "Learn how to import non-Microsoft 365 data to a review set for analysis in an eDiscovery (Premium) case." # Load non-Microsoft 365 data into a review set -Not all documents that you need to analyze in Advanced eDiscovery are located in Microsoft 365. With the non-Microsoft 365 data import feature in Advanced eDiscovery, you can upload documents that aren't located in Microsoft 365 to a review set. This article shows you how to bring your non-Microsoft 365 documents into Advanced eDiscovery for analysis. +Not all documents that you need to analyze in Microsoft Purview eDiscovery (Premium) are located in Microsoft 365. With the non-Microsoft 365 data import feature in eDiscovery (Premium), you can upload documents that aren't located in Microsoft 365 to a review set. This article shows you how to bring your non-Microsoft 365 documents into eDiscovery (Premium) for analysis. ## Requirements to upload non-Office 365 content Using the upload non-Microsoft 365 feature described in this article requires that you have the following: -- All custodians that you want to associate non-Microsoft 365 content to must be assigned the appropriate license. For more information, see [Get started with Advanced eDiscovery](get-started-with-advanced-ediscovery.md#step-1-verify-and-assign-appropriate-licenses). +- All custodians that you want to associate non-Microsoft 365 content to must be assigned the appropriate license. For more information, see [Get started with eDiscovery (Premium)](get-started-with-advanced-ediscovery.md#step-1-verify-and-assign-appropriate-licenses). -- An existing Advanced eDiscovery case. +- An existing eDiscovery (Premium) case. - Custodians must be added to the case before you can upload and associate the non-Microsoft 365 data to them. -- Non-Microsoft 365 data must be a file type that's supported by Advanced eDiscovery. For more information, see [Supported file types in Advanced eDiscovery](supported-filetypes-ediscovery20.md). +- Non-Microsoft 365 data must be a file type that's supported by eDiscovery (Premium). For more information, see [Supported file types in eDiscovery (Premium)](supported-filetypes-ediscovery20.md). - All files that are uploaded to a review set must be located in folders, where each folder is associated with a specific custodian. The names for these folders must use the following naming format: alias@domainname. The alias@domainname must be the user's Microsoft 365 alias and domain. You can collect all the alias@domainname folders in a root folder. The root folder can only contain the alias@domainname folders. Loose files in the root folder aren't supported. Using the upload non-Microsoft 365 feature described in this article requires th - An account that is assigned to the eDiscovery Manager role group (and added as eDiscovery Administrator). -- The AzCopy v8.1 tool installed on a computer that has access to the non-Microsoft 365 content folder structure. To install AzCopy, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). Be sure to install AzCopy in the default location, which is %ProgramFiles(x86)%\Microsoft SDKs\Azure\AzCopy. You must use AzCopy v8.1. Other versions of AzCopy may not work when loading non-Microsoft 365 data in Advanced eDiscovery. +- The AzCopy v8.1 tool installed on a computer that has access to the non-Microsoft 365 content folder structure. To install AzCopy, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). Be sure to install AzCopy in the default location, which is %ProgramFiles(x86)%\Microsoft SDKs\Azure\AzCopy. You must use AzCopy v8.1. Other versions of AzCopy may not work when loading non-Microsoft 365 data in eDiscovery (Premium). -## Upload non-Microsoft 365 content into Advanced eDiscovery +## Upload non-Microsoft 365 content into eDiscovery (Premium) -1. As an eDiscovery Manager or eDiscovery Administrator, open Advanced eDiscovery, and go to the case that the non-Microsoft 365 data will be uploaded to. +1. As an eDiscovery Manager or eDiscovery Administrator, open eDiscovery (Premium), and go to the case that the non-Microsoft 365 data will be uploaded to. 2. Click Review sets, and then select the review set to upload the non-Microsoft 365 data to. If you don't have a review set, you can create one. Using the upload non-Microsoft 365 feature described in this article requires th ![Non-Microsoft 365 Import: AzCopy.](../media/504e2dbe-f36f-4f36-9b08-04aea85d8250.png) > [!NOTE] - > As previously stated, you must use AzCopy v8.1 to successfully use the command that's provided on the Upload files page. If the supplied AzCopy command fails, please see [Troubleshoot AzCopy in Advanced eDiscovery](troubleshooting-azcopy.md). + > As previously stated, you must use AzCopy v8.1 to successfully use the command that's provided on the Upload files page. If the supplied AzCopy command fails, please see [Troubleshoot AzCopy in eDiscovery (Premium)](troubleshooting-azcopy.md). -8. Go back to the Microsoft 365 compliance center, and click Next: Process files in the wizard. This initiates processing, text extraction, and indexing of the non-Microsoft 365 files that were uploaded to the Azure Storage location. +8. Go back to the Microsoft Purview compliance portal, and click Next: Process files in the wizard. This initiates processing, text extraction, and indexing of the non-Microsoft 365 files that were uploaded to the Azure Storage location. 9. Track the progress of processing the files on the Process files page or on the Jobs tab by viewing a job named Adding non-Microsoft 365 data to a review set. After the job is finished, the new files will be available in the review set.
compliance	Mailitemsaccessed Forensics Investigations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mailitemsaccessed-forensics-investigations.md	Title: "Use Advanced Audit to investigate compromised accounts" + Title: "Use Audit (Premium) to investigate compromised accounts" f1.keywords: - NOCSH ms.assetid: description: "Use the MailItemsAccessed mailbox auditing action to perform forensic investigations of compromised user accounts." -# Use Advanced Audit to investigate compromised accounts +# Use Microsoft Purview Audit (Premium) to investigate compromised accounts A compromised user account (also called an account takeover) is a type of attack when an attacker gains access to a user account and operates as the user. These types of attacks sometimes cause more damage than the attacker may have intended. When investigating compromised email accounts, you have to assume that more mail data was compromised than may be indicated by tracing the attacker's actual presence. Depending on the type of data in email messages, you have to assume that sensitive information was compromised or face regulatory fines unless you can prove that sensitive information wasn't exposed. For example, HIPAA-regulated organizations face significant fines if there is evidence that patient health information (PHI) was exposed. In these cases, attackers are unlikely to be interested in PHI, but organizations still must report data breaches unless they can prove otherwise. To help you with investigating compromise email accounts, we're now auditing acc ## The MailItemsAccessed mailbox-auditing action -The new MailItemsAccessed action is part of the new [Advanced Audit](advanced-audit.md) functionality. It's part of [Exchange mailbox auditing](/office365/securitycompliance/enable-mailbox-auditing#mailbox-auditing-actions) and is enabled by default for users that are assigned an Office 365 or Microsoft 365 E5 license or for organizations with a Microsoft 365 E5 Compliance add-on subscription. +The new MailItemsAccessed action is part of the new [Audit (Premium)](advanced-audit.md) functionality. It's part of [Exchange mailbox auditing](/office365/securitycompliance/enable-mailbox-auditing#mailbox-auditing-actions) and is enabled by default for users that are assigned an Office 365 or Microsoft 365 E5 license or for organizations with a Microsoft 365 E5 Compliance add-on subscription. The MailItemsAccessed mailbox-auditing action covers all mail protocols: POP, IMAP, MAPI, EWS, Exchange ActiveSync, and REST. It also covers both types of accessing mail: sync and bind.
compliance	Manage Information Governance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-Information-governance.md	- Title: "Microsoft Information Governance in Microsoft 365"-- NOCSH-------- MOE150-- MET150 -recommendations: false -description: "Implement Microsoft Information Governance capabilities to govern your data for compliance or regulatory requirements." -- -# Microsoft Information Governance in Microsoft 365 - ->[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). - -Use Microsoft Information Governance (sometimes abbreviated to MIG) capabilities to govern your data for compliance or regulatory requirements. - -From a [licensing perspective](#licensing-requirements), there can be considerable overlap between information governance, records management, and data connectors. All three areas support retention and deletion of data in Microsoft 365. Connectors are used by compliance solutions other than information governance and records management. - -Use the following graphic to help you identify the main configurable components for these three different solutions that each have their own node in the compliance center: - -![Main components to manage for Microsoft Information Goevernance.](../media/information-governance-components.png) - -Looking to protect your data? See [Microsoft Information Protection in Microsoft 365](information-protection.md). - -## Information governance - -To keep what you need and delete what you don't: - -\|Capability\|What problems does it solve?\|Get started\| -\|:\|:\|:--\|:--\| -\|[Retention policies for Microsoft 365 workloads, with retention labels for exceptions](retention.md) \| Retain or delete content with policy management for email, documents, Teams and Yammer messages \| [Create and configure retention policies](create-retention-policies.md) <br /><br /> [Create retention labels for exceptions to your retention policies](create-retention-labels-information-governance.md)\| -\|[Archive mailboxes](archive-mailboxes.md)\| Provides users with additional mailbox storage space \| [Enable archive mailboxes](enable-archive-mailboxes.md) \| -\|[Inactive mailboxes](inactive-mailboxes-in-office-365.md)\| Retain mailbox content after employees leave the organization so that this content remains accessible to administrators, compliance officers, and records managers \| [Create and manage inactive mailboxes](create-and-manage-inactive-mailboxes.md)\| -\|[Import service for PST files](importing-pst-files-to-office-365.md)\| Bulk-import PST files to Exchange Online mailboxes to retain and search email messages for compliance or regulatory requirements \| [Use network upload to import your organization's PST files to Microsoft 365](use-network-upload-to-import-pst-files.md)\| - -## Records management - -Lifecycle management of high-value items for legal, business, or regulatory obligations: - -\|Capability\|What problems does it solve?\|Get started\| -\|:\|:\|\|:-\| -\|[Records management](records-management.md)\| A single solution for email and documents that incorporates flexible retention and deletion schedules and requirements to support the full lifecycle of your content with records declaration and defensible disposition when needed \|[Get started with records management](get-started-with-records-management.md) \| - -## Connectors for third-party data - -Extend your compliance tools to imported and archived third-party data from social media platforms, instant messaging platforms, and document collaboration platforms: - -\|Capability\|What problems does it solve?\|Get started\| -\|:\|:\|:--\|:--\| -\|[Data connectors](archiving-third-party-data.md)\| Import, archive, and apply compliance solutions to third-party data from social media platforms, instant messaging platforms, and document collaboration platforms\| [Third-party connectors](archiving-third-party-data.md#third-party-data-connectors)\| - -## Licensing requirements - -License requirements for Microsoft Information Governance depend on the scenarios and features you use, rather than set licensing requirements for each capability listed on this page. To understand your licensing requirements and options, see the following sections from the [Microsoft 365 licensing documentation](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance): -- [Information Governance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#information-governance) -- [Records Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#records-management) -- [Data connectors](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#data-connectors)- -Any additional licensing requirements will be included in the documentation instructions. For example, licensing specific to managing mailboxes might require licenses from Exchange Online. -
compliance	Manage Cases Core Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-cases-core-ediscovery.md	- Title: "Create, close, reopen, and delete cases in core eDiscovery"-- NOCSH-------- Strat_O365_IP-- M365-security-compliance-- SPO_Content-- MOE150-- MET150 -description: "This article describes how to create, close, reopen, and delete cases in core eDiscovery in Microsoft 365." -- -# Manage cases in core eDiscovery - -## Create a case - -## Close a case - -## Reopen a case - -## Delete a case -
compliance	Manage Data Governance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-data-governance.md	+ + Title: "Microsoft Purview Data Lifecycle Management & Microsoft Purview Records Management" +f1.keywords: +- NOCSH +++ +audience: Admin +++ +ms.localizationpriority: high +search.appverid: +- MOE150 +- MET150 +recommendations: false +description: "Implement capabilities from Microsoft Purview Data Lifecycle Management & Microsoft Purview Records Management to govern your data for compliance or regulatory requirements." ++ +# Govern your data with Microsoft Purview ++ +>[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). + +Use the capabilities from Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance) and Microsoft Purview Records Management to govern your data for compliance or regulatory requirements. + +From a [licensing perspective](#licensing-requirements), there can be considerable overlap between data lifecycle management and records management. Both solutions support retention and deletion of data for Microsoft 365 apps and services. + +Use the following graphic to help you identify the main configurable components for these solutions that each have their own configuration area in the Microsoft Purview compliance portal: + +![Main components to configure and use to govern your data with Microsoft Purview.](../media/govern-your-data.png) + +Looking to protect your data? See [Protect your data with Microsoft Purview](information-protection.md). + +## Microsoft Purview Data Lifecycle Management + +To keep what you need and delete what you don't: + +\|Capability\|What problems does it solve?\| +\|:\|:\|:-\| +\|[Retention policies for Microsoft 365 workloads, with retention labels for exceptions](retention.md) \| Lets you retain or delete content with policy management for email, documents, Teams and Yammer messages. \| +\|[Inactive mailboxes](inactive-mailboxes-in-office-365.md)\| Lets you retain mailbox content after employees leave the organization so that this content remains accessible to administrators, compliance officers, and records managers. \| +\|[Archive mailboxes](archive-mailboxes.md)\| Provides additional mailbox storage space for users.\| +\|[Import service for PST files](importing-pst-files-to-office-365.md)\| Supports bulk-importing PST files to Exchange Online mailboxes to retain and search email messages for compliance or regulatory requirements. \| + +Want to learn more? See [Learn about data lifecycle management](data-lifecycle-management.md). + +Ready to start using some or all of these capabilities? See [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). ++ +## Microsoft Purview Records Management + +Manage high-value items for business, legal, or regulatory record-keeping requirements: + +\|Capability\|What problems does it solve?\| +\|:\|:\| +\|[File plan](file-plan-manager.md)\| Lets you create retention labels interactively or import in bulk, and export for analysis. Labels support additional administrative information (optional) to help you identify and track business or regulatory requirements. \| +\|[Retention labels for individual items, retention policies if needed for baseline retention](retention.md)\| Labels support flexible retention and deletion schedules that can be applied manually or automatically, with records declaration when needed. \| +\|[Disposition review and proof of disposition](disposition.md)\| Manual review of content before it's permanently deleted, with proof of disposition of records.\| + +Want to learn more? See [Learn about records management](records-management.md). + +Ready to start using some or all of these capabilities? See [Get started with records management](get-started-with-records-management.md). ++ +## Licensing requirements + +To understand your licensing requirements and options, see the following sections from the [Microsoft 365 licensing documentation](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance): +- [Microsoft Purview Data Lifecycle Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-data-lifecycle-management) +- [Microsoft Purview Records Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-records-management) + +Any additional licensing requirements will be included in the documentation instructions. For example, licensing specific to managing mailboxes might require licenses from Exchange Online.
compliance	Manage Hold Notification	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-hold-notification.md	search.appverid: - MET150 ms.assetid: -description: "Use the communications workflow in Advanced eDiscovery to track the status of your legal hold notifications and if necessary update and resend them." +description: "Use the communications workflow in eDiscovery (Premium) to track the status of your legal hold notifications and if necessary update and resend them." # Manage hold notifications -After you have initiated your legal hold notification workflow, you can use the communications workflow in Advanced eDiscovery to track the status of your communications. The Communications tab contains a list of all notifications within your Advanced eDiscovery case. You can see details such as the number of custodians that have been assigned or have acknowledged the notice. +After you have initiated your legal hold notification workflow, you can use the communications workflow in Microsoft Purview eDiscovery (Premium) to track the status of your communications. The Communications tab contains a list of all notifications within your eDiscovery (Premium) case. You can see details such as the number of custodians that have been assigned or have acknowledged the notice. ## Monitor acknowledgments After you select a communication from the Communications tab, you can view a list of custodians that have acknowledged a hold notice. -1. In the compliance center, go to eDiscovery > Advanced eDiscovery. +1. In the compliance center, go to eDiscovery > eDiscovery (Premium). 2. Select a case and then click the Communications tab. Occasionally, custodians lose track of email messages in their day-to-day work. To re-send a hold notice to a custodian: -1. In Advanced eDiscovery, select a case and then click the Communications tab. +1. In eDiscovery (Premium), select a case and then click the Communications tab. 2. Select a communication to display the Custodian communication flyout page. As the case progresses, custodians may be required to preserve additional or les To update the contents of the initial hold notice: -1. In Advanced eDiscovery, select a case and then click the Communications tab. +1. In eDiscovery (Premium), select a case and then click the Communications tab. 2. Select the hold notice that you want to update and click Edit on the Custodian communication flyout page.
compliance	Manage Legal Investigations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-legal-investigations.md	search.appverid: ms.assetid: 2e5fbe9f-ee4d-4178-8ff8-4356bc1b168e - seo-marvel-apr2020 -description: "Use eDiscovery cases in the Microsoft 365 compliance center to manage your organization's legal investigation." +description: "Use eDiscovery cases in the Microsoft Purview compliance portal to manage your organization's legal investigation." # Manage legal investigations in Microsoft 365 Like the previous section that listed scripts for content search scenarios, we'v - [Add mailboxes and OneDrive locations](use-a-script-to-add-users-to-a-hold-in-ediscovery.md) for a list of users to an eDiscovery hold. -## Manage legal investigations with the Advanced eDiscovery solution in Microsoft 365 +## Manage legal investigations with the eDiscovery (Premium) solution in Microsoft 365 -The Advanced eDiscovery solution in Microsoft 365 builds on the existing eDiscovery and analytics capabilities in Office 365. This new solution, called Advanced eDiscovery, provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case. +The Microsoft Purview eDiscovery (Premium) solution in Microsoft 365 builds on the existing eDiscovery and analytics capabilities in Office 365. This new solution, called eDiscovery (Premium), provides an end-to-end workflow to preserve, collect, review, analyze, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case. -Advanced eDiscovery requires an E5 subscription for your Microsoft 365 or Office 365 organization. For more information about licensing, see [Set up Advanced eDiscovery](get-started-with-advanced-ediscovery.md#step-1-verify-and-assign-appropriate-licenses). +eDiscovery (Premium) requires an E5 subscription for your Microsoft 365 or Office 365 organization. For more information about licensing, see [Set up eDiscovery (Premium)](get-started-with-advanced-ediscovery.md#step-1-verify-and-assign-appropriate-licenses). -Here's a quick overview of the built-in workflow in Advanced eDiscovery. For more information, see [Manage the Advanced eDiscovery workflow](create-and-manage-advanced-ediscoveryv2-case.md#manage-the-workflow). +Here's a quick overview of the built-in workflow in eDiscovery (Premium). For more information, see [Manage the eDiscovery (Premium) workflow](create-and-manage-advanced-ediscoveryv2-case.md#manage-the-workflow). - [Create a case](create-and-manage-advanced-ediscoveryv2-case.md#create-a-case) to get started. Here's a quick overview of the built-in workflow in Advanced eDiscovery. For mor - [Export case data](exporting-data-ediscover20.md) for review by outside counsel. -- [Manage long-running jobs](managing-jobs-ediscovery20.md) in Advanced eDiscovery. +- [Manage long-running jobs](managing-jobs-ediscovery20.md) in eDiscovery (Premium).
compliance	Manage New Custodians	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-new-custodians.md	Title: "Manage custodians in an Advanced eDiscovery case" + Title: "Manage custodians in an eDiscovery (Premium) case" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: Learn how to view details, edit, and bulk edit the list of custodians in an Advanced eDiscovery case. +description: Learn how to view details, edit, and bulk edit the list of custodians in an eDiscovery (Premium) case. -# Manage custodians in an Advanced eDiscovery case +# Manage custodians in an eDiscovery (Premium) case -The Custodians page on the Data sources tab in an Advanced eDiscovery case contains a list of all custodians that have been added to the case. After you add custodians to a case, details about each custodian are automatically collected from Azure Active Directory and are viewable in Advanced eDiscovery. +The Custodians page on the Data sources tab in an Microsoft Purview eDiscovery (Premium) case contains a list of all custodians that have been added to the case. After you add custodians to a case, details about each custodian are automatically collected from Azure Active Directory and are viewable in eDiscovery (Premium). ## View custodian details As your case progresses, you may discover that there may be additional data sour To update the data sources that are associated with a custodian: -1. Go to eDiscovery > Advanced eDiscovery and open the case. +1. Go to eDiscovery > eDiscovery (Premium) and open the case. 2. Click the Data Sources tab. To update the data sources that are associated with a custodian: ## Reindex custodian data -In most eDiscovery workflows for legal investigations, a subset of a custodian's data is searched after the custodian is added to a legal case. Because of very large file sizes or possible data corruption, some items in the data sources associated with a custodian may be partially indexed. Using the [advanced indexing](indexing-custodian-data.md) capability in the Advanced eDiscovery, most partially indexed items can be automatically remediated by reindexing these items on demand. +In most eDiscovery workflows for legal investigations, a subset of a custodian's data is searched after the custodian is added to a legal case. Because of very large file sizes or possible data corruption, some items in the data sources associated with a custodian may be partially indexed. Using the [advanced indexing](indexing-custodian-data.md) capability in the eDiscovery (Premium), most partially indexed items can be automatically remediated by reindexing these items on demand. When a custodian is added to a case, the data located in the data sources associated with the custodian is automatically reindexed (by the advanced indexing process). This means you can leave the data in-place instead of having to download and remediate it and then search it offline). However, during the lifecycle of a legal case new data sources might be associated with a custodian. In this case, you can reindex the custodian's data by rerunning the advanced indexing process to remediate any partially indexed items and update the index for the custodian's data. To trigger the reindexing process to address partially indexed items: -1. Go to eDiscovery > Advanced eDiscovery and open the case. +1. Go to eDiscovery > eDiscovery (Premium) and open the case. 2. Click the Sources tab. If you release a custodian after a hold notice was published, a release notice w To release a custodian: -1. Go to eDiscovery > Advanced eDiscovery and open the case. +1. Go to eDiscovery > eDiscovery (Premium) and open the case. 2. Click the Sources tab. To release a custodian: 4. On the flyout page, click Release custodian. - A warning page is displayed explaining that if a hold is placed on a data source associated with the custodian, the hold will be removed, and that any other hold associated with a different Advanced eDiscovery case will still apply. That includes other types of preservation and retention features (such as a Microsoft 365 retention policy). + A warning page is displayed explaining that if a hold is placed on a data source associated with the custodian, the hold will be removed, and that any other hold associated with a different eDiscovery (Premium) case will still apply. That includes other types of preservation and retention features (such as a Microsoft 365 retention policy). 5. Click Yes to confirm that you want to release the custodian.
compliance	Manage Office 365 Message Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-office-365-message-encryption.md	description: Once you've finished setting up Office 365 Message Encryption (OME) # Manage Office 365 Message Encryption + Once you've finished setting up Office 365 Message Encryption (OME), you can customize the configuration of your deployment in several ways. For example, you can configure whether to enable one-time pass codes, display the Encrypt button in Outlook on the web, and more. The tasks in this article describe how. ## Manage whether Google, Yahoo, and Microsoft Account recipients can use these accounts to sign in to the Office 365 Message Encryption portal You can use custom branding templates to force recipients to receive a wrapper m ## Customize the appearance of email messages and the OME portal -For detailed information about how you can customize OME for your organization, see [Add your organization's brand to your encrypted messages](add-your-organization-brand-to-encrypted-messages.md). In order to enable the ability to track and revoke encrypted messages you must add your custom branding to the OME portal. +For detailed information about how you can customize Microsoft Purview Message Encryption for your organization, see [Add your organization's brand to your encrypted messages](add-your-organization-brand-to-encrypted-messages.md). In order to enable the ability to track and revoke encrypted messages you must add your custom branding to the OME portal. -## Disable the new capabilities for OME +## Disable Microsoft Purview Message Encryption -We hope it doesn't come to it, but if you need to, disabling the new capabilities for OME is very straightforward. First, you'll need to remove any mail flow rules you've created that use the new OME capabilities. For information about removing mail flow rules, see [Manage mail flow rules](/exchange/security-and-compliance/mail-flow-rules/manage-mail-flow-rules). Then, complete these steps in Exchange Online PowerShell. +We hope it doesn't come to it, but if you need to, disabling Microsoft Purview Message Encryption is very straightforward. First, you'll need to remove any mail flow rules you've created that use Microsoft Purview Message Encryption. For information about removing mail flow rules, see [Manage mail flow rules](/exchange/security-and-compliance/mail-flow-rules/manage-mail-flow-rules). Then, complete these steps in Exchange Online PowerShell. -### To disable the new capabilities for OME +### To disable Microsoft Purview Message Encryption 1. Using a work or school account that has global administrator permissions in your organization, start a Windows PowerShell session and connect to Exchange Online. For instructions, see [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). We hope it doesn't come to it, but if you need to, disabling the new capabilitie Set-IRMConfiguration -SimplifiedClientAccessEnabled $false ``` -3. Disable the new capabilities for OME by running the Set-IRMConfiguration cmdlet with the AzureRMSLicensingEnabled parameter set to false: +3. Disable the Microsoft Purview Message Encryption by running the Set-IRMConfiguration cmdlet with the AzureRMSLicensingEnabled parameter set to false: ```powershell Set-IRMConfiguration -AzureRMSLicensingEnabled $false
compliance	Manage Relevance Setup In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-relevance-setup-in-advanced-ediscovery.md	Title: "Manage Relevance setup in Advanced eDiscovery" + Title: "Manage Relevance setup in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: fd6be6d3-2e8d-449d-9851-03ab7546e6aa -description: "Read the recommendations for setting up Relevance training in Advanced eDiscovery to score files by their relevance and generate analytical results." +description: "Read the recommendations for setting up Relevance training in eDiscovery (Premium) to score files by their relevance and generate analytical results." -# Manage Relevance setup in Advanced eDiscovery (classic) +# Manage Relevance setup in eDiscovery (Premium) (classic) > [!NOTE] -> Advanced eDiscovery requires an Office 365 E3 with the Advanced Compliance add-on or an E5 subscription for your organization. If you don't have that plan and want to try Advanced eDiscovery, you can [sign up for a trial of Office 365 Enterprise E5](https://go.microsoft.com/fwlink/p/?LinkID=698279). +> Microsoft Purview eDiscovery (Premium) requires an Office 365 E3 with the Advanced Compliance add-on or an E5 subscription for your organization. If you don't have that plan and want to try eDiscovery (Premium), you can [sign up for a trial of Office 365 Enterprise E5](https://go.microsoft.com/fwlink/p/?LinkID=698279). - Advanced eDiscovery Relevance technology employs expert-guided software for scoring files by their relevance. Advanced eDiscovery Relevance can be used for Early Case Assessment (ECA), culling, and file sample review. + eDiscovery (Premium) Relevance technology employs expert-guided software for scoring files by their relevance. eDiscovery (Premium) Relevance can be used for Early Case Assessment (ECA), culling, and file sample review. - Advanced eDiscovery includes components for the Relevance training and tagging of files relevant to a case. Advanced eDiscovery learns from the trained samples of Relevant and Not Relevant files to provide Relevance scores for each file, and generates analytical results that can be used during and after the file review process. + eDiscovery (Premium) includes components for the Relevance training and tagging of files relevant to a case. eDiscovery (Premium) learns from the trained samples of Relevant and Not Relevant files to provide Relevance scores for each file, and generates analytical results that can be used during and after the file review process. ## Guidelines for setting up Relevance training description: "Read the recommendations for setting up Relevance training in Adva - Determine if each group of files is pertinent only to a specific issue. - - If an issue is defined too generally, Advanced eDiscovery may yield too many files that are not relevant. If an issue is defined too narrowly, the Relevance training process may take more time. + - If an issue is defined too generally, eDiscovery (Premium) may yield too many files that are not relevant. If an issue is defined too narrowly, the Relevance training process may take more time. - - During each Relevance training cycle, Advanced eDiscovery focuses on a single active issue and interim sample results are displayed accordingly. + - During each Relevance training cycle, eDiscovery (Premium) focuses on a single active issue and interim sample results are displayed accordingly. - In a multiple-issue scenario, the Sampling mode enables the selection of issues to be included in processing. Issues defined as "off" are not handled until their Sampling mode is changed. An issue can be "idle" or "on" for only one expert. - - Advanced eDiscovery can be used to generate candidate privilege files. Set up a separate issue for privilege. If possible, train and cull for relevance first, and then train for privilege on the culled set only (reload the culled set as a separate case). + - eDiscovery (Premium) can be used to generate candidate privilege files. Set up a separate issue for privilege. If possible, train and cull for relevance first, and then train for privilege on the culled set only (reload the culled set as a separate case). - Batch calculation can be performed only when there are no open samples (when clicking Batch Calculation, there will be a list displayed of users with open samples). To "close" samples of other users (this should be performed only if these users are not tagging these samples), an Administrator can use the "Modify relevance" utility with the "All users sample" option. -- Metadata: Advanced eDiscovery focuses on content. It does not consider metadata as part of the relevance criteria. +- Metadata: eDiscovery (Premium) focuses on content. It does not consider metadata as part of the relevance criteria. - Richness: If the Richness for an issue is less than 3% after Assessment, consider seeding the Relevance training with known Relevant and Not Relevant files. description: "Read the recommendations for setting up Relevance training in Adva ## Setting up case issues -The parameters described in this section are available in the Advanced eDiscovery Relevance \> Relevance setup. +The parameters described in this section are available in the eDiscovery (Premium) Relevance \> Relevance setup. - Issues must be assigned to a user who will train the files.
compliance	Managing Custodian Communications	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodian-communications.md	Title: "Work with communications in Advanced eDiscovery" + Title: "Work with communications in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: "Advanced eDiscovery makes it easy to manage the legal hold notification workflow around notifying custodians in legal investigations." +description: "eDiscovery (Premium) makes it easy to manage the legal hold notification workflow around notifying custodians in legal investigations." -# Work with communications in Advanced eDiscovery +# Work with communications in eDiscovery (Premium) -Advanced eDiscovery allows legal departments to simplify their processes around tracking and distributing legal hold notifications. The custodian communications tool enables legal departments to manage and automate the entire legal hold process, from initial notifications, to reminders, and to escalations, all in one location. +Microsoft Purview eDiscovery (Premium) allows legal departments to simplify their processes around tracking and distributing legal hold notifications. The custodian communications tool enables legal departments to manage and automate the entire legal hold process, from initial notifications, to reminders, and to escalations, all in one location. ## What is a legal hold notification? A legal hold (also known as a litigation hold) notice is a notification sent f An organization has a duty to preserve relevant information when it learns about an impending litigation or regulatory investigation. To comply with the preservation requirements of an investigation, the organization should immediately inform potential custodians about their duty to preserve relevant information. -With Advanced eDiscovery, legal teams can create and customize their legal hold notification workflow. The custodian communications tool lets legal teams configure the following notices and workflows: +With eDiscovery (Premium), legal teams can create and customize their legal hold notification workflow. The custodian communications tool lets legal teams configure the following notices and workflows: 1. Issuance notice: A legal hold notice is issued (or initiated) by a notification from the legal department to custodians who may have relevant information about the case matter. This notice instructs the custodians to preserve any information that may be needed for discovery.
compliance	Managing Custodians	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodians.md	Title: "Work with custodians in Advanced eDiscovery" + Title: "Work with custodians in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: ms.assetid: - seo-marvel-apr2020 -description: Learn how to use the custodian management tool in Advanced eDiscovery to manage data for a legal case. +description: Learn how to use the custodian management tool in eDiscovery (Premium) to manage data for a legal case. -# Work with custodians and non-custodial data sources in Advanced eDiscovery +# Work with custodians and non-custodial data sources in eDiscovery (Premium) When an organization responds to a legal investigation, the workflow around identifying, preserving, and collecting potentially relevant content is based on the people in the organization who are the custodians of relevant data. In eDiscovery, these individuals are called data custodians (or just custodians) and are defined as "persons having administrative control of a document or electronic file". For example, the custodian of an email message could be the owner of the mailbox that contains the relevant message. Additionally, there may be content located in mailboxes and sites that aren't associated with a custodian but that's relevant to the case. Content locations where case custodians don't have administrative control but may be owners of relevant data, are known as non-custodial data sources. -In an Advanced eDiscovery case, legal teams can add individuals in their organization as custodians, and identify and preserve custodial data sources such as Exchange mailboxes, OneDrive accounts, and SharePoint and Teams sites. They can also identify and preserve non-custodial data sources. By using the built-in custodian and data source management tool in Advanced eDiscovery, organizations can secure electronically stored information from inadvertent (or intentional) deletion. This lets you eliminate the time-consuming and error-prone process of manually having to perform the legal hold processes. +In an eDiscovery (Premium) case, legal teams can add individuals in their organization as custodians, and identify and preserve custodial data sources such as Exchange mailboxes, OneDrive accounts, and SharePoint and Teams sites. They can also identify and preserve non-custodial data sources. By using the built-in custodian and data source management tool in eDiscovery (Premium), organizations can secure electronically stored information from inadvertent (or intentional) deletion. This lets you eliminate the time-consuming and error-prone process of manually having to perform the legal hold processes. For more information about working with custodians, see the following articles:
compliance	Managing Holds	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-holds.md	Title: "Manage holds in Advanced eDiscovery" + Title: "Manage holds in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: Learn how to place holds on custodians and their data sources to preserve relevant content for your Advanced eDiscovery case. +description: Learn how to place holds on custodians and their data sources to preserve relevant content for your eDiscovery (Premium) case. - seo-marvel-mar2020 - admindeeplinkMAC -# Manage holds in Advanced eDiscovery +# Manage holds in eDiscovery (Premium) -You can use an Advanced eDiscovery case to create holds to preserve content that might be relevant to your case. Using the Advanced eDiscovery hold capabilities, you can place holds on custodians and their data sources. Additionally, you can place a non-custodial hold on mailboxes and OneDrive for Business sites. You can also place a hold on the group mailbox, SharePoint site, and OneDrive for Business site for a Microsoft 365 Group. Similarly, you can place a hold on the mailbox and site that are associated with Microsoft Teams. When you place content locations on hold, content is held until you release the custodian, remove a specific data location, or delete the hold policy entirely. +You can use an Microsoft Purview eDiscovery (Premium) case to create holds to preserve content that might be relevant to your case. Using the eDiscovery (Premium) hold capabilities, you can place holds on custodians and their data sources. Additionally, you can place a non-custodial hold on mailboxes and OneDrive for Business sites. You can also place a hold on the group mailbox, SharePoint site, and OneDrive for Business site for a Microsoft 365 Group. Similarly, you can place a hold on the mailbox and site that are associated with Microsoft Teams. When you place content locations on hold, content is held until you release the custodian, remove a specific data location, or delete the hold policy entirely. ## Manage custodian-based holds -In some cases, you may have a set of custodians that you have identified and have decided to preserve their data during the case. In Advanced eDiscovery, when these custodians are placed on hold, the user and their selected data sources are automatically added to a custodian hold policy. +In some cases, you may have a set of custodians that you have identified and have decided to preserve their data during the case. In eDiscovery (Premium), when these custodians are placed on hold, the user and their selected data sources are automatically added to a custodian hold policy. To view the custodian hold policy: -1. In the Microsoft 365 compliance center, click eDiscovery > Advanced to display the list of cases in your organization. +1. In the Microsoft Purview compliance portal, click eDiscovery > Advanced to display the list of cases in your organization. -2. Go to the Sources tab to add custodians within your case. To learn how you can add and place custodians on hold within an Advanced eDiscovery case, see [Add Custodians to a case](add-custodians-to-case.md). If you have already added custodians and placed them on hold, go to step 3. +2. Go to the Sources tab to add custodians within your case. To learn how you can add and place custodians on hold within an eDiscovery (Premium) case, see [Add Custodians to a case](add-custodians-to-case.md). If you have already added custodians and placed them on hold, go to step 3. 3. Go to the Holds tab and click CustodianHold\<HoldId>. When you create a hold, you have the following options to scope the content that - You can specify a date range to hold only the content that was sent, received, or created within that date range. Alternatively, you can hold all content regardless of when it was sent, received, or created. -To create a non-custodial hold for an Advanced eDiscovery case: +To create a non-custodial hold for an eDiscovery (Premium) case: -1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, click eDiscovery > Advanced to display the list of cases in your organization. +1. In the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>, click eDiscovery > Advanced to display the list of cases in your organization. 2. Click Open next to the case that you want to create the holds in. Keep the following things in mind about hold statistics: ## Place a hold on Microsoft Teams and Office 365 Groups -Microsoft Teams is built on Office 365 Groups. Therefore, placing them on hold in Advanced eDiscovery is similar. +Microsoft Teams is built on Office 365 Groups. Therefore, placing them on hold in eDiscovery (Premium) is similar. - How do I map an additional Microsoft 365 Groups or Microsoft Teams site to a custodian? And what about placing a non-Custodial hold on Microsoft 365 Groups and Microsoft Teams? Microsoft Teams is built on Microsoft 365 Groups. Therefore, placing them on hold in an eDiscovery case is similar. Keep the following things in mind when placing Microsoft 365 Groups and Microsoft Teams on hold. Microsoft Teams is built on Office 365 Groups. Therefore, placing them on hold i > [!NOTE] > To run the Get-UnifiedGroup cmdlet, you have to be assigned the View-Only Recipients role in Exchange Online or be a member of a role group that's assigned the View-Only Recipients role. - - When a user's mailbox is searched, any Microsoft 365 Group or Microsoft Team that the user is a member of won't be searched. Similarly, when you place a Microsoft 365 Group or Microsoft Team hold, only the group mailbox and group site are placed on hold; the mailboxes and OneDrive for Business sites of group members aren't placed on hold unless you explicitly add them as custodians or place their data sources hold. Therefore, if you the need to place a Microsoft 365 Group or Microsoft Team on hold for a specific custodian, consider mapping the group site and group mailbox to the custodian (See Managing Custodians in Advanced eDiscovery). If the Microsoft 365 Group or Microsoft Team is not attributable to a single custodian, consider adding the source to a non-custodial hold. + - When a user's mailbox is searched, any Microsoft 365 Group or Microsoft Team that the user is a member of won't be searched. Similarly, when you place a Microsoft 365 Group or Microsoft Team hold, only the group mailbox and group site are placed on hold; the mailboxes and OneDrive for Business sites of group members aren't placed on hold unless you explicitly add them as custodians or place their data sources hold. Therefore, if you the need to place a Microsoft 365 Group or Microsoft Team on hold for a specific custodian, consider mapping the group site and group mailbox to the custodian (See Managing Custodians in eDiscovery (Premium)). If the Microsoft 365 Group or Microsoft Team is not attributable to a single custodian, consider adding the source to a non-custodial hold. - To get a list of the members of a Microsoft 365 Group or Microsoft Team, you can view the properties on the Home > [Groups](https://go.microsoft.com/fwlink/p/?linkid=2052855) page in the Microsoft 365 admin center. Alternatively, you can run the following command in Exchange Online PowerShell: ```powershell
compliance	Managing Jobs Ediscovery20	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-jobs-ediscovery20.md	Title: "Manage jobs in Advanced eDiscovery" + Title: "Manage jobs in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Advanced eDiscovery jobs help you track the status of long-running processes related to performing various Advanced eDiscovery tasks." +description: "eDiscovery (Premium) jobs help you track the status of long-running processes related to performing various eDiscovery (Premium) tasks." -# Manage jobs in Advanced eDiscovery +# Manage jobs in eDiscovery (Premium) -Here's a list of the jobs (which are typically long-running processes) that are tracked on the Jobs tab of a case in Advanced eDiscovery. These jobs are triggered by user actions when using and managing cases. +Here's a list of the jobs (which are typically long-running processes) that are tracked on the Jobs tab of a case in Microsoft Purview eDiscovery (Premium). These jobs are triggered by user actions when using and managing cases. -\|Job type\|Description\| -\|\|\| -\|Adding data to a review set\|A user adds a collection to a review set. This job consists of two sub jobs: <ul><li>Export - A list of items in the collection is generated.</li><li>Ingestion & Indexing - The items in the collection that match the search query are copied to an Azure Storage location (in a process called ingestion) and then those items in the Azure Storage location are reindexed. This new index is used when querying and analyzing items in the data set.</li></ul> </br></br> For more information, see [Add search results to a review set](add-data-to-review-set.md).\| -\|Adding data to another review set\|A user adds documents from one review set to a different review set in the same case. For more information, see [Add data to a review set from another review set](add-data-to-review-set-from-another-review-set.md).\| -\|Adding non-Microsoft 365 data to a review set\|A user uploads non-Microsoft 365 data to a review set. The data is also indexed during this process. For example, files from an on-premises file server or a client computer are uploaded to a review set. For more information, see [Load non-Microsoft 365 data into a review set](load-non-office-365-data-into-a-review-set.md).\| -\|Adding remediated data to a review set\|Data with processing errors is remediated and loaded back into a review set. For more information, see: <ul><li>[Error remediation when processing data](error-remediation-when-processing-data-in-advanced-ediscovery.md)</li><li>[Single item error remediation](single-item-error-remediation.md)</li></ul>\| -\|Comparing load sets\|A user looks at the differences between different load sets in a review set. A load set is an instance of adding data to a review set. For example, if you add the results of two different searches to the same review set, each would represent a load set.\| -\|Conversation reconstruction\|When a user adds the results of a search to a conversation review set, instant message conversations (also called threaded conversations) in services like Microsoft Teams are reconstructed in a PDF file. This job is also triggered when a user clicks Action > Create conversation PDFs in a review set. For more information, see [Review conversations in Advanced eDiscovery](conversation-review-sets.md). -\|Converting redacted documents to PDF\|After a user annotates a document in a review set and redacts a portion of it, they can choose to convert the redacted document to a PDF file. This ensures that the redacted portion will not be visible if the document is exported for presentation. For more information, see [View documents in a review set](view-documents-in-review-set.md).\| -\|Estimating search results\|After a user creates and runs or reruns a draft collection, the search tool searches the index for items that match the search query and prepares an estimate that includes the number and total size of all items by the search, and the number of data sources searched. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md).\| -\|Preparing data for export\|A user exports documents from a review set. When the export process is complete, they can download the exported data to a local computer. For more information, see [Export case data](exporting-data-ediscover20.md).\| -\|Preparing for error resolution\|When a user selects a file and creates a new error remediation in the Error view on the Processing tab of a case, the first step in the process is to upload the file that has the processing error to an Azure Storage location in the Microsoft cloud. This job tracks the progress of the upload process. For more information about the error remediation workflow, see [Error remediation when processing data](error-remediation-when-processing-data-in-advanced-ediscovery.md).\| -\|Preparing search preview\|After a user creates and runs a new draft collection (or reruns an existing draft collection), the search tool prepares a sample subset of items (that match the search query) that can be previewed. Previewing search results help you determine the effectiveness of the search. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md#view-search-results-and-statistics).\| -\|Re-indexing custodian data\|When you add a custodian to a case, all partially indexed items in the custodian's selected data sources are reindexed by a process called Advanced indexing. This job is also triggered when you click Update index on the Processing tab of a case, and when you update the index for a specific custodian on the custodian properties flyout page. For more information, see [Advanced indexing of custodian data](indexing-custodian-data.md). -\|Running analytics\|A user analyzes data in a review set by running Advanced eDiscovery analytics tools such as near duplicate detection, email threading analysis, and themes analysis. For more information, see [Analyze data in a review set](analyzing-data-in-review-set.md).\| -\|Tagging documents\|This job is triggered when a user clicks Start tagging job in the Tagging panel when reviewing documents in a review set. A user can start this job after tagging documents in a review set and then bulk-selecting them in the view document panel. For more information, see [Tag documents in a review set](tagging-documents.md).\| +\| Job type \| Description \| +\| :-- \| :- \| +\|Adding data to a review set \| A user adds a collection to a review set. This job consists of two sub jobs: </br>ΓÇó Export - A list of items in the collection is generated. </br>ΓÇó Ingestion & Indexing - The items in the collection that match the search query are copied to an Azure Storage location (in a process called ingestion) and then those items in the Azure Storage location are reindexed. This new index is used when querying and analyzing items in the data set. </br></br>For more information, see [Add search results to a review set](add-data-to-review-set.md). \| +\|Adding data to another review set \| A user adds documents from one review set to a different review set in the same case. For more information, see [Add data to a review set from another review set](add-data-to-review-set-from-another-review-set.md).\| +\|Adding non-Microsoft 365 data to a review set \| A user uploads non-Microsoft 365 data to a review set. The data is also indexed during this process. For example, files from an on-premises file server or a client computer are uploaded to a review set. For more information, see [Load non-Microsoft 365 data into a review set](load-non-office-365-data-into-a-review-set.md).\| +\|Adding remediated data to a review set \| Data with processing errors is remediated and loaded back into a review set. For more information, see:</br>ΓÇó [Error remediation when processing data](error-remediation-when-processing-data-in-advanced-ediscovery.md)</br>ΓÇó [Single item error remediation](single-item-error-remediation.md)\| +\|Comparing load sets \| A user looks at the differences between different load sets in a review set. A load set is an instance of adding data to a review set. For example, if you add the results of two different searches to the same review set, each would represent a load set. \| +\|Conversation reconstruction\|When a user adds the results of a search to a conversation review set, instant message conversations (also called threaded conversations) in services like Microsoft Teams are reconstructed in a PDF file. This job is also triggered when a user clicks Action > Create conversation PDFs in a review set. For more information, see [Review conversations in eDiscovery (Premium)](conversation-review-sets.md). +\|Converting redacted documents to PDF\|After a user annotates a document in a review set and redacts a portion of it, they can choose to convert the redacted document to a PDF file. This ensures that the redacted portion will not be visible if the document is exported for presentation. For more information, see [View documents in a review set](view-documents-in-review-set.md). \| +\|Estimating search results \| After a user creates and runs or reruns a draft collection, the search tool searches the index for items that match the search query and prepares an estimate that includes the number and total size of all items by the search, and the number of data sources searched. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md). \| +\|Preparing data for export \| A user exports documents from a review set. When the export process is complete, they can download the exported data to a local computer. For more information, see [Export case data](exporting-data-ediscover20.md). \| +\|Preparing for error resolution \|When a user selects a file and creates a new error remediation in the Error view on the Processing tab of a case, the first step in the process is to upload the file that has the processing error to an Azure Storage location in the Microsoft cloud. This job tracks the progress of the upload process. For more information about the error remediation workflow, see [Error remediation when processing data](error-remediation-when-processing-data-in-advanced-ediscovery.md). \| +\|Preparing search preview \| After a user creates and runs a new draft collection (or reruns an existing draft collection), the search tool prepares a sample subset of items (that match the search query) that can be previewed. Previewing search results help you determine the effectiveness of the search. For more information, see [Collect data for a case](collecting-data-for-ediscovery.md#view-search-results-and-statistics). \| +\|Re-indexing custodian data \| When you add a custodian to a case, all partially indexed items in the custodian's selected data sources are reindexed by a process called Advanced indexing. This job is also triggered when you click Update index on the Processing tab of a case, and when you update the index for a specific custodian on the custodian properties flyout page. For more information, see [Advanced indexing of custodian data](indexing-custodian-data.md). +\|Running analytics \| A user analyzes data in a review set by running eDiscovery (Premium) analytics tools such as near duplicate detection, email threading analysis, and themes analysis. For more information, see [Analyze data in a review set](analyzing-data-in-review-set.md). \| +\|Tagging documents \| This job is triggered when a user clicks Start tagging job in the Tagging panel when reviewing documents in a review set. A user can start this job after tagging documents in a review set and then bulk-selecting them in the view document panel. For more information, see [Tag documents in a review set](tagging-documents.md). \| +\|\|\| ## Job status
compliance	Managing Review Sets	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-review-sets.md	Title: "Manage review sets in Advanced eDiscovery" + Title: "Manage review sets in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: Learn how to manage review sets so you can analyze, query, view, tag, and export data in an Advanced eDiscovery case. +description: Learn how to manage review sets so you can analyze, query, view, tag, and export data in an eDiscovery (Premium) case. -# Manage review sets in Advanced eDiscovery +# Manage review sets in eDiscovery (Premium) Review sets are a static set of documents where you can analyze, query, view, tag, and export data in a case. For more information about performing these tasks, see: On the Add review set flyout page, type a name for the review set and then c ![New review set listed on Review set tab.](../media/AeDnewreviewset.png) -There are three different ways to add data to a review set in an Advanced eDiscovery case. +There are three different ways to add data to a review set in an eDiscovery (Premium) case. ![Three ways to add to a review sets.](../media/1f1f4efd-c03b-4255-bc3d-df358e56549c.png) There are three different ways to add data to a review set in an Advanced eDisco 3. [Add data to a review set from another review set](add-data-to-review-set-from-another-review-set.md) > [!NOTE] -> You can't delete items from a review set and you can't delete review sets from a case. To delete a review set (and delete the data in it), you have to delete the Advanced eDiscovery case the review set is located in. For more information, see [Close or delete an Advanced eDiscovery case](close-or-delete-case.md). +> You can't delete items from a review set and you can't delete review sets from a case. To delete a review set (and delete the data in it), you have to delete the eDiscovery (Premium) case the review set is located in. For more information, see [Close or delete an eDiscovery (Premium) case](close-or-delete-case.md).
compliance	Microsoft 365 Compliance Center Permissions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center-permissions.md	Title: "Permissions in the Microsoft 365 compliance center" + Title: "Permissions in the Microsoft Purview compliance portal" f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium -description: Learn about managing permissions in the Microsoft 365 compliance center. +description: Learn about managing permissions in the Microsoft Purview compliance portal. - admindeeplinkCOMPLIANCE - admindeeplinkEXCHANGE -# Permissions in the Microsoft 365 compliance center +# Permissions in the Microsoft Purview compliance portal -The Microsoft 365 compliance center has been recently updated and now supports directly managing permissions for users who perform compliance tasks in Microsoft 365. This update means you'll no longer have to use the Office 365 Security & Compliance Center to manage permissions for compliance solutions. Using the new Permissions page in the Microsoft 365 compliance center, you can manage permissions to users for compliance tasks in features like device management, data loss prevention, eDiscovery, insider risk management, retention, and many others. Users can perform only the compliance tasks that you explicitly grant them access to. -To view the Permissions tab in the Microsoft 365 compliance center, users need to be a global administrator or need to be assigned the Role Management role (a role is assigned only to the Organization Management role group). The Role Management role allows users to view, create, and modify role groups. +The Microsoft Purview compliance portal supports directly managing permissions for users who perform compliance tasks in Microsoft 365. This update means you'll no longer have to use the Office 365 Security & Compliance Center to manage permissions for compliance solutions. Using the new Permissions page in the compliance portal, you can manage permissions to users for compliance tasks in features like device management, Microsoft Purview Data Loss Prevention, eDiscovery, insider risk management, retention, and many others. Users can perform only the compliance tasks that you explicitly grant them access to. -![Permissions page in Microsoft 365 compliance center.](../media/m365-compliance-center-permissions.png) +To view the Permissions tab in the compliance portal, users need to be a global administrator or need to be assigned the Role Management role (a role is assigned only to the Organization Management role group). The Role Management role allows users to view, create, and modify role groups. -Permissions in the Microsoft 365 compliance center are based on the role-based access control (RBAC) permissions model. RBAC is the same permissions model that's used by most Microsoft 365 services, so if you're familiar with the permission structure in these services, granting permissions in the Microsoft 365 compliance center will be familiar. It's important to remember that the permissions managed in the Microsoft 365 compliance center don't cover the management of all the permissions needed in each individual service. You'll still need to manage certain service-specific permissions in the admin center for the specific service. For example, if you need to assign permissions for archiving, auditing, and MRM retention policies, you'll need to manage these permissions in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. +![Permissions page in Microsoft Purview compliance portal.](../media/m365-compliance-center-permissions.png) + +Permissions in the compliance portal are based on the role-based access control (RBAC) permissions model. RBAC is the same permissions model that's used by most Microsoft 365 services, so if you're familiar with the permission structure in these services, granting permissions in the compliance portal will be familiar. It's important to remember that the permissions managed in the compliance portal don't cover the management of all the permissions needed in each individual service. You'll still need to manage certain service-specific permissions in the admin center for the specific service. For example, if you need to assign permissions for archiving, auditing, and MRM retention policies, you'll need to manage these permissions in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. ## Relationship of members, roles, and role groups A role grants permissions to do a set of tasks; for example, the Case Management role lets users work with eDiscovery cases. -A role group is a set of roles that enable users do their jobs across compliance solutions the Microsoft 365 compliance center. For example, by adding users to the Insider Risk Management role group, designated administrators, analysts, investigators, and auditors are configured for the necessary insider risk management permissions in a single group. The Microsoft 365 compliance center includes default role groups for tasks and functions for each compliance solution that you'll need to assign people to. Generally, we recommend simply adding individual users as members to the default compliance role groups as needed. +A role group is a set of roles that enable users do their jobs across compliance solutions the compliance portal. For example, by adding users to the Insider Risk Management role group, designated administrators, analysts, investigators, and auditors are configured for the necessary insider risk management permissions in a single group. The compliance portal includes default role groups for tasks and functions for each compliance solution that you'll need to assign people to. Generally, we recommend simply adding individual users as members to the default compliance role groups as needed. ![Diagram showing relationship of role groups to roles and members.](../media/2a16d200-968c-4755-98ec-f1862d58cb8b.png) -## Permissions needed to use features in the Microsoft 365 compliance center +## Permissions needed to use features in the compliance portal -To view all of the default role groups that are available in the Microsoft 365 compliance center and the roles that are assigned to the role groups by default, see the [Permissions in the Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center). +To view all of the default role groups that are available in the compliance portal and the roles that are assigned to the role groups by default, see the [Permissions in the Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center). -Managing permissions in the Microsoft 365 compliance center only gives users access to the compliance features that are available within the Microsoft 365 compliance center. If you want to grant permissions to other features that aren't in the Microsoft 365 compliance center, such as Exchange mail flow rules (also known as transport rules), you'll need to use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. +Managing permissions in the compliance portal only gives users access to the compliance features that are available within the compliance portal. If you want to grant permissions to other features that aren't in the compliance portal, such as Exchange mail flow rules (also known as transport rules), you'll need to use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. -## Azure roles in the Microsoft 365 compliance center +## Azure roles in the compliance portal -The roles that appear in the Azure AD > Roles section of the Microsoft 365 compliance center Permissions page are Azure Active Directory roles. These roles are designed to align with job functions in your organization's IT group, making it easy to give a person all the permissions necessary to get their job done. You can view the users currently assigned to each role by selecting an Admin role and viewing the role panel details. To manage members of an Azure AD role, select Manage members in Azure AD. This choice redirects you to the Azure management portal. +The roles that appear in the Azure AD > Roles section of the compliance portal Permissions page are Azure Active Directory roles. These roles are designed to align with job functions in your organization's IT group, making it easy to give a person all the permissions necessary to get their job done. You can view the users currently assigned to each role by selecting an Admin role and viewing the role panel details. To manage members of an Azure AD role, select Manage members in Azure AD. This choice redirects you to the Azure management portal. \|Role\|Description\| \|:\|:-\| The roles that appear in the Azure AD > Roles section of the Microsoft 3 Complete the following steps to add users to a compliance role group: -1. Sign into the permissions area of the Microsoft 365 compliance center using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> to select the link to view and manage compliance roles in Microsoft 365. +1. Sign into the permissions area of the compliance portal using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> to select the link to view and manage compliance roles in Microsoft 365. 1. Expand the Compliance center section and select Roles. 1. On the Compliance center roles page, select a compliance role group you want to add users to, then select Edit role group on the details pane. 1. Select Choose members from the left navigation pane, then select Edit. Complete the following steps to add users to a compliance role group: Complete the following steps to remove users from a compliance role group: -1. Sign into the permissions area of the Microsoft 365 compliance center using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> to select the link to view and manage compliance roles in Microsoft 365. +1. Sign into the permissions area of the compliance portal using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a> to select the link to view and manage compliance roles in Microsoft 365. 1. Expand the Compliance center section and select Roles. 1. On the Compliance center roles page, select a compliance role group you want to remove users from, then select Edit role group on the details pane. 1. Select Choose members from the left navigation pane, then select Edit. Complete the following steps to remove users from a compliance role group: Complete the following steps to create a custom role group: -1. Sign into the permissions area of the Microsoft 365 compliance center using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. +1. Sign into the permissions area of the compliance portal using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. 1. On the Permissions & roles page, select Compliance center > Roles. 1. On the Compliance center roles page, select Create. 1. On the Name your role group page, enter a name for the custom role group in the Name field. The name of the role group cannot be changed after creation of the role group. If needed, enter a description for the custom role group in the Description field. Select Next to continue. Complete the following steps to create a custom role group: Complete the following steps to update a custom role group: -1. Sign into the permissions area of the Microsoft 365 compliance center using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. +1. Sign into the permissions area of the compliance portal using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. 1. On the Permissions & roles page, select Compliance center > Roles. 1. On the Compliance center roles page and select the role group to update. 1. On the details pane for the selected role group, select Edit role group. Complete the following steps to update a custom role group: Complete the following steps to update a custom role group: -1. Sign into the permissions area of the Microsoft 365 compliance center using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. +1. Sign into the permissions area of the compliance portal using credentials for an admin account in your Microsoft 365 organization, and go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2173597" target="_blank">Permissions</a>. 1. On the Permissions & roles page, select Compliance center > Roles. 1. On the Compliance center roles page and select the role group to update. 1. On the details pane for the selected role group, select Delete role group.
compliance	Microsoft 365 Compliance Center Redirection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center-redirection.md	Title: "Redirection of users from the Office 365 Security and Compliance center to the Microsoft 365 compliance center" + Title: "Redirection of users from the Office 365 Security and Compliance center to the Microsoft Purview compliance portal" f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium -description: Learn about automatic redirection of users from the Office 365 Security and Compliance center users to the Microsoft 365 compliance center. +description: Learn about automatic redirection of users from the Office 365 Security and Compliance center users to the Microsoft Purview compliance portal. -# Redirection of users from the Office 365 Security and Compliance center to the Microsoft 365 compliance center +# Redirection of users from the Office 365 Security and Compliance center to the Microsoft Purview compliance portal -This article explains how automatic redirection works for users accessing compliance solutions from the Office 365 Security and Compliance Center (protection.office.com) to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. + +This article explains how automatic redirection works for users accessing compliance solutions from the Office 365 Security and Compliance Center (protection.office.com) to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. ## What to expect Automatic redirection is enabled by default for all users accessing compliance-related solutions in Office 365 Security and Compliance (protection.office.com): -- [Advanced eDiscovery](overview-ediscovery-20.md) +- [eDiscovery (Premium)](overview-ediscovery-20.md) - [Communication compliance](communication-compliance.md) - [Content search](search-for-content.md)-- [Core eDiscovery](get-started-core-ediscovery.md) +- [eDiscovery (Standard)](get-started-core-ediscovery.md) - [Data classification](data-classification-overview.md)-- [Data loss prevention (DLP)](dlp-learn-about-dlp.md) +- [Microsoft Purview Data Loss Prevention (DLP)](dlp-learn-about-dlp.md) - [Data subject requests](/compliance/regulatory/gdpr-manage-gdpr-data-subject-requests-with-the-dsr-case-tool)-- [Information governance](manage-information-governance.md) +- [Information governance](manage-data-governance.md) - [Records management](records-management.md) -Users are automatically routed to the same compliance solutions in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +Users are automatically routed to the same compliance solutions in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">compliance portal</a>. This feature and associated controls does not enable the automatic redirection of Security features for Microsoft Defender for Office 365. To enable the redirection for security features, see [Redirecting accounts from Microsoft Defender for Office 365 to the Microsoft 365 Defender portal](/microsoft-365/security/defender/microsoft-365-security-mdo-redirection) for details. ## Related information -- [Microsoft 365 compliance center overview](/microsoft-365/compliance/microsoft-365-compliance-center) +- [Microsoft Purview compliance portal overview](/microsoft-365/compliance/microsoft-365-compliance-center)
compliance	Microsoft 365 Compliance Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-compliance-center.md	Title: "Microsoft 365 compliance center" + Title: "Microsoft Purview compliance portal" f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium -description: Learn about the Microsoft 365 compliance center, including what it contains, how to get it, and your next steps. +description: Learn about the Microsoft Purview compliance portal, including what it contains, how to get it, and your next steps. - admindeeplinkCOMPLIANCE - intro-overview -# Microsoft 365 compliance center +# Microsoft Purview compliance portal -If you're interested in your organization's compliance posture, you're going to love the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. The Microsoft 365 compliance center provides easy access to the data and tools you need to manage to your organization's compliance needs. -Read this article to get acquainted with the Microsoft 365 compliance center, [how to get it](#how-do-i-get-the-compliance-center), [frequently asked questions](#frequently-asked-questions), and your [next steps](#next-steps). +If you're interested in your organization's compliance posture, you're going to love the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. The Microsoft Purview compliance portal provides easy access to the data and tools you need to manage to your organization's compliance needs. -[![Microsoft 365 compliance center home page.](../media/m365-compliance-center-home.png)](https://compliance.microsoft.com) +Read this article to get acquainted with the compliance portal, [how to access it](#how-do-i-access-the-compliance-portal), and your [next steps](#next-steps). -## Welcome to Microsoft 365 compliance +[![Microsoft Purview compliance portal home page.](../media/m365-compliance-center-home.png)](https://compliance.microsoft.com) -When you go to your Microsoft 365 compliance center for the first time, you're greeted with the following welcome message: +## Welcome to Microsoft Purview -![Microsoft 365 compliance center intro.](../media/m365-compliance-center-welcome-steps.png) +When you go to the compliance portal for the first time, you're greeted with the following welcome message: + +![Microsoft Purview compliance portal intro.](../media/m365-compliance-center-welcome-steps.png) The welcome banner gives you some pointers on how to get started, with next steps, and an invitation for you to give us feedback. ## Card section -When you first visit the Microsoft 365 compliance center, the card section on the home page shows you at a glance how your organization is doing with data compliance, what solutions are available for your organization, and a summary of any active alerts. +When you first visit the compliance portal, the card section on the home page shows you at a glance how your organization is doing with data compliance, what solutions are available for your organization, and a summary of any active alerts. From here, you can: -- Review the Microsoft Compliance Manager card, which leads you to the [Compliance Manager](compliance-manager.md) solution. Compliance Manager helps simplify the way you manage compliance. It calculates a risk-based score measuring your progress toward completing recommended actions that help reduce risks around data protection and regulatory standards. It also provides workflow capabilities and built-in control mapping to help you efficiently carry out improvement actions. +- Review the Microsoft Purview Compliance Manager card, which leads you to the [Compliance Manager](compliance-manager.md) solution. Compliance Manager helps simplify the way you manage compliance. It calculates a risk-based score measuring your progress toward completing recommended actions that help reduce risks around data protection and regulatory standards. It also provides workflow capabilities and built-in control mapping to help you efficiently carry out improvement actions. - ![Compliance Manager card Microsoft 365 compliance center.](../media/m365-compliance-center-compliance-manager-card.png) + ![Compliance Manager card Microsoft Purview compliance portal.](../media/m365-compliance-center-compliance-manager-card.png) - Review the new Solution catalog card, which links to collections of [integrated solutions](microsoft-365-solution-catalog.md) you can use to help you manage end-to-end compliance scenarios. A solution's capabilities and tools might include a combination of policies, alerts, reports, and more. - ![Solution catalog card Microsoft 365 compliance center.](../media/m365-compliance-center-solution-catalog-card.png) + ![Solution catalog card Microsoft Purview compliance portal.](../media/m365-compliance-center-solution-catalog-card.png) - Review the Active alerts card, which includes a summary of the most [active alerts](alert-policies.md) and includes a link where you can view more detailed information, such as Severity, Status, Category, and more. - ![Active alerts card Microsoft 365 compliance center.](../media/m365-compliance-center-active-alerts-card.png) + ![Active alerts card Microsoft Purview compliance portal.](../media/m365-compliance-center-active-alerts-card.png) You can also use the Add cards feature to add additional cards, such as one showing your organization's cloud app compliance, and another showing data about users with shared files, with links to [Defender for Cloud Apps](/cloud-app-security/) or other tools where you can explore data. In addition to links in cards on the home page, you'll see a navigation pane on \|Navigation\|Comments\| \|\|\| -\|![Navigation in the Microsoft 365 compliance center.](../medi) <br> Automate and simplify the retention schedule for regulatory, legal and business-critical records in your organization.\| +\|![Navigation in the Microsoft Purview compliance portal.](../medi) <br> Manage retention and deletion of high-value items for business, legal, or regulatory record-keeping requirements.\| \| -## How do I get the compliance center? --- If you don't have the new Microsoft 365 compliance center already, you'll have it soon. The Microsoft 365 compliance center is generally available now to Microsoft 365 SKU customers.-- To visit the Microsoft 365 compliance center, as a global administrator, compliance administrator, or compliance data administrator go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in.- -## Frequently asked questions - -Why don't I see the new Microsoft 365 compliance center yet? - -First, make sure that you have the appropriate licenses and permissions. Then, sign in at <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. If you don't see the new compliance center yet, you'll have it soon. +## How do I access the compliance portal? -![More resources.](../media/m365-compliance-center-more-resources.png) +To access the compliance portal, go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in as a global administrator, compliance administrator, or compliance data administrator. ## Next steps -- Visit Microsoft Compliance Manager to see your compliance score and start managing compliance for your organization. To learn more, see [Compliance Manager](compliance-manager.md). +- Visit Microsoft Purview Compliance Manager to see your compliance score and start managing compliance for your organization. To learn more, see [Compliance Manager](compliance-manager.md). -- Configure insider risk management policies to help minimize internal risks and enable you to detect, investigate, and take action for risky activities in your organization. See [Insider risk management](insider-risk-management.md). +- Configure insider risk management policies to help minimize internal risks and enable you to detect, investigate, and take action for risky activities in your organization. See [Learn about insider risk management](insider-risk-management.md). - Review your organization's data loss prevention policies and make required changes as necessary. To learn more about, see [Learn about data loss prevention](dlp-learn-about-dlp.md). - Get acquainted with and set up Microsoft Defender for Cloud Apps. See [Quickstart: Get started with Microsoft Defender for Cloud Apps](/cloud-app-security/getting-started-with-cloud-app-security). -- Learn about and create communication compliance policies to quickly identify and remediate corporate code-of-conduct policy violations. See [Communication compliance in Microsoft 365](communication-compliance.md). +- Learn about and create communication compliance policies to quickly identify and remediate corporate code-of-conduct policy violations. See [Learn about communication compliance](communication-compliance.md). -- Visit your Microsoft 365 compliance center often, and make sure to review any alerts or potential risks that arise. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in. +- Visit your compliance portal often, and make sure to review any alerts or potential risks that arise. Go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in.
compliance	Microsoft 365 Solution Catalog	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/microsoft-365-solution-catalog.md	Title: "Microsoft 365 solution catalog" + Title: "Microsoft Purview solution catalog" f1.keywords: - NOCSH audience: ITPro ms.localizationpriority: medium -description: Learn about the Microsoft 365 solution catalog, including what it contains, how to get it, and your next steps. +description: Learn about the Microsoft Purview solution catalog, including what it contains, how to get it, and your next steps. -# Microsoft 365 solution catalog +# Microsoft Purview solution catalog -Are you looking for a way to quickly get started with compliance tasks in Microsoft 365? Check out the [Microsoft 365 solution catalog](https://compliance.microsoft.com/solutioncatalog) to discover, learn, and quickly get started with compliance and risk management solutions. + +Are you looking for a way to quickly get started with compliance tasks in Microsoft 365? Check out the [Microsoft Purview solution catalog](https://compliance.microsoft.com/solutioncatalog) to discover, learn, and quickly get started with compliance and risk management solutions. Compliance solutions in Microsoft 365 are collections of integrated capabilities you can use to help you manage end-to-end compliance scenarios. A solution's capabilities and tools might include a combination of policies, alerts, reports, and more. -Read this article to get acquainted with the new solution catalog in the Microsoft 365 compliance center, [how to get it](#how-do-i-get-this), [frequently asked questions](#frequently-asked-questions), and your [next steps](#next-steps). +Read this article to get acquainted with the new solution catalog in the Microsoft Purview compliance portal, [how to get it](#how-do-i-get-this) and your [next steps](#next-steps). ## Catalog organization The solution catalog is organized into sections that contain information cards for each compliance solution available in your Microsoft 365 subscription. Each section contains cards for solutions grouped by compliance area. -![Microsoft 365 solution catalog home page.](../media/m365-solution-catalog-home.png) +![Microsoft Purview solution catalog home page.](../media/m365-solution-catalog-home.png) When you select View for a solution card, you'll see detailed information about the compliance solution and how to get started. This information includes an overview, pre-configuration requirements, learning resources, controls that allow you to pin the card to the navigation pane, and an option to share the solution as a link, email, or Microsoft Teams message. -![Microsoft 365 communication compliance solution.](../media/m365-solution-catalog-communication-compliance.png) +![Communication compliance solution.](../media/m365-solution-catalog-communication-compliance.png) ## Information protection & governance section -The Information protection & governance section shows you at a glance how you can use Microsoft 365 compliance solutions to protect and govern data in your organization. +The Information protection & governance section shows you at a glance how you can use Microsoft Purview solutions to protect and govern data in your organization. -![Microsoft 365 solution catalog information protection and governance section.](../media/m365-solution-catalog-information-protection-governance.png) +![Microsoft Purview solution catalog information protection and governance section.](../media/m365-solution-catalog-information-protection-governance.png) From here, you'll see cards for the following solutions: -- [Data loss prevention](dlp-learn-about-dlp.md): Detects sensitive content as it's used and shared throughout your organization, in the cloud and on devices, and helps prevent accidental data loss.-- [Information governance](manage-information-governance.md): Manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don't. +- [Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md): Detects sensitive content as it's used and shared throughout your organization, in the cloud and on devices, and helps prevent accidental data loss. +- [Data Lifecycle Management](manage-data-governance.md): Manages your content lifecycle using solutions to import, store, and classify business-critical data so you can keep what you need and delete what you don't. - [Information protection](information-protection.md): Discovers, classifies, and protects sensitive and business-critical content throughout its lifecycle across your organization. - [Records management](records-management.md): Uses intelligent classification to automate and simplify the retention schedule for regulatory, legal, and business-critical records in your organization. From here, you'll see cards for the following solutions: The Insider risk management section on the home page shows you at a glance how your organization can identify, analyze, and take action on internal risks before they cause harm. -![Microsoft 365 solution catalog insider risk management section.](../media/m365-solution-catalog-insider-risk-management.png) +![Microsoft Purview solution catalog insider risk management section.](../media/m365-solution-catalog-insider-risk-management.png) From here, you'll see cards for the following solutions: From here, you'll see cards for the following solutions: The Discovery & response section on the home page shows you at a glance how your organization can quickly find, investigate, and respond to compliance issues with relevant data. -![Microsoft 365 solution catalog discovery and response section.](../media/m365-solution-catalog-discovery-response.png) +![Microsoft Purview solution catalog discovery and response section.](../media/m365-solution-catalog-discovery-response.png) From here, you'll see cards for the following solutions: - [Audit](search-the-audit-log-in-security-and-compliance.md): Records user and admin activity from your organization so you can search the audit log and investigate a comprehensive list of activities across all locations and services. - [Data subject requests](/compliance/regulatory/gdpr-manage-gdpr-data-subject-requests-with-the-dsr-case-tool): Finds and exports a user's personal data to help you respond to data subject requests for GDPR. - [eDiscovery](manage-legal-investigations.md) - - [Core eDiscovery](./get-started-core-ediscovery.md): Searches across content locations to identify, preserve, and export data in response to legal discovery requests and eDiscovery cases. - - [Advanced eDiscovery](overview-ediscovery-20.md): Builds on eDiscovery capabilities by providing intelligent analytics and machine learning to help you further analyze data that's relevant to discovery requests. + - [eDiscovery (Standard)](./get-started-core-ediscovery.md): Searches across content locations to identify, preserve, and export data in response to legal discovery requests and eDiscovery cases. + - [eDiscovery (Premium)](overview-ediscovery-20.md): Builds on eDiscovery capabilities by providing intelligent analytics and machine learning to help you further analyze data that's relevant to discovery requests. ## How do I get this? -To visit the Microsoft 365 solution catalog, go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in as a global administrator, compliance administrator, or compliance data administrator. Select Catalog in the navigation pane on the left side of the screen to open the catalog home page. - -## Frequently asked questions - -Why don't I see the Microsoft 365 solution catalog? - -First, make sure that you have the appropriate licenses and permissions. Then, sign in at [https://compliance.microsoft.com](https://compliance.microsoft.com) as a global administrator, compliance administrator, or compliance data administrator. +To visit the Microsoft Purview solution catalog, go to [https://compliance.microsoft.com](https://compliance.microsoft.com) and sign in as a global administrator, compliance administrator, or compliance data administrator. Select Catalog in the navigation pane on the left side of the screen to open the catalog home page. ## Next steps -- Visit Microsoft Compliance Manager, which helps you understand your organization's state of compliance with key standards and regulations. It provides recommended actions you can take to strengthen your overall compliance posture, and provides workflow capabilities to help you efficiently carry out those actions. To learn more, see [Compliance Manager](compliance-manager.md). +- Visit Microsoft Purview Compliance Manager, which helps you understand your organization's state of compliance with key standards and regulations. It provides recommended actions you can take to strengthen your overall compliance posture, and provides workflow capabilities to help you efficiently carry out those actions. To learn more, see [Compliance Manager](compliance-manager.md). -- Configure insider risk management policies to help minimize internal risks and enable you to detect, investigate, and take action for risky activities in your organization. See [Insider risk management](insider-risk-management.md). +- Configure insider risk management policies to help minimize internal risks and enable you to detect, investigate, and take action for risky activities in your organization. See [Learn about insider risk management](insider-risk-management.md). - Learn about and create Communication compliance policies to quickly identify and remediate corporate code-of-conduct policy violations. See [Communication compliance](communication-compliance.md). -- Microsoft Information Protection, learn how Microsoft 365 solutions help you discover, classify, and protect sensitive information wherever it lives or travels. +- Microsoft Purview Information Protection, learn how Microsoft Purview solutions help you discover, classify, and protect sensitive information wherever it lives or travels. - Get acquainted with and set up Microsoft Defender for Cloud Apps. See [Quickstart: Get started with Microsoft Defender for Cloud Apps](/cloud-app-security/getting-started-with-cloud-app-security). - Get started with classifiers. Classifying content and then labeling it so it can be protected and handled properly is the starting place for the information protection discipline. See [Learn about trainable classifiers (preview)](classifier-learn-about.md). -- Visit your Microsoft 365 solution catalog often, and make sure to review new solutions to help you with your compliance needs. Sign in at [https://compliance.microsoft.com](https://compliance.microsoft.com) and then select Catalog in the left navigation pane. +- Visit your Microsoft Purview solution catalog often, and make sure to review new solutions to help you with your compliance needs. Sign in at [https://compliance.microsoft.com](https://compliance.microsoft.com) and then select Catalog in the left navigation pane.
compliance	Migrate Aad Classification Sensitivity Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/migrate-aad-classification-sensitivity-labels.md	Title: Azure Active Directory classification and sensitivity labels for Microsoft 365 groups + Title: AAD classification and sensitivity labels for Microsoft 365 groups description: "This article discusses classic Azure Active Directory classificati # Azure Active Directory classification and sensitivity labels for Microsoft 365 groups + This article discusses classic Azure Active Directory classification and sensitivity labels. Sensitivity labels are supported by [these services](./sensitivity-labels-teams-groups-sites.md). See the following scenarios for best practices when migrating from classic AAD c ## Scenario 1: Tenant never used classic AAD classifications or sensitivity labels for documents and emails - Tenant Admin enables sensitivity labels for groups by setting the tenant flag ΓÇ£EnableMIPLabelsΓÇ¥ to true via AAD powershell cmdlet.-- Tenant Admin creates the sensitivity labels in the [Microsoft 365 compliance center](https://compliance.microsoft.com). +- Tenant Admin creates the sensitivity labels in the [Microsoft Purview compliance portal](https://compliance.microsoft.com). - Tenant admin can choose file and email-related actions like encryption and watermarking. - Tenant admin can choose Microsoft 365 Groups and SharePoint Online site-related actions to the sensitivity labels. - Tenant Admin publishes the policy. Table 1. Behavior of compatible and non-compatible workloads ΓÇô create, edit, o ### Case A: Tenant never used sensitivity labels for documents and emails -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), we recommend creating sensitivity labels with same name as the existing classic Azure AD labels. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), we recommend creating sensitivity labels with same name as the existing classic Azure AD labels. 2. Use the PowerShell cmdlet to apply these sensitivity labels to existing Microsoft 365 groups and SharePoint sites using name mapping. 3. Admin can choose to delete the classic Azure AD labels: - Compatible workloads show these sensitivity labels and groups get created with them. Table 2. Behavior of compatible and non-compatible workloads ΓÇô create, edit, o 1. As soon as admin enables sensitivity label feature on the tenant by setting the tenant flag ΓÇÿEnableMIPLabelsΓÇÖ to true, the document and email sensitivity labels in group/site/team create and edit dialog boxes appear. 2. An admin can use the same document and email sensitivity labels to enforce privacy and external user access on the group/site/team by specifying related group settings: - 1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com), select the Sites and Groups tab. + 1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), select the Sites and Groups tab. 2. Edit a document or email sensitivity label. ## Sample script -For a sample script to migrate groups with classic AAD labels to sensitivity labels, see [Classic Azure AD group classification](./sensitivity-labels-teams-groups-sites.md#classic-azure-ad-group-classification). +For a sample script to migrate groups with classic AAD labels to sensitivity labels, see [Classic Azure AD group classification](./sensitivity-labels-teams-groups-sites.md#classic-azure-ad-group-classification).
compliance	Migrate Legacy Ediscovery Searches And Holds	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/migrate-legacy-eDiscovery-searches-and-holds.md	Title: "Migrate legacy eDiscovery searches and holds to the Microsoft 365 compliance center" + Title: "Migrate legacy eDiscovery searches and holds to the Microsoft Purview compliance portal" f1.keywords: - NOCSH description: -# Migrate legacy eDiscovery searches and holds to the Microsoft 365 compliance center +# Migrate legacy eDiscovery searches and holds to the compliance portal -The Microsoft 365 compliance center provides an improved experience for eDiscovery usage, including: higher reliability, better performance, and many features tailored to eDiscovery workflows including cases to organize your content by matter, review sets to review content and analytics to help cull data for review such as near-duplicate grouping, email threading, themes analysis, and predictive coding. +The Microsoft Purview compliance portal provides an improved experience for eDiscovery usage, including: higher reliability, better performance, and many features tailored to eDiscovery workflows including cases to organize your content by matter, review sets to review content and analytics to help cull data for review such as near-duplicate grouping, email threading, themes analysis, and predictive coding. -To help customers take advantage of the new and improved functionality, this article provides basic guidance on how to migrate In-Place eDiscovery searches and holds from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> to the Microsoft 365 compliance center. +To help customers take advantage of the new and improved functionality, this article provides basic guidance on how to migrate In-Place eDiscovery searches and holds from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> to the compliance portal. > [!NOTE] -> Because there are many different scenarios, this article provides general guidance to transition searches and holds to a core eDiscovery case in the Microsoft 365 compliance center. Using eDiscovery cases aren't always required, but they add an extra layer of security by letting you assign permissions to control who has access to the eDiscovery cases in your organization. +> Because there are many different scenarios, this article provides general guidance to transition searches and holds to a eDiscovery (Standard) case in the compliance portal. Using eDiscovery cases aren't always required, but they add an extra layer of security by letting you assign permissions to control who has access to the eDiscovery cases in your organization. ## Before you begin -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center to run the PowerShell commands described in this article. You also have to be a member of the Discovery Management role group in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. +- You have to be a member of the eDiscovery Manager role group in the compliance portal to run the PowerShell commands described in this article. You also have to be a member of the Discovery Management role group in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. - This article provides guidance on how to create an eDiscovery hold. The hold policy will be applied to mailboxes through an asynchronous process. When creating an eDiscovery hold, you must create both a CaseHoldPolicy and CaseHoldRule, otherwise the hold will not be created and content locations will not be placed on hold. The output of these two commands will be similar to the following: > [!NOTE] > The duration of the In-Place Hold in this example is indefinite (ItemHoldPeriod: Unlimited). This is typical for eDiscovery and legal investigation scenarios. If the hold duration has is different value than indefinite, the reason is likely because the hold is being used to retain content in a retention scenario. Instead of using the eDiscovery cmdlets in Security & Compliance Center PowerShell for retention scenarios, we recommend that you use [New-RetentionCompliancePolicy](/powershell/module/exchange/new-retentioncompliancepolicy) and [New-RetentionComplianceRule](/powershell/module/exchange/new-retentioncompliancerule) to retain content. The result of using these cmdlets will be similar to using New-CaseHoldPolicy and New-CaseHoldRule, but you'll able to specify a retention period and a retention action, such as deleting content after the retention period expires. Also, using the retention cmdlets don't require you to associate the retention holds with an eDiscovery case. -## Step 4: Create a case in the Microsoft 365 Compliance center +## Step 4: Create a case in the Microsoft Purview compliance portal To create an eDiscovery hold, you have to create an eDiscovery case to associate the hold with. The following example creates an eDiscovery case using a name of your choice. We will store the properties of the new case in a variable for use later. You can view those properties by running the `$case \| FL` command after you create the case. New-ComplianceSearch -Name $search.Name -ExchangeLocation $search.SourceMailboxe ![PowerShell New-ComplianceSearch example.](../media/MigrateLegacyeDiscovery6.png) -## Step 8: Verify the case, hold, and search in the Microsoft 365 compliance center +## Step 8: Verify the case, hold, and search in the compliance portal -To make sure that everything is set up correctly, go to the Microsoft 365 compliance center at [https://compliance.microsoft.com](https://compliance.microsoft.com), and click eDiscovery > Core. +To make sure that everything is set up correctly, go to the compliance portal at [https://compliance.microsoft.com](https://compliance.microsoft.com), and click eDiscovery > Core. -![Microsoft 365 Compliance Center eDiscovery.](../media/MigrateLegacyeDiscovery7.png) +![Microsoft Purview compliance portal eDiscovery.](../media/MigrateLegacyeDiscovery7.png) -The case that you created in Step 3 is listed on the Core eDiscovery page. Open the case and then notice the hold that you created in Step 4 in listed on the Hold tab. You can select the hold to see details on the flyout page, including the number of mailboxes the hold is applied to and the distribution status. +The case that you created in Step 3 is listed on the eDiscovery (Standard) page. Open the case and then notice the hold that you created in Step 4 in listed on the Hold tab. You can select the hold to see details on the flyout page, including the number of mailboxes the hold is applied to and the distribution status. -![eDiscovery holds in the Microsoft 365 compliance center.](../media/MigrateLegacyeDiscovery8.png) +![eDiscovery holds in the compliance portal.](../media/MigrateLegacyeDiscovery8.png) The search that you created in Step 7 is listed on the Searches tab of the case. -![eDiscovery case search in the Microsoft 365 compliance center.](../media/MigrateLegacyeDiscovery9.png) +![eDiscovery case search in the compliance portal.](../media/MigrateLegacyeDiscovery9.png) -If you migrate an In-Place eDiscovery search but don't associate it with an eDiscovery case, it will be listed on the Content search page in the Microsoft 365 compliance center. +If you migrate an In-Place eDiscovery search but don't associate it with an eDiscovery case, it will be listed on the Content search page in the compliance portal. ## More information If you migrate an In-Place eDiscovery search but don't associate it with an eDis - [Start-ComplianceSearch](/powershell/module/exchange/start-compliancesearch) -- For more information about the Microsoft 365 compliance center, see [Overview of the Microsoft 365 compliance center](microsoft-365-compliance-center.md). +- For more information about the compliance portal, see [Overview of the Microsoft Purview compliance portal](microsoft-365-compliance-center.md).
compliance	Mip Dbcs Relnotes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mip-dbcs-relnotes.md	Title: "Microsoft 365 compliance support for double byte character set release notes" + Title: "Microsoft Purview support for double byte character set release notes" description: "Release notes for support for double byte character sets." # Support for double byte character set release notes + Microsoft 365 Information Protection now supports double byte character set languages for: - Chinese (simplified) description: "Release notes for support for double byte character sets." - Korean - Japanese -This support is available for sensitive information types and keyword dictionaries and will be reflected in data loss prevention (for Exchange Online, SharePoint Online, OneDrive for Business, and Teams), Communications Compliance, Auto Labeling in office apps and Microsoft Defender for Cloud Apps. +This support is available for sensitive information types and keyword dictionaries and will be reflected in Microsoft Purview Data Loss Prevention (for Exchange Online, SharePoint Online, OneDrive for Business, and Teams), Communications Compliance, Auto Labelling in office apps and Microsoft Defender for Cloud Apps. ## Known issues
compliance	Mip Easy Trials	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mip-easy-trials.md	Title: "Learn about the default labels and policies for Microsoft Information Protection" + Title: "Learn about the default labels and policies to protect your data" f1.keywords: - CSH audience: Admin ms.localizationpriority: high -description: Learn about the default labels and policies for Microsoft Information Protection (MIP) to classify and protect sensitive content. +description: Learn about the default labels and policies for Microsoft Purview Information Protection to classify and protect sensitive content. -# Default labels and policies for Microsoft Information Protection +# Default labels and policies to protect your data + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Eligible customers can activate default labels and policies for Microsoft Information Protection (MIP): +Eligible customers can activate default labels and policies for Microsoft Purview Information Protection: - Sensitivity labels and a sensitivity label policy - Client-side auto-labeling - Service-side auto-labeling - Data loss prevention (DLP) policies for Teams and devices -These default configurations help you get up and running quickly with Microsoft Information Protection from Microsoft 365 Compliance. You can use them as-is, make just a few changes, or fully customize them to better suit your business requirements. +These default configurations help you get up and running quickly with Microsoft Purview Information Protection for Microsoft 365. You can use them as-is, make just a few changes, or fully customize them to better suit your business requirements. -Eligibility includes customers who have a [free trial for Microsoft 365 Compliance](compliance-easy-trials.md) and some customers who already have a Microsoft 365 E5 plan: +Eligibility includes customers who have a [free trial for Microsoft Purview](compliance-easy-trials.md) and some customers who already have a Microsoft 365 E5 plan: -- New customers: If you've had Microsoft 365 Compliance for less than 30 days, your tenant can activate all the listed default configurations. You can always disable, remove, or edit them. +- New customers: If you've had Microsoft Purview for less than 30 days, your tenant can activate all the listed default configurations. You can always disable, remove, or edit them. -- Existing customers: If you've had Microsoft 365 Compliance for more than 30 days, you can activate the default configurations if you haven't yet configured an equivalent: +- Existing customers: If you've had Microsoft Purview for more than 30 days, you can activate the default configurations if you haven't yet configured an equivalent: \| Default configuration\| Equivalent \| \|:--\|:--\| Eligibility includes customers who have a [free trial for Microsoft 365 Complian To get these preconfigured labels and policies: -1. From the [Microsoft 365 compliance center](https://compliance.microsoft.com/), select Solutions > Information protection +1. From the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), select Solutions > Information protection If you don't immediately see this option, first select Show all from the navigation pane. -2. If you are eligible for the Microsoft Information Protection default labels and policies, you'll see the following information, where you can activate the default labels and policies. For example: +2. If you are eligible for the Microsoft Purview Information Protection default labels and policies, you'll see the following information, where you can activate the default labels and policies. For example: - :::image type="content" alt-text="Microsoft Information Protection activation for preconfigured labels and policies." source="../media/mip-preconfigured.png" lightbox="../media/mip-preconfigured.png"::: + :::image type="content" alt-text="Microsoft Purview Information Protection activation for preconfigured labels and policies." source="../media/mip-preconfigured.png" lightbox="../media/mip-preconfigured.png"::: If you don't see this information displayed with the activation option, you're not currently eligible for the automatic creation of sensitivity labels and policies. You can try checking back later to see if this status has changed, or you can use the settings information that follows to manually create the same labels and policies. If you want to edit the DLP policy, see [Create, test, and tune a DLP policy](cr ## DLP for devices -The default DLP policy for devices detects the presence of credit card numbers on Windows 10 devices that have been onboarded into Microsoft 365 compliance. It then audits (does not block) the following actions: +The default DLP policy for devices detects the presence of credit card numbers on Windows 10 devices that have been onboarded into Microsoft Purview. It then audits (does not block) the following actions: - Upload to cloud service domains or access by unallowed browsers If you want to edit the DLP policy, see [Create, test, and tune a DLP policy](cr ## Additional resources -To learn more about sensitivity labels, data loss prevention, and all the capabilities available with Microsoft Information Protection, see the following resources: +To learn more about sensitivity labels, data loss prevention, and all the capabilities available with Microsoft Purview Information Protection, see the following resources: - [Learn about sensitivity labels](sensitivity-labels.md) - [Learn about data loss prevention](dlp-learn-about-dlp.md)-- [Microsoft Information Protection in Microsoft 365](information-protection.md) +- [Protect your data with Microsoft Purview](information-protection.md)
compliance	Named Entities Learn	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-learn.md	Title: "Learn about named entities (preview)" + Title: "Learn about named entities" f1.keywords: - CSH description: "Learn how named entities help you detect sensitive items containing names of people, physical addresses, and medical terms via data loss prevention policies" -# Learn about named entities (preview) +# Learn about named entities -> [!IMPORTANT] -> The named entities feature is rolling out and will appear in your tenant when it is available to you. Check for them in content explorer and in the data loss prevention (DLP) policy authoring flow. -Named entities are [sensitive information types](sensitive-information-type-learn-about.md) (SIT). They're complex dictionary and pattern-based classifiers that you can use to detect person names, physical addresses, and medical terms and conditions. You can see them in the Compliance Center > Data classification > Sensitive info types. Here is a partial list of where you can use SITs: +Named entities are [sensitive information types](sensitive-information-type-learn-about.md) (SIT). They're complex dictionary and pattern-based classifiers that you can use to detect person names, physical addresses, and medical terms and conditions. You can see them in the Microsoft Purview compliance portal > Data classification > Sensitive info types. Here is a partial list of where you can use SITs: -- [Data loss prevention policies (DLP)](dlp-learn-about-dlp.md) + +- [Microsoft Purview Data Loss Prevention policies (DLP)](dlp-learn-about-dlp.md) - [Sensitivity labels](sensitivity-labels.md) - [Insider risk management](insider-risk-management-solution-overview.md) - [Microsoft Defender for Cloud Apps](/cloud-app-security/what-is-cloud-app-security) +- [Microsoft Purview Information Protection](apply-sensitivity-label-automatically.md) +- [Data Lifecycle Management](information-governance.md) +- [Records management](records-management.md) +- [Microsoft Purview eDiscovery](ediscovery.md) +- [Microsoft Priva](/privacy/priv) +- [Exact data match sensitive information types](sit-learn-about-exact-data-match-based-sits.md) DLP makes special use of named entities in enhanced policy templates, which are pre-configured DLP policies that you can customize for your organizations needs. You can also [create your own DLP policies](create-test-tune-dlp-policy.md) from a [blank template](create-a-dlp-policy-from-a-template.md) and use a named entity SIT as a condition. Bundled named entity SITs detect all possible matches. Use them as broad criteri Unbundled named entity SITs have a narrower focus, like a single country. Use them when you need a DLP policy with a narrower detection scope. -Here are some examples of named entity SITs. You can find all 52 of them in the Compliance Center > Data classification > Sensitive info types. +Here are some examples of named entity SITs. You can find all of them in [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md). \|Named Entity \|Description \|Bundled/Unbundled \| \|\|\|\| \|All full names \|will detect all possible matches of full names \| bundled \| \|All physical addresses \|will detect all possible matches of physical addresses \| bundled \| \|All medical terms and conditions \|will detect all possible matches of medical terms and conditions \|bundled \| -\|Australia Physical Addresses \| Detects patterns related to physical addresses from Australia. \|unbundled \| -\|Blood Test Terms \|Detects terms related to blood tests, such as 'hCG'. English terms only. \|unbundled \| -\|Brand Medication Names \|Detects names of brand medication, such as 'Tylenol'. English terms only. \|unbundled \| +\|Australia Physical Addresses \| Detects patterns related to physical addresses from Australia. Included in All physical addresses SIT. \|unbundled \| +\|Blood Test Terms \|Detects terms related to blood tests, such as 'hCG'. English terms only. Included in All medical terms and conditions SIT \|unbundled \| +\|Brand Medication Names \|Detects names of brand medication, such as 'Tylenol'. English terms only. Included in All medical terms and conditions. \|unbundled \| ## Examples of enhanced DLP policies -Here are some examples of enhanced DLP policies that use named entity SITs. You can find all 10 of them in the Compliance Center > Data loss prevention > Create policy. Enhanced templates can be used in DLP and auto-labeling. +Here are some examples of enhanced DLP policies that use named entity SITs. You can find all 10 of them in the Microsoft Purview compliance portal > Data loss prevention > Create policy. Enhanced templates can be used in DLP and auto-labeling. \|Policy category \|Template \|Description \| \|\|\|\| Here are some examples of enhanced DLP policies that use named entity SITs. You ## Next steps -- [Use named entities in your data loss prevention policies (preview)](named-entities-use.md) +- [Use named entities in your data loss prevention policies](named-entities-use.md) ## For further information -<! [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)--> + +- [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) - [Learn about Sensitive information types](sensitive-information-type-learn-about.md) - [Create a custom sensitive information type](create-a-custom-sensitive-information-type.md) - [Create a custom sensitive information type in PowerShell](create-a-custom-sensitive-information-type-in-scc-powershell.md)
compliance	Named Entities Use	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-use.md	Title: "Use named entities in your data loss prevention policies (preview)" + Title: "Use named entities in DLP policies" f1.keywords: - CSH description: "Use these procedures to take advantage of named entities in your data loss prevention policies" -# Use named entities in your data loss prevention policies (preview) +# Use named entities in your data loss prevention policies -> [!IMPORTANT] -> The named entities feature is rolling out and will appear in your tenant when it is available to you. Check for them in content explorer and in the data loss prevention (DLP) policy authoring flow. -Read through [Learn about named entities (preview)](named-entities-learn.md) before you start to use them. +Read through [Learn about named entities](named-entities-learn.md) before you start to use them. ## Before you begin ### SKU/subscriptions licensing -You have to have one of these subscriptions --- Information Protection and Governance-- Microsoft 365 E5 Compliance-- Office 365 E5-- Microsoft 365 E5- For full licensing details see, [the service description](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#information-protection-data-classification-analytics-overview-content--activity-explorer). ### Permissions You can use named entity SITs and enhanced policies to detect and protect sensit - SharePoint sites - OneDrive accounts - Teams chat and channel messages-- Devices (Windows 10 endpoint devices) +- Devices (Windows 10, and 11 endpoint devices) +- Exchange mailboxes Named entity SITs and enhanced policies are not supported for: - - On-premises repositories - Power BI To create or edit a DLP policy, use the procedures in [Create, test, and tune a ## Workloads and services that support named entities --- Microsoft 3655 eDiscovery supports the use of named entities in Substrate services.-- Microsoft Defender for Cloud Apps supports the use of named entities in Defender for Cloud Apps policies. +- Microsoft 365 eDiscovery supports the use of named entities in Substrate services. +- Microsoft Defender for Cloud Apps supports the use of named entities in Defender for Cloud Apps policies in the Defender for Cloud apps portal. - Insider Risk Management supports the use of named entities in Substrate services. +- Records Management supports the use of named entities. +- Exact Data Match Sensitive Information Types supports the use of named entities. <! Communication Compliance doesn't support the use of named entities in Exchange transport rules and data-at-rest. - Microsoft Information Governance (MIG) doesn't support the use of named entities in Exchange transport rules and data-at-rest.--> ### Unified DLP -\|Workload/Services \|Public Preview Support for Named Entities \| +\|Workload/Services \|Support for Named Entities \| \|\|\| -\|Office Win32 clients policy tip \|not supported \| -\|Office WAC clients policy tip \|supported \| -\|OWA policy tip \|not supported \| -\|Outlook policy tip \|not supported \| -\|Endpoints (Windows 10 devices) \|supported \| -\|Exchange Transport rules \|not supported \| -\|OneDrive for Business data-at-rest \|supported \| -\|SharePoint Online data-at-rest \|supported \| -\|Teams data-at-rest \|supported \| -\|Email messages data-at-rest \|not supported \| +\|Office Win32 clients policy tip \|Not supported \| +\|Office WAC clients policy tip \|Supported \| +\|OWA policy tip \|Not supported \| +\|Outlook policy tip \|Not supported \| +\|Endpoints (Windows 10, and 11 devices) \|Supported \| +\|Exchange Transport rules \|Supported \| +\|OneDrive for Business data-at-rest \|Supported \| +\|SharePoint Online data-at-rest \|Supported \| +\|Teams data-at-rest \|Supported \| +\|Email messages data-at-rest \|Supported for tenants with Privacy Service Plan \| \|Microsoft Defender for Cloud Apps \|supported \| ### Autolabeling -\|Workload/Services \|Public Preview Support for Named Entities \| +\|Workload/Services \|Support for Named Entities \| \|\|\| -\|Office Win32 clients offline \|supported, user must select label and manually apply \| -\|Online Office Win32 clients online\|supported with old confidence scheme \| -\|Outlook online \|supported with old confidence scheme \| -\|Office WAC client \|supported \| -\|OWA \|supported \| -\|Exchange transport \|not supported \| -\|OneDrive for Business data-at-rest \|supported \| -\|SharePoint Online data-at-rest\|supported\| +\|Office Win32 clients offline \|Supported, user must select label and manually apply \| +\|Online Office Win32 clients online\|Supported with old confidence scheme \| +\|Outlook online \|Supported with old confidence scheme \| +\|Office WAC client \|Supported \| +\|OWA \|Supported \| +\|Exchange transport \|Supported \| +\|OneDrive for Business data-at-rest \|Supported \| +\|SharePoint Online data-at-rest\|Supported\| \|Azure Information Protection (AIP) scanner\|not supported\| ## Known issues To create or edit a DLP policy, use the procedures in [Create, test, and tune a \|DLP Policy tips (OWA, Outlook, Office Win32 clients) \| Policy tips with entity condition will result in "no match" \| \| Asian language support for person name (Chinese, Japanese, Korean) \| Named entities supported for Latin-based character set only (that is, kanji is not supported) for person name \| \|On-premises repositories \| Not supported as a workload\| +\|Power BI (preview) \| Not supported <!--\|Devices workload (Endpoint) \| Not supported as a workload ΓÇô authoring policy with named entities will not be allowed \|--> +## Best practices for using named entity SITs + +Here are some practices you can use when you create or edit a policy that uses a named entity SIT. + +- Use low instance counts (three to five) when you're looking for data that's in a spreadsheet and the keyword that's required by the SIT for that data is only in the column header. For example, let's say you're looking for US Social Security numbers, and the keyword `Social Security Number` only occurs in the column header. Since the values (the corroborative evidence) is in the cells below, it's likely that only the first few instances would be in close enough proximity to the keyword to be detected. + +- If you are using a named entity SIT, like All Full Names, to help find US Social Security numbers, use larger instance counts such as 10 or 50. Then when both the person names and the SSNs are detected together, you're more likely to get getting true positives. + +- You can use [Auto-labeling simulations](apply-sensitivity-label-automatically.md#learn-about-simulation-mode) to test the accuracy of named entity SITs. Run a simulation using a named entity SIT to see what items match the policy. With this information you can fine tune accuracy by adjusting the instance counts and confidence levels in your custom policies or the enhanced template conditions. You can iterate simulations until the accuracy is where you want it, before deploying a DLP or auto-labeling policy containing named entities in production. Here's an overview of the flow: + +1. Identify the SIT or combination of SITs you want to test in simulation mode, either custom or cloned and edited. +1. Identify or create a sensitivity label to be applied when the auto-labeling policy finds a match in Exchange, SharePoint sites, or OneDrive accounts. +1. Create an sensitivity auto-labeling policy that uses the SIT from step 1 and with same Conditions and Exceptions that will be used in your DLP policy +1. Run the policy simulation +1. View the results +1. Tune the SIT or policy and the instance count and confidence levels to reduce false positives. +1. Repeat until you get the accuracy results you want. ++ ## For further information -<!- -- [Learn about named entities (preview)](named-entities-learn.md). +- [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) +- [Learn about named entities](named-entities-learn.md). - [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md) - [Create a DLP policy from a template](create-a-dlp-policy-from-a-template.md)
compliance	Near Duplicate Detection In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/near-duplicate-detection-in-advanced-ediscovery.md	Title: Near duplicate detection - eDiscovery + Title: Near duplicate detection in eDiscovery f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use near duplicate detection to group textually similar documents when analyzing case data in Advanced eDiscovery." +description: "Use near duplicate detection to group textually similar documents when analyzing case data in eDiscovery (Premium)." -# Near duplicate detection in Advanced eDiscovery +# Near duplicate detection in eDiscovery (Premium) Consider a set of documents to be reviewed in which a subset is based on the same template and has mostly the same boilerplate language, with a few differences here and there. If a reviewer could identify this subset, review one of them thoroughly, and review the differences for the rest, they would not have missed any unique information while taking only a fraction of time that would have taken them to read all documents cover to cover. Near duplicate detection groups textually similar documents together to help you make your review process more efficient.
compliance	New Defender Alert Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/new-defender-alert-policies.md	The new alerts will begin firing, and triggering the AIR investigations in your ## What you need to do to prepare for these changes -How your organization utilizes these alerts will determine what you need to do to prepare. If you have operationalized the alerts and are using or consuming them either through an API, an alert email notification, or in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a> or the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a>, you'll need to modify your workflows. +How your organization utilizes these alerts will determine what you need to do to prepare. If you have operationalized the alerts and are using or consuming them either through an API, an alert email notification, or in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a> or the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a>, you'll need to modify your workflows. If you haven't operationalized these alerts, you can do one of the following:
compliance	Non Custodial Data Sources	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/non-custodial-data-sources.md	Title: "Add non-custodial data sources to an Advanced eDiscovery case" + Title: "Add non-custodial data sources to an eDiscovery (Premium) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "You can add non-custodial data sources to an Advanced eDiscovery case and place a hold on the data source. Non-custodial data sources are reindexed, so any content that was marked as partially indexed is reprocessed to make it fully and quickly searchable." +description: "You can add non-custodial data sources to an eDiscovery (Premium) case and place a hold on the data source. Non-custodial data sources are reindexed, so any content that was marked as partially indexed is reprocessed to make it fully and quickly searchable." -# Add non-custodial data sources to an Advanced eDiscovery case +# Add non-custodial data sources to an eDiscovery (Premium) case -In Advanced eDiscovery cases, it doesn't always meet your needs to associate a Microsoft 365 data source with a custodian in the case. But you may still need to associate that data with a case so that you can search it, add it to a review set, and analyze and review it. The feature in Advanced eDiscovery is called non-custodial data sources and lets you add data to a case without having to associate it to a custodian. It also applies the same Advanced eDiscovery functionality to non-custodial data that's available for data associated with custodian. Two of the most useful things that you can apply to non-custodial data is placing it on hold and processing it using [Advanced indexing](indexing-custodian-data.md). +In Microsoft Purview eDiscovery (Premium) cases, it doesn't always meet your needs to associate a Microsoft 365 data source with a custodian in the case. But you may still need to associate that data with a case so that you can search it, add it to a review set, and analyze and review it. The feature in eDiscovery (Premium) is called non-custodial data sources and lets you add data to a case without having to associate it to a custodian. It also applies the same eDiscovery (Premium) functionality to non-custodial data that's available for data associated with custodian. Two of the most useful things that you can apply to non-custodial data is placing it on hold and processing it using [Advanced indexing](indexing-custodian-data.md). ## Add a non-custodial data source -Follow these steps to add and manage non-custodial data sources in an Advanced eDiscovery case. +Follow these steps to add and manage non-custodial data sources in an eDiscovery (Premium) case. -1. On the Advanced eDiscovery home page, click the case that you want to add the data to. +1. On the eDiscovery (Premium) home page, click the case that you want to add the data to. 2. Click the Data sources tab and then click Add data source > Add data locations. After you add non-custodial data sources to the case, a job named Reindexing no After you place a hold on a non-custodial data source, a hold policy that contains the non-custodial data sources for the case is automatically created. When you place other non-custodial data sources on hold, they are added to this hold policy. -1. Open the Advanced eDiscovery case and select the Hold* tab. +1. Open the eDiscovery (Premium) case and select the Hold tab. 2. Click NCDSHold-\<GUID\>, where the GUID value is unique to the case.
compliance	Office 365 Azure Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-azure-encryption.md	# Encryption in Azure + Technological safeguards in Azure, such as encrypted communications and operational processes, help keep your data secure. You also have the flexibility to implement additional encryption features and manage your own cryptographic keys. Regardless of customer configuration, Microsoft applies encryption to protect customer data in Azure. Microsoft also enables you to control your data hosted in Azure through a range of advanced technologies to encrypt, control, and manage cryptographic keys, and control and audit access to data. In addition, Azure Storage provides a comprehensive set of security capabilities which together enable developers to build secure applications. Azure offers many mechanisms for protecting data as it moves from one location to another. Microsoft uses TLS to protect data when it's traveling between the cloud services and customers. Microsoft's data centers negotiate a TLS connection with client systems that connect to Azure services. Perfect Forward Secrecy (PFS) protects connections between customers' client systems and Microsoft's cloud services by unique keys. Connections also use RSA-based 2,048-bit encryption key lengths. This combination makes it difficult for someone to intercept and access data that is in-transit. For more information, see [Security recommendations for Windows virtual machines With [Azure Storage Service Encryption](/azure/storage/storage-service-encryption), Azure Storage automatically encrypts data prior to persisting it to storage and decrypts data prior to retrieval. The encryption, decryption, and key management processes are totally transparent to users. Azure Storage Service Encryption can be used for [Azure Blob Storage](https://azure.microsoft.com/services/storage/blobs/) and [Azure Files](https://azure.microsoft.com/services/storage/files/). You can also use Microsoft-managed encryption keys with Azure Storage Service Encryption, or you can use your own encryption keys. (For information on using your own keys, see [Storage Service Encryption using customer managed keys in Azure Key Vault](/azure/storage/common/storage-service-encryption-customer-managed-keys). For information about using Microsoft-managed keys, see [Storage Service Encryption for Data at Rest](/azure/storage/storage-service-encryption).) In addition, you can automate the use of encryption. For example, you can programmatically enable or disable Storage Service Encryption on a storage account using the [Azure Storage Resource Provider REST API](/rest/api/storagerp/), the [Storage Resource Provider Client Library for .NET](/dotnet/api/overview/azure/storage), [Azure PowerShell](/powershell/azureps-cmdlets-docs), or the [Azure CLI](/azure/storage/storage-azure-cli). -Some Microsoft 365 services use Azure for storing data. For example, SharePoint Online and OneDrive for Business store data in Azure Blob storage, and Microsoft Teams stores data for its chat service in tables, blobs, and queues. In addition, the Compliance Manager feature in the Microsoft 365 compliance center stores customer-entered data which is stored in encrypted form in [Azure Cosmos DB](/azure/cosmos-db/database-encryption-at-rest), a Platform as a Service (PaaS), globally-distributed, multi-model database. Azure Storage Service Encryption encrypts data stored in Azure Blob storage and in tables, and Azure Disk Encryption encrypts data in queues, as well as Windows and IaaS virtual machine disks to provide volume encryption for the operating system and the data disk. The solution ensures that all data on the virtual machine disks are encrypted at rest in your Azure storage. [Encryption at rest in Azure Cosmos DB](/azure/cosmos-db/database-encryption-at-rest) is implemented by using several security technologies, including secure key storage systems, encrypted networks, and cryptographic APIs. +Some Microsoft 365 services use Azure for storing data. For example, SharePoint Online and OneDrive for Business store data in Azure Blob storage, and Microsoft Teams stores data for its chat service in tables, blobs, and queues. In addition, the Compliance Manager feature in the Microsoft Purview compliance portal stores customer-entered data which is stored in encrypted form in [Azure Cosmos DB](/azure/cosmos-db/database-encryption-at-rest), a Platform as a Service (PaaS), globally-distributed, multi-model database. Azure Storage Service Encryption encrypts data stored in Azure Blob storage and in tables, and Azure Disk Encryption encrypts data in queues, as well as Windows and IaaS virtual machine disks to provide volume encryption for the operating system and the data disk. The solution ensures that all data on the virtual machine disks are encrypted at rest in your Azure storage. [Encryption at rest in Azure Cosmos DB](/azure/cosmos-db/database-encryption-at-rest) is implemented by using several security technologies, including secure key storage systems, encrypted networks, and cryptographic APIs. ## Azure Key Vault -Secure key management is not just core to encryption best practices; it's also essential for protecting data in the cloud. [Azure Key Vault](/azure/key-vault/key-vault-whatis) enables you to encrypt keys and small secrets like passwords that use keys stored in hardware security modules (HSMs). Azure Key Vault is Microsoft's recommended solution for managing and controlling access to encryption keys used by cloud services. Permissions to access keys can be assigned to services or to users with Azure Active Directory accounts. Azure Key Vault relieves organizations of the need to configure, patch, and maintain HSMs and key management software. With Azure Key Vault, Microsoft never sees your keys and applications don't have direct access to them; you maintain control. You can also import or generate keys in HSMs. Organizations that have a subscription that includes Azure Information Protection can configure their Azure Information Protection tenant to use a customer-managed key [Bring Your Own Key](/information-protection/plan-design/byok-price-restrictions) (BYOK)) and [log its usage](/information-protection/deploy-use/log-analyze-usage). +Secure key management is not just core to encryption best practices; it's also essential for protecting data in the cloud. [Azure Key Vault](/azure/key-vault/key-vault-whatis) enables you to encrypt keys and small secrets like passwords that use keys stored in hardware security modules (HSMs). Azure Key Vault is Microsoft's recommended solution for managing and controlling access to encryption keys used by cloud services. Permissions to access keys can be assigned to services or to users with Azure Active Directory accounts. Azure Key Vault relieves organizations of the need to configure, patch, and maintain HSMs and key management software. With Azure Key Vault, Microsoft never sees your keys and applications don't have direct access to them; you maintain control. You can also import or generate keys in HSMs. Organizations that have a subscription that includes Azure Information Protection can configure their Azure Information Protection tenant to use a customer-managed key [Bring Your Own Key](/information-protection/plan-design/byok-price-restrictions) (BYOK)) and [log its usage](/information-protection/deploy-use/log-analyze-usage).
compliance	Office 365 Bitlocker And Distributed Key Manager For Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-bitlocker-and-distributed-key-manager-for-encryption.md	Title: "BitLocker for Encryption" + Title: "BitLocker for encryption" f1.keywords: - NOCSH # BitLocker and Distributed Key Manager (DKM) for Encryption + Microsoft servers use BitLocker to encrypt the disk drives containing customer data at rest at the volume-level. BitLocker encryption is a data protection feature that is built into Windows. BitLocker is one of the technologies used to safeguard against threats in case there are lapses in other processes or controls (e.g., access control or recycling of hardware) that could lead to someone gaining physical access to disks containing customer data. In this case, BitLocker eliminates the potential for data theft or exposure because of lost, stolen, or inappropriately decommissioned computers and disks. BitLocker is deployed with Advanced Encryption Standard (AES) 256-bit encryption on disks containing customer data in Exchange Online, SharePoint Online, and Skype for Business. Disk sectors are encrypted with a Full Volume Encryption Key (FVEK), which is encrypted with the Volume Master Key (VMK), which in turn is bound to the Trusted Platform Module (TPM) in the server. The VMK directly protects the FVEK and therefore, protecting the VMK becomes critical. The following figure illustrates an example of the BitLocker key protection chain for a given server (in this case, using an Exchange Online server).
compliance	Office 365 Customer Managed Encryption Features	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-customer-managed-encryption-features.md	description: In this article, you'll learn about encryption technologies that yo # Customer-managed encryption features + Along with the encryption technologies in Microsoft 365 managed by Microsoft, Microsoft 365 also works with additional encryption technologies that you can manage and configure, such as: - [Azure Rights Management](/azure/information-protection/what-is-azure-rms) - [Secure Multipurpose Internet Mail Extension](https://blogs.technet.com/b/exchange/archive/2014/12/15/how-to-configure-s-mime-in-office-365.aspx) -- [Office 365 Message Encryption](https://products.office.com/en-us/exchange/office-365-message-encryption) +- [Microsoft Purview Message Encryption](https://products.office.com/en-us/exchange/office-365-message-encryption) - [Secure mail flow with a partner organization](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner) Exchange Online Protection (EOP) and Exchange Online support inbound validation - [Use DKIM to validate outbound email sent from your custom domain](/office365/SecurityCompliance/use-dkim-to-validate-outbound-email) -- [Use DMARC to validate email](/office365/SecurityCompliance/use-dmarc-to-validate-email) +- [Use DMARC to validate email](/office365/SecurityCompliance/use-dmarc-to-validate-email)
compliance	Office 365 Encryption In Microsoft Dynamics 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-encryption-in-microsoft-dynamics-365.md	# Encryption in Microsoft Dynamics 365 + Microsoft uses encryption technology to protect customer data in Dynamics 365 while at rest in a Microsoft datacenter and while it is in transit between user devices and our datacenters. Connections established between customers and Microsoft datacenters are encrypted, and all public endpoints are secured using industry-standard TLS. TLS effectively establishes a security-enhanced browser-to-server connection to help ensure data confidentiality and integrity between desktops and datacenters. After data encryption is activated, it cannot be turned off. For more information, see [Field-level data encryption](/previous-versions/dynamicscrm-2016/developers-guide/dn481562(v=crm.8)). Dynamics 365 uses standard Microsoft SQL Server cell level encryption for a set of default entity attributes that contain sensitive information, such as user names and email passwords. This feature can help organizations meet the compliance requirements associated with FIPS 140-2. Field-level data encryption is especially important in scenarios that leverage the [Microsoft Dynamics CRM Email Router](/previous-versions/dynamicscrm-2016/administering-dynamics-365/hh699800(v=crm.8)), which must store user names and passwords to enable integration between a Dynamics 365 instance and an email service.
compliance	Office 365 Encryption In The Microsoft Cloud Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-encryption-in-the-microsoft-cloud-overview.md	# Encryption in the Microsoft Cloud + Customer data within Microsoft's enterprise cloud services is protected by several technologies and processes, including various forms of encryption. (Customer data in this document includes Exchange Online mailbox content, e-mail body, calendar entries, and the content of e-mail attachments, and if applicable, Skype for Business content), SharePoint Online site content and the files stored within sites, and files uploaded to OneDrive for Business or Skype for Business.) Microsoft uses multiple encryption methods, protocols, and ciphers across its products and services to help provide a secure path for customer data to travel through our cloud services, and to help protect the confidentiality of customer data that is stored within our cloud services. Microsoft uses some of the strongest, most secure encryption protocols available to provide barriers against unauthorized access to customer data. Proper key management is also an essential element of encryption best practices, and Microsoft works to ensure that all Microsoft-managed encryption keys are properly secured. Customer data stored within Microsoft's enterprise cloud services is protected using one or more forms of encryption. (Validation of our crypto policy and its enforcement is independently verified by multiple third-party auditors, and reports of those audits are available on the [Service Trust Portal](https://aka.ms/stp).) For customer data in transit, all Office 365 servers negotiate secure sessions u - [Encryption for Data in Transit](/compliance/assurance/assurance-encryption-in-transit) - [Customer-Managed Encryption Features](office-365-customer-managed-encryption-features.md) - [Encryption Risks and Protections](office-365-encryption-risks-and-protections.md)-- [Encryption in Microsoft Dynamics 365](office-365-encryption-in-microsoft-dynamics-365.md) +- [Encryption in Microsoft Dynamics 365](office-365-encryption-in-microsoft-dynamics-365.md)
compliance	Office 365 Encryption Risks And Protections	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-encryption-risks-and-protections.md	Title: "Encryption Risks and Protections" + Title: "Encryption risks and protections" f1.keywords: - NOCSH description: In this article, you'll learn about risks to Office 365 and the enc # Encryption Risks and Protections + Microsoft follows a control and compliance framework that focuses on risks to the Microsoft 365 service and to customer data. Microsoft implements a large set of technology and process-based methods (referred to as controls) to mitigate these risks. Identification, evaluation, and mitigation of risks via controls is a continuous process. The implementation of controls within various layers of our cloud services such as facilities, network, servers, applications, users (such as Microsoft administrators) and data form a defense-in-depth strategy. The key to this strategy is that many different controls are implemented at different layers to protect against the same or similar risk scenarios. This multi-layered approach provides fail-safe protection in case a control fails for some reason.
compliance	Office 365 Service Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/office-365-service-encryption.md	Title: "Service Encryption" + Title: "Service encryption" f1.keywords: - NOCSH description: "Summary: Understand data resiliency in Microsoft Office 365." # Service Encryption + In addition to using volume-level encryption, Exchange Online, Microsoft Teams, SharePoint Online, and OneDrive for Business also use Service Encryption to encrypt customer data. Service Encryption allows for two key management options: ## Microsoft-managed keys
compliance	Ome Advanced Expiration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome-advanced-expiration.md	Title: Set an expiration date for email encrypted by Office 365 Advanced Message Encryption + Title: Set an expiration date for email encrypted by Microsoft Purview Advanced Message Encryption f1.keywords: - NOCSH search.appverid: - Strat_O365_IP - M365-security-compliance -description: Use Office 365 Advanced Message Encryption to extend your email security by setting an expiration date on emails through a custom branded template. +description: Use Microsoft Purview Advanced Message Encryption to extend your email security by setting an expiration date on emails through a custom branded template. -# Set an expiration date for email encrypted by Office 365 Advanced Message Encryption +# Set an expiration date for email encrypted by Microsoft Purview Advanced Message Encryption -Office 365 Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. If your organization has a subscription that does not include Office 365 Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or Office 365 SKUs. + +Microsoft Purview Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. If your organization has a subscription that does not include Microsoft Purview Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or Office 365 SKUs. You can use message expiration on emails that your users send to external recipients who use the OME Portal to access encrypted emails. You force recipients to use the OME portal to view and reply to encrypted emails sent by your organization by using a custom branded template that specifies an expiration date in Windows PowerShell. -As an Office 365 global administrator, when you apply your company brand to customize the look of your organization's email messages, you can also specify an expiration for these email messages. With Office 365 Advanced Message Encryption, you can create multiple templates for encrypted emails that originate from your organization. Using a template, you can control how long recipients have access to mail sent by your users. +As an Office 365 global administrator, when you apply your company brand to customize the look of your organization's email messages, you can also specify an expiration for these email messages. With Microsoft Purview Advanced Message Encryption, you can create multiple templates for encrypted emails that originate from your organization. Using a template, you can control how long recipients have access to mail sent by your users. When an end user receives mail that has an expiration date set, the user sees the expiration date in the wrapper email. If a user tries to open an expired mail, an error appears in the OME portal. You can only set expiration dates for emails to external recipients. -With Office 365 Advanced Message Encryption, anytime you apply custom branding, the Office 365 applies the wrapper to email that fits the mail flow rule to which you apply the template. In addition, you can only use expiration if you use custom branding. +With Microsoft Purview Advanced Message Encryption, anytime you apply custom branding, the Office 365 applies the wrapper to email that fits the mail flow rule to which you apply the template. In addition, you can only use expiration if you use custom branding. ## Create a custom branding template to force mail expiration by using PowerShell Where: - `ExternalMailExpiryInDays` identifies the number of days that recipients can keep mail before it expires. You can use any value between 1ΓÇô730 days. -## More information about Office 365 Advanced Message Encryption +## More information about Microsoft Purview Advanced Message Encryption -- [Office 365 Advanced Message Encryption](ome-advanced-message-encryption.md) +- [Advanced Message Encryption](ome-advanced-message-encryption.md) -- [Revoke email encrypted by Office 365 Advanced Message Encryption](revoke-ome-encrypted-mail.md) +- [Revoke email encrypted by Microsoft Purview Advanced Message Encryption](revoke-ome-encrypted-mail.md) -- [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance) +- [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance)
compliance	Ome Advanced Message Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome-advanced-message-encryption.md	description: "Advanced Message Encryption helps organizations meet their complia # Advanced Message Encryption -Office 365 Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. To use the Advanced Message Encryption revocation and expiration functions, enable the Premium Encryption in Office 365 option in your E5 license. -If your organization has a subscription that does not include Office 365 Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), Office 365 SKUs, or the Microsoft 365 E5/A5 Information Protection and Governance SKU add-on for Microsoft 365 A3/E3. +Microsoft Purview Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. If your organization has a subscription that does not include Microsoft Purview Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), Office 365 SKUs, or the Microsoft 365 E5/A5 Information Protection and Governance SKU add-on for Microsoft 365 A3/E3. Advanced Message Encryption helps customers meet compliance obligations that require more flexible controls over external recipients and their access to encrypted emails. With Advanced Message Encryption in Office 365, you can control sensitive emails shared outside the organization with automatic policies. You configure these policies to identify sensitive information types such as PII, Financial, or Health IDs, or you can use keywords to enhance protection. Once you've configured the policies, you pair policies with custom branded email templates and then add an expiration date for extra control of emails that fit the policy. Also, admins can further control encrypted emails accessed externally through a secure web portal by revoking access to the mail at any time. You can only revoke and set an expiration date for emails sent to external recipients. -## Get started with Office 365 Advanced Message Encryption +## Get started with Microsoft Purview Advanced Message Encryption The following articles describe how you set up and use Advanced Message Encryption. -Your organization must have a subscription that includes Office 365 Advanced Message Encryption. For detailed information about supported subscriptions, see the [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance). +Your organization must have a subscription that includes Microsoft Purview Advanced Message Encryption. For detailed information about supported subscriptions, see the [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance). If you do not have Office 365 Message Encryption set up already, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). With Advanced Message Encryption, you're not limited to a single branding templa You can only revoke messages and apply expiration dates to messages that users receive through the portal. In other words, email that has a custom branding template applied. For more information and an example, see the guidance in [Ensure all external recipients use the OME Portal to read encrypted mail](manage-office-365-message-encryption.md#ensure-all-external-recipients-use-the-ome-portal-to-read-encrypted-mail). -[Set an expiration date for email encrypted by Office 365 Advanced Message Encryption](ome-advanced-expiration.md). Control sensitive emails shared outside the organization with automatic policies that enhance protection by expiring access through a secure web portal to encrypted emails. +[Set an expiration date for email encrypted by Microsoft Purview Advanced Message Encryption](ome-advanced-expiration.md). Control sensitive emails shared outside the organization with automatic policies that enhance protection by expiring access through a secure web portal to encrypted emails. -[Revoke email encrypted by Office 365 Advanced Message Encryption](revoke-ome-encrypted-mail.md). Control sensitive emails shared outside the organization and enhance protection by revoking access through a secure web portal to encrypted emails. +[Revoke email encrypted by Microsoft Purview Advanced Message Encryption](revoke-ome-encrypted-mail.md). Control sensitive emails shared outside the organization and enhance protection by revoking access through a secure web portal to encrypted emails.
compliance	Ome Sensitive Info Types	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome-sensitive-info-types.md	# Create a sensitive information type policy for your organization using Message Encryption -You can use either Exchange mail flow rules or Data Loss Prevention (DLP) to create a sensitive information type policy with Office 365 Message Encryption. To create an Exchange mail flow rule, you can use either the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center (EAC)</a> or PowerShell. + +You can use either Exchange mail flow rules or Microsoft Purview data loss prevention (DLP) to create a sensitive information type policy with Office 365 Message Encryption. To create an Exchange mail flow rule, you can use either the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center (EAC)</a> or PowerShell. ## To create the policy by using mail flow rules in the EAC After Microsoft encrypts a message, recipients have unrestricted access to attac You may want to update any applicable end-user documentation and training materials to prepare people in your organization for this change. Share these Office 365 Message Encryption resources with your users as appropriate: - [Send, view, and reply to encrypted messages in Outlook for PC](https://support.microsoft.com/en-us/office/send-view-and-reply-to-encrypted-messages-in-outlook-for-pc-eaa43495-9bbb-4fca-922a-df90dee51980)-- [Microsoft 365 Essentials Video: Office Message Encryption](https://youtu.be/CQR0cG_iEUc) +- [Microsoft 365 Essentials Video: Message Encryption](https://youtu.be/CQR0cG_iEUc) ## View these changes in the audit log Microsoft 365 audits this activity and makes it available to administrators. The ## To disable or customize the sensitive information types policy -Once you've created the Exchange mail flow rule, you can [disable or edit the rule](/exchange/security-and-compliance/mail-flow-rules/manage-mail-flow-rules#enable-or-disable-a-mail-flow-rule) by going to Mail flow > Rules in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> and disabling the rule "Encrypt outbound sensitive emails (out of box rule)". +Once you've created the Exchange mail flow rule, you can [disable or edit the rule](/exchange/security-and-compliance/mail-flow-rules/manage-mail-flow-rules#enable-or-disable-a-mail-flow-rule) by going to Mail flow > Rules in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> and disabling the rule "Encrypt outbound sensitive emails (out of box rule)".
compliance	Ome Version Comparison	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome-version-comparison.md	Title: "Message Encryption (OME) version comparison" + Title: "Message encryption version comparison" f1.keywords: - NOCSH - M365-security-compliance search.appverid: - MET150 -description: This article helps explain the differences between different versions of Office 365 Message Encryption. +description: This article helps explain the differences between different versions of message encryption. -# Compare versions of OME +# Compare versions of message encryption + > [!IMPORTANT] > On February 28, 2021, Microsoft deprecated support for AD RMS in Exchange Online. If you've deployed a hybrid environment where your Exchange mailboxes are online and you're using IRM with Active Directory RMS on-premises, you'll need to migrate to Azure. Organizations that have deployed into the GCC Moderate environment are also affected. See "Overview of AD RMS deprecation in Exchange Online" in this article for information. -The rest of this article compares legacy Office 365 Message Encryption (OME) to the new OME capabilities and Office 365 Advanced Message Encryption. The new capabilities are a merger and newer version of both OME and Information Rights Management (IRM). Unique characteristics of deploying into GCC High are also outlined. The two can coexist in your organization. For information on how the new capabilities work, see [Office 365 Message Encryption (OME)](ome.md). +The rest of this article compares legacy Office 365 Message Encryption (OME) to Microsoft Purview Message Encryption and Microsoft Purview Advanced Message Encryption. Microsoft Purview Message Encryption is merger and newer version of both OME and Information Rights Management (IRM). Unique characteristics of deploying into GCC High are also outlined. The two can coexist in your organization. For information on how the new capabilities work, see [Office 365 Message Encryption (OME)](ome.md). -This article is part of a larger series of articles about Office 365 Message Encryption. This article is intended for administrators and ITPros. If you're just looking for information on sending or receiving an encrypted message, see the list of articles in [Office 365 Message Encryption (OME)](ome.md) and locate the article that best fits your needs. +This article is part of a larger series of articles about message encryption. This article is intended for administrators and ITPros. If you're just looking for information on sending or receiving an encrypted message, see the list of articles in [Message encryption](ome.md) and locate the article that best fits your needs. ## Overview of AD RMS deprecation in Exchange Online Exchange Online includes Information Rights Management (IRM) functionality that To assess whether this deprecation impacts your organization, see [How to migrate AD RMS to Azure RMS in Exchange Online](/exchange/troubleshoot/administration/migrate-ad-rms-to-azure). This article provides recommendations on migration options. -## Side-by-side comparison of OME features and capabilities +## Side-by-side comparison of message encryption features and capabilities -\| Situation \| Legacy OME \| IRM in AD RMS \| New OME capabilities \| +\| Situation \| Legacy OME \| IRM in AD RMS \| Microsoft Purview Message Encryption \| \|--\|-\|-\|--\| -\|Sending an encrypted mail \|Through Exchange mail flow rules\|End-user initiated from Outlook desktop or Outlook on the Web; or through Exchange mail flow rules\|End-user initiated from Outlook desktop, Outlook for Mac, or Outlook on the Web; through Exchange mail flow rules (also known as transport rules) and Data Loss Prevention (DLP)\| +\|Sending an encrypted mail \|Through Exchange mail flow rules\|End-user initiated from Outlook desktop or Outlook on the Web; or through Exchange mail flow rules\|End-user initiated from Outlook desktop, Outlook for Mac, or Outlook on the Web; through Exchange mail flow rules (also known as transport rules) and data loss prevention (DLP)\| \|Rights management template \| N/A \|Do Not Forward option and custom templates\|Do Not Forward option, encrypt-only option, and custom templates\| \|Recipient type \|Internal and external recipients\|Internal recipients only \|Internal and external recipients\| \|Experience for internal recipient\|Recipients receive an HTML message, which they download and open in a web browser or mobile app\|Native inline experience in Outlook clients\|Native inline experience for recipients in the same organization using Outlook clients. Recipients can read message from OME portal using clients other than Outlook (no download or app required).\| To assess whether this deprecation impacts your organization, see [How to migrat \|Bring your own key (BYOK) support\|None \|None \|BYOK supported \| \|\| -## Advantages of the new OME capabilities over legacy OME +## Advantages of Microsoft Purview Message Encryption over legacy OME The new capabilities provide the following advantages: The new capabilities provide the following advantages: - Admins can revoke emails encrypted with the new capabilities. - The new capabilities provide detailed usage reports through the Security & Compliance Center. -## Office 365 Advanced Message Encryption capabilities +## Microsoft Purview Advanced Message Encryption capabilities -Office 365 Advanced Message Encryption offers additional capabilities on top of the new OME capabilities. You must have the new Office 365 Message Encryption capabilities set up in your organization in order to use the Advanced Message Encryption capabilities. Also, in order to use these capabilities, recipients must view and reply to secure mail through the OME Portal. The advanced capabilities include: +Microsoft Purview Advanced Message Encryption offers additional capabilities on top of Microsoft Purview Message Encryption. You must have Microsoft Purview Message Encryption set up in your organization in order to use Advanced Message Encryption. Also, in order to use these capabilities, recipients must view and reply to secure mail through the Microsoft Purview Message Encryption Portal. The advanced capabilities include: - Message revocation Office 365 Advanced Message Encryption offers additional capabilities on top of - Multiple branding templates -Office 365 Advanced Message Encryption is not supported in GCC High. +Advanced Message Encryption is not supported in GCC High. -For information on using Advanced Message Encryption, see [Office 365 Advanced Message Encryption](ome-advanced-message-encryption.md). +For information on using Advanced Message Encryption, see [Microsoft Purview Advanced Message Encryption](ome-advanced-message-encryption.md). -## Unique characteristics of Office 365 Message Encryption in a GCC High deployment +## Unique characteristics of Microsoft Purview Message Encryption in a GCC High deployment -If you plan to use Office 365 Message Encryption in a GCC High environment, there are some unique characteristics regarding the recipient experience. +If you plan to use Microsoft Purview Message Encryption in a GCC High environment, there are some unique characteristics regarding the recipient experience. ### Encrypted email between GCC High and GCC High recipients Recipients inside GCC High receive the same inline reading experience in Outlook Senders inside GCC High can send encrypted email outside of the GCC High boundary and vice versa. -All recipients outside GCC High, including commercial Microsoft 365 users, Outlook.com users, and other users of other email providers such as Gmail and Yahoo, receive a wrapper mail. This wrapper mail redirects the recipient to the OME Portal where the recipient can read and reply to the message. This is also true for senders outside GCC High sending OME encrypted mail to GCC High. +All recipients outside GCC High, including commercial Microsoft 365 users, Outlook.com users, and other users of other email providers such as Gmail and Yahoo, receive a wrapper mail. This wrapper mail redirects the recipient to the Microsoft Purview Message Encryption Portal where the recipient can read and reply to the message. This is also true for senders outside GCC High sending OME encrypted mail to GCC High. -## Coexistence of legacy OME and the new capabilities in the same tenant +## Coexistence of legacy OME and Microsoft Purview Message Encryption in the same tenant -You can use both legacy OME and the new capabilities in the same tenant. As an administrator, you do this by choosing which version of OME you want to use when you create your mail flow rules. +You can use both legacy OME and Microsoft Purview Message Encryption in the same tenant. As an administrator, you do this by choosing which version of message encryption you want to use when you create your mail flow rules. - To specify the legacy version of OME, use the Exchange mail flow rule action Apply the previous version of OME. -- To specify the new capabilities, use the Exchange mail flow rule action Apply Office 365 Message Encryption and rights protection. +- To specify Microsoft Purview Message Encryption, use the Exchange mail flow rule action Apply Office 365 Message Encryption and rights protection. -Users can manually send mail that is encrypted with the new capabilities from Outlook Desktop, Outlook for Mac, and Outlook on the web. +Users can manually send mail that is encrypted with Microsoft Purview Message Encryption from Outlook Desktop, Outlook for Mac, and Outlook on the web. -## Migrate from legacy OME to the new capabilities +## Migrate from legacy OME to Microsoft Purview Message Encryption -Even though both versions of OME can coexist, we highly recommend that you edit your old mail flow rules that use the rule action Apply the previous version of OME to use the new capabilities. Update these rules to use the mail flow rule action Apply Office 365 Message Encryption and rights protection. For instructions, see [Define mail flow rules to encrypt email messages in Office 365](define-mail-flow-rules-to-encrypt-email.md). +Even though both versions can coexist, we highly recommend that you edit your old mail flow rules that use the rule action Apply the previous version of OME to use Microsoft Purview Message Encryption. Update these rules to use the mail flow rule action Apply Office 365 Message Encryption and rights protection. For instructions, see [Define mail flow rules to encrypt email messages](define-mail-flow-rules-to-encrypt-email.md). ## Get started with OME -Typically, the new OME capabilities are automatically enabled for your organization. For more information about the new OME capabilities within your organization, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). +Typically, Microsoft Purview Message Encryption is automatically enabled for your organization. For more information about Microsoft Purview Message Encryption within your organization, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). The legacy version of OME is automatically enabled for your organization if you have enabled Azure Information Protection. In the past, legacy OME worked even if Azure Information Protection wasn't enabled. This is no longer the case.
compliance	Ome	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ome.md	Title: "Message Encryption" + Title: "Office 365 Message Encryption" f1.keywords: - NOCSH description: Learn how to send and receive encrypted email messages between peop # Message Encryption + People often use email to exchange sensitive information, such as financial data, legal contracts, confidential product information, sales reports and projections, patient health information, or customer and employee information. As a result, mailboxes can become repositories for large amounts of potentially sensitive information and information leakage can become a serious threat to your organization. With Office 365 Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Office 365 Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content. -## How Office 365 Message Encryption works +## How Message Encryption works -The rest of this article applies to the new OME capabilities. +The rest of this article applies to the Microsoft Purview Message Encryption. -Office 365 Message Encryption is an online service that's built on Microsoft Azure Rights Management (Azure RMS) which is part of Azure Information Protection. This service includes encryption, identity, and authorization policies to help secure your email. You can encrypt messages by using rights management templates, the [Do Not Forward option](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails), and the [encrypt-only option](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). +Microsoft Purview Message Encryption is an online service that's built on Microsoft Azure Rights Management (Azure RMS) which is part of Azure Information Protection. This service includes encryption, identity, and authorization policies to help secure your email. You can encrypt messages by using rights management templates, the [Do Not Forward option](/information-protection/deploy-use/configure-usage-rights#do-not-forward-option-for-emails), and the [encrypt-only option](/information-protection/deploy-use/configure-usage-rights#encrypt-only-option-for-emails). Users can then encrypt email messages and various attachments by using these options. For a full list of supported attachment types, see ["File types covered by IRM policies when they are attached to messages" in Introduction to IRM for email messages](https://support.office.com/article/bb643d33-4a3f-4ac7-9770-fd50d95f58dc#FileTypesforIRM). As an administrator, you can also define mail flow rules to apply this protectio Unlike the previous version of OME, the new capabilities provide a unified sender experience whether you're sending mail inside your organization or to recipients outside of Microsoft 365. In addition, recipients who receive a protected email message sent to a Microsoft 365 account in Outlook 2016 or Outlook on the web, don't have to take any other action to view the message. It works seamlessly. Recipients using other email clients and email service providers also have an improved experience. For information, see [Learn about protected messages in Office 365](https://support.office.com/article/Learn-about-protected-messages-in-Office-365-2baf3ac7-12db-40a4-8af7-1852204b4b67) and [How do I open a protected message](https://support.office.com/article/How-do-I-open-a-protected-message-1157a286-8ecc-4b1e-ac43-2a608fbf3098). -For a detailed list of the differences between the previous version of OME and the new OME capabilities, see [Compare versions of OME](ome-version-comparison.md). +For a detailed list of the differences between the previous version of OME and Microsoft Purview Message Encryption, see [Compare versions of message encryption](ome-version-comparison.md). When someone sends an email message that matches an encryption mail flow rule, the message is encrypted before it's sent. All Microsoft 365 end users that use Outlook clients to read mail receive native, first-class reading experiences for encrypted and rights-protected mail even if they're not in the same organization as the sender. Supported Outlook clients include Outlook desktop, Outlook Mac, Outlook mobile on iOS and Android, and Outlook on the web (formerly known as Outlook Web App). If the sender of the protected mail is in GCC High and the recipient is outside For more information about size limits for messages and attachments that you can encrypt using OME, see [Exchange Online Limits](/office365/servicedescriptions/exchange-online-service-description/exchange-online-limits). -## How Office 365 Advanced Message Encryption works on top of OME +## How Microsoft Purview Advanced Message Encryption works on top of Microsoft Purview Message Encryption -Office 365 Advanced Message Encryption lets you create multiple branding templates so you can fine-tune control over recipient mail and create custom branding experiences to support a diverse organizational structure. +Microsoft Purview Advanced Message Encryption lets you create multiple branding templates so you can fine-tune control over recipient mail and create custom branding experiences to support a diverse organizational structure. -Advanced Message Encryption in Microsoft 365 helps you meet compliance obligations that require more flexible control over external recipient's access to encrypted emails. With Advanced Message Encryption in Office 365, as an administrator, you can control sensitive emails shared outside the organization with automatic policies that detect sensitive information types (for example, PII, Financial or Health IDs) or keywords to enhance protection by expiring access through a secure web portal to encrypted emails. As an admin you can further control encrypted emails accessed through a Microsoft 365 web portal by revoking access to an email anytime. +Advanced Message Encryption in Microsoft 365 helps you meet compliance obligations that require more flexible control over external recipient's access to encrypted emails. With Advanced Message Encryption, as an administrator, you can control sensitive emails shared outside the organization with automatic policies that detect sensitive information types (for example, PII, Financial or Health IDs) or keywords to enhance protection by expiring access through a secure web portal to encrypted emails. As an admin you can further control encrypted emails accessed through a web portal by revoking access to an email anytime. -Message revocation and expiration only work for emails that your users send to recipients outside your organization. In addition, the recipients must access the email through the web portal. To ensure the recipient uses the portal to receive email, you set up a custom branding template that applies the wrapper. Then, you apply the branding template in a mail flow rule. For more information about Advanced Message Encryption, see [Office 365 Advanced Message Encryption](ome-advanced-message-encryption.md). +Message revocation and expiration only work for emails that your users send to recipients outside your organization. In addition, the recipients must access the email through the web portal. To ensure the recipient uses the portal to receive email, you set up a custom branding template that applies the wrapper. Then, you apply the branding template in a mail flow rule. For more information about Advanced Message Encryption, see [Advanced Message Encryption](ome-advanced-message-encryption.md). -## Defining rules for Office 365 Message Encryption +## Defining rules for Microsoft Purview Message Encryption -One way to enable the new capabilities for Office 365 Message Encryption is for Exchange Online and Exchange Online Protection administrators to define mail flow rules. These rules determine under what conditions email messages should be encrypted. When an encryption action is set for a rule, any messages that match the rule conditions are encrypted before they're sent. +One way to enable Microsoft Purview Message Encryption is for Exchange Online and Exchange Online Protection administrators to define mail flow rules. These rules determine under what conditions email messages should be encrypted. When an encryption action is set for a rule, any messages that match the rule conditions are encrypted before they're sent. -Mail flow rules are flexible, letting you combine conditions so you can meet specific security requirements in a single rule. For example, you can create a rule to encrypt all messages that contain specified keywords and are addressed to external recipients. The new capabilities for Office 365 Message Encryption also encrypt replies from recipients of encrypted email. +Mail flow rules are flexible, letting you combine conditions so you can meet specific security requirements in a single rule. For example, you can create a rule to encrypt all messages that contain specified keywords and are addressed to external recipients. Microsoft Purview Message Encryption also encrypt replies from recipients of encrypted email. -For more information about how to create mail flow rules to take advantage of the new OME capabilities, see [Define Rules for Office 365 Message Encryption](define-mail-flow-rules-to-encrypt-email.md). +For more information about how to create mail flow rules to take advantage of Microsoft Purview Message Encryption, see [Define mail flow rules to encrypt email messages](define-mail-flow-rules-to-encrypt-email.md). -## Get started with the new OME capabilities +## Get started with the Microsoft Purview Message Encryption -If you're ready to get started using the new OME capabilities within your organization, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). +If you're ready to get started using Microsoft Purview Message Encryption within your organization, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). ## Sending, viewing, and replying to encrypted email messages -With Office 365 Message Encryption, users can send encrypted email from Outlook and Outlook on the web. Additionally, admins can set up mail flow rules in Microsoft 365 to automatically encrypt emails based on keyword matching or other conditions. +With Microsoft Purview Message Encryption, users can send encrypted email from Outlook and Outlook on the web. Additionally, admins can set up mail flow rules in Microsoft 365 to automatically encrypt emails based on keyword matching or other conditions. Recipients of encrypted messages who are in organizations will be able to read those messages seamlessly in any version Outlook, including Outlook for PC, Outlook for Mac, Outlook on the web, Outlook for iOS, and Outlook for Android. Users that receive encrypted messages on other email clients can view the messages in the OME portal. For detailed guidance about how to send and view encrypted messages, take a look \|[Send a digitally signed or encrypted message](https://support.microsoft.com/office/send-a-digitally-signed-or-encrypted-message-a18ecf7f-a7ac-4edd-b02e-687b05eff547)\|An end user that wants to send, view, or reply to encrypted messages using Outlook for Mac. This article also covers using encryption methods other than OME, such as S/MIME.\| \|[View encrypted messages on your Android device](https://support.office.com/article/83d60f17-2305-407a-a762-7d518401fdeb)\|An end user who has received a message encrypted with Office 365 Message Encryption on your Android device, you can use the free OME Viewer app to view the message and send an encrypted reply. This article explains how.\| \|[View encrypted messages on your iPhone or iPad](https://support.microsoft.com/office/view-protected-messages-on-your-iphone-or-ipad-4d631321-0d26-4bcc-a483-d294dd0b1caf)\|An end user who has received a message encrypted with Office 365 Message Encryption on your iPhone or iPad, you can use the free OME Viewer app to view the message and send an encrypted reply. This article explains how.\| -\|\| +\|\|
compliance	Overview Ediscovery 20	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/overview-ediscovery-20.md	Title: "Overview of the Advanced eDiscovery solution in Microsoft 365" + Title: "Overview of the eDiscovery (Premium) solution in Microsoft Purview" f1.keywords: - NOCSH Previously updated : Last updated : 04/08/2022 audience: Admin search.appverid: - MOE150 - MET150 -description: "Learn about the Advanced eDiscovery solution in Microsoft 365. This article provides an overview of Advanced eDiscovery in Microsoft 365, a tool to help you manage internal and external investigations. It also frames the business reasons for using Advanced eDiscovery to manage your legal investigations." +description: "Learn about the eDiscovery (Premium) solution in Microsoft Purview. This article provides an overview of eDiscovery (Premium) in Microsoft Purview, a tool to help you manage internal and external investigations. It also frames the business reasons for using eDiscovery (Premium) to manage your legal investigations." -# Overview of Microsoft 365 Advanced eDiscovery +# Overview of Microsoft Purview eDiscovery (Premium) -The Advanced eDiscovery solution in Microsoft 365 builds on the existing Microsoft eDiscovery and analytics capabilities. Advanced eDiscovery provides an end-to-end workflow to preserve, collect, analyze, review, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case. +The Microsoft Purview eDiscovery (Premium) solution builds on the existing Microsoft eDiscovery and analytics capabilities. eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, analyze, review, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case. -## Advanced eDiscovery capabilities +## eDiscovery (Premium) capabilities -Advanced eDiscovery can help your organization respond to legal matters or internal investigations by discovering data where it lives. You can seamlessly manage eDiscovery workflows by identifying persons of interest and their data sources, seamlessly apply holds to preserve data, and then manage the legal hold communication process. By collecting data from the source, you can search the live Microsoft 365 platform to quickly find what you need. Intelligent, machine learning capabilities such as deep indexing, email threading, and near duplicate detection also help you reduce large volumes of data to a relevant data set. +eDiscovery (Premium) can help your organization respond to legal matters or internal investigations by discovering data where it lives. You can seamlessly manage eDiscovery workflows by identifying persons of interest and their data sources, seamlessly apply holds to preserve data, and then manage the legal hold communication process. By collecting data from the source, you can search the live Microsoft 365 platform to quickly find what you need. Intelligent, machine learning capabilities such as deep indexing, email threading, and near duplicate detection also help you reduce large volumes of data to a relevant data set. -The following sections describe how these Advanced eDiscovery capabilities can help your organization. +The following sections describe how these eDiscovery (Premium) capabilities can help your organization. -![Advanced eDiscovery capabilities.](../media/advanced-ediscovery-capabilities.png) +![eDiscovery (Premium) capabilities.](../media/advanced-ediscovery-capabilities.png) ### Discover and collect data in-place Traditionally, organizations that rely on multiple third-party eDiscovery solutions require copying large volumes of data out of Microsoft 365 to process and having to host duplicate data. This necessity increases the time to find relevant data and the risk, cost, and complexity of managing multiple solutions. -Advanced eDiscovery in Microsoft 365 lets you discover data at the source and staying within your Microsoft 365 security and compliance boundary. By collecting data in-place from the live system, Advanced eDiscovery reduces the friction of going back to the source and reduces unnecessary work of having to find missing content, which often happens when journaling lags in traditional eDiscovery solutions. +eDiscovery (Premium) in Microsoft 365 lets you discover data at the source and staying within your Microsoft 365 security and compliance boundary. By collecting data in-place from the live system, eDiscovery (Premium) reduces the friction of going back to the source and reduces unnecessary work of having to find missing content, which often happens when journaling lags in traditional eDiscovery solutions. -Native search and collection capabilities for data in Teams, Yammer, SharePoint Online, OneDrive for Business, and Exchange Online further enhances data discovery. For example, Advanced eDiscovery: +Native search and collection capabilities for data in Teams, Yammer, SharePoint Online, OneDrive for Business, and Exchange Online further enhances data discovery. For example, eDiscovery (Premium): - Reconstructs Teams conversations (instead of returning individual messages from conversations). Native search and collection capabilities for data in Teams, Yammer, SharePoint ### Manage eDiscovery workflow in one platform -Advanced eDiscovery can help you reduce the number of eDiscovery solutions you need to rely on. It provides a streamlined, end-to-end workflow, all which occurs within Microsoft 365. Advanced eDiscovery helps reduce the friction of identifying and collecting potential sources of relevant information by automatically mapping unique and shared data sources to the person of interest (known as a custodian), and by providing reporting and analytics on potentially relevant data prior to collecting it for analysis and review. +eDiscovery (Premium) can help you reduce the number of eDiscovery solutions you need to rely on. It provides a streamlined, end-to-end workflow, all which occurs within Microsoft 365. eDiscovery (Premium) helps reduce the friction of identifying and collecting potential sources of relevant information by automatically mapping unique and shared data sources to the person of interest (known as a custodian), and by providing reporting and analytics on potentially relevant data prior to collecting it for analysis and review. -Additionally, Microsoft Graph APIs can help you automate the eDiscovery workflow and extend Advanced eDiscovery for custom solutions. +Additionally, Microsoft Graph APIs can help you automate the eDiscovery workflow and extend eDiscovery (Premium) for custom solutions. ### Cull data intelligently -Intelligent, machine learning capabilities in Advanced eDiscovery help you reduce the amount of data to review. These intelligent capabilities help you reduce and cull large volumes of data to a relevant set. For example, a built-in review set query helps filter only for unique content by identifying near duplicates. This capability can substantially reduce the amount of data to review. +Intelligent, machine learning capabilities in eDiscovery (Premium) help you reduce the amount of data to review. These intelligent capabilities help you reduce and cull large volumes of data to a relevant set. For example, a built-in review set query helps filter only for unique content by identifying near duplicates. This capability can substantially reduce the amount of data to review. Additional machine learning capabilities can further refine and identify relevant data using smart tags and technology assisted review tools like the Relevance modules. -## Advanced eDiscovery alignment with the Electronic Discovery Reference Model +## eDiscovery (Premium) alignment with the Electronic Discovery Reference Model -The built-in workflow of Advanced eDiscovery in Microsoft 365 aligns with the eDiscovery process outlined by the Electronic Discovery Reference Model (EDRM). +The built-in workflow of eDiscovery (Premium) in Microsoft 365 aligns with the eDiscovery process outlined by the Electronic Discovery Reference Model (EDRM). ![The Electronic Discovery Reference Model (EDRM).](../media/EDRMv2.png) (Image based on the EDRM model on edrm.net) -At a high level, here's how Advanced eDiscovery supports the EDRM workflow: +At a high level, here's how eDiscovery (Premium) supports the EDRM workflow: -- Identification. After you identify potential persons of interest in an investigation, you can add them as custodians (also called data custodians, because they may possess information that's relevant to the investigation) to an Advanced eDiscovery case. After users are added as custodians, it's easy to preserve, collect, and review custodian documents. +- Identification. After you identify potential persons of interest in an investigation, you can add them as custodians (also called data custodians, because they may possess information that's relevant to the investigation) to an eDiscovery (Premium) case. After users are added as custodians, it's easy to preserve, collect, and review custodian documents. -- Preservation. To preserve and protect data that's relevant to an investigation, Advanced eDiscovery lets you place a legal hold on the data sources associated with the custodians in a case. You can also place non-custodial data on hold. Advanced eDiscovery also has a built-in communications workflow so you can send legal hold notifications to custodians and track their acknowledgments. +- Preservation. To preserve and protect data that's relevant to an investigation, eDiscovery (Premium) lets you place a legal hold on the data sources associated with the custodians in a case. You can also place non-custodial data on hold. eDiscovery (Premium) also has a built-in communications workflow so you can send legal hold notifications to custodians and track their acknowledgments. -- Collection. After you identified (and preserved) the data sources relevant to the investigation, you can use the built-in search tool in Advanced eDiscovery search for and collect live data from the custodial data sources (and non-custodial data sources, if applicable) that may be relevant to the case. +- Collection. After you identified (and preserved) the data sources relevant to the investigation, you can use the built-in search tool in eDiscovery (Premium) search for and collect live data from the custodial data sources (and non-custodial data sources, if applicable) that may be relevant to the case. -- Processing. After you've collected all data relevant to the case, the next step is process it for further review and analysis. In Advanced eDiscovery, the in-place data that you identified in the collection phase is copied to an Azure Storage location (called a review set), which provides you with a static view of the case data. +- Processing. After you've collected all data relevant to the case, the next step is process it for further review and analysis. In eDiscovery (Premium), the in-place data that you identified in the collection phase is copied to an Azure Storage location (called a review set), which provides you with a static view of the case data. - Review. After data has been added to a review set, you can view specific documents and run additional queries to reduce the data to what is most relevant to the case. Also, can annotate and tag specific documents. -- Analysis. Advanced eDiscovery provides integrated analytics tool that helps you further cull data from the review set that you determine isn't relevant to the investigation. In addition to reducing the volume of relevant data, Advance eDiscovery also helps you save legal review costs by letting you organize content to make the review process easier and more efficient. +- Analysis. eDiscovery (Premium) provides integrated analytics tool that helps you further cull data from the review set that you determine isn't relevant to the investigation. In addition to reducing the volume of relevant data, Advance eDiscovery also helps you save legal review costs by letting you organize content to make the review process easier and more efficient. - Production and Presentation. When you're ready, you can export documents from a review set for legal review. You can export documents in their native format or in an EDRM-specified format so they can be imported into third-party review applications. ## Subscriptions and licensing -Licensing for Advanced eDiscovery requires the appropriate organization subscription and per-user licensing. +Licensing for eDiscovery (Premium) requires the appropriate organization subscription and per-user licensing. -- Organization subscription: To access Advanced eDiscovery in the Microsoft 365 compliance center, your organization must have one of the following: +- Organization subscription: To access eDiscovery (Premium) in the Microsoft Purview compliance portal, your organization must have one of the following: - Microsoft 365 E5 or Office 365 E5 subscription Licensing for Advanced eDiscovery requires the appropriate organization subscrip - Microsoft 365 Education A5 or Office 365 Education A5 subscription - If you don't have an existing Microsoft 365 E5 plan and want to try Advanced eDiscovery, you can [add Microsoft 365](/office365/admin/try-or-buy-microsoft-365) to your existing subscription or [sign up for a trial](https://www.microsoft.com/microsoft-365/enterprise) of Microsoft 365 E5. + If you don't have an existing Microsoft 365 E5 plan and want to try eDiscovery (Premium), you can [add Microsoft 365](/office365/admin/try-or-buy-microsoft-365) to your existing subscription or [sign up for a trial](https://www.microsoft.com/microsoft-365/enterprise) of Microsoft 365 E5. - Per-user licensing: To add a user as a custodian in an Advance eDiscovery case, that user must be assigned one of the following licenses, depending on your organization subscription: For information about licensing, download and see the "eDiscovery and auditing" For information about how to assign licenses, see [Assign licenses to users](/microsoft-365/admin/manage/assign-licenses-to-users). > [!NOTE] -> Users only need an E5 or A5 license (or the appropriate add-on license) to be added as custodians to an Advanced eDiscovery case. IT admins, eDiscovery managers, lawyers, paralegals, or investigators who use Advanced eDiscovery to manage cases and review case data don't need an E5, A5, or add-on license. +> Users only need an E5 or A5 license (or the appropriate add-on license) to be added as custodians to an eDiscovery (Premium) case. IT admins, eDiscovery managers, lawyers, paralegals, or investigators who use eDiscovery (Premium) to manage cases and review case data don't need an E5, A5, or add-on license. -## Get started with Advanced eDiscovery +## Get started with eDiscovery (Premium) -There are two quick and easy steps to get started with Advanced eDiscovery. +There are two quick and easy steps to get started with eDiscovery (Premium). -![Workflow getting started with Advanced eDiscovery.](../media/get-started-AeD.png) +![Workflow getting started with eDiscovery (Premium).](../media/get-started-AeD.png) \|Steps \|Description \| \|:\|:\| -\|[Set up Advanced eDiscovery](get-started-with-advanced-ediscovery.md)\| After verifying the subscription and licensing requirements, you can assign permissions and configure organization-wide settings to get started using Advanced eDiscovery.\| -\|[Create and manage cases](create-and-manage-advanced-ediscoveryv2-case.md) \| Create cases to manage the Advanced eDiscovery workflow for all legal and other types of investigations in your organization.\| +\|[Set up eDiscovery (Premium)](get-started-with-advanced-ediscovery.md)\| After verifying the subscription and licensing requirements, you can assign permissions and configure organization-wide settings to get started using eDiscovery (Premium).\| +\|[Create and manage cases](create-and-manage-advanced-ediscoveryv2-case.md) \| Create cases to manage the eDiscovery (Premium) workflow for all legal and other types of investigations in your organization.\| \|\|\| -## Advanced eDiscovery architecture +## eDiscovery (Premium) architecture -Here's an Advanced eDiscovery architecture diagram that shows the end-to-end workflow in a single-geo environment and in a multi-geo environment, and the end-to-end data flow that's aligned with the [EDRM](#advanced-ediscovery-alignment-with-the-electronic-discovery-reference-model). +Here's an eDiscovery (Premium) architecture diagram that shows the end-to-end workflow in a single-geo environment and in a multi-geo environment, and the end-to-end data flow that's aligned with the [EDRM](#ediscovery-premium-alignment-with-the-electronic-discovery-reference-model). -[![Model poster: Advanced eDiscovery Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) +[![Model poster: eDiscovery (Premium) Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) [View as an image](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) Here's an Advanced eDiscovery architecture diagram that shows the end-to-end wor ## Training -Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for Advanced eDiscovery can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365). +Training your IT administrators, eDiscovery managers, and compliance investigation teams in the basics for eDiscovery (Premium) can help your organization get started more quickly using Microsoft 365 eDiscovery tools. Microsoft 365 provides the following resource to help these users in your organization getting started with eDiscovery: [Describe the eDiscovery and audit capabilities of Microsoft 365](/learn/modules/describe-ediscovery-capabilities-of-microsoft-365).
compliance	Partially Indexed Items In Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/partially-indexed-items-in-content-search.md	Title: "Partially indexed items in Content Search and other eDiscovery tools" + Title: "Partially indexed items in Content Search" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: d1691de4-ca0d-446f-a0d0-373a4fc8487b -description: "Learn about unindexed items in Exchange and SharePoint that you can include in an eDiscovery search that you run in the Microsoft 365 compliance center." +description: "Learn about unindexed items in Exchange and SharePoint that you can include in an eDiscovery search that you run in the Microsoft Purview compliance portal." # Partially indexed items in eDiscovery -An eDiscovery search that you run from the Microsoft 365 compliance center automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. In Exchange, a partially indexed item typically contains a file (of a file type that can't be indexed) that is attached to an email message. Here are some other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: +An Microsoft Purview eDiscovery search that you run from the Microsoft Purview compliance portal automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. In Exchange, a partially indexed item typically contains a file (of a file type that can't be indexed) that is attached to an email message. Here are some other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: - The file type is unrecognized or unsupported for indexing. An eDiscovery search that you run from the Microsoft 365 compliance center autom > [!NOTE] > Most organizations have less than 1% of content by volume and less than 12% by size that is partially indexed. The reason for the difference between volume and size is that larger files have a higher probability of containing content that can't be completely indexed. -For legal investigations, your organization may be required to review partially indexed items. You can also specify whether to include partially indexed items when you export search results to a local computer or when you prepare the results for analysis with Advanced eDiscovery. For more information, see [Investigating partially indexed items in eDiscovery](investigating-partially-indexed-items-in-ediscovery.md). +For legal investigations, your organization may be required to review partially indexed items. You can also specify whether to include partially indexed items when you export search results to a local computer or when you prepare the results for analysis with eDiscovery (Premium). For more information, see [Investigating partially indexed items in eDiscovery](investigating-partially-indexed-items-in-ediscovery.md). ## File types not indexed for search -Certain types of files, such as Bitmap or MP3 files, don't contain content that can be indexed. As a result, the search indexing servers in Exchange and SharePoint don't perform full-text indexing on these types of files. These types of files are considered to be unsupported file types. There are also file types for which full-text indexing has been disabled, either by default or by an administrator. Unsupported and disabled file types are labeled as unindexed items in Content Searches. As previously stated, partially indexed items can be included in the set of search results when you run a search, export the search results to a local computer, or prepare search results for Advanced eDiscovery. +Certain types of files, such as Bitmap or MP3 files, don't contain content that can be indexed. As a result, the search indexing servers in Exchange and SharePoint don't perform full-text indexing on these types of files. These types of files are considered to be unsupported file types. There are also file types for which full-text indexing has been disabled, either by default or by an administrator. Unsupported and disabled file types are labeled as unindexed items in Content Searches. As previously stated, partially indexed items can be included in the set of search results when you run a search, export the search results to a local computer, or prepare search results for eDiscovery (Premium). For a list of supported and disabled file formats, see the following topics: Not every email message with a partially indexed file attachment or every partia Similarly, messages with partially indexed file attachments and documents of a partially indexed file type are included in search results when other message or document properties, which are indexed and searchable, match the search criteria. Message properties that are indexed for search include sent and received dates, sender and recipient, the file name of an attachment, and text in the message body. Document properties indexed for search include created and modified dates. So even though a message attachment may be a partially indexed item, the message will be included in the regular search results if the value of other message or document properties matches the search criteria. -For a list of email and document properties that you can search for by using eDiscovery tools in the Microsoft 365 compliance center, see [Keyword queries and search conditions for eDiscovery](keyword-queries-and-search-conditions.md). +For a list of email and document properties that you can search for by using eDiscovery tools in the compliance portal, see [Keyword queries and search conditions for eDiscovery](keyword-queries-and-search-conditions.md). > [!NOTE] > If a mailbox item is moved from a folder that is indexed to a folder that is not indexed, a flag is set to unindex the item and the item is removed from the index and will not be searchable. Later, if that same item is moved back to a folder that is indexed, the flag is not reset. That means the item will remain unindexed, and not searchable. ## Partially indexed items included in the search results -Your organization might be required to identify and perform additional analysis on partially indexed items to determine what they are, what they contain, and whether they're relevant to a specific investigation. As previously explained, the partially indexed items in the content locations that are searched are automatically included with the estimated search results. You have the option to include these partially indexed items when you export search results or prepare the search results for Advanced eDiscovery. +Your organization might be required to identify and perform additional analysis on partially indexed items to determine what they are, what they contain, and whether they're relevant to a specific investigation. As previously explained, the partially indexed items in the content locations that are searched are automatically included with the estimated search results. You have the option to include these partially indexed items when you export search results or prepare the search results for eDiscovery (Premium). Keep the following in mind about partially indexed items: Keep the following in mind about partially indexed items: ## Workaround for using a date range to exclude partially indexed items -In Content search and Core eDiscovery, you can't use a date range to exclude partially indexed items from being returned by a search query. In other words, partially indexed items that fall outside of a date range are still included as partially indexed items in the search statistics and when you export partially indexed items. In Advanced eDiscovery, you can exclude partially indexed items by using a date range in a search query. +In Content search and Microsoft Purview eDiscovery (Standard), you can't use a date range to exclude partially indexed items from being returned by a search query. In other words, partially indexed items that fall outside of a date range are still included as partially indexed items in the search statistics and when you export partially indexed items. In eDiscovery (Premium), you can exclude partially indexed items by using a date range in a search query. As a workaround for this limitation, we recommend the following procedure.
compliance	Permissions Filtering For Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/permissions-filtering-for-content-search.md	You can use search permissions filtering to let an eDiscovery manager search only a subset of mailboxes and sites in your organization. You can also use permissions filtering to let that same eDiscovery manager search only for mailbox or site content that meets a specific search criteria. For example, you might let an eDiscovery manager search only the mailboxes of users in a specific location or department. You do this by creating a filter that uses a supported recipient filter to limit which mailboxes a specific user or group of users can search. You can also create a filter that specifies what mailbox content a user can search for. This is done by creating a filter that uses a searchable message property. Similarly, you can let an eDiscovery manager search only specific SharePoint sites in your organization. You do this by creating a filter that limits which site can be searched. You can also create a filter that specifies what site content can be searched. This is done by creating a filter that uses a searchable site property. -Search permissions filters are applied when you search for content using Content search, Core eDiscovery, and Advanced eDiscovery in the Microsoft 365 compliance center. When a search permissions filter is applied to a specific user, that user can perform the following search-related actions: +Search permissions filters are applied when you search for content using Content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) in the Microsoft Purview compliance portal. When a search permissions filter is applied to a specific user, that user can perform the following search-related actions: - Search for content The following four cmdlets in Security & Compliance PowerShell let you configure ## Requirements to configure permissions filtering -- To run the compliance security filter cmdlets, you have to be a member of the Organization Management role group in the Microsoft 365 compliance center. For more information, see [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md). +- To run the compliance security filter cmdlets, you have to be a member of the Organization Management role group in the compliance portal. For more information, see [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md). - You have to connect to both Exchange Online and Security & Compliance Center PowerShell to use the compliance security filter cmdlets. This is necessary because these cmdlets require access to mailbox properties, which is why you have to connect to Exchange Online PowerShell. See the steps in the next section. Keep the following considerations in mind when configuring the Filters paramet The _Users_ parameter specifies the users who get this filter applied to their searches. Identify users by their alias or primary SMTP address. You can specify multiple values separated by commas, or you can assign the filter to all users by using the value All. -You can also use the _Users_ parameter to specify a Microsoft 365 compliance center role group. This lets you create a custom role group and then assign that role group a search permissions filter. For example, let's say you have a custom role group for eDiscovery managers for the U.S. subsidiary of a multi-national corporation. You can use the _Users_ parameter to specify this role group (by using the Name property of the role group) and then use the _Filter_ parameter to allow only mailboxes in the U.S. to be searched. You can't specify distribution groups with this parameter.\| +You can also use the _Users_ parameter to specify a compliance portal role group. This lets you create a custom role group and then assign that role group a search permissions filter. For example, let's say you have a custom role group for eDiscovery managers for the U.S. subsidiary of a multi-national corporation. You can use the _Users_ parameter to specify this role group (by using the Name property of the role group) and then use the _Filter_ parameter to allow only mailboxes in the U.S. to be searched. You can't specify distribution groups with this parameter.\| ### Using a filters list to combine filter types The _FilterName_ parameter specifies the name of the permissions filter. The _Users_ parameter specifies the users who get this filter applied to their searches. Because this is a multi-value property, specifying a user or group of users with this parameter overwrite the existing list of users. See the following examples for the syntax to add and remove selected users. -You can also use the _Users_ parameter to specify a Microsoft 365 compliance center role group. This lets you create a custom role group and then assign that role group a search permissions filter. For example, let's say you have a custom role group for eDiscovery managers for the U.S. subsidiary of a multi-national corporation. You can use the _Users_ parameter to specify this role group (by using the Name property of the role group) and then use the _Filter_ parameter to allow only mailboxes in the U.S. to be searched. You can't specify distribution groups with this parameter. +You can also use the _Users_ parameter to specify a compliance portal role group. This lets you create a custom role group and then assign that role group a search permissions filter. For example, let's say you have a custom role group for eDiscovery managers for the U.S. subsidiary of a multi-national corporation. You can use the _Users_ parameter to specify this role group (by using the Name property of the role group) and then use the _Filter_ parameter to allow only mailboxes in the U.S. to be searched. You can't specify distribution groups with this parameter. ### Filters The Remove-ComplianceSecurityFilter is used to delete a search filter. Use t - Does allowing a user to search all content locations in a specific service also prevent them from searching content locations in a different service? No. As previously explained, you have to create a search permissions filter to explicitly prevent users from searching content locations in a specific service (such as preventing a user from searching any Exchange mailbox or any SharePoint site). In other words, creating a search permissions filter that allows a user to search all SharePoint sites in the organization doesn't prevent that user from searching mailboxes. For example, to allow SharePoint admins to only search SharePoint sites, you have to create a filter that prevents them from searching mailboxes. Similarly, to allow Exchange admins to only search mailboxes, you have to create a filter that prevents them from searching sites. -- Do search permissions filters count against search query character limits? Yes. Search permissions filters count against the character limit for search queries. For more information, see [Limits in Advanced eDiscovery](limits-ediscovery20.md). +- Do search permissions filters count against search query character limits? Yes. Search permissions filters count against the character limit for search queries. For more information, see [Limits in eDiscovery (Premium)](limits-ediscovery20.md). What is the maximum number of search permissions filters that can be created in an organization?
compliance	Plan For Security And Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/plan-for-security-and-compliance.md	Title: "Plan for security & compliance" + Title: "Plan for security and compliance" f1.keywords: - NOCSH # Plan for security & compliance + Managing security and compliance is a partnership. You are responsible for protecting your data, identities, and devices, while Microsoft vigorously protects Microsoft 365 services. You can use Microsoft 365 and Enterprise Mobility + Security (EMS) together to help you achieve the appropriate level of protection for your organization. ## Step 1: Review capabilities
compliance	Predictive Coding Apply Prediction Filter	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-apply-prediction-filter.md	Title: "Apply the prediction score filter to items in a review set" + Title: "Apply the prediction score filter to a review set" f1.keywords: - NOCSH description: "Use a prediction score filter to displays items that a predictive # Apply a prediction score filter to a review set (preview) -After you create a predictive coding model in Advanced eDiscovery and train it to the point where it's stable, you can apply the prediction score filter to display review set items that the model has determined are relevant (or not relevant). When you create a model, a corresponding prediction score filter is also created. You can use this filter to display items assigned a prediction score within a specified range. In general, prediction scores between 0 and .5 are assigned to items that model has predicted are not relevant. Items assigned prediction scores between .5 and 1.0 are items the model has predicted are relevant. +After you create a predictive coding model in Microsoft Purview eDiscovery (Premium) and train it to the point where it's stable, you can apply the prediction score filter to display review set items that the model has determined are relevant (or not relevant). When you create a model, a corresponding prediction score filter is also created. You can use this filter to display items assigned a prediction score within a specified range. In general, prediction scores between 0 and .5 are assigned to items that model has predicted are not relevant. Items assigned prediction scores between .5 and 1.0 are items the model has predicted are relevant. Here are two ways you can use the prediction score filter: Here are two ways you can use the prediction score filter: ## Apply a prediction score filter -1. In the Microsoft 365 compliance center, open the Advanced eDiscovery case, select the Review sets tab, and then open the review set. +1. In the Microsoft Purview compliance portal, open the eDiscovery (Premium) case, select the Review sets tab, and then open the review set. ![Click Filters to display the Filters flyout page.](..\media\PredictionScoreFilter0.png)
compliance	Predictive Coding Create Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-create-model.md	Title: "Create a predictive coding model in Advanced eDiscovery" + Title: "Create a predictive coding model in eDiscovery (Premium)" f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MET150 -description: "Learn how to create a predictive coding model in Advanced eDiscovery. This is the first step in using the machine learning capabilities in Advanced eDiscovery to help you identify relevant and non-relevant content in a review set." +description: "Learn how to create a predictive coding model in eDiscovery (Premium). This is the first step in using the machine learning capabilities in eDiscovery (Premium) to help you identify relevant and non-relevant content in a review set." # Create a predictive coding model (preview) -The first step in using the machine learning capabilities of predictive coding in Advanced eDiscovery is to create a predictive coding model. After you create a model, you can train it identify the relevant and non-relevant content in a review set. +The first step in using the machine learning capabilities of predictive coding in eDiscovery (Premium) is to create a predictive coding model. After you create a model, you can train it identify the relevant and non-relevant content in a review set. -To review the predictive coding workflow, see [Learn about predictive coding in Advanced eDiscovery](predictive-coding-overview.md#the-predictive-coding-workflow) +To review the predictive coding workflow, see [Learn about predictive coding in eDiscovery (Premium)](predictive-coding-overview.md#the-predictive-coding-workflow) ## Before you create a model To review the predictive coding workflow, see [Learn about predictive coding in ## Create a model -1. In the Microsoft 365 compliance center, open an Advanced eDiscovery case and then select the Review sets tab. +1. In the Microsoft Purview compliance portal, open an eDiscovery (Premium) case and then select the Review sets tab. 2. Open a review set and then click Analytics > Manage predictive coding (preview).
compliance	Predictive Coding Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-overview.md	Title: "Predictive coding module for Advanced eDiscovery (preview)" + Title: "Predictive coding module for eDiscovery (Premium) (preview)" f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MET150 -description: "The new predictive coding module in Advanced eDiscovery uses machine learning to analyze items in a review set to predictive which the items that are relevant to your case or investigation." +description: "The new predictive coding module in eDiscovery (Premium) uses machine learning to analyze items in a review set to predictive which the items that are relevant to your case or investigation." -# Learn about predictive coding in Advanced eDiscovery (preview) +# Learn about predictive coding in eDiscovery (Premium) (preview) -The predictive coding module in Advanced eDiscovery uses the intelligent, machine learning capabilities to help you reduce the amount of content to review. Predictive coding helps you reduce and cull large volumes of case content to a relevant set of items that you can prioritize for review. This is accomplished by creating and training your own predictive coding models that help you prioritize the review of the most relevant items in a review set. +The predictive coding module in eDiscovery (Premium) uses the intelligent, machine learning capabilities to help you reduce the amount of content to review. Predictive coding helps you reduce and cull large volumes of case content to a relevant set of items that you can prioritize for review. This is accomplished by creating and training your own predictive coding models that help you prioritize the review of the most relevant items in a review set. -The predictive coding module is designed to streamline the complexity of managing a model within a review set and provide an iterative approach to training your model so you can get started faster with the machine learning capabilities in Advanced eDiscovery. To get started, you can create a model, label as few as 50 items as relevant or not relevant. The system uses this training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first. If you want to train models with higher accuracies and recall rates, you can continue labeling items in subsequent training rounds until the model stabilizes. +The predictive coding module is designed to streamline the complexity of managing a model within a review set and provide an iterative approach to training your model so you can get started faster with the machine learning capabilities in eDiscovery (Premium). To get started, you can create a model, label as few as 50 items as relevant or not relevant. The system uses this training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first. If you want to train models with higher accuracies and recall rates, you can continue labeling items in subsequent training rounds until the model stabilizes. ## The predictive coding workflow
compliance	Predictive Coding Quick Start	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-quick-start.md	Title: "Predictive coding in Advanced eDiscovery - Quick start" + Title: "Predictive coding in eDiscovery (Premium) - Quick start" f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MET150 -description: "Learn how to get started using the predictive coding module in Advanced eDiscovery. This article walks you through the end-to-end process of using predictive coding to identify content in a review set that's most relevant to your investigation." +description: "Learn how to get started using the predictive coding module in eDiscovery (Premium). This article walks you through the end-to-end process of using predictive coding to identify content in a review set that's most relevant to your investigation." -# Quick start: Predictive coding in Advanced eDiscovery (preview) +# Quick start: Predictive coding in eDiscovery (Premium) (preview) -This article presents a quick start for using predictive coding in Advanced eDiscovery. The predictive coding module uses intelligent, machine learning capabilities to help you cull large volumes of case content that's not relevant to your investigation. This is accomplished by creating and training your own predictive coding models that help you prioritize the most relevant items for review. +This article presents a quick start for using predictive coding in Microsoft Purview eDiscovery (Premium). The predictive coding module uses intelligent, machine learning capabilities to help you cull large volumes of case content that's not relevant to your investigation. This is accomplished by creating and training your own predictive coding models that help you prioritize the most relevant items for review. Here's an a quick overview of the predictive coding process: Here's an a quick overview of the predictive coding process: To get started, you create a model, label as few as 50 items as relevant or not relevant. The system then uses this training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first. If you want to train models with higher accuracies and recall rates, you can continue labeling items in subsequent training rounds until the model stabilizes. Once the model is stabilized, you can apply the final prediction filter to prioritize items to review. -For a detailed overview of predictive coding, see [Learn about predictive coding in Advanced eDiscovery](predictive-coding-overview.md). +For a detailed overview of predictive coding, see [Learn about predictive coding in eDiscovery (Premium)](predictive-coding-overview.md). ## Step 1: Create a new predictive coding model The first step is to create a new predictive coding model in the review set -1. In the Microsoft 365 compliance center, open an Advanced eDiscovery case and then select the Review sets tab. +1. In the Microsoft Purview compliance portal, open an eDiscovery (Premium) case and then select the Review sets tab. 2. Open a review set and then click Analytics > Manage predictive coding (preview).
compliance	Predictive Coding Reference	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-reference.md	description: "" # Predictive coding reference (preview) -This article describes the key concepts and metrics of the predictive coding tool in Advanced eDiscovery. The sections in the article are listed in alphabetical order. +This article describes the key concepts and metrics of the predictive coding tool in Microsoft Purview eDiscovery (Premium). The sections in the article are listed in alphabetical order. ## Confidence level
compliance	Predictive Coding Train Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-train-model.md	Title: "Train a predictive coding model in Advanced eDiscovery" + Title: "Train a predictive coding model in eDiscovery (Premium)" f1.keywords: - NOCSH description: "" # Train a predictive coding model (preview) -After you create a predictive coding model in Advanced eDiscovery, the next step is to performing the first training round to train the model on what is relevant and non-relevant content in your review set. After you complete the first round of training, you can perform subsequent training rounds to improve the model's ability to predict relevant and non-relevant content. +After you create a predictive coding model in Microsoft Purview eDiscovery (Premium), the next step is to performing the first training round to train the model on what is relevant and non-relevant content in your review set. After you complete the first round of training, you can perform subsequent training rounds to improve the model's ability to predict relevant and non-relevant content. -To review the predictive coding workflow, see [Learn about predictive coding in Advanced eDiscovery](predictive-coding-overview.md#the-predictive-coding-workflow) +To review the predictive coding workflow, see [Learn about predictive coding in eDiscovery (Premium)](predictive-coding-overview.md#the-predictive-coding-workflow) ## Before you train a model To review the predictive coding workflow, see [Learn about predictive coding in ## Train a model for the first time -1. In the Microsoft 365 compliance center, open an Advanced eDiscovery case and then select the Review sets tab. +1. In the Microsoft Purview compliance portal, open an eDiscovery (Premium) case and then select the Review sets tab. 2. Open a review set and then click Analytics > Manage predictive coding (preview).
compliance	Prepare Tls 1.2 In Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/prepare-tls-1.2-in-office-365.md	appliesto: # Preparing for TLS 1.2 in Office 365 and Office 365 GCC + ## Summary To provide the best-in-class encryption to our customers, Microsoft plans to deprecate Transport Layer Security (TLS) versions 1.0 and 1.1 in Office 365 and Office 365 GCC. We understand that the security of your data is important, and we're committed to transparency about changes that may affect your use of the TLS service.
compliance	Preserve Bcc And Expanded Distribution Group Recipients For Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preserve-bcc-and-expanded-distribution-group-recipients-for-ediscovery.md	description: "In-Place Hold, Litigation Hold, and Microsoft 365 retention polici # Preserve Bcc and expanded distribution group recipients for eDiscovery- -Litigation holds, eDiscovery holds, and [Microsoft 365 retention policies](./retention.md) (created in the Microsoft 365 compliance center) allow you to preserve mailbox content to meet regulatory compliance and eDiscovery requirements. Information about recipients directly addressed in the To and Cc fields of a message is included in all messages by default. But your organization may require the ability to search for and reproduce details about all recipients of a message. This includes: --- Recipients addressed using the Bcc field of a message: Bcc recipients are stored in the message in the sender's mailbox, but not included in headers of the message delivered to recipients.--- Expanded distribution group recipients: Recipients who receive the message because they're members of a distribution group to which the message was addressed, either in the To, Cc or Bcc fields.- -Exchange Online and Exchange Server 2013 (Cumulative Update 7 and later versions) retain information about Bcc and expanded distribution group recipients. You can search for this information by using an eDiscovery tool in the Microsoft 365 compliance center. - + +Litigation holds, eDiscovery holds, and [Microsoft 365 retention policies](./retention.md) (created in the Microsoft Purview compliance portal) allow you to preserve mailbox content to meet regulatory compliance and eDiscovery requirements. Information about recipients directly addressed in the To and Cc fields of a message is included in all messages by default. But your organization may require the ability to search for and reproduce details about all recipients of a message. This includes: + +- Recipients addressed using the Bcc field of a message: Bcc recipients are stored in the message in the sender's mailbox, but not included in headers of the message delivered to recipients. + +- Expanded distribution group recipients: Recipients who receive the message because they're members of a distribution group to which the message was addressed, either in the To, Cc or Bcc fields. + +Exchange Online and Exchange Server 2013 (Cumulative Update 7 and later versions) retain information about Bcc and expanded distribution group recipients. You can search for this information by using an eDiscovery tool in the compliance portal. + ## How Bcc recipients and expanded distribution group recipients are preserved As stated earlier, information about Bcc'ed recipients is stored with the message in the sender's mailbox. This information is indexed and available to eDiscovery searches and holds.
compliance	Preview Ediscovery Search Results	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preview-ediscovery-search-results.md	search.appverid: - MET150 - seo-marvel-apr2020 -description: "Preview a sample of the results returned by a Content search or a Core eDiscovery search in the Microsoft 365 compliance center." +description: "Preview a sample of the results returned by a Content search or a eDiscovery (Standard) search in the Microsoft Purview compliance portal." # Preview eDiscovery search results -After you run a Content search or a search associated with a Core eDiscovery case, you can preview a sample of the results returned by the search. Previewing items returned by the search query can help you determine if the search is returning the results you hope for or if you need to change the search query and rerun the search. +After you run a Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case, you can preview a sample of the results returned by the search. Previewing items returned by the search query can help you determine if the search is returning the results you hope for or if you need to change the search query and rerun the search. To preview a sample of results returned by a search: -1. In the Microsoft 365 compliance center, go to the Content search page or a Core eDiscovery case. +1. In the Microsoft Purview compliance portal, go to the Content search page or a eDiscovery (Standard) case. 2. Select search to display the flyout page.
compliance	Privacy Statement For Office 365 Secure Email Portal	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privacy-statement-for-office-365-secure-email-portal.md	description: "Last Updated: May 2017" # Privacy statement for Secure Email Portal + Last Updated: May 2017 This privacy statement governs the Office 365 the new OME capabilities Portal (the "the new OME capabilities Portal"). Previous versions were known as Office 365 Message Encryption (OME) and the "OME Portal". This privacy statement does not apply to other online or offline Microsoft sites, products, or services. Other privacy statements may also apply to the data you process through the new OME capabilities Portal, such as the privacy statement for Microsoft account (if it is used for authentication) or the privacy statement associated with your device.
compliance	Privileged Access Management Configuration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management-configuration.md	Title: "Get started with privileged access management" +description: Use this article to learn more about enabling and configuring privileged access management in Microsoft Purview. +keywords: Microsoft 365, Microsoft Purview, compliance, privileged access management f1.keywords: - NOCSH - seo-marvel-apr2020 - admindeeplinkMAC ms.assetid: -description: Use this article to learn more about enabling and configuring privileged access management in Office 365. # Get started with privileged access management -This topic guides you through enabling and configuring privileged access management in your organization. You can use either the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> or Exchange Management PowerShell to manage and use privileged access. + +This article guides you through enabling and configuring privileged access management in your organization. You can use either the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> or Exchange Management PowerShell to manage and use privileged access. ## Before you begin
compliance	Privileged Access Management Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management-overview.md	Title: "Learn about privileged access management" -description: This article provides an overview about privileged access management in Microsoft 365, including answers to frequently asked questions (FAQs). +description: This article provides an overview about privileged access management in Microsoft Purview, including answers to frequently asked questions (FAQs). +keywords: Microsoft 365, Microsoft Purview, compliance, privileged access management # Learn about privileged access management -Privileged access management allows granular access control over privileged admin tasks in Office 365. It can help protect your organization from breaches that use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bounded approval workflow. This configuration gives users just-enough-access to perform the task at hand, without risking exposure of sensitive data or critical configuration settings. Enabling privileged access management in Microsoft 365 allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access vulnerabilities. + +Microsoft Purview Privileged Access Management allows granular access control over privileged admin tasks in Office 365. It can help protect your organization from breaches that use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bounded approval workflow. This configuration gives users just-enough-access to perform the task at hand, without risking exposure of sensitive data or critical configuration settings. Enabling privileged access management allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access vulnerabilities. For a quick overview of the integrated Customer Lockbox and privileged access management workflow, see this [Customer Lockbox and privileged access management video](https://go.microsoft.com/fwlink/?linkid=2066800). Privileged access management complements other data and access feature protectio ![Layered protection in Microsoft 365.](../media/pam-layered-protection.png) -Privileged access management is defined and scoped at the task level, while Azure AD Privileged Identity Management applies protection at the role level with the ability to execute multiple tasks. Azure AD Privileged Identity Management primarily allows managing accesses for AD roles and role groups, while privileged access management in Microsoft 365 applies only at the task level. +Privileged access management is defined and scoped at the task level, while Azure AD Privileged Identity Management applies protection at the role level with the ability to execute multiple tasks. Azure AD Privileged Identity Management primarily allows managing accesses for AD roles and role groups, while Microsoft Purview Privileged Access Management applies only at the task level. - Enabling privileged access management while already using Azure AD Privileged Identity Management: Adding privileged access management provides another granular layer of protection and audit capabilities for privileged access to Microsoft 365 data. -- Enabling Azure AD Privileged Identity Management while already using privileged access management in Office 365: Adding Azure AD Privileged Identity Management to privileged access management can extend privileged access to data outside of Microsoft 365 that's primarily defined by user roles or identity. +- Enabling Azure AD Privileged Identity Management while already using Microsoft Purview Privileged Access Management: Adding Azure AD Privileged Identity Management to Microsoft Purview Privileged Access Management can extend privileged access to data outside of Microsoft 365 that's primarily defined by user roles or identity. ## Privileged access management architecture and process flow
compliance	Privileged Access Management Solution Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/privileged-access-management-solution-overview.md	Title: Privileged access management in Microsoft 365 -description: Learn how to configure insider risk capabilities across Microsoft 365. + Title: Privileged access management +description: Learn how to configure insider risk capabilities across Microsoft Purview. keywords: Microsoft 365, insider risk, compliance ms.localizationpriority: medium - m365solution-scenario -# Privileged access management in Microsoft 365 +# Privileged access management -Having standing access by some users to sensitive information or critical network configuration settings in Microsoft Exchange Online is a potential pathway for compromised accounts or internal threat activities. Privileged access management helps protect your organization from breaches and helps to meet compliance best practices by limiting standing access to sensitive data or access to critical configuration settings. Instead of administrators having constant access, just-in-time access rules are implemented for tasks that need elevated permissions. Enabling privileged access management for Exchange Online in Microsoft 365 allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access vulnerabilities. -## Configure privileged access management for Microsoft 365 +Having standing access by some users to sensitive information or critical network configuration settings in Microsoft Exchange Online is a potential pathway for compromised accounts or internal threat activities. Microsoft Purview Privileged Access Management helps protect your organization from breaches and helps to meet compliance best practices by limiting standing access to sensitive data or access to critical configuration settings. Instead of administrators having constant access, just-in-time access rules are implemented for tasks that need elevated permissions. Enabling privileged access management for Exchange Online in Microsoft 365 allows your organization to operate with zero standing privileges and provide a layer of defense against standing administrative access vulnerabilities. + +## Configure privileged access management Use the following steps to configure privileged access management for your organization: ![Insider risk solution privileged access management steps.](../media/ir-solution-pam-steps.png) -1. Learn about [privileged access management](privileged-access-management-overview.md) in Microsoft 365 +1. Learn about [privileged access management](privileged-access-management-overview.md) 2. Create an [approver's group](privileged-access-management-configuration.md#step-1-create-an-approvers-group) 3. Enable [privileged access management](privileged-access-management-configuration.md#step-2-enable-privileged-access) 4. Create an [access policy](privileged-access-management-configuration.md#step-3-create-an-access-policy) Use the following steps to configure privileged access management for your organ ## More information about privileged access management -- [Frequently asked questions about privileged access management](privileged-access-management-overview.md#frequently-asked-questions) +- [Frequently asked questions about privileged access management](privileged-access-management-overview.md#frequently-asked-questions)
compliance	Processing Data For Case	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/processing-data-for-case.md	Title: "Work with processing errors in Advanced eDiscovery" + Title: "Work with processing errors in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: ms.assetid: - seo-marvel-apr2020 -description: "Overview about processing various forms of data in Advanced eDiscovery." +description: "Overview about processing various forms of data in eDiscovery (Premium)." -# Work with processing errors in Advanced eDiscovery +# Work with processing errors in eDiscovery (Premium) Processing is the process of file identification, expansion of embedded documents and attachments, text extraction, and Optical Character Recognition (OCR) of image files and the subsequent indexing of that content. When you add custodians and non-custodian data sources to a case on the Sources tab, all partially indexed items from Microsoft 365 are processed to make them fully searchable. Likewise, when content is added to a review set from both Microsoft 365 and non-Microsoft 365 data sources, this content is also processed. -The Processing tab in Advanced eDiscovery provides insight into the status of advanced indexing for different processing scenarios. +The Processing tab in eDiscovery (Premium) provides insight into the status of advanced indexing for different processing scenarios. For more information, see the following articles:
compliance	Protect Access To Data And Services	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/protect-access-to-data-and-services.md	# Protect user and device access + Protecting access to your Microsoft 365 data and services is crucial to defending against cyberattacks and guarding against data loss. The same protections can be applied to other SaaS applications in your environment and even to on-premises applications published with Azure Active Directory Application Proxy. ## Step 1: Review recommendations Recommended capabilities for protecting identities and devices that access Offic [PDF](https://go.microsoft.com/fwlink/p/?linkid=841656) \| [Visio](https://go.microsoft.com/fwlink/p/?linkid=841657) \| [More languages](https://www.microsoft.com/download/details.aspx?id=55032) ## Step 2: Protect administrator accounts and access -The administrative accounts you use to administer your Microsoft 365 environment include elevated privileges. These are valuable targets for hackers and cyberattackers. + +The administrative accounts you use to administer your Microsoft 365 environment include elevated privileges. These are valuable targets for hackers and cyberattackers. Begin by using administrator accounts only for administration. Admins should have a separate user account for regular, non-administrative use and only use their administrative account when necessary to complete a task associated with their job function. Protect your administrator accounts with multi-factor authentication and conditional access. For more information, see [Protecting administrator accounts](../security/office-365-security/identity-access-prerequisites.md#protecting-administrator-accounts). -Next, configure privileged access management in Office 365. Privileged access management allows granular access control over privileged admin tasks in Office 365. It can help protect your organization from breaches that may use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. +Next, configure Microsoft Purview Privileged Access Management. Privileged access management allows granular access control over privileged admin tasks in Office 365. It can help protect your organization from breaches that may use existing privileged admin accounts with standing access to sensitive data or access to critical configuration settings. - [Overview of privileged access management](privileged-access-management-overview.md) - [Configure privileged access management](privileged-access-management-configuration.md) Another top recommendation is to use workstations especially configured for admi Finally, you can mitigate the impact of inadvertent lack of administrative access by creating two or more emergency access accounts in your tenant. See [Manage emergency access accounts in Azure AD](/azure/active-directory/users-groups-roles/directory-emergency-access). ## Step 3: Configure recommended identity and device access policies+ Multi-factor authentication (MFA) and conditional access policies are powerful tools for mitigating against compromised accounts and unauthorized access. We recommend implementing a set of policies that have been tested together. For more information, including deployment steps, see [Identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md). These policies implement the following capabilities:+ - Multi-factor authentication - Conditional access - Intune app protection (app and data protection for devices) Implementing Intune device compliance requires device enrollment. Managing devic ## Step 4: Configure SharePoint device access policies Microsoft recommends you protect content in SharePoint sites with sensitive and highly regulated content with device access controls. For more information, see [Policy recommendations for securing SharePoint sites and files](../security/office-365-security/sharepoint-file-access-policies.md).---
compliance	Protect Documents That Have Fci Or Other Properties	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/protect-documents-that-have-fci-or-other-properties.md	Title: "Create a DLP policy to protect documents with FCI or other properties" + Title: "Create a DLP policy to protect documents" f1.keywords: - NOCSH description: Learn how to use a data loss prevention (DLP) policy to protect doc # Create a DLP policy to protect documents with FCI or other properties -Microsoft 365 data loss prevention (DLP) policies can use classification properties or item properties to identify sensitive items. For example you can use: + +Microsoft Purview Data Loss Prevention (DLP) policies can use classification properties or item properties to identify sensitive items. For example you can use: - Windows Server File Classification infrastructure (FCI) properties - SharePoint document properties For more information, see [Manually request crawling and re-indexing of a site, - [What the DLP policy templates include](what-the-dlp-policy-templates-include.md) -- [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) +- [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
compliance	Record Versioning	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/record-versioning.md	Title: "Use record versioning to update records stored in SharePoint or OneDrive" + Title: "Use record versioning in SharePoint or OneDrive" f1.keywords: - NOCSH description: "Learn about records to help you implement a records management sol # Use record versioning to update records stored in SharePoint or OneDrive + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] > Because regulatory records block editing, record versioning is not available for regulatory records. > -> You can also prevent record versioning for your tenant, even if you're not using regulatory records: Go to the Records management node in the Microsoft 365 compliance center > Records management settings > Retention labels > Configure record versioning and then turn off the setting for Enable record versioning. +> You can also prevent record versioning for your tenant, even if you're not using regulatory records: Go to Records management in the Microsoft Purview compliance portal > Records management settings > Retention labels > Configure record versioning and then turn off the setting for Enable record versioning. The ability to mark a document as a [record](records-management.md#records) and restrict actions that can be performed on the record is an essential goal for any records management solution. However, collaboration might also be needed for people to create subsequent versions.
compliance	Records Management	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/records-management.md	Title: "Records Management in Microsoft 365" + Title: "Learn about Microsoft Purview Records Management" f1.keywords: - NOCSH - admindeeplinkCOMPLIANCE - seo-marvel-apr2020 - seo-marvel-jun2020 -description: With records management in Microsoft 365, you can apply your retention schedules into a file plan that manages retention, records declaration, and disposition. +description: Learn how Microsoft Purview Records Management supports high-value items for business, legal, or regulatory record-keeping requirements. -# Learn about records management in Microsoft 365 +# Learn about records management + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Organizations of all types require a records-management solution to manage regulatory, legal, and business-critical records across their corporate data. Records management in Microsoft 365 helps an organization manage their legal obligations, provides the ability to demonstrate compliance with regulations, and increases efficiency with regular disposition of items that are no longer required to be retained, no longer of value, or no longer required for business purposes. +Organizations of all types require a records-management solution to manage regulatory, legal, and business-critical records across their corporate data. Records management for Microsoft Purview helps an organization manage their legal obligations, provides the ability to demonstrate compliance with regulations, and increases efficiency with regular disposition of items that are no longer required to be retained, no longer of value, or no longer required for business purposes. -Use the following capabilities to support your records management solution in Microsoft 365: +Use the following capabilities to support your records management solution for Microsoft 365 services and apps: - Label content as a record. Create and configure retention labels to mark content as a [record](#records) that can then be applied by users or automatically applied by identifying sensitive information, keywords, or content types. A standard retention label has retention settings and actions but doesn't mark c Footnotes: <sup>1</sup> -Editing properties for a locked record is allowed by default but can be blocked by a tenant setting in the [Microsoft 365 compliance center](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Allow editing of record properties. +Editing properties for a locked record is allowed by default but can be blocked by a tenant setting in the [Microsoft Purview compliance portal](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Allow editing of record properties. <sup>2</sup> -Deleting labeled items in SharePoint and OneDrive can be blocked as a tenant setting in the [Microsoft 365 compliance center](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Deletion of items. +Deleting labeled items in SharePoint and OneDrive can be blocked as a tenant setting in the [Microsoft Purview compliance portal](https://compliance.microsoft.com/) > Records management > Records management settings > Retention labels > Deletion of items. When you apply a retention label to a list item that has a document attachment, that document doesn't inherit the retention settings and can be deleted from the list item. In comparison, if that list item was declared a record with a retention label, the document attachment would inherit the retention settings and couldn't be deleted. Containers include SharePoint document libraries, OneDrive accounts, and Exchang ## Configuration guidance -See [Get started with records management](get-started-with-records-management.md). This article has information about subscriptions, permissions, and links to end-to-end configuration guidance for records management scenarios. +See [Get started with records management](get-started-with-records-management.md). This article has information about subscriptions, permissions, and links to end-to-end configuration guidance for records management scenarios.
compliance	Recover An Inactive Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/recover-an-inactive-mailbox.md	description: Learn how to recover the contents of an inactive mailbox in Office # Recover an inactive mailbox + An inactive mailbox (which is a type of soft-deleted mailbox) is used to preserve a former employee's email after he or she leaves your organization. If that employee returns to your organization or if another employee takes on the job responsibilities of the former employee, there are two ways that you can make the contents of the inactive mailbox available to a user: - Recover an inactive mailbox. If the former employee returns to your organization, or if a new employee is hired to take on the job responsibilities of the former employee, you can recover the contents of the inactive mailbox. This method converts the inactive mailbox to a new, active mailbox that contains the contents of the inactive mailbox. After it's recovered, the inactive mailbox no longer exists. The procedures in this topic describe this method. After you recover an inactive mailbox, a new user account is also created. You n If there isn't a value for the ExternalDirectoryObjectId property, the mailbox retention period has expired, and you can recover the inactive mailbox by running the New-Mailbox -InactiveMailbox command. If there is a value for the ExternalDirectoryObjectId property, the soft-deleted mailbox retention period hasn't expired and you have to recover the mailbox by restoring the user account. See [Delete a user from your organization](../admin/add-users/delete-a-user.md). -- Consider enabling the archive mailbox after you recover an inactive mailbox. This lets the returning user or new employee move old messages to the archive mailbox. And when the retention hold expires, the archive policy that is part of the default Exchange retention policy assigned to Exchange Online mailboxes will move items that are two years or older to the archive mailbox. If you don't enable the archive mailbox, items older than two years will remain in the user's primary mailbox. For more information, see [Enable archive mailboxes](enable-archive-mailboxes.md). +- Consider enabling the archive mailbox after you recover an inactive mailbox. This lets the returning user or new employee move old messages to the archive mailbox. And when the retention hold expires, the archive policy that is part of the default Exchange retention policy assigned to Exchange Online mailboxes will move items that are two years or older to the archive mailbox. If you don't enable the archive mailbox, items older than two years will remain in the user's primary mailbox. For more information, see [Enable archive mailboxes](enable-archive-mailboxes.md).
compliance	Restore An Inactive Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/restore-an-inactive-mailbox.md	# Restore an inactive mailbox + An inactive mailbox (which is a type of soft-deleted mailbox) is used to retain a former employee's email after he or she leaves your organization. If another employee takes on the job responsibilities of the departed employee or if that employee returns to your organization, there are two ways that you can make the contents of the inactive mailbox available to a user: - Restore an inactive mailbox If another employee takes on the job responsibilities of the departed employee, or if another user needs access to the contents of the inactive mailbox, you can restore (or merge) the contents of the inactive mailbox to an existing mailbox. You can also restore the archive from an inactive mailbox. After it's restored, the inactive mailbox is preserved and is retained as an inactive mailbox. This topic describes the procedures for restoring an inactive mailbox.
compliance	Retention Flowchart	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-flowchart.md	Title: "Flowchart to determine when an item will be retained or permanently deleted" + Title: "Flowchart to determine when an item is retained or deleted" f1.keywords: - NOCSH description: "Use a flowchart to determine the outcome when an item has multiple # Flowchart to determine when an item will be retained or permanently deleted + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Use the following flowchart to apply the [principles of retention](retention.md#the-principles-of-retention-or-what-takes-precedence) to an item to determine if the system will retain it or permanently delete it as a result of a retention label or retention policy.
compliance	Retention Limits	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-limits.md	description: "Understand the maximum number of policies and items per policy for # Limits for retention policies and retention label policies + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). When you use [retention policies and retention label policies](retention.md#retention-policies-and-retention-labels) to automatically retain or delete data for your organization, there are some maximum numbers to be aware of.
compliance	Retention Policies Exchange	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-exchange.md	description: "Learn how retention works for Exchange." # Learn about retention for Exchange + The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to Exchange. For other workloads, see: - [Learn about retention for SharePoint and OneDrive](retention-policies-sharepoint.md) When the retention settings no longer apply because the data is permanently dele ## Configuration guidance -If you're new to configuring retention in Microsoft 365, see [Get started with information governance](get-started-with-information-governance.md). +If you're new to configuring retention in Microsoft 365, see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). If you're ready to configure a retention policy or retention label for Exchange, see the following instructions: - [Create and configure retention policies](create-retention-policies.md) - [Publish retention labels and apply them in apps](create-apply-retention-labels.md)-- [Apply a retention label to content automatically](apply-retention-labels-automatically.md) +- [Apply a retention label to content automatically](apply-retention-labels-automatically.md)
compliance	Retention Policies Sharepoint	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-sharepoint.md	description: "Learn how retention works for SharePoint and OneDrive." # Learn about retention for SharePoint and OneDrive + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to SharePoint and OneDrive. Users also see an error message if they try to delete a labeled item in any of t - The records management setting that allows users to delete labeled items is turned off. - To check or change this setting, go to the Records management solution in the Microsoft 365 compliance center > Records management > Records management settings > Retention labels > Deletion of items. There are separate settings for SharePoint and OneDrive. + To check or change this setting, go to the Records management solution in the Microsoft Purview compliance portal > Records management > Records management settings > Retention labels > Deletion of items. There are separate settings for SharePoint and OneDrive. Alternatively, and if you don't have access to the Records management solution, you can use AllowFilesWithKeepLabelToBeDeletedSPO and AllowFilesWithKeepLabelToBeDeletedODB from [Get-PnPTenant](/powershell/module/sharepoint-pnp/get-pnptenant) and [Set-PnPTenant](/powershell/module/sharepoint-pnp/set-pnptenant). When the retention period expires and the retention settings included a delete a ## Configuration guidance -If you're new to configuring retention in Microsoft 365, see [Get started with information governance](get-started-with-information-governance.md). +If you're new to configuring retention in Microsoft 365, see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). If you're ready to configure a retention policy or retention label for Exchange, see the following instructions: - [Create and configure retention policies](create-retention-policies.md) - [Publish retention labels and apply them in apps](create-apply-retention-labels.md)-- [Apply a retention label to content automatically](apply-retention-labels-automatically.md) +- [Apply a retention label to content automatically](apply-retention-labels-automatically.md)
compliance	Retention Policies Teams	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md	description: "Learn about retention policies that apply to Microsoft Teams." # Learn about retention for Microsoft Teams + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] If the user stored any files in Teams, see the [equivalent section](retention-po ## Configuration guidance -If you're new to configuring retention in Microsoft 365, see [Get started with information governance](get-started-with-information-governance.md). +If you're new to configuring retention in Microsoft 365, see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). -If you're ready to configure a retention policy for Teams, see [Create and configure retention policies](create-retention-policies.md). +If you're ready to configure a retention policy for Teams, see [Create and configure retention policies](create-retention-policies.md).
compliance	Retention Policies Yammer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-yammer.md	description: "Learn about retention policies that apply to Yammer." # Learn about retention for Yammer + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to Yammer. Be aware of the following limitation when you use retention for Yammer community ## Configuration guidance -If you're new to configuring retention in Microsoft 365, see [Get started with information governance](get-started-with-information-governance.md). +If you're new to configuring retention in Microsoft 365, see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). -If you're ready to configure a retention policy for Yammer, see [Create and configure retention policies](create-retention-policies.md). +If you're ready to configure a retention policy for Yammer, see [Create and configure retention policies](create-retention-policies.md).
compliance	Retention Preservation Lock	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-preservation-lock.md	Title: "Use Preservation Lock to restrict changes to retention policies and retention label policies" + Title: "Use Preservation Lock to restrict changes to retention policies" f1.keywords: - NOCSH description: "Use Preservation Lock with retention policies and retention label # Use Preservation Lock to restrict changes to retention policies and retention label policies + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!IMPORTANT] You should see RestrictiveRetention is set to True. For example: ## See also -[Resources to help you meet regulatory requirements for information governance and records management](retention-regulatory-requirements.md) +[Resources to help you meet regulatory requirements for data lifecycle management and records management](retention-regulatory-requirements.md)
compliance	Retention Regulatory Requirements	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-regulatory-requirements.md	Title: "Resources to help you meet regulatory requirements for information governance and records management" + Title: "Resources to help you meet regulatory requirements for data lifecycle management and records management" f1.keywords: - NOCSH ms.localizationpriority: high search.appverid: - MOE150 - MET150 -description: "Resources to help you meet regulatory requirements for information governance and records management." +description: "Resources to help you meet regulatory requirements for data lifecycle management and records management." -# Regulatory requirements for information governance and records management +# Regulatory requirements for data lifecycle management and records management + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -Use the resources on this page to help you meet specific regulatory requirements for information governance and records management in Microsoft 365. Each section of this document focuses on one or more related regulations and includes any existing guidance or third-party assessment of how to configure Microsoft 365 to help with the requirements outlined. +Use the resources on this page to help you meet specific regulatory requirements for data lifecycle management and records management in Microsoft 365. Each section of this document focuses on one or more related regulations and includes any existing guidance or third-party assessment of how to configure Microsoft 365 to help with the requirements outlined. These resources are available to download from the [Data Protection Resources, FAQ, and White Papers](https://servicetrust.microsoft.com/ViewPage/TrustDocuments) page of the Service Trust Portal. Released November 2020, this report has been produced in partnership with Cohass - The principles-based electronic records requirements of the Commodity Futures Trading Commission (CFTC) in 17 CFR ┬º 1.31(c)-(d). -The opinion from Cohasset is that when compliance features are properly configured and carefully applied and managed as described in their report, the assessed Microsoft 365 services meet the five requirements related to the recording and non-rewriteable, non-erasable storage of electronic records. +The opinion from Cohasset is that when compliance features are properly configured and carefully applied and managed as described in their report, the assessed Microsoft 365 services meet the five requirements related to the recording and non-rewriteable, non-erasable storage of electronic records.
compliance	Retention Settings	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-settings.md	description: "Understand the settings you can configure in a retention policy or # Common settings for retention policies and retention label policies + >[Microsoft 365 licensing guidance for security & compliance](https://aka.ms/ComplianceSD). Many settings for retention are common to both retention policies and retention label policies. Use the following information to help you configure these settings to proactively retain content, delete content, or bothΓÇöretain and then delete the content. Before you configure your adaptive scope, use the previous section to identify w Specifically for SharePoint sites, there might be additional SharePoint configuration needed if you plan to use [custom site properties](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/using-custom-sharepoint-site-properties-to-apply-microsoft-365/ba-p/3133970). -1. In the [Microsoft 365 compliance center](https://compliance.microsoft.com/), navigate to one of the following locations: +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com/), navigate to one of the following locations: - If you are using the records management solution: - Solutions > Records management > Adaptive scopes tab > + Create scope - - If you are using the information governance solution: - - Solutions > Information governance > Adaptive scopes tab > + Create scope + - If you are using the data lifecycle management solution: + - Solutions > Data lifecycle management > Adaptive scopes tab > + Create scope Don't immediately see your solution in the navigation pane? First select Show all. Some settings can't be changed after a policy for retention is created and saved If you edit a retention policy and items are already subject to the original settings in your retention policy, your updated settings will be automatically applied to these items in addition to items that are newly identified. -Usually this update is fairly quick but can take several days. When the policy replication across your Microsoft 365 locations is complete, you'll see the status of the retention policy in the Microsoft 365 compliance center change from On (Pending) to On (Success). +Usually this update is fairly quick but can take several days. When the policy replication across your Microsoft 365 locations is complete, you'll see the status of the retention policy in the Microsoft Purview compliance portal change from On (Pending) to On (Success). ## Locking the policy to prevent changes
compliance	Retention	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention.md	description: Learn about retention policies and retention labels that help you t # Learn about retention policies and retention labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] With these two retention actions, you can configure retention settings for the f These retention settings work with content in place that saves you the additional overheads of creating and configuring additional storage when you need to retain content for compliance reasons. In addition, you don't need to implement customized processes to copy and synchronize this data. -Use the following sections to learn more about how retention policies and retention labels work, when to use them, and how they supplement each other. But if you're ready to get started and deploy retention settings for some common scenarios, see [Get started with information governance](get-started-with-information-governance.md). +Use the following sections to learn more about how retention policies and retention labels work, when to use them, and how they supplement each other. But if you're ready to get started and deploy retention settings for some common scenarios, see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). ## How retention settings work with content in place For example, you can create and apply a retention label named "Review later" wit #### Using a retention label as a condition in a DLP policy -You can specify a retention label as a condition in a data loss prevention (DLP) policy for documents in SharePoint. For example, configure a DLP policy to prevent documents from being shared outside the organization if they have a specified retention label applied to it. +You can specify a retention label as a condition in a Microsoft Purview Data Loss Prevention (DLP) policy for documents in SharePoint. For example, configure a DLP policy to prevent documents from being shared outside the organization if they have a specified retention label applied to it. For more information, see [Using a retention label as a condition in a DLP policy](data-loss-prevention-policies.md#using-a-retention-label-as-a-condition-in-a-dlp-policy). When retention labels mark items as a record or a regulatory record, these label #### Monitoring retention labels -From the Microsoft 365 compliance center, select Data classification and the Overview page to monitor how your retention labels are being used in your tenant, and identify where your labeled items are located. For more information, including important prerequisites, see [Learn about data classification](data-classification-overview.md). +From the Microsoft Purview compliance portal, select Data classification and the Overview page to monitor how your retention labels are being used in your tenant, and identify where your labeled items are located. For more information, including important prerequisites, see [Learn about data classification](data-classification-overview.md). You can then drill down into details by using [content explorer](data-classification-content-explorer.md) and [activity explorer](data-classification-activity-explorer.md). To watch a recorded webinar (requires registration), visit [Deep Dive on Adaptiv ## Policy lookup -You can configure multiple retention policies for Microsoft 365 locations, as well as multiple retention label policies that you publish or auto-apply. To find the policies for retention that are assigned to specific users, sites, and Microsoft 365 groups, use Policy lookup from the Information governance solution in the Microsoft 365 compliance center: +You can configure multiple retention policies for Microsoft 365 locations, as well as multiple retention label policies that you publish or auto-apply. To find the policies for retention that are assigned to specific users, sites, and Microsoft 365 groups, use Policy lookup from the Data lifecycle management or Records management solutions in the Microsoft Purview compliance portal. + +For example: ![Policy lookup to find the policies for retention that are assigned to specific users, sites, and Microsoft 365 groups ](../media/policy-lookup.png) -You must specify the exact email address for a user, exact URL for a site, or exact email address for a Microsoft 365 group. +You must specify the exact email address for a user, exact URL for a site, or exact email address for a Microsoft 365 group. You can't use wildcards, or partial matches, for example. The option for sites includes OneDrive accounts. For information how to specify the URL for a user's OneDrive account, see [Get a list of all user OneDrive URLs in your organization](/onedrive/list-onedrive-urls). Retention actions that are logged as auditing events are available only for rete ## PowerShell cmdlets for retention policies and retention labels -To use the retention cmdlets, you must first [connect to the Office 365 Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). Then, use any of the following cmdlets: +To use the retention cmdlets, you must first [connect to Office 365 Security & Compliance Center PowerShell](/powershell/exchange/connect-to-scc-powershell). Then, use any of the following cmdlets: - [Get-ComplianceTag](/powershell/module/exchange/get-compliancetag) To use the retention cmdlets, you must first [connect to the Office 365 Security Although retention settings and [holds that you create with an eDiscovery case](create-ediscovery-holds.md) can both prevent data from being permanently deleted, they are designed for different scenarios. To help you understand the differences and decide which to use, use the following guidance: -- Retention settings that you specify in retention policies and retention labels are designed for a long-term information governance strategy to retain or delete data for compliance requirements. The scope is usually broad with the main focus being the location and content rather than individual users. The start and end of the retention period is configurable, with the option to automatically delete content without additional administrator intervention. +- Retention settings that you specify in retention policies and retention labels are designed for a long-term data lifecycle management strategy to retain or delete data for compliance requirements. The scope is usually broad with the main focus being the location and content rather than individual users. The start and end of the retention period is configurable, with the option to automatically delete content without additional administrator intervention. -- Holds for eDiscovery (either Core eDiscovery or Advanced eDiscovery cases) are designed for a limited duration to preserve data for a legal investigation. The scope is specific with the focus being content owned by identified users. The start and end of the preservation period isn't configurable but dependent on individual administrator actions, without an option to automatically delete content when the hold is released. +- Holds for eDiscovery (either eDiscovery (Standard) or eDiscovery (Premium) cases) are designed for a limited duration to preserve data for a legal investigation. The scope is specific with the focus being content owned by identified users. The start and end of the preservation period isn't configurable but dependent on individual administrator actions, without an option to automatically delete content when the hold is released. Summary to compare retention with holds: Summary to compare retention with holds: \|Content deletion: \|Yes (optional) \|No \| \|Administrative overheads: \|Low \|High \| -If content is subject to both retention settings and an eDiscovery hold, preserving content for the eDiscovery hold always takes precedence. In this way, the [principles of retention](#the-principles-of-retention-or-what-takes-precedence) expand to eDiscovery holds because they preserve data until an administrator manually releases the hold. However, despite this precedence, don't use eDiscovery holds for long-term information governance. If you are concerned about automatic deletion of data, you can configure retention settings to retain items forever, or use [disposition review](disposition.md#disposition-reviews) with retention labels. +If content is subject to both retention settings and an eDiscovery hold, preserving content for the eDiscovery hold always takes precedence. In this way, the [principles of retention](#the-principles-of-retention-or-what-takes-precedence) expand to eDiscovery holds because they preserve data until an administrator manually releases the hold. However, despite this precedence, don't use eDiscovery holds for long-term data lifecycle management. If you are concerned about automatic deletion of data, you can configure retention settings to retain items forever, or use [disposition review](disposition.md#disposition-reviews) with retention labels. If you are using older eDiscovery tools to preserve data, see the following resources: If you are using older eDiscovery tools to preserve data, see the following reso ## Use retention policies and retention labels instead of older features -If you need to proactively retain or delete content in Microsoft 365 for information governance, we recommend that you use retention policies and retention labels instead of the following older features. +If you need to proactively retain or delete content in Microsoft 365 for data lifecycle management, we recommend that you use retention policies and retention labels instead of the following older features. If you currently use these older features, they will continue to work side by side with Microsoft 365 retention policies and retention labels. However, we recommend that going forward, you use Microsoft 365 retention policies and retention labels to benefit from a single solution to manage both retention and deletion of content across multiple workloads in Microsoft 365. If you have configured SharePoint sites for content type policies or information ## Related information - [SharePoint Online Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits)-- [Limits and specifications for Microsoft Teams](/microsoftteams/limits-specifications-teams)-- [Resources to help you meet regulatory requirements for information governance and records management](retention-regulatory-requirements.md) +- [Limits and specifications for Microsoft Teams](/microsoftteams/limits-specifications-teams) +- [Resources to help you meet regulatory requirements for data lifecycle management and records management](retention-regulatory-requirements.md) ## Configuration guidance -See [Get started with information governance](get-started-with-information-governance.md). This article has information about subscriptions, permissions, and links to end-to-end configuration guidance for retention scenarios. +See [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md). This article has information about subscriptions, permissions, and links to end-to-end configuration guidance for retention scenarios.
compliance	Review Set Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/review-set-search.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Learn how to create and run a query in a review set to organize content for a more efficient review in an Advanced eDiscovery case." +description: "Learn how to create and run a query in a review set to organize content for a more efficient review in a Microsoft Purview eDiscovery (Premium) case."
compliance	Revoke Ome Encrypted Mail	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/revoke-ome-encrypted-mail.md	- M365-security-compliance search.appverid: - MET150 -description: "As an administrator and as a message sender, you can revoke certain emails that were encrypted with Office 365 Advanced Message Encryption." +description: "As an administrator and as a message sender, you can revoke certain emails that were encrypted with Microsoft Purview Advanced Message Encryption." # Revoke email encrypted by Advanced Message Encryption -Email revocation is offered as part of Office 365 Advanced Message Encryption. Office 365 Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. If your organization has a subscription that does not include Office 365 Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or Office 365 SKUs. + +Email revocation is offered as part of Microsoft Purview Advanced Message Encryption. Microsoft Purview Advanced Message Encryption is included in [Microsoft 365 Enterprise E5](https://www.microsoft.com/microsoft-365/enterprise/home), Office 365 E5, Microsoft 365 E5 (Nonprofit Staff Pricing), Office 365 Enterprise E5 (Nonprofit Staff Pricing), and Office 365 Education A5. If your organization has a subscription that does not include Microsoft Purview Advanced Message Encryption, you can purchase it with the Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or the Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing), or Office 365 SKUs. This article is part of a larger series of articles about [Office 365 Message Encryption](ome.md). -If a message was encrypted using Office 365 Advanced Message Encryption, and you are a Microsoft 365 admin or you are the sender of the message, you can revoke the message under certain conditions. Admins revoke messages using PowerShell. As a sender, you revoke a message that you sent directly from Outlook on the web. This article describes the circumstances under which revocation is possible and how to do it. +If a message was encrypted using Microsoft Purview Advanced Message Encryption, and you are a Microsoft 365 admin or you are the sender of the message, you can revoke the message under certain conditions. Admins revoke messages using PowerShell. As a sender, you revoke a message that you sent directly from Outlook on the web. This article describes the circumstances under which revocation is possible and how to do it. > [!NOTE] > To guarantee that the ability to track and revoke OME messages is available, you must add a custom branding template. See [Add your organization's brand to your encrypted messages](add-your-organization-brand-to-encrypted-messages.md) There are multiple ways to find the Message ID of the email that you want to rev 2. Once you've located the email, select it to bring up the Message trace details pane. Expand More Information to locate the Message ID. -#### To identify the Message ID of the email you want to revoke by using Office Message Encryption reports in the Security & Compliance Center +#### To identify the Message ID of the email you want to revoke by using Message Encryption reports in the Security & Compliance Center 1. In the Security & Compliance Center, navigate to the Message encryption report. For information on this report, see [View email security reports in the Security & Compliance Center](../security/office-365-security/view-email-security-reports.md). To revoke an email by using Windows PowerShell, use the Set-OMEMessageRevocation Revoked: True ``` -## More information about Office 365 Advanced Message Encryption +## More information about Microsoft Purview Advanced Message Encryption -- [Office 365 Advanced Message Encryption](ome-advanced-message-encryption.md) +- [Microsoft Purview Advanced Message Encryption](ome-advanced-message-encryption.md) -- [Office 365 Advanced Message Encryption - email expiration](ome-advanced-expiration.md) +- [Microsoft Purview Advanced Message Encryption - email expiration](ome-advanced-expiration.md) -- [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance) +- [Message policy and compliance service description](/office365/servicedescriptions/exchange-online-service-description/message-policy-and-compliance)
compliance	Search And Delete Teams Chat Messages	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-and-delete-Teams-chat-messages.md	search.appverid: - MOE150 - MET150 ms.assetid: 3526fd06-b45f-445b-aed4-5ebd37b3762a -description: "Use Advanced eDiscovery and the Microsoft Graph Explorer to search for and purge chat messages in Microsoft Teams, and respond to data spillage incidents in Teams." +description: "Use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and purge chat messages in Microsoft Teams, and respond to data spillage incidents in Teams." # Search and purge chat messages in Teams -You can use Advanced eDiscovery and the Microsoft Graph Explorer to search for and delete chat messages in Microsoft Teams. This can help you find and remove sensitive information or inappropriate content. This search and purge workflow will also help you respond to a data spillage incident, when content containing confidential or malicious information is released through Teams chat messages.ΓÇï +You can use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and delete chat messages in Microsoft Teams. This can help you find and remove sensitive information or inappropriate content. This search and purge workflow will also help you respond to a data spillage incident, when content containing confidential or malicious information is released through Teams chat messages.ΓÇï > [!NOTE] > This article applies to Microsoft 365 Enterprise organizations. Support for the US Government cloud (including GCC, GCC High, and DoD) is coming soon. ## Before you search and purge chat messages -- To create an Advanced eDiscovery case and use collections to search for chat messages, you have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center. To delete chat messages, you have to be assigned the Search And Purge role. This role is assigned to the Data Investigator and Organization Management role groups by default. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- To create an eDiscovery (Premium) case and use collections to search for chat messages, you have to be a member of the eDiscovery Manager role group in the Microsoft Purview compliance portal. To delete chat messages, you have to be assigned the Search And Purge role. This role is assigned to the Data Investigator and Organization Management role groups by default. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). - Search and purge is supported for conversations within your tenant. Support for Teams Connect Chat (External Access or Federation) conversations is enabled in the interface in some cases but is not working as intended. - A maximum of 10 items per mailbox can be removed at one time. Because the capability to search for and remove chat messages is intended to be an incident-response tool, this limit helps ensure that chat messages are quickly removed. Here's the process to search for and purge Teams chat messages: ![Workflow to search for and purge Teams chat messages.](../media/TeamsSearchAndPurgeWorkflow.png) -## Step 1: Create a case in Advanced eDiscovery +## Step 1: Create a case in eDiscovery (Premium) -The first step is to create a case in Advanced eDiscovery to manage the search and purge process. For information about creating a case, see [Use the new case format](advanced-ediscovery-new-case-format.md). +The first step is to create a case in eDiscovery (Premium) to manage the search and purge process. For information about creating a case, see [Use the new case format](advanced-ediscovery-new-case-format.md). ## Step 2: Create a draft collection After you create a case, the next step is to create a draft collection to search for the Teams chat messages that you want to purge. The purge process you perform is Step 5 will purge all items that are found in the draft collection. -In Advanced eDiscovery, a collection is an eDiscovery search of the Teams content locations that contain the chat messages that you want to purge. Create the draft collection in the case that you created in the previous step. For more information, see [Create a draft collection](create-draft-collection.md). +In eDiscovery (Premium), a collection is an eDiscovery search of the Teams content locations that contain the chat messages that you want to purge. Create the draft collection in the case that you created in the previous step. For more information, see [Create a draft collection](create-draft-collection.md). ### Data sources for chat messages For instructions about how to identify and remove holds and retention policies, Now you're ready to actually purge chat messages from Teams. You'll use the Microsoft Graph Explorer to perform the following three tasks: -1. Get the Id of the Advanced eDiscovery case that you created in Step 1. This is the case that contains the collection created in Step 2. +1. Get the Id of the eDiscovery (Premium) case that you created in Step 1. This is the case that contains the collection created in Step 2. 2. Get the Id of the collection that you created in Step 2 and verified the search results in Step 3. The search query in this collection returns the chat messages that will be purged. For information about using Graph Explorer, see [Use Graph Explorer to try Micro ### Get the case Id -1. Go to <https://developer.microsoft.com/graph/graph-explorer> and sign in to the Graph Explorer with an account that's assigned the Search And Purge role in the Microsoft 365 compliance center. +1. Go to <https://developer.microsoft.com/graph/graph-explorer> and sign in to the Graph Explorer with an account that's assigned the Search And Purge role in the Microsoft Purview compliance portal. -2. Run the following GET request to retrieve the Id for the Advanced eDiscovery case. Use the value `https://graph.microsoft.com/beta/compliance/ediscovery/cases` in the address bar of the request query. Be sure to select v1.0 in the API version dropdown list. +2. Run the following GET request to retrieve the Id for the eDiscovery (Premium) case. Use the value `https://graph.microsoft.com/beta/compliance/ediscovery/cases` in the address bar of the request query. Be sure to select v1.0 in the API version dropdown list. ![GET request for case Id.](..\media\GraphGetRequestForCaseId.png) This request returns information about all cases in your organization on the Response preview tab. -3. Scroll through the response to locate the Advanced eDiscovery case. Use the displayName property to identify the case. +3. Scroll through the response to locate the eDiscovery (Premium) case. Use the displayName property to identify the case. ![Response with case Id.](..\media\GraphResponseForCaseId.png) 4. Copy the corresponding Id (or copy and paste it to a text file). You'll use this Id in the next task to get the collection Id. > [!TIP] -> Instead of using the previous procedure to obtain the case Id, you can open the case in the Microsoft 365 compliance center and copy the case Id from the URL. +> Instead of using the previous procedure to obtain the case Id, you can open the case in the Microsoft Purview compliance portal and copy the case Id from the URL. ### Get the collection Id
compliance	Search Cloud Based Mailboxes For On Premises Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-cloud-based-mailboxes-for-on-premises-users.md	Here are the requirements and limitations for enabling cloud-based storage for o ## How it works -If a Microsoft Teams-enabled user has an on-premises mailbox and their user account/identity has been synched to the cloud, Microsoft creates cloud-based storage to associate the on-premises user's 1xN Teams chat data with. Teams chat data for on-premises users is indexed for search. This lets you Use Content search (and searches associated with Core eDiscovery and Advanced eDiscovery cases) to search, preview, and export Teams chat data for on-premises users. You can also use *\ComplianceSearch cmdlets in Security & Compliance Center PowerShell to search for Teams chat data for on-premises users. +If a Microsoft Teams-enabled user has an on-premises mailbox and their user account/identity has been synched to the cloud, Microsoft creates cloud-based storage to associate the on-premises user's 1xN Teams chat data with. Teams chat data for on-premises users is indexed for search. This lets you Use Content search (and searches associated with Microsoft Purview eDiscovery (Standard) and Microsoft Purview eDiscovery (Premium) cases) to search, preview, and export Teams chat data for on-premises users. You can also use \ComplianceSearch* cmdlets in Security & Compliance Center PowerShell to search for Teams chat data for on-premises users. The following graphic shows the workflow of how Teams chat data for on-premises users is available to search, preview, and export. In addition to this capability, you can also use eDiscovery tools to search, pre ## Searching for Teams chat content for on-premises users -Here's how to use Content search in the Microsoft 365 compliance center to search for Teams chat data for on-premises users. You can also use the search tool in Core eDiscovery to search for chat data for on-premises users. +Here's how to use Content search in the Microsoft Purview compliance portal to search for Teams chat data for on-premises users. You can also use the search tool in eDiscovery (Standard) to search for chat data for on-premises users. -1. In the Microsoft 365 compliance center, go to Content search. +1. In the compliance portal, go to Content search. 2. On the Searches tab, click New search, and name the new search. For more information using these cmdlets, see: ## Known issues -- Currently, you can search, preview, and export Teams chat data for on-premises users. You can also place the Teams chat data for an on-premises user on a hold associated with a Core or Advanced eDiscovery case, and apply a retention policy for Teams chats or channel messages for on-premises users. However at this time, you can't apply a retention policy for other content locations (such as Exchange mailboxes and SharePoint sites) for on-premises users. +- Currently, you can search, preview, and export Teams chat data for on-premises users. You can also place the Teams chat data for an on-premises user on a hold associated with a Core or eDiscovery (Premium) case, and apply a retention policy for Teams chats or channel messages for on-premises users. However at this time, you can't apply a retention policy for other content locations (such as Exchange mailboxes and SharePoint sites) for on-premises users. ## Frequently asked questions
compliance	Search For And Delete Messages In Your Organization	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization.md	search.appverid: - MOE150 - MET150 ms.assetid: 3526fd06-b45f-445b-aed4-5ebd37b3762a -description: "Use the search and purge feature in the Microsoft 365 compliance center to search for and delete an email message from all mailboxes in your organization." +description: "Use the search and purge feature in the Microsoft Purview compliance portal to search for and delete an email message from all mailboxes in your organization." # Search for and delete email messages You can use the Content search feature to search for and delete email messages f - The search and purge workflow described in this article doesn't delete chat messages or other content from Microsoft Teams. If the Content search that you create in Step 2 returns items from Microsoft Teams, those items won't be deleted when you purge items in Step 3. To search for and delete chat messages, see [Search and purge chat messages in Teams](search-and-delete-Teams-chat-messages.md). -- To create and run a Content search, you have to be a member of the eDiscovery Manager role group or be assigned the Compliance Search role in the Microsoft 365 compliance center. To delete messages, you have to be a member of the Organization Management role group or be assigned the Search And Purge role in the compliance center For information about adding users to a role group, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- To create and run a Content search, you have to be a member of the eDiscovery Manager role group or be assigned the Compliance Search role in the Microsoft Purview compliance portal. To delete messages, you have to be a member of the Organization Management role group or be assigned the Search And Purge role in the compliance center For information about adding users to a role group, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). > [!NOTE] - > The Organization Management role group exists in both Exchange Online and in the Microsoft 365 compliance center. These are separate role groups that give different permissions. Being a member of Organization Management in Exchange Online does not grant the required permissions to delete email messages. If you aren't assigned the Search And Purge role in the compliance center (either directly or through a role group such as Organization Management), you'll receive an error in Step 3 when you run the New-ComplianceSearchAction cmdlet with the message "A parameter cannot be found that matches parameter name 'Purge'". + > The Organization Management role group exists in both Exchange Online and in the compliance portal. These are separate role groups that give different permissions. Being a member of Organization Management in Exchange Online does not grant the required permissions to delete email messages. If you aren't assigned the Search And Purge role in the compliance center (either directly or through a role group such as Organization Management), you'll receive an error in Step 3 when you run the New-ComplianceSearchAction cmdlet with the message "A parameter cannot be found that matches parameter name 'Purge'". - You have to use Security & Compliance Center PowerShell to delete messages. See [Step 1](#step-1-connect-to-security--compliance-center-powershell) for instructions about how to connect. You can use the Content search feature to search for and delete email messages f - The procedure in this article can only be used to delete items in Exchange Online mailboxes and public folders. You can't use it to delete content from SharePoint or OneDrive for Business sites. -- Email items in a review set in an Advanced eDiscovery case can't be deleted by using the procedures in this article. That's because items in a review set are stored in an Azure Storage location, and not in the live service. This means they won't be returned by the content search that you create in Step 1. To delete items in a review set, you have to delete the Advanced eDiscovery case that contains the review set. For more information, see [Close or delete an Advanced eDiscovery case](close-or-delete-case.md). +- Email items in a review set in an eDiscovery (Premium) case can't be deleted by using the procedures in this article. That's because items in a review set are stored in an Azure Storage location, and not in the live service. This means they won't be returned by the content search that you create in Step 1. To delete items in a review set, you have to delete the eDiscovery (Premium) case that contains the review set. For more information, see [Close or delete an eDiscovery (Premium) case](close-or-delete-case.md). ## Step 1: Connect to Security & Compliance Center PowerShell The first step is to connect to Security & Compliance Center PowerShell for your ## Step 2: Create a Content Search to find the message to delete -The second step is to create and run a Content search to find the message that you want to remove from mailboxes in your organization. You can create the search by using the Microsoft 365 compliance center or by running the New-ComplianceSearch and Start-ComplianceSearch cmdlets in Security & Compliance PowerShell. The messages that match the query for this search will be deleted by running the New-ComplianceSearchAction -Purge command in [Step 3](#step-3-delete-the-message). For information about creating a Content search and configuring search queries, see the following topics: +The second step is to create and run a Content search to find the message that you want to remove from mailboxes in your organization. You can create the search by using the compliance portal or by running the New-ComplianceSearch and Start-ComplianceSearch cmdlets in Security & Compliance PowerShell. The messages that match the query for this search will be deleted by running the New-ComplianceSearchAction -Purge command in [Step 3](#step-3-delete-the-message). For information about creating a Content search and configuring search queries, see the following topics: - [Content search in Office 365](content-search.md) The goal of the search query is to narrow the results of the search to only the - Preview the search results to verify that the search returned only the message (or messages) that you want to delete. -- Use the search estimate statistics (displayed in the details pane of the search in the Microsoft 365 compliance center or by using the [Get-ComplianceSearch](/powershell/module/exchange/get-compliancesearch) cmdlet) to get a count of the total number of results. +- Use the search estimate statistics (displayed in the details pane of the search in the compliance portal or by using the [Get-ComplianceSearch](/powershell/module/exchange/get-compliancesearch) cmdlet) to get a count of the total number of results. Here are two examples of queries to find suspicious email messages.
compliance	Search For Content In Core Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content-in-core-ediscovery.md	Title: "Search for content in a core eDiscovery case" + Title: "Search for content in a eDiscovery (Standard) case" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Search for content that may be relevant to a Core eDiscovery case." +description: "Search for content that may be relevant to a eDiscovery (Standard) case." -# Search for content in a Core eDiscovery case +# Search for content in a eDiscovery (Standard) case -After a Core eDiscovery case is created and people of interest in the case are placed on hold, you can create and run one or more searches for content relevant to the case. Searches associated with a Core eDiscovery case aren't listed on the Content search page in the Microsoft 365 compliance center. These searches are listed on the Searches page of the Core eDiscover case the searches are associated with. This also means that searches associated with a case can only be accessed by case members. +After a Microsoft Purview eDiscovery (Standard) case is created and people of interest in the case are placed on hold, you can create and run one or more searches for content relevant to the case. Searches associated with a eDiscovery (Standard) case aren't listed on the Content search page in the Microsoft Purview compliance portal. These searches are listed on the Searches page of the Core eDiscover case the searches are associated with. This also means that searches associated with a case can only be accessed by case members. -To create a Core eDiscovery search: +To create a eDiscovery (Standard) search: 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for user account that has been assigned the appropriate eDiscovery permissions and is a member of the case. -2. In the left navigation pane of the Microsoft 365 compliance center, click Show all, and then click eDiscovery > Core. +2. In the left navigation pane of the compliance portal, click Show all, and then click eDiscovery > Core. -3. On the Core eDiscovery page, select the case that you want to create an associated search, and then click Open case. +3. On the eDiscovery (Standard) page, select the case that you want to create an associated search, and then click Open case. 4. On the Home page for the case, click the Searches tab, and then click New search. - ![Click New search to create a Core eDiscovery search search.](../media/CoreeDiscoverySearch1.png) + ![Click New search to create a eDiscovery (Standard) search search.](../media/CoreeDiscoverySearch1.png) 5. In the New search wizard, type a name for the search, and an optional description that helps identify the search. The name of the search must be unique in your organization.
compliance	Search For Content	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content.md	audience: Admin ms.localizationpriority: medium -description: "Use the Content search eDiscovery tool in the Microsoft 365 compliance center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business." +description: "Use the Content search eDiscovery tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business." # Search for content using the Content search tool -Use the Content search tool in the Microsoft 365 compliance center to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups. +Use the Content search tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups. ## Search for content
compliance	Search For Ediscovery Activities In The Audit Log	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-ediscovery-activities-in-the-audit-log.md	search.appverid: - MOE150 - MET150 ms.assetid: 67cc7f42-a53d-4751-b929-6005c80798f7 -description: Learn what events are logged when users assigned eDiscovery permissions perform Content search, Core eDiscovery, and Advanced eDiscovery tasks in the Microsoft 365 compliance center. +description: Learn what events are logged when users assigned eDiscovery permissions perform Content search, eDiscovery (Standard), and eDiscovery (Premium) tasks in the Microsoft Purview compliance portal. # Search for eDiscovery activities in the audit log -Content Search and eDiscovery-related activities (for Core eDiscovery and Advanced eDiscovery) that are performed in Microsoft 365 compliance center or by running the corresponding PowerShell cmdlets are logged in the audit log. Events are logged when administrators or eDiscovery managers (or any user assigned eDiscovery permissions) perform the following Content Search and Core eDiscovery tasks in the Microsoft 365 compliance center: +Content Search and eDiscovery-related activities (for Microsoft Purview eDiscovery (Standard) and Microsoft Purview eDiscovery (Premium)) that are performed in Microsoft Purview compliance portal or by running the corresponding PowerShell cmdlets are logged in the audit log. Events are logged when administrators or eDiscovery managers (or any user assigned eDiscovery permissions) perform the following Content Search and eDiscovery (Standard) tasks in the compliance portal: -- Creating and managing Core and Advanced eDiscovery cases +- Creating and managing Core and eDiscovery (Premium) cases - Creating, starting, and editing Content searches - Performing search actions, such as previewing, exporting, and deleting search results -- Managing custodians and review sets in Advanced eDiscovery +- Managing custodians and review sets in eDiscovery (Premium) - Configuring permissions filtering for Content search - Managing the eDiscovery Administrator role -For more information about searching the audit log, the permissions that are required, and exporting search results, see [Search the audit log in the Microsoft 365 compliance center](search-the-audit-log-in-security-and-compliance.md). +For more information about searching the audit log, the permissions that are required, and exporting search results, see [Search the audit log in the compliance portal](search-the-audit-log-in-security-and-compliance.md). ## How to search for and view eDiscovery activities Currently, you have to do a few specific things to view eDiscovery activities in 1. Go to <https://compliance.microsoft.com> and sign in using your work or school account. -2. In the left navigation pane of the Microsoft 365 compliance center, click Audit. +2. In the left navigation pane of the compliance portal, click Audit. -3. In the Activities drop-down list, under eDiscovery activities or Advanced eDiscovery activities, click one or more activities to search for. +3. In the Activities drop-down list, under eDiscovery activities or eDiscovery (Premium) activities, click one or more activities to search for. > [!NOTE] > The Activities drop-down list also includes a group of activities named eDiscovery cmdlet activities that will return records from the cmdlet audit log. Currently, you have to do a few specific things to view eDiscovery activities in ## eDiscovery activities -The following table describes the Content Search and Core eDiscovery activities that are logged when an administrator or eDiscovery manager performs an eDiscovery-related activity using the Microsoft 365 compliance center. Some activities performed in Advanced eDiscovery may be returned when you search for activities in this list. +The following table describes the Content Search and eDiscovery (Standard) activities that are logged when an administrator or eDiscovery manager performs an eDiscovery-related activity using the compliance portal. Some activities performed in eDiscovery (Premium) may be returned when you search for activities in this list. > [!NOTE] > The eDiscovery activities described in this section provide similar information to the eDiscovery cmdlet activities described in the next section. We recommend that you use the eDiscovery activities described in this section because they will appear in the audit log search results within 30 minutes. It may take up to 24 hours for eDiscovery cmdlet activities to appear in audit log search results. The following table describes the Content Search and Core eDiscovery activities \|Downloaded export of content search <br/> \|SearchExportDownloaded <br/> \|N/A <br/> \|A user downloaded the results of a content search to their local computer. A Started export of content search activity has to be initiated before search results can be downloaded. <br/> \| \|Previewed results of content search <br/> \|SearchPreviewed <br/> \|N/A <br/> \|A user previewed the results of a content search. <br/> \| \|Purged results of content search <br/> \|SearchResultsPurged <br/> \|New-ComplianceSearchAction <br/> \|A user purged the results of a Content search by running the New-ComplianceSearchAction -Purge command. <br/> \| -\|Removed analysis of content search <br/> \|RemovedSearchResultsSentToZoom <br/> \|Remove-ComplianceSearchAction <br/> \|A content search prepare action (to prepare search results for Advanced eDiscovery) was deleted. If the preparation action was less than two weeks old, the search results that were prepared for Advanced eDiscovery were deleted from the Microsoft Azure storage area. If the preparation action was older than 2 weeks, then this event indicates that only the corresponding preparation action was deleted. <br/> \| +\|Removed analysis of content search <br/> \|RemovedSearchResultsSentToZoom <br/> \|Remove-ComplianceSearchAction <br/> \|A content search prepare action (to prepare search results for eDiscovery (Premium)) was deleted. If the preparation action was less than two weeks old, the search results that were prepared for eDiscovery (Premium) were deleted from the Microsoft Azure storage area. If the preparation action was older than 2 weeks, then this event indicates that only the corresponding preparation action was deleted. <br/> \| \|Removed export of content search <br/> \|RemovedSearchExported <br/> \|Remove-ComplianceSearchAction <br/> \|A content search export action was deleted. If the export action was less than two weeks old, the search results that were uploaded to the Microsoft Azure storage area were deleted. If the export action was older than 2 weeks, then this event indicates that only the corresponding export action was deleted. <br/> \| \|Removed member from eDiscovery case <br/> \|CaseMemberRemoved <br/> \|Remove-ComplianceCaseMember <br/> \|A user was removed as a member of an eDiscovery case. <br/> \| \|Removed preview results of content search <br/> \|RemovedSearchPreviewed <br/> \|Remove-ComplianceSearchAction <br/> \|A content search preview action was deleted. <br/> \| \|Removed purge action performed on content search <br/> \|RemovedSearchResultsPurged <br/> \|Remove-ComplianceSearchAction <br/> \|A content search purge action was deleted. <br/> \| \|Removed search report <br/> \|SearchReportRemoved <br/> \|Remove-ComplianceSearchAction <br/> \|A content search export report action was deleted. <br/> \| -\|Started analysis of content search <br/> \|SearchResultsSentToZoom <br/> \|New-ComplianceSearchAction <br/> \|The results of a content search were prepared for analysis in Advanced eDiscovery. <br/> \| -\|Started content search <br/> \|SearchStarted <br/> \|Start-ComplianceSearch <br/> \|A content search was started. When you create or change a content search by using the Microsoft 365 compliance center, the search is automatically started.<br/> \| +\|Started analysis of content search <br/> \|SearchResultsSentToZoom <br/> \|New-ComplianceSearchAction <br/> \|The results of a content search were prepared for analysis in eDiscovery (Premium). <br/> \| +\|Started content search <br/> \|SearchStarted <br/> \|Start-ComplianceSearch <br/> \|A content search was started. When you create or change a content search by using the compliance portal, the search is automatically started.<br/> \| \|Started export of content search <br/> \|SearchExported <br/> \|New-ComplianceSearchAction <br/> \|A user exported the results of a content search. <br/> \| \|Started export report <br/> \|SearchReport <br/> \|New-ComplianceSearchAction <br/> \|A user exported a content search report. <br/> \| \|Stopped content search <br/> \|SearchStopped <br/> \|Stop-ComplianceSearch <br/> \|A user stopped a content search. <br/> \| -\|(none)\|CaseViewed\|Get-ComplianceCase\|A user viewed a Core eDiscovery case in the compliance center. The audit record for this event includes the name of the case that was viewed. \| -\|(none)\|SearchViewed\|Get-ComplianceSearch\|A user viewed a Content search in the compliance center by accessing the search on the Searches tab in a Core eDiscovery case or accessing it on the Content search page. The audit record for this event includes the identity of the search that was viewed.\| -\|(none)\|ViewedSearchExported\|Get-ComplianceSearchAction -Export\|A user viewed a Content search export in the compliance center by accessing the export on the Exports tab on the Content search page. This activity is also logged when a user views an export associated with a Core eDiscovery case.\| -\|(none)\|ViewedSearchPreviewed\|Get-ComplianceSearchAction -Preview\|A user previewed the results of a Content search in the compliance center. This activity is also logged when a user previews the results of a search associated with a Core eDiscovery case.\| +\|(none)\|CaseViewed\|Get-ComplianceCase\|A user viewed a eDiscovery (Standard) case in the compliance center. The audit record for this event includes the name of the case that was viewed. \| +\|(none)\|SearchViewed\|Get-ComplianceSearch\|A user viewed a Content search in the compliance center by accessing the search on the Searches tab in a eDiscovery (Standard) case or accessing it on the Content search page. The audit record for this event includes the identity of the search that was viewed.\| +\|(none)\|ViewedSearchExported\|Get-ComplianceSearchAction -Export\|A user viewed a Content search export in the compliance center by accessing the export on the Exports tab on the Content search page. This activity is also logged when a user views an export associated with a eDiscovery (Standard) case.\| +\|(none)\|ViewedSearchPreviewed\|Get-ComplianceSearchAction -Preview\|A user previewed the results of a Content search in the compliance center. This activity is also logged when a user previews the results of a search associated with a eDiscovery (Standard) case.\| \|\|\|\|\| -## Advanced eDiscovery activities +## eDiscovery (Premium) activities -The following table describes the Advanced eDiscovery activities logged in the audit log. These activities can be used to help you track the progression of activity in an Advanced eDiscovery case. +The following table describes the eDiscovery (Premium) activities logged in the audit log. These activities can be used to help you track the progression of activity in an eDiscovery (Premium) case. \|Friendly name\|Operation\|Description\| \|:--\|:--\|:--\| \|Added data to another review set\|AddWorkingSetQueryToWorkingSet\|User added documents from one review set to a different review set.\| -\|Added data to review set\|AddQueryToWorkingSet\|User added the search results from a content search associated with an Advanced eDiscovery case to a review set.\| +\|Added data to review set\|AddQueryToWorkingSet\|User added the search results from a content search associated with an eDiscovery (Premium) case to a review set.\| \|Added non-Microsoft 365 data to review set\|AddNonOffice365DataToWorkingSet\|User added non-Microsoft 365 data to a review set.\| \|Added remediated documents to review set\|AddRemediatedData\|User uploads documents that had indexing errors that were fixed to a review set.\| \|Analyzed data in review set\|RunAlgo\|User ran analytics on the documents in a review set.\| As previously stated, it may take up to 24 hours for eDiscovery cmdlet activitie \|Changed content search <br/> \|[Set-ComplianceSearch](/powershell/module/exchange/set-compliancesearch) <br/> \|An existing content search was changed. Changes can include adding or removing content locations that are searched and editing the search query. <br/> \| \|Started content search <br/> \|[Start-ComplianceSearch](/powershell/module/exchange/start-compliancesearch) <br/> \|A content search was started. When you create or change a content search by using the compliance center GUI, the search is automatically started. If you create or change a search by using the New-ComplianceSearch or Set-ComplianceSearch cmdlet, you have to run the Start-ComplianceSearch cmdlet to start the search. <br/> \| \|Stopped content search <br/> \|[Stop-ComplianceSearch](/powershell/module/exchange/stop-compliancesearch) <br/> \|A content search that was running was stopped. <br/> \| -\|Created content search action <br/> \|[New-ComplianceSearchAction](/powershell/module/exchange/new-compliancesearchaction) <br/> \|A content search action was created. Content search actions include previewing search results, exporting search results, preparing search results for analysis in Advanced eDiscovery, and permanently deleting items that match the search criteria of a content search. <br/> \| +\|Created content search action <br/> \|[New-ComplianceSearchAction](/powershell/module/exchange/new-compliancesearchaction) <br/> \|A content search action was created. Content search actions include previewing search results, exporting search results, preparing search results for analysis in eDiscovery (Premium), and permanently deleting items that match the search criteria of a content search. <br/> \| \|Deleted content search action <br/> \|[Remove-ComplianceSearchAction](/powershell/module/exchange/remove-compliancesearchaction) <br/> \|A content search action was deleted. <br/> \| \|Created search permissions filter <br/> \|[New-ComplianceSecurityFilter](/powershell/module/exchange/new-compliancesecurityfilter) <br/> \|A search permissions filter was created. <br/> \| \|Deleted search permissions filter <br/> \|[Remove-ComplianceSecurityFilter](/powershell/module/exchange/remove-compliancesecurityfilter) <br/> \|A search permissions filter was deleted. <br/> \| As previously stated, it may take up to 24 hours for eDiscovery cmdlet activitie \|Created eDiscovery administrator <br/> \|[Add-eDiscoveryCaseAdmin](/powershell/module/exchange/add-ediscoverycaseadmin) <br/> \|A user was added as an eDiscovery Administrator in your organization. <br/> \| \|Deleted eDiscovery administrator <br/> \|[Remove-eDiscoveryCaseAdmin](/powershell/module/exchange/remove-ediscoverycaseadmin) <br/> \|An eDiscovery Administrator was deleted from your organization. <br/> \| \|Changed eDiscovery administrator membership <br/> \|[Update-eDiscoveryCaseAdmin](/powershell/module/exchange/update-ediscoverycaseadmin) <br/> \|The list of eDiscovery Administrators in your organization was changed. This activity is logged when the list of eDiscovery Administrators is replaced with a group of new users. If a single user is added or removed, the Add-eDiscoveryCaseAdmin or Remove-eDiscoveryCaseAdmin operation is logged. <br/> \| -\|(none)\|[Get-ComplianceCase](/powershell/module/exchange/get-compliancecase) <br/>\|This activity is logged when a user viewed a list of Core eDiscovery or Advanced eDiscovery cases. This activity is also logged when a user views a specific case in Core eDiscovery. When a user views a specific case, the audit record includes the identity of the case that was viewed. If the user only viewed a list of cases, the audit record doesn't contain a case identity.\| -\|(none)\|[Get-ComplianceSearch](/powershell/module/exchange/get-compliancesearch)\|This activity is logged when a user viewed a list of Content searches or searches associated with a Core eDiscovery case. This activity is also logged when a user views a specific Content search or views a specific search associated with a Core eDiscovery case. When a user views a specific search, the audit record includes the identity of the search that was viewed. If the user only viewed a list of searches, the audit record doesn't contain a search identity. -\|(none)\|[Get-ComplianceSearchAction](/powershell/module/exchange/get-compliancesearchaction)\|This activity is logged when a user viewed a list of compliance search actions (such as exports, previews, or purges) or actions associated with a Core eDiscovery case. This activity is also logged when a user views a specific compliance search action (such as an export) or views a specific action associated with a Core eDiscovery case. When a user views a search action, the audit record includes the identity of the search action that was viewed. If the user only viewed a list of actions, the audit record doesn't contain an action identity.\| +\|(none)\|[Get-ComplianceCase](/powershell/module/exchange/get-compliancecase) <br/>\|This activity is logged when a user viewed a list of eDiscovery (Standard) or eDiscovery (Premium) cases. This activity is also logged when a user views a specific case in eDiscovery (Standard). When a user views a specific case, the audit record includes the identity of the case that was viewed. If the user only viewed a list of cases, the audit record doesn't contain a case identity.\| +\|(none)\|[Get-ComplianceSearch](/powershell/module/exchange/get-compliancesearch)\|This activity is logged when a user viewed a list of Content searches or searches associated with a eDiscovery (Standard) case. This activity is also logged when a user views a specific Content search or views a specific search associated with a eDiscovery (Standard) case. When a user views a specific search, the audit record includes the identity of the search that was viewed. If the user only viewed a list of searches, the audit record doesn't contain a search identity. +\|(none)\|[Get-ComplianceSearchAction](/powershell/module/exchange/get-compliancesearchaction)\|This activity is logged when a user viewed a list of compliance search actions (such as exports, previews, or purges) or actions associated with a eDiscovery (Standard) case. This activity is also logged when a user views a specific compliance search action (such as an export) or views a specific action associated with a eDiscovery (Standard) case. When a user views a search action, the audit record includes the identity of the search action that was viewed. If the user only viewed a list of actions, the audit record doesn't contain an action identity.\| \|\|\|\| ## Detailed properties for eDiscovery activities The following table describes the properties that are included on the flyout pag \|ExtendedProperties <br/> \|Additional properties from a content search, a content search action, or hold in an eDiscovery case, such as the object GUID and the corresponding cmdlet and cmdlet parameters that were used when the activity was performed. <br/> \| \|Id <br/> \|The ID of the report entry. The ID uniquely identifies the audit log entry. <br/> \| \|NonPIIParameters <br/> \|A list of the parameters (without any values) that were used with the cmdlet identified in the Operation property. The parameters listed in this property are the same as those listed in the Parameters property. <br/> \| -\|ObjectId <br/> \|The GUID or name of the object (for example, a Content search or a Core eDiscovery case) that was created, accessed, changed, or deleted by the activity listed in the Operation property. This object is also identified in the Item column in the audit log search results. <br/> \| +\|ObjectId <br/> \|The GUID or name of the object (for example, a Content search or a eDiscovery (Standard) case) that was created, accessed, changed, or deleted by the activity listed in the Operation property. This object is also identified in the Item column in the audit log search results. <br/> \| \|ObjectType <br/> \|The type of eDiscovery object that the user created, deleted, or modified; for example, a content search action (preview, export, or purge), an eDiscovery case, or a content search. <br/> \| \|Operation <br/> \|The name of the operation that corresponds to the eDiscovery activity that was performed. <br/> \| \|OrganizationId <br/> \|The GUID for your Microsoft 365 organization. <br/> \|
compliance	Search The Audit Log In Security And Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance.md	Title: "Search the audit log in the Microsoft 365 compliance center" + Title: "Search the audit log in the Microsoft Purview compliance portal" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: 0d4d0f35-390b-4518-800e-0c7ec95e946c -description: "Use the Microsoft 365 compliance center to search the unified audit log to view user and administrator activity in your organization." +description: "Use the Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization." - seo-marvel-apr2020 - admindeeplinkMAC # Search the audit log in the compliance center -Need to find if a user viewed a specific document or purged an item from their mailbox? If so, you can use the audit log search tool in Microsoft 365 compliance center to search the unified audit log to view user and administrator activity in your organization. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Users in your organization can use the audit log search tool to search for, view, and export (to a CSV file) the audit records for these operations. +Need to find if a user viewed a specific document or purged an item from their mailbox? If so, you can use the audit log search tool in Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Users in your organization can use the audit log search tool to search for, view, and export (to a CSV file) the audit records for these operations. ## Microsoft 365 services that support auditing Be sure to read the following items before you start searching the audit log. - You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the Permissions page in the Exchange admin center. Global administrators in Office 365 and Microsoft 365 are automatically added as members of the Organization Management role group in Exchange Online. To give a user the ability to search the audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group. For more information, see [Manage role groups in Exchange Online](/Exchange/permissions-exo/role-groups). > [!IMPORTANT] - > If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the Microsoft 365 compliance center, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet. + > If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the compliance portal, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet. - When an audited activity is performed by a user or admin, an audit record is generated and stored in the audit log for your organization. The length of time that an audit record is retained (and searchable in the audit log) depends on your Office 365 or Microsoft 365 Enterprise subscription, and specifically the type of the license that is assigned to specific users. Be sure to read the following items before you start searching the audit log. - For users assigned any other (non-E5) Office 365 or Microsoft 365 license, audit records are retained for 90 days. For a list of Office 365 and Microsoft 365 subscriptions that support unified audit logging, see [the security and compliance center service description](/office365/servicedescriptions/office-365-platform-service-description/office-365-securitycompliance-center). > [!NOTE] - > Even when mailbox auditing on by default is turned on, you might notice that mailbox audit events for some users aren't found in audit log searches in the Microsoft 365 compliance center or via the Office 365 Management Activity API. For more information, see [More information about mailbox audit logging](enable-mailbox-auditing.md#more-information). + > Even when mailbox auditing on by default is turned on, you might notice that mailbox audit events for some users aren't found in audit log searches in the compliance portal or via the Office 365 Management Activity API. For more information, see [More information about mailbox audit logging](enable-mailbox-auditing.md#more-information). - If you want to turn off audit log search for your organization, you can run the following command in remote PowerShell connected to your Exchange Online organization: Be sure to read the following items before you start searching the audit log. For more information, see [Turn off audit log search](turn-audit-log-search-on-or-off.md). -- As previously stated, the underlying cmdlet used to search the audit log is an Exchange Online cmdlet, which is Search-UnifiedAuditLog. That means you can use this cmdlet to search the audit log instead of using the search tool on the Audit page in the Microsoft 365 compliance center. You have to run this cmdlet in Exchange Online PowerShell. For more information, see [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog). +- As previously stated, the underlying cmdlet used to search the audit log is an Exchange Online cmdlet, which is Search-UnifiedAuditLog. That means you can use this cmdlet to search the audit log instead of using the search tool on the Audit page in the compliance portal. You have to run this cmdlet in Exchange Online PowerShell. For more information, see [Search-UnifiedAuditLog](/powershell/module/exchange/search-unifiedauditlog). For information about exporting the search results returned by the Search-UnifiedAuditLog cmdlet to a CSV file, see the "Tips for exporting and viewing the audit log" section in [Export, configure, and view audit log records](export-view-audit-log-records.md#tips-for-exporting-and-viewing-the-audit-log). Here's the process for searching the audit log in Microsoft 365. 1. Go to <https://compliance.microsoft.com> and sign in. > [!TIP] - > Use a private browsing session (not a regular session) to access the Microsoft 365 compliance center because this will prevent the credential that you are currently logged on with from being used. Press CTRL+SHIFT+N to open an InPrivate Browsing session in Microsoft Edge or a private browsing session in Google Chrome (called an incognito window). + > Use a private browsing session (not a regular session) to access the compliance portal because this will prevent the credential that you are currently logged on with from being used. Press CTRL+SHIFT+N to open an InPrivate Browsing session in Microsoft Edge or a private browsing session in Google Chrome (called an incognito window). -2. In the left pane of the Microsoft 365 compliance center, click Audit. +2. In the left pane of the compliance portal, click Audit. The Audit page is displayed. Click one of the following links to go to a specific table. [eDiscovery activities](#ediscovery-activities) :::column-end::: :::column::: - [Advanced eDiscovery activities](#advanced-ediscovery-activities) + [eDiscovery (Premium) activities](#ediscovery-premium-activities) :::column-end::: :::row-end::: The following table lists the activities that can be logged by mailbox audit log \|Friendly name\|Operation\|Description\| \|:--\|:--\|:--\| -\|Accessed mailbox items\|MailItemsAccessed\|Messages were read or accessed in mailbox. Audit records for this activity are triggered in one of two ways: when a mail client (such as Outlook) performs a bind operation on messages or when mail protocols (such as Exchange ActiveSync or IMAP) sync items in a mail folder. This activity is only logged for users with an Office 365 or Microsoft 365 E5 license. Analyzing audit records for this activity is useful when investigating compromised email account. For more information, see the "Advanced Audit events" section in [Advanced Audit](advanced-audit.md#advanced-audit-events). \| +\|Accessed mailbox items\|MailItemsAccessed\|Messages were read or accessed in mailbox. Audit records for this activity are triggered in one of two ways: when a mail client (such as Outlook) performs a bind operation on messages or when mail protocols (such as Exchange ActiveSync or IMAP) sync items in a mail folder. This activity is only logged for users with an Office 365 or Microsoft 365 E5 license. Analyzing audit records for this activity is useful when investigating compromised email account. For more information, see the "Audit (Premium) events" section in [Audit (Premium)](advanced-audit.md#audit-premium-events). \| \|Added delegate mailbox permissions\|Add-MailboxPermission\|An administrator assigned the FullAccess mailbox permission to a user (known as a delegate) to another person's mailbox. The FullAccess permission allows the delegate to open the other person's mailbox, and read and manage the contents of the mailbox. The audit record for this activity is also generated when a system account in the Microsoft 365 service periodically performs maintenance tasks in behalf of your organization. A common task performed by a system account is updating the permissions for system mailboxes. For more information, see [System accounts in Exchange mailbox audit records](#system-accounts-in-exchange-mailbox-audit-records).\| \|Added or removed user with delegate access to calendar folder\|UpdateCalendarDelegation\|A user was added or removed as a delegate to the calendar of another user's mailbox. Calendar delegation gives someone else in the same organization permissions to manage the mailbox owner's calendar.\| \|Added permissions to folder\|AddFolderPermissions\|A folder permission was added. Folder permissions control which users in your organization can access folders in a mailbox and the messages located in those folders.\| The following table lists the activities that can be logged by mailbox audit log \|Purged messages from the mailbox\|HardDelete\|A message was purged from the Recoverable Items folder (permanently deleted from the mailbox).\| \|Removed delegate mailbox permissions\|Remove-MailboxPermission\|An administrator removed the FullAccess permission (that was assigned to a delegate) from a person's mailbox. After the FullAccess permission is removed, the delegate can't open the other person's mailbox or access any content in it.\| \|Removed permissions from folder\|RemoveFolderPermissions\|A folder permission was removed. Folder permissions control which users in your organization can access folders in a mailbox and the messages located in those folders.\| -\|Sent message\|Send\|A message was sent, replied to or forwarded. This activity is only logged for users with an Office 365 or Microsoft 365 E5 license. For more information, see the "Advanced Audit events" section in [Advanced Audit](advanced-audit.md#advanced-audit-events).\| +\|Sent message\|Send\|A message was sent, replied to or forwarded. This activity is only logged for users with an Office 365 or Microsoft 365 E5 license. For more information, see the "Audit (Premium) events" section in [Audit (Premium)](advanced-audit.md#audit-premium-events).\| \|Sent message using Send As permissions\|SendAs\|A message was sent using the SendAs permission. This means that another user sent the message as though it came from the mailbox owner.\| \|Sent message using Send On Behalf permissions\|SendOnBehalf\|A message was sent using the SendOnBehalf permission. This means that another user sent the message on behalf of the mailbox owner. The message indicates to the recipient whom the message was sent on behalf of and who actually sent the message.\| \|Updated inbox rules from Outlook client\|UpdateInboxRules\|A mailbox owner or other user with access to the mailbox created, modified, or removed an inbox rule by using the Outlook client.\| Content Search and eDiscovery-related activities that are performed in the secur For a list and detailed description of the eDiscovery activities that are logged, see [Search for eDiscovery activities in the audit log](search-for-ediscovery-activities-in-the-audit-log.md). > [!NOTE] -> It takes up to 30 minutes for events that result from the activities listed under eDiscovery activities and Advanced eDiscovery activities in the Activities drop-down list to be displayed in the search results. Conversely, it takes up to 24 hours for the corresponding events from eDiscovery cmdlet activities to appear in the search results. +> It takes up to 30 minutes for events that result from the activities listed under eDiscovery activities and eDiscovery (Premium) activities in the Activities drop-down list to be displayed in the search results. Conversely, it takes up to 24 hours for the corresponding events from eDiscovery cmdlet activities to appear in the search results. -### Advanced eDiscovery activities +### eDiscovery (Premium) activities -You can also search the audit log for activities in Advanced eDiscovery. For a description of these activities, see the "Advanced eDiscovery activities" section in [Search for eDiscovery activities in the audit log](search-for-ediscovery-activities-in-the-audit-log.md#advanced-ediscovery-activities). +You can also search the audit log for activities in Microsoft Purview eDiscovery (Premium). For a description of these activities, see the "eDiscovery (Premium) activities" section in [Search for eDiscovery activities in the audit log](search-for-ediscovery-activities-in-the-audit-log.md#ediscovery-premium-activities). ### Power BI activities For a description of Shifts app activities, see [Search the audit log for events The following table lists the user and admin activities in Yammer that are logged in the audit log. To return Yammer-related activities from the audit log, you have to select Show results for all activities in the Activities list. Use the date range boxes and the Users list to narrow the search results. > [!NOTE] -> Some Yammer audit activities are only available in Advanced Audit. That means users must be assigned the appropriate license before these activities are logged in the audit log. For more information about activities only available in Advanced Audit, see [Advanced Audit in Microsoft 365](advanced-audit.md#advanced-audit-events). For Advanced Audit licensing requirements, see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). <br/><br/>In the following table, Advanced Audit activities are highlighted with an asterisk (). +> Some Yammer audit activities are only available in Audit (Premium). That means users must be assigned the appropriate license before these activities are logged in the audit log. For more information about activities only available in Audit (Premium), see [Audit (Premium) in Microsoft 365](advanced-audit.md#audit-premium-events). For Audit (Premium) licensing requirements, see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). <br/><br/>In the following table, Audit (Premium) activities are highlighted with an asterisk (). \|Friendly name\|Operation\|Description\| \|:--\|:--\|:--\| The following table lists the user and admin activities in Yammer that are logge ### Microsoft Power Automate activities -You can search the audit log for activities in Power Automate (formerly called Microsoft Flow). These activities include creating, editing, and deleting flows, and changing flow permissions. For information about auditing for Power Automate activities, see the blog [Power Automate audit events now available in Microsoft 365 compliance center](https://flow.microsoft.com/blog/security-and-compliance-center). +You can search the audit log for activities in Power Automate (formerly called Microsoft Flow). These activities include creating, editing, and deleting flows, and changing flow permissions. For information about auditing for Power Automate activities, see the blog [Power Automate audit events now available in compliance portal](https://flow.microsoft.com/blog/security-and-compliance-center). ### Microsoft Power Apps activities You can search the audit log for activities in Microsoft Stream. These activitie ### Content explorer activities -The following table lists the activities in content explorer that are logged in the audit log. Content explorer, which is accessed on the Data classifications tool in the Microsoft 365 compliance center. For more information, see [Using data classification content explorer](data-classification-content-explorer.md). +The following table lists the activities in content explorer that are logged in the audit log. Content explorer, which is accessed on the Data classifications tool in the compliance portal. For more information, see [Using data classification content explorer](data-classification-content-explorer.md). \|Friendly name\|Operation\|Description\| \|:--\|:--\|:--\| The tables in this section the user and admin activities in Microsoft Forms that If a Forms activity is performed by a coauthor or an anonymous responder, it will be logged slightly differently. For more information, see the [Forms activities performed by coauthors and anonymous responders](#forms-activities-performed-by-coauthors-and-anonymous-responders) section. > [!NOTE] -> Some Forms audit activities are only available in Advanced Audit. That means users must be assigned the appropriate license before these activities are logged in the audit log. For more information about activities only available in Advanced Audit, see [Advanced Audit in Microsoft 365](advanced-audit.md#advanced-audit-events). For Advanced Audit licensing requirements, see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). <br/><br/>In the following table, Advanced Audit activities are highlighted with an asterisk (). +> Some Forms audit activities are only available in Audit (Premium). That means users must be assigned the appropriate license before these activities are logged in the audit log. For more information about activities only available in Audit (Premium), see [Audit (Premium) in Microsoft 365](advanced-audit.md#audit-premium-events). For Audit (Premium) licensing requirements, see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). <br/><br/>In the following table, Audit (Premium) activities are highlighted with an asterisk (). \|Friendly name\|Operation\|Description\| \|:--\|:--\|:--\|
compliance	Search The Mailbox And Onedrive For Business For A List Of Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-mailbox-and-onedrive-for-business-for-a-list-of-users.md	Title: Search the mailbox & OneDrive for Business site for a list of users with Content Search + Title: Use Content Search for a list of users on the mailbox & OneDrive for Business site f1.keywords: - NOCSH # Use Content Search to search the mailbox and OneDrive for Business site for a list of users -Security & Compliance Center PowerShell provides a number of cmdlets that let you automate time-consuming eDiscovery-related tasks. Currently, creating a Content search in the Microsoft 365 compliance center to search a large number of custodian content locations takes time and preparation. Before you create a search, you have to collect the URL for each OneDrive for Business site and then add each mailbox and OneDrive for Business site to the search. In future releases, this will be easier to do in the Microsoft 365 compliance center. Until then, you can use the script in this article to automate this process. This script prompts you for the name of your organization's MySite domain (for example, contoso in the URL `https://contoso-my.sharepoint.com`), a list of user email addresses, the name of the new Content Search, and the search query to use. The script gets the OneDrive for Business URL for each user in the list, and then it creates and starts a Content Search that searches the mailbox and OneDrive for Business site for each user in the list, using the search query that you provide. +Security & Compliance Center PowerShell provides a number of cmdlets that let you automate time-consuming eDiscovery-related tasks. Currently, creating a Content search in the Microsoft Purview compliance portal to search a large number of custodian content locations takes time and preparation. Before you create a search, you have to collect the URL for each OneDrive for Business site and then add each mailbox and OneDrive for Business site to the search. In future releases, this will be easier to do in the compliance portal. Until then, you can use the script in this article to automate this process. This script prompts you for the name of your organization's MySite domain (for example, contoso in the URL `https://contoso-my.sharepoint.com`), a list of user email addresses, the name of the new Content Search, and the search query to use. The script gets the OneDrive for Business URL for each user in the list, and then it creates and starts a Content Search that searches the mailbox and OneDrive for Business site for each user in the list, using the search query that you provide. ## Permissions and script information -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center and a SharePoint Online global administrator to run the script in Step 3. +- You have to be a member of the eDiscovery Manager role group in the compliance portal and a SharePoint Online global administrator to run the script in Step 3. - Be sure to save the list of users that you create in Step 2 and the script in Step 3 to the same folder. That will make it easier to run the script. When you run the script in this step, it will prompt you for the following infor - The search query (leave this blank to return all items in the content locations). - The script gets the URLs for each OneDrive for Business site and then creates and starts the search. You can either run the Get-ComplianceSearch cmdlet in Security & Compliance Center PowerShell to display the search statistics and results, or you can go to the Content search page in the Microsoft 365 compliance center to view information about the search. + The script gets the URLs for each OneDrive for Business site and then creates and starts the search. You can either run the Get-ComplianceSearch cmdlet in Security & Compliance Center PowerShell to display the search statistics and results, or you can go to the Content search page in the compliance portal to view information about the search.
compliance	Sensitive Information Type Entity Definitions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-entity-definitions.md	Title: "Sensitive information type entity definitions" f1.keywords:- - CSH audience: Admin search.appverid: MET150 f1_keywords:- - 'ms.o365.cc.UnifiedDLPRuleContainsSensitiveInformation' ms.localizationpriority: medium - - M365-security-compliance hideEdit: true feedback_system: None description: "There are many sensitive information types that are ready for you # Sensitive information type entity definitions + This article lists all sensitive information type entity definitions. Each definition shows what a DLP policy looks for to detect each type. To learn more about sensitive information types, see [Sensitive information types](sensitive-information-type-learn-about.md) > [!NOTE] No ### Description -This bundled named entity matches text that mentions medical conditions that are present in curated dictionaries. There is one curated dictionary per supported language. The dictionaries are from many international medical resources. The dictionaries include as many medical conditions as possible without risking a large number of false positives. Each entry contains the different forms that a single condition is commonly written in to ensure coverage, for example: +This bundled named entity matches text that mentions medical conditions that are present in curated dictionaries. There's one curated dictionary per supported language. The dictionaries are from many international medical resources. The dictionaries include as many medical conditions as possible without risking a large number of false positives. Each entry contains the different forms that a single condition is commonly written in to ensure coverage, for example: - TB - tuberculosis The matching of street addresses is designed to match strings that a human would The resources are different for each country. The primary resources are the patterns of address formats that are used in a given country. Different formats are chosen to make sure that as many addresses as possible are matched. These formats allow flexibility, for example, an address may omit the postal code or omit a town name or have a street with no street suffix. In all cases, such matches are used to increase the confidence of the match. -The patterns are designed to match individual single addresses, not generic locations. So strings such as Redmond, WA 98052 or Main Street, Albuquerque will not be matched. +The patterns are designed to match individual single addresses, not generic locations. So strings such as Redmond, WA 98052 or Main Street, Albuquerque won't be matched. ### Contains This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has low confidence that it's detected this type of sensitive inform ## Australia physical addresses -Unbundled named entity, detects patterns related to physical address from Australia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +Unbundled named entity, detects patterns related to physical address from Australia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level medium This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Austria physical addresses -This unbundled named entity detects patterns related to physical address from Austria. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Austria. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Belgium physical addresses -This unbundled named entity detects patterns related to physical addresses from Belgium. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical addresses from Belgium. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Blood test terms -This unbundled named entity detects terms related to blood tests, such as hCG. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects terms related to blood tests, such as hCG. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level High ## Brand medication names -This unbundled named entity detects names of brand medication, such as Tylenol. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects names of brand medication, such as Tylenol. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has high confidence that it's detected this type of sensitive infor ## Brazil physical addresses -This unbundled named entity detects patterns related to physical address from Brazil. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Brazil. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Bulgaria physical addresses -This unbundled named entity detects patterns related to physical address from Bulgaria. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Bulgaria. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Canada physical addresses -This unbundled named entity detects patterns related to physical address from Canada. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Canada. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Yes, the Luhn check A DLP policy has high confidence that it's detected this type of sensitive information if, within a proximity of 300 characters: - The function Func_credit_card finds content that matches the pattern.-- One of the following is true: +- One of the following conditions is true: - A keyword from Keyword_cc_verification is found. - A keyword from Keyword_cc_name is found. - The function Func_expiration_date finds a date in the right date format. A DLP policy has medium confidence that it's detected this type of sensitive inf ## Croatia physical addresses -This unbundled named entity detects patterns related to physical address from Croatia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Croatia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Cyprus physical addresses -This unbundled named entity detects patterns related to physical address from Cyprus. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Cyprus. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Czech Republic physical addresses -This unbundled named entity detects patterns related to physical address from the Czech Republic. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from the Czech Republic. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has low confidence that it's detected this type of sensitive inform ## Denmark physical addresses -This unbundled named entity detects patterns related to physical address from Denmark. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Denmark. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Medium ## Diseases -This unbundled named entity detects text that matches disease names, such as diabetes. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects text that matches disease names, such as diabetes. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Estonia physical addresses -This unbundled named entity detects patterns related to physical address from Estonia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Estonia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level These entities are in the EU passport number and are sensitive information types ## EU social security number or equivalent identification -These are the entities that are in the EU Social Security Number or equivalent identification and are sensitive information types. +These entities are in the EU Social Security Number or equivalent identification and are sensitive information types. - [Austria](#austria-social-security-number) - [Belgium](#belgium-national-number) This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Finland physical addresses -This unbundled named entity detects patterns related to physical address from Finland. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Finland. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## France physical addresses -This unbundled named entity detects patterns related to physical address from France. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from France. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Generic medication names -This unbundled named entity detects names of generic medications, such as acetaminophen. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects names of generic medications, such as acetaminophen. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ### Format -since 1 November 2010: Nine to eleven letters and digits +since 1 November 2010: Nine to 11 letters and digits from 1 April 1987 until 31 October 2010: 10 digits A DLP policy has low confidence that it's detected this type of sensitive inform ## Germany physical addresses -This unbundled named entity detects patterns related to physical address from Germany. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Germany. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Greece driver's license number -This entity is included in the EU Driver's License Number sensitive information type. It is also available as a stand-alone sensitive information type entity. +This entity is included in the EU Driver's License Number sensitive information type. It's also available as a stand-alone sensitive information type entity. ### Format A DLP policy has medium confidence that it's detected this type of sensitive inf ## Greece physical addresses -This unbundled named entity detects patterns related to physical address from Greece. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Greece. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Hungary physical addresses -This unbundled named entity detects patterns related to physical address from Hungary. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Hungary. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Iceland physical addresses -This unbundled named entity detects patterns related to physical address from Iceland. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Iceland. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Medium ## Impairments Listed In The U.S. Disability Evaluation Under Social Security -This unbundled named entity detects names of impairments listed in the U.S. Disability Evaluation Under Social Security, such as muscular dystrophy. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects names of impairments listed in the U.S. Disability Evaluation Under Social Security, such as muscular dystrophy. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has low confidence that it's detected this type of sensitive inform 12 digits: -- A digit that is not 0 or 1 +- A digit that isn't 0 or 1 - Three digits - An optional space or dash - Four digits A DLP policy has low confidence that it's detected this type of sensitive inform ## Ireland physical addresses -This unbundled named entity detects patterns related to physical address from Ireland. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Ireland. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Italy driver's license number -This type entity is included in the EU Driver's License Number sensitive information type. It is also available as a stand-alone sensitive information type entity. +This type entity is included in the EU Driver's License Number sensitive information type. It's also available as a stand-alone sensitive information type entity. ### Format This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Italy physical addresses -This unbundled named entity detects patterns related to physical address from Italy. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Italy. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Lab test terms -This unbundled named entity detects terms related to lab tests, such as Insulin C-peptide. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects terms related to lab tests, such as Insulin C-peptide. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Latvia physical addresses -This unbundled named entity detects patterns related to physical address from Latvia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Latvia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Medium ## Liechtenstein physical addresses -This unbundled named entity detects patterns related to physical address from Liechtenstein. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Liechtenstein. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Medium ## Lifestyles that relate to medical conditions -This unbundled named entity detects terms related to lifestyles that might result in a medical condition, such as smoking. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects terms related to lifestyles that might result in a medical condition, such as smoking. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Lithuania physical addresses -This unbundled named entity detects patterns related to physical address from Lithuania. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Lithuania. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Luxemburg physical addresses -This unbundled named entity detects patterns related to physical address from Luxemburg. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Luxemburg. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Malta physical addresses -This unbundled named entity detects patterns related to physical address from Malta. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Malta. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has low confidence that it's detected this type of sensitive inform ## Medical specialities -This unbundled named entity detects terms related to medical specialties, such as dermatology. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects terms related to medical specialties, such as dermatology. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Netherlands physical addresses -This unbundled named entity detects patterns related to physical address from the Netherlands. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from the Netherlands. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## New Zealand physical addresses -This unbundled named entity detects patterns related to physical address from New Zealand. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from New Zealand. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Norway physical addresses -This unbundled named entity detects patterns related to physical address from Norway. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Norway. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has low confidence that it's detected this type of sensitive inform ## Poland physical addresses -This unbundled named entity detects patterns related to physical address from Poland. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Poland. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Portugal physical addresses -This unbundled named entity detects patterns related to physical address from Portugal. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Portugal. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Romania physical addresses -This unbundled named entity detects patterns related to physical address from Romania. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Romania. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has low confidence that it's detected this type of sensitive inform ## Slovakia physical addresses -This unbundled named entity detects patterns related to physical address from Slovakia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Slovakia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Slovenia physical addresses -This unbundled named entity detects patterns related to physical address from Slovenia. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Slovenia. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Spain physical addresses -This unbundled named entity detects patterns related to physical address from Spain. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Spain. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps The string "User Id", "User ID", "uid", or "UserId" followed by the characters a - the string "Password" or "pwd" where "pwd" isn't preceded by a lowercase letter - an equal sign (=) - any character that isn't a dollar sign ($), percent symbol (%), greater than symbol (>), at symbol (@), quotation mark ("), semicolon (;), left brace([), or left bracket ({)-- any combination of 7-128 characters that are not a semicolon (;), forward slash (/), or quotation mark (") +- any combination of 7-128 characters that aren't a semicolon (;), forward slash (/), or quotation mark (") - a semicolon (;) or quotation mark (") ### Checksum This sensitive information type identifies these keywords by using a regular exp ## Surgical procedures -This unbundled named entity detects terms related to surgical procedures, such as appendectomy. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects terms related to surgical procedures, such as appendectomy. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## Sweden physical addresses -This unbundled named entity detects patterns related to physical address from Sweden. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Sweden. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Switzerland physical addresses -This unbundled named entity detects patterns related to physical address from Switzerland. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Switzerland. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps A DLP policy has medium confidence that it's detected this type of sensitive inf ## Turkey physical addresses -This unbundled named entity detects patterns related to physical address from Turkey. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from Turkey. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level Medium ## Types of medication -This unbundled named entity detects medication names, such as insulin. It supports English terms only. It is also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. +This unbundled named entity detects medication names, such as insulin. It supports English terms only. It's also included in the [All medical terms and conditions](#all-medical-terms-and-conditions) bundled named entity SIT. ### Confidence level A DLP policy has medium confidence that it's detected this type of sensitive inf ## U.K. physical addresses -This unbundled named entity detects patterns related to physical address from the U.K.. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from the U.K.. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps Depends on the state depends on the state - for example, New York: - nine digits formatted like ddd ddd ddd will match.-- nine digits like ddddddddd will not match. +- nine digits like ddddddddd won't match. ### Checksum A DLP policy has low confidence that it's detected this type of sensitive inform ## U.S. physical addresses -This unbundled named entity detects patterns related to physical address from the U.S.. It is also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. +This unbundled named entity detects patterns related to physical address from the U.S.. It's also included in the [All Physical Addresses](#all-physical-addresses) bundled named entity SIT. ### Confidence level This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps This sensitive information type is only available for use in: - data loss prevention policies - communication compliance policies-- information governance +- data lifecycle management - records management - Microsoft Defender for Cloud Apps
compliance	Sensitive Information Type Learn About	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-learn-about.md	description: "This article gives an overview of sensitive information types and # Learn about sensitive information types -Identifying and classifying sensitive items that are under your organizations control is the first step in the [Information Protection discipline](./information-protection.md). Microsoft 365 provides three ways of identifying items so that they can be classified: + +Identifying and classifying sensitive items that are under your organizations control is the first step in the [Information Protection discipline](./information-protection.md). Microsoft Purview provides three ways of identifying items so that they can be classified: - manually by users - automated pattern recognition, like sensitive information types Microsoft provides a large number of pre-configured SITs or you can create your ## Sensitive information types are used in -- [Data loss prevention policies](dlp-learn-about-dlp.md) +- [Microsoft Purview Data Loss Prevention policies](dlp-learn-about-dlp.md) - [Sensitivity labels](sensitivity-labels.md) - [Retention labels](retention.md) - [Insider risk management](insider-risk-management.md) These SITs are created by Microsoft show up in the compliance console by default ### Named entity sensitive information types -Named entity SITs also show up in the compliance console by default. They detect person names, physical addresses, and medical terms and conditions. They cannot be edited or copied. See, [Learn about named entities (preview)](named-entities-learn.md#learn-about-named-entities-preview) for more information. Named entity SITs come in two types: +Named entity SITs also show up in the compliance console by default. They detect person names, physical addresses, and medical terms and conditions. They cannot be edited or copied. See, [Learn about named entities ](named-entities-learn.md#learn-about-named-entities) for more information. Named entity SITs come in two types: un-bundled You can choose from several options to create custom sensitive information types - Use PowerShell - You can set up custom sensitive information types using PowerShell. Although this method is more complex than using the UI, you have more configuration options. See [Create a custom sensitive information type in Security & Compliance Center PowerShell](create-a-custom-sensitive-information-type-in-scc-powershell.md). > [!NOTE] -> Improved confidence levels are available for immediate use within Data Loss Prevention for Microsoft 365 services, Microsoft Information Protection for Microsoft 365 services, Communication Compliance, Information Governance, and Records Management. -> Microsoft 365 Information Protection now supports double byte character set languages for: -> +> Improved confidence levels are available for immediate use within Microsoft Purview data loss prevention services, information protection, Communication Compliance, data lifecycle management, and records management. +> Information Protection now supports double byte character set languages for: > - Chinese (simplified) > - Chinese (traditional) > - Korean
compliance	Sensitivity Labels Aip	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-aip.md	Title: "Choose Microsoft Information Protection (MIP) built-in labeling for Office apps over the Azure Information Protection (AIP) add-in" + Title: "Choose Microsoft Purview Information Protection built-in labeling for Office apps over the Azure Information Protection (AIP) add-in" f1.keywords: - CSH search.appverid: description: When you use the Azure Information Protection (AIP) unified labeling client, understand the advantages of using built-in labeling for Office apps rather than the AIP add-in. -# Why choose MIP built-in labeling over the AIP add-in for Office apps +# Why choose built-in labeling over the AIP add-in for Office apps + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). When you use [sensitivity labels](sensitivity-labels.md) in Microsoft 365 Apps on Windows computers, you have a choice of using labeling that's built into Office apps, or an add-in from the [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2). -Built-in labeling forms the cornerstone of a [Microsoft Information Protection (MIP) deployment](information-protection-solution.md) because this labeling technology extends across platforms (Windows, macOS, iOS, Android, and web), as well as across Microsoft apps and services, and beyond. Built-in labeling is also designed to work with other MIP capabilities, such as data classification and data loss prevention (DLP). +Built-in labeling forms the cornerstone of a [Microsoft Purview information protection deployment](information-protection-solution.md) because this labeling technology extends across platforms (Windows, macOS, iOS, Android, and web), as well as across Microsoft apps and services, and beyond. Built-in labeling is also designed to work with other Microsoft Purview capabilities, such as data classification and Microsoft Purview data loss prevention (DLP). -Because built-in labels don't use an Office add-in, they benefit from more stability and better performance. They also support the latest MIP features, such as advanced classifiers. +Because built-in labels don't use an Office add-in, they benefit from more stability and better performance. They also support the latest Microsoft Purview features, such as advanced classifiers. By default, built-in labeling is turned off in Office for Windows apps when the AIP client is installed. You can change this default behavior by using the instructions in the following section, [How to disable the AIP add-in to use built-in labeling for Office apps](#how-to-disable-the-aip-add-in-to-use-built-in-labeling-for-office-apps). Example showing how users can review and optionally remove identified sensitive ![Credit card numbers identified to users as sensitivity content with an option to remove.](../media/detect-sensitive-content.png) -To keep informed when new labeling capabilities become available for built-in labeling, see [What's new in Microsoft 365 compliance](whats-new.md) and the Sensitivity labels sections. +To keep informed when new labeling capabilities become available for built-in labeling, see [What's new in Microsoft Purview](whats-new.md) and the Sensitivity labels sections. ## How to disable the AIP add-in to use built-in labeling for Office apps Use the following information to help you identify if you're using a feature fro The AIP client supports many customizations by using [PowerShell advanced settings](/azure/information-protection/rms-client/clientv2-admin-guide-customizations#configuring-advanced-settings-for-the-client-via-powershell). Some of these advanced settings are now supported by built-in labeling, as documented in [New-Label](/powershell/module/exchange/new-label) or [Set-Label](/powershell/module/exchange/set-label), and [New-LabelPolicy](/powershell/module/exchange/new-labelpolicy) or [Set-LabelPolicy](/powershell/module/exchange/set-labelpolicy). -However, you might find you don't need to use PowerShell to configure the supported settings because they're included in the standard configuration from the Microsoft 365 compliance center. For example, the ability to turn off mandatory labeling for Outlook and set a different default label. +However, you might find you don't need to use PowerShell to configure the supported settings because they're included in the standard configuration from the Microsoft Purview compliance portal. For example, the ability to turn off mandatory labeling for Outlook and set a different default label. The following configurations from the AIP add-in aren't yet supported by built-in labeling include: Although new capabilities for built-in labeling are being added all the time, th For instructions to create and configure these labeling capabilities, see [Create and configure sensitivity labels and their policies](create-sensitivity-labels.md). > [!TIP] -> If you already have sensitivity labels in the Microsoft 365 compliance center, you won't be eligible for the automatic creation of default labels. However, you might still find it useful to reference their configuration: [Default sensitivity labels](mip-easy-trials.md#default-sensitivity-labels). +> If you already have sensitivity labels in the Microsoft Purview compliance portal, you won't be eligible for the automatic creation of default labels. However, you might still find it useful to reference their configuration: [Default sensitivity labels](mip-easy-trials.md#default-sensitivity-labels).
compliance	Sensitivity Labels Coauthoring	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-coauthoring.md	Title: "Enable co-authoring for documents encrypted by sensitivity labels in Microsoft 365" + Title: "Enable co-authoring for encrypted documents" f1.keywords: - NOCSH description: "Turn on a setting that enables co-authoring and AutoSave in deskto # Enable co-authoring for files encrypted with sensitivity labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Enable the setting to support [co-authoring](https://support.office.com/article/ee1509b4-1f6e-401e-b04a-782d26f564a4) for Office desktop apps so that when documents are labeled and encrypted by [sensitivity labels](sensitivity-labels.md), multiple users can edit these documents at the same time. Before you enable the tenant setting for co-authoring for files encrypted with s If you've already turned on this setting during the preview period, no further action is needed and you can skip this procedure. -1. Sign in to the [Microsoft 365 compliance center](https://compliance.microsoft.com) as a global admin for your tenant. +1. Sign in to the [Microsoft Purview compliance portal](https://compliance.microsoft.com) as a global admin for your tenant. 2. From the navigation pane, select Settings > Co-authoring for files with sensitivity files.
compliance	Sensitivity Labels Default Sharing Link	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-default-sharing-link.md	Title: "Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive" + Title: "Use sensitivity labels to configure the default sharing link type" f1.keywords: - NOCSH description: "Use sensitivity labels to configure the default sharing link type # Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -As an additional configuration to the settings you see in the Microsoft 365 compliance center for [sensitivity labels](sensitivity-labels.md), you can use these labels to configure settings for the default sharing link type for a SharePoint site or OneDrive account, and for individual documents. These settings are automatically selected, but not highly visible to users when they select the Share button in their Office apps. As an example: +As an additional configuration to the settings you see in the Microsoft Purview compliance portal for [sensitivity labels](sensitivity-labels.md), you can use these labels to configure settings for the default sharing link type for a SharePoint site or OneDrive account, and for individual documents. These settings are automatically selected, but not highly visible to users when they select the Share button in their Office apps. As an example: ![Example default sharing link dialog box.](../media/default-sharing-link-example.png) To apply the default sharing link type for documents in SharePoint and OneDrive, In a PowerShell session, you must [connect to Office 365 Security & Compliance Center PowerShell](/powershell/exchange/office-365-scc/connect-to-scc-powershell/connect-to-scc-powershell) to configure the settings for the default sharing link type. > [!NOTE] -> Although not required, it's easiest to first [create and configure sensitivity labels in the Microsoft 365 compliance center](create-sensitivity-labels.md), and then modify these labels with the settings that configure the default sharing link type. +> Although not required, it's easiest to first [create and configure sensitivity labels in the Microsoft Purview compliance portal](create-sensitivity-labels.md), and then modify these labels with the settings that configure the default sharing link type. ## How to configure settings for the default sharing link type PowerShell examples, where the sensitivity label GUID is 8faca7b8-8d20-48a3-8e Set-Label -Identity 8faca7b8-8d20-48a3-8ea2-0f96310a848e -AdvancedSettings @{DefaultShareLinkPermission="Edit"} ```` -To configure the settings for the default sharing link type for a site, the [scope of the sensitivity label](sensitivity-labels.md#label-scopes) must include Groups & sites when you create the sensitivity label in the Microsoft 365 compliance center. After it's created, you see this displayed as Site, UnifiedGroup in the Scope column on the Labels** page, and the PowerShell ContentType setting also displays this same value. For documents, the scope must include Files & emails, which displays as File, Email. Then: +To configure the settings for the default sharing link type for a site, the [scope of the sensitivity label](sensitivity-labels.md#label-scopes) must include Groups & sites when you create the sensitivity label in the Microsoft Purview compliance portal. After it's created, you see this displayed as Site, UnifiedGroup in the Scope column on the Labels page, and the PowerShell ContentType setting also displays this same value. For documents, the scope must include Files & emails, which displays as File, Email. Then: - When the scope includes Groups & sites, you can apply the label to a site, which sets the default sharing link type for that site. For information how to apply a sensitivity label to a site, see [How to apply sensitivity labels to containers](sensitivity-labels-teams-groups-sites.md#how-to-apply-sensitivity-labels-to-containers).
compliance	Sensitivity Labels Office Apps	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md	# Manage sensitivity labels in Office apps + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). -When you have [published](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) sensitivity labels from the Microsoft 365 compliance center or equivalent labeling center, they start to appear in Office apps for users to classify and protect data as it's created or edited. +When you have [published](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) sensitivity labels from the Microsoft Purview compliance portal, they start to appear in Office apps for users to classify and protect data as it's created or edited. Use the information in this article to help you successfully manage sensitivity labels in Office apps. For example, identify the minimum versions of apps you need to support built-in labeling, and understand interactions with the Azure Information Protection unified labeling client and compatibility with other apps and services. Requires the [new Outlook for Mac](https://support.microsoft.com/office/the-new- ## Office built-in labeling client and other labeling solutions -The Office built-in labeling client downloads sensitivity labels and sensitivity label policy settings from the Microsoft 365 compliance center. +The Office built-in labeling client downloads sensitivity labels and sensitivity label policy settings from the Microsoft Purview compliance portal. -To use the Office built-in labeling client, you must have one or more [label policies published](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) to users from the compliance center, and a [supported version of Office](#support-for-sensitivity-label-capabilities-in-apps). +To use the Office built-in labeling client, you must have one or more [label policies published](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) to users from the Microsoft Purview compliance portal, and a [supported version of Office](#support-for-sensitivity-label-capabilities-in-apps). If both of these conditions are met but you need to turn off the built-in labels in Windows Office apps, use the following Group Policy setting: Because this setting is specific to Windows Office apps, it has no impact on oth If users have the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2) installed on their Windows computers, by default, built-in labels are turned off in [Windows Office apps that support them](#labeling-client-for-desktop-apps). Because built-in labels don't use an Office add-in, as used by the AIP client, they have the benefit of more stability and better performance. They also support the latest features, such as advanced classifiers. -To learn more about labeling choices with the AIP client, see [Why choose MIP built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md). +To learn more about labeling choices with the AIP client, see [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md). ## Office file types supported For built-in labeling, identify the minimum versions of Outlook that support the When the Outlook app supports a default label setting that's different from the default label setting for documents: -- In the label policy configuration from the Microsoft 365 compliance center, on the Apply a default label to emails page: You can specify your choice of sensitivity label that will be applied to all unlabeled emails, or no default label. This setting is independent from the Apply this label by default to documents setting on the previous Policy settings for documents page of the configuration. +- In the label policy configuration from the Microsoft Purview compliance portal, on the Apply a default label to emails page: You can specify your choice of sensitivity label that will be applied to all unlabeled emails, or no default label. This setting is independent from the Apply this label by default to documents setting on the previous Policy settings for documents page of the configuration. When the Outlook app doesn't support a default label setting that's different from the default label setting for documents: Outlook will always use the value you specify for Apply this label by default to documents on the Policy settings for documents page of the label policy configuration. When the Outlook app supports turning off mandatory labeling: -- In the label policy configuration from the Microsoft 365 compliance center, on the Policy settings page: Select Require users to apply a label to their email or documents. Then select Next > Next and clear the checkbox Require users to apply a label to their emails. Keep the checkbox selected if you want mandatory labeling to apply to emails as well as to documents. +- In the label policy configuration from the Microsoft Purview compliance portal, on the Policy settings page: Select Require users to apply a label to their email or documents. Then select Next > Next and clear the checkbox Require users to apply a label to their emails. Keep the checkbox selected if you want mandatory labeling to apply to emails as well as to documents. When the Outlook app doesn't support turning off mandatory labeling: If you select Require users to apply a label to their email or documents as a policy setting, Outlook will always prompt users to select a label for unlabeled emails. > [!NOTE] > If you have configured the PowerShell advanced settings OutlookDefaultLabel and DisableMandatoryInOutlook by using the [Set-LabelPolicy](/powershell/module/exchange/set-labelpolicy) or [New-LabelPolicy](/powershell/module/exchange/new-labelpolicy) cmdlets: > -> Your chosen values for these PowerShell settings are reflected in the label policy configuration in the compliance center, and they automatically work for Outlook apps that support these settings. The other PowerShell advanced settings remain supported for the Azure Information Protection unified labeling client only. +> Your chosen values for these PowerShell settings are reflected in the label policy configuration in the Microsoft Purview compliance portal, and they automatically work for Outlook apps that support these settings. The other PowerShell advanced settings remain supported for the Azure Information Protection unified labeling client only. ## Auditing labeling activities -For information about the auditing events that are generated by sensitivity label activities, see the [Sensitivity label activities](search-the-audit-log-in-security-and-compliance.md#sensitivity-label-activities) section from [Search the audit log in the compliance center](search-the-audit-log-in-security-and-compliance.md). +For information about the auditing events that are generated by sensitivity label activities, see the [Sensitivity label activities](search-the-audit-log-in-security-and-compliance.md#sensitivity-label-activities) section from [Search the audit log in the Microsoft Purview compliance portal](search-the-audit-log-in-security-and-compliance.md). This auditing information is visually represented in [content explorer](data-classification-content-explorer.md) and [activity explorer](data-classification-activity-explorer.md) to help you understand how your sensitivity labels are being used and where this labeled content is located. You can also create custom reports with your choice of security information and > [!TIP] > To help create custom reports, see the following blog posts: -> - [Microsoft 365 Compliance audit log activities via O365 Management API - Part 1](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-365-compliance-audit-log-activities-via-o365/ba-p/2957171) -> - [Microsoft 365 Compliance audit log activities via O365 Management API - Part 2](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-365-compliance-audit-log-activities-via-o365/ba-p/2957297) +> - [Microsoft Purview audit log activities via O365 Management API - Part 1](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-365-compliance-audit-log-activities-via-o365/ba-p/2957171) +> - [Microsoft Purview audit log activities via O365 Management API - Part 2](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-365-compliance-audit-log-activities-via-o365/ba-p/2957297) ## End-user documentation
compliance	Sensitivity Labels Sharepoint Onedrive Files	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files.md	Title: "Enable sensitivity labels for Office files in SharePoint and OneDrive" + Title: "Enable sensitivity labels for Office files" f1.keywords: - NOCSH description: "Administrators can enable sensitivity label support for Word, Exce # Enable sensitivity labels for Office files in SharePoint and OneDrive + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). Enable built-in labeling for [supported Office files](sensitivity-labels-office-apps.md#office-file-types-supported) in SharePoint and OneDrive so that users can apply your [sensitivity labels](sensitivity-labels.md) in Office for the web. When this feature is enabled, users will see the Sensitivity button on the ribbon so they can apply labels, and see any applied label name on the status bar. -Enabling this feature also results in SharePoint and OneDrive being able to process the contents of Office files that have been encrypted by using a sensitivity label. The label can be applied in Office for the web, or in Office desktop apps and uploaded or saved in SharePoint and OneDrive. Until you enable this feature, these services can't process encrypted files, which means that coauthoring, eDiscovery, Data Loss Prevention, search, and other collaborative features won't work for these files. +Enabling this feature also results in SharePoint and OneDrive being able to process the contents of Office files that have been encrypted by using a sensitivity label. The label can be applied in Office for the web, or in Office desktop apps and uploaded or saved in SharePoint and OneDrive. Until you enable this feature, these services can't process encrypted files, which means that coauthoring, eDiscovery, Microsoft Purview data loss prevention, search, and other collaborative features won't work for these files. After you enable sensitivity labels for Office files in SharePoint and OneDrive, for new and changed files that have a sensitivity label that applies encryption with a cloud-based key (and doesn't use [Double Key Encryption](double-key-encryption.md): After you enable sensitivity labels for Office files in SharePoint and OneDrive, - External users can access documents that are labeled with encryption by using guest accounts. For more information, see [Support for external users and labeled content](sensitivity-labels-office-apps.md#support-for-external-users-and-labeled-content). -- Office 365 eDiscovery supports full-text search for these files and Data Loss Prevention (DLP) policies support content in these files. +- Office 365 eDiscovery supports full-text search for these files and data loss prevention (DLP) policies support content in these files. > [!NOTE] -> If encryption has been applied with an on-premises key (a key management topology often referred to as "hold your own key" or HYOK), or by using [Double Key Encryption](double-key-encryption.md), the service behavior for processing the file contents doesn't change. So for these files, coauthoring, eDiscovery, Data Loss Prevention, search, and other collaborative features won't work. +> If encryption has been applied with an on-premises key (a key management topology often referred to as "hold your own key" or HYOK), or by using [Double Key Encryption](double-key-encryption.md), the service behavior for processing the file contents doesn't change. So for these files, coauthoring, eDiscovery, data loss prevention, search, and other collaborative features won't work. > > The SharePoint and OneDrive behavior also doesn't change for existing files in these locations that are labeled with encryption using a single Azure-based key. For these files to benefit from the new capabilities after you enable sensitivity labels for Office files in SharePoint and OneDrive, the files must be either downloaded and uploaded again, or edited. Use the OneDrive sync app version 19.002.0121.0008 or later on Windows, and vers - SharePoint and OneDrive don't automatically apply sensitivity labels to existing files that you've already encrypted using Azure Information Protection labels. Instead, for the features to work after you enable sensitivity labels for Office files in SharePoint and OneDrive, complete these tasks: - 1. Make sure you have [migrated the Azure Information Protection labels](/azure/information-protection/configure-policy-migrate-labels) to sensitivity labels and [published them](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) from the Microsoft 365 compliance center. + 1. Make sure you have [migrated the Azure Information Protection labels](/azure/information-protection/configure-policy-migrate-labels) to sensitivity labels and [published them](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) from the Microsoft Purview compliance portal. 2. Download the labeled files and then upload them to their original location in SharePoint or OneDrive. - SharePoint and OneDrive can't process encrypted files when the label that applied the encryption has any of the following [configurations for encryption](encryption-sensitivity-labels.md#configure-encryption-settings): Use the OneDrive sync app version 19.002.0121.0008 or later on Windows, and vers ## How to enable sensitivity labels for SharePoint and OneDrive (opt-in) -You can enable the new capabilities by using the Microsoft 365 compliance center, or by using PowerShell. As with all tenant-level configuration changes for SharePoint and OneDrive, it takes about 15 minutes for the change to take effect. +You can enable the new capabilities by using the Microsoft Purview compliance portal, or by using PowerShell. As with all tenant-level configuration changes for SharePoint and OneDrive, it takes about 15 minutes for the change to take effect. -### Use the compliance center to enable support for sensitivity labels +### Use the Microsoft Purview compliance portal to enable support for sensitivity labels This option is the easiest way to enable sensitivity labels for SharePoint and OneDrive, but you must sign in as a global administrator for your tenant. -1. Sign in to the [Microsoft 365 compliance center](https://compliance.microsoft.com/) as a global administrator, and navigate to Solutions > Information protection +1. Sign in to the [Microsoft Purview compliance portal](https://compliance.microsoft.com/) as a global administrator, and navigate to Solutions > Information protection If you don't immediately see this option, first select Show all. This option is the easiest way to enable sensitivity labels for SharePoint and O ### Use PowerShell to enable support for sensitivity labels -As an alternative to using the compliance center, you can enable support for sensitivity labels by using the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) cmdlet from SharePoint Online PowerShell. +As an alternative to using the Microsoft Purview compliance portal, you can enable support for sensitivity labels by using the [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant) cmdlet from SharePoint Online PowerShell. If you have Microsoft 365 Multi-Geo, you must use PowerShell to enable this support for all your geo-locations.
compliance	Sensitivity Labels Teams Groups Sites	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-teams-groups-sites.md	Title: "Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites" + Title: "Use sensitivity labels with Microsoft Teams, Microsoft 365 Groups, and SharePoint sites" f1.keywords: - NOCSH description: "Use sensitivity labels to protect content in SharePoint and Micros # Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). In addition to using [sensitivity labels](sensitivity-labels.md) to classify and protect documents and emails, you can also use sensitivity labels to protect content in the following containers: Microsoft Teams sites, Microsoft 365 groups ([formerly Office 365 groups](https://techcommunity.microsoft.com/t5/microsoft-365-blog/office-365-groups-will-become-microsoft-365-groups/ba-p/1303601)), and SharePoint sites. For this container-level classification and protection, use the following label settings: Known limitations for this preview: ### Configure settings for the default sharing link type for a site by using PowerShell advanced settings -In addition to the label settings for sites and groups that you can configure from the compliance center, you can also configure the default sharing link type for a site. Sensitivity labels for documents can also be configured for a default sharing link type. These settings that help to prevent over-sharing are automatically selected when users select the Share button in their Office apps. +In addition to the label settings for sites and groups that you can configure from the Microsoft Purview compliance portal, you can also configure the default sharing link type for a site. Sensitivity labels for documents can also be configured for a default sharing link type. These settings that help to prevent over-sharing are automatically selected when users select the Share button in their Office apps. For more information and instructions, see [Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive](sensitivity-labels-default-sharing-link.md). The following apps and services support sensitivity labels configured for sites - SharePoint admin center - Teams admin center - Microsoft 365 admin center - - Microsoft 365 compliance center - - Azure Active Directory portal + - Microsoft Purview compliance portal - User apps and
compliance	Sensitivity Labels	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels.md	search.appverid: - MOE150 - MET150 -description: Use sensitivity labels from Microsoft Information Protection (MIP) to classify and protect sensitive content. +description: Use sensitivity labels from Microsoft Purview Information Protection to classify and protect sensitive content. - seo-marvel-apr2020 - seo-marvel-jun2020 # Learn about sensitivity labels + >[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance). > [!NOTE] To get their work done, people in your organization collaborate with others both inside and outside the organization. This means that content no longer stays behind a firewallΓÇöit can roam everywhere, across devices, apps, and services. And when it roams, you want it to do so in a secure, protected way that meets your organization's business and compliance policies. -Sensitivity labels from the Microsoft Information Protection solution let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered. +Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered. Example showing available sensitivity labels in Excel, from the Home tab on the Ribbon. In this example, the applied label displays on the status bar: You can use sensitivity labels to: - Extend sensitivity labels to Power BI: When you turn on this capability, you can apply and view labels in Power BI, and protect data when it's saved outside the service. -- Extend sensitivity labels to assets in Azure Purview: When you turn on this capability, currently in preview, you can apply your sensitivity labels to files and schematized data assets in Azure Purview. The schematized data assets include SQL, Azure SQL, Azure Synapse, Azure Cosoms, and AWS RDS. +- Extend sensitivity labels to assets in Microsoft Purview Data Map: When you turn on this capability, currently in preview, you can apply your sensitivity labels to files and schematized data assets in Microsoft Purview Data Map. The schematized data assets include SQL, Azure SQL, Azure Synapse, Azure Cosoms, and AWS RDS. - Extend sensitivity labels to third-party apps and services. Using the Microsoft Information Protection SDK, third-party apps can read sensitivity labels and apply protection settings. After a sensitivity label is applied to an email or document, any configured pro ![Prompt to assign a required label.](../media/Sensitivity-label-Prompt-for-required-label.png) - For more information about the Auto-labeling for files and emails settings when you create or edit a sensitivity label, see [Apply a sensitivity label to content automatically](apply-sensitivity-label-automatically.md) for Office apps, and [Labeling in Azure Purview](/azure/purview/create-sensitivity-label). + For more information about the Auto-labeling for files and emails settings when you create or edit a sensitivity label, see [Apply a sensitivity label to content automatically](apply-sensitivity-label-automatically.md) for Office apps, and [Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label). - Set the default sharing link type for SharePoint sites and individual documents. To help prevent users oversharing, set the [default scope and permissions](sensitivity-labels-default-sharing-link.md) for when users share documents from SharePoint and OneDrive. When you create a sensitivity label, you're asked to configure the label's scope - Which label settings you can configure for that label - Where the label will be visible to users -This scope configuration lets you have sensitivity labels that are just for documents and emails and can't be selected for containers. And similarly, sensitivity labels that are just for containers and can't be selected for documents and emails. You can also select the scope for Azure Purview assets: +This scope configuration lets you have sensitivity labels that are just for documents and emails and can't be selected for containers. And similarly, sensitivity labels that are just for containers and can't be selected for documents and emails. You can also select the scope for Microsoft Purview Data Map assets: ![Scope options for sensitivity labels.](../media/sensitivity-labels-scopes.png) By default, the Files & emails scope is always selected. The other scopes ar - Groups & sites: [Enable sensitivity labels for containers and synchronize labels](sensitivity-labels-teams-groups-sites.md#how-to-enable-sensitivity-labels-for-containers-and-synchronize-labels) -- Schematized data assets: [Automatically label your content in Azure Purview](/azure/purview/create-sensitivity-label) +- Schematized data assets: [Automatically label your content in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label) If you change the defaults so not all scopes are selected, you see the first page of the configuration settings for scopes you haven't selected, but you can't configure the settings. For example, if the scope for files and emails is not selected, you can't select the options on the next page: If you're not seeing the label or label policy setting behavior that you expect The sensitivity labels that are built into Microsoft 365 Apps on Windows, macOS, iOS, and Android look and behave very similarly across these devices to provide users with a consistent labeling experience. However, on Windows computers, you can also use the [Azure Information Protection (AIP) client](/azure/information-protection/rms-client/aip-clientv2). This client is now in [maintenance mode](https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613). -If you're using the AIP client, see [Why choose MIP built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md) to understand and manage your labeling choices for Windows computers. +If you're using the AIP client, see [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md) to understand and manage your labeling choices for Windows computers. ### Azure Information Protection labels If your tenant isn't yet on the [unified labeling platform](/azure/information-p Because a sensitivity label is stored in the metadata of a document, third-party apps and services can read from and write to this labeling metadata to supplement your labeling deployment. Additionally, software developers can use the [Microsoft Information Protection SDK](/information-protection/develop/overview#microsoft-information-protection-sdk) to fully support labeling and encryption capabilities across multiple platforms. To learn more, see the [General Availability announcement on the Tech Community blog](https://techcommunity.microsoft.com/t5/Microsoft-Information-Protection/Microsoft-Information-Protection-SDK-Now-Generally-Available/ba-p/263144). -You can also learn about [partner solutions that are integrated with Microsoft Information Protection](https://techcommunity.microsoft.com/t5/Azure-Information-Protection/Microsoft-Information-Protection-showcases-integrated-partner/ba-p/262657). +You can also learn about [partner solutions that are integrated with Microsoft Purview Information Protection](https://techcommunity.microsoft.com/t5/Azure-Information-Protection/Microsoft-Information-Protection-showcases-integrated-partner/ba-p/262657). ## Deployment guidance
compliance	Set Up Advanced Audit	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-advanced-audit.md	Title: "Set up Advanced Audit in Microsoft 365" + Title: "Set up Audit (Premium) in Microsoft 365" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "This article describes how to set up Advanced Audit so you can perform forensic investigations when user accounts are compromised or to investigation other security-related incidents." +description: "This article describes how to set up Audit (Premium) so you can perform forensic investigations when user accounts are compromised or to investigation other security-related incidents." -# Set up Advanced Audit in Microsoft 365 +# Set up Microsoft Purview Audit (Premium) -If your organization has a subscription and end-user licensing that supports Advanced Audit, perform the following steps to set up and use the additional capabilities in Advanced Audit. +If your organization has a subscription and end-user licensing that supports Audit (Premium), perform the following steps to set up and use the additional capabilities in Audit (Premium). -![Workflow to set up Advanced Audit.](../media/AdvancedAuditWorkflow.png) +![Workflow to set up Audit (Premium).](../media/AdvancedAuditWorkflow.png) -## Step 1: Set up Advanced Audit for users +## Step 1: Set up Audit (Premium) for users -Advanced Audit features such as the ability to log crucial events such as MailItemsAccessed and Send require an appropriate E5 license assigned to users. Additionally, the Advanced Auditing app/service plan must be enabled for those users. To verify that the Advanced Auditing app is assigned to users, perform the following steps for each user: +Audit (Premium) features such as the ability to log crucial events such as MailItemsAccessed and Send require an appropriate E5 license assigned to users. Additionally, the Advanced Auditing app/service plan must be enabled for those users. To verify that the Advanced Auditing app is assigned to users, perform the following steps for each user: 1. In the Microsoft 365 admin center, go to Users > <a href="https://go.microsoft.com/fwlink/p/?linkid=834822" target="_blank">Active users</a>, and select a user. 2. On the user properties flyout page, click Licenses and apps. -3. In the Licenses section, verify that the user is assigned an E5 license or is assigned an appropriate add-on license. For a list of licenses that support Advanced Audit, see [Advanced Audit licensing requirements](auditing-solutions-overview.md#advanced-audit-1). +3. In the Licenses section, verify that the user is assigned an E5 license or is assigned an appropriate add-on license. For a list of licenses that support Audit (Premium), see [Audit (Premium) licensing requirements](auditing-solutions-overview.md#audit-premium-1). 4. Expand the Apps section, and verify that the Microsoft 365 Advanced Auditing checkbox is selected. 5. If the checkbox isn't selected, select it, and then click Save changes. - The logging of audit records for MailItemsAccessed and Send will begin within 24 hours. You have to perform Step 3 to start logging of two other Advanced Audit events: SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint. + The logging of audit records for MailItemsAccessed and Send will begin within 24 hours. You have to perform Step 3 to start logging of two other Audit (Premium) events: SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint. -Also, if you've customized the mailbox actions that are logged on user mailboxes or shared mailboxes, any new Advanced Audit events released by Microsoft won't be automatically audited on those mailboxes. For information about changing the mailbox actions that are audited for each logon type, see the "Change or restore mailbox actions logged by default" section in [Manage mailbox auditing](enable-mailbox-auditing.md#change-or-restore-mailbox-actions-logged-by-default). +Also, if you've customized the mailbox actions that are logged on user mailboxes or shared mailboxes, any new Audit (Premium) events released by Microsoft won't be automatically audited on those mailboxes. For information about changing the mailbox actions that are audited for each logon type, see the "Change or restore mailbox actions logged by default" section in [Manage mailbox auditing](enable-mailbox-auditing.md#change-or-restore-mailbox-actions-logged-by-default). -## Step 2: Enable Advanced Audit events +## Step 2: Enable Audit (Premium) events -You have to enable two Advanced Audit events (SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint) to be logged when users perform searches in Exchange Online and SharePoint Online. To enable these two events to be audited for users, run the following command (for each user) in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell): +You have to enable two Audit (Premium) events (SearchQueryInitiatedExchange and SearchQueryInitiatedSharePoint) to be logged when users perform searches in Exchange Online and SharePoint Online. To enable these two events to be audited for users, run the following command (for each user) in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell): ```powershell Set-Mailbox <user> -AuditOwner @{Add="SearchQueryInitiated"} If the command to enable the auditing of search queries was previously run in a In additional to the default policy that retains Exchange, SharePoint, and Azure AD audit records for one year, you can create additional audit log retention policies to meet the requirements of your organization's security operations, IT, and compliance teams. For more information, see [Manage audit log retention policies](audit-log-retention-policies.md). -## Step 4: Search for Advanced Audit events +## Step 4: Search for Audit (Premium) events -Now that you have Advanced Audit set up for your organization, you can search for crucial Advanced Audit events and other activities when conducting forensic investigations. After completing Step 1 and Step 2, you can search the audit log for Advanced Audit events and other activities during forensic investigations of compromised accounts and other types of security or compliance investigations. For more information about conducting a forensics investigation of compromised user accounts by using the MailItemsAccessed Advanced Audit event, see [Use Advanced Audit to investigate compromised accounts](mailitemsaccessed-forensics-investigations.md). +Now that you have Audit (Premium) set up for your organization, you can search for crucial Audit (Premium) events and other activities when conducting forensic investigations. After completing Step 1 and Step 2, you can search the audit log for Audit (Premium) events and other activities during forensic investigations of compromised accounts and other types of security or compliance investigations. For more information about conducting a forensics investigation of compromised user accounts by using the MailItemsAccessed Audit (Premium) event, see [Use Audit (Premium) to investigate compromised accounts](mailitemsaccessed-forensics-investigations.md).
compliance	Set Up An Archive And Deletion Policy For Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-an-archive-and-deletion-policy-for-mailboxes.md	Title: "Customize an archive and deletion policy (MRM) for mailboxes in your organization" + Title: "Customize an archive and deletion policy (MRM) for mailboxes" f1.keywords: - NOCSH description: "How to create a custom Messaging Records Management (MRM) archivin # Customize an archive and deletion policy for mailboxes in your organization -Microsoft 365 compliance admins can create an archiving and deletion policy that automatically moves items to a user's [archive mailbox](archive-mailboxes.md) and automatically deletes items from the mailbox. + +Microsoft Purview admins can create an archiving and deletion policy that automatically moves items to a user's [archive mailbox](archive-mailboxes.md) and automatically deletes items from the mailbox. You do this by by creating a Messaging Records Management (MRM) retention policy that's assigned to mailboxes, and moves items to a user's archive mailbox after a certain period of time and that also deletes items from the mailbox after they reach a certain age limit. The first step is to enable the archive mailbox for each user in your organizati > [!NOTE] > You can enable archive mailboxes any time during this process, just as long as they're enabled at some point before you complete the process. If an archive mailbox isn't enabled, no action is taken on any items that have an archive or deletion policy assigned to it. -1. Go to <https://compliance.microsoft.com>. +1. Go to the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Sign in using your global administrator account. -3. In the Microsoft 365 compliance center, click Information governance, and then click the Archive tab. +3. In the Microsoft Purview compliance portal, select Data lifecycle management, and then click the Archive tab. A list of the mailboxes in your organization is displayed and whether the corresponding archive mailbox is enabled or disabled.
compliance	Set Up Azure Rms For Previous Version Message Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-azure-rms-for-previous-version-message-encryption.md	description: "The previous version of Office 365 Message Encryption depends on M # Set up Azure Rights Management for the previous version of Message Encryption + This topic describes the steps you need to follow in order to activate and then set up Azure Rights Management (RMS), part of Azure Information Protection, for use with the previous version of Office 365 Message Encryption (OME). ## This article only applies to the previous version of OME -If you haven't yet moved your organization to the new OME capabilities, but you have already deployed OME, then the information in this article applies to your organization. Microsoft recommends that you make a plan to move to the new OME capabilities as soon as it is reasonable for your organization. For instructions, see [Set up new Office 365 Message Encryption capabilities](set-up-new-message-encryption-capabilities.md). If you want to find out more about how the new capabilities work first, see [Office 365 Message Encryption](ome.md). The rest of this article refers to OME behavior before the release of the new OME capabilities. +If you haven't yet moved your organization to Microsoft Purview Message Encryption, but you have already deployed OME, then the information in this article applies to your organization. Microsoft recommends that you make a plan to move to Microsoft Purview Message Encryption as soon as it is reasonable for your organization. For instructions, see [Set up Microsoft Purview Message Encryption](set-up-new-message-encryption-capabilities.md). If you want to find out more about how the new capabilities work first, see [Message Encryption](ome.md). The rest of this article refers to OME behavior before the release of Microsoft Purview Message Encryption. ## Prerequisites for using the previous version of Office 365 Message Encryption <a name="warmprereqs"> </a> You need to activate Azure Rights Management so that the users in your organizat A TPD is an XML file that contains information about your organization's rights management settings. For example, the TPD contains information about the server licensor certificate (SLC) used for signing and encrypting certificates and licenses, the URLs used for licensing and publishing, and so on. You import the TPD into your organization by using Windows PowerShell. > [!IMPORTANT] -> Previously, you could choose to import TPDs from the Active Directory Rights Management service (AD RMS) into your organization. However, doing so will prevent you from using the new OME capabilities and is not recommended. If your organization is currently configured this way, Microsoft recommends that you create a plan to migrate from your on-premises Active Directory RMS to cloud-based Azure Information Protection. For more information, see [Migrating from AD RMS to Azure Information Protection](/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms). You will not be able to use the new OME capabilities until you have completed the migration to Azure Information Protection. +> Previously, you could choose to import TPDs from the Active Directory Rights Management service (AD RMS) into your organization. However, doing so will prevent you from using Microsoft Purview Message Encryption and is not recommended. If your organization is currently configured this way, Microsoft recommends that you create a plan to migrate from your on-premises Active Directory RMS to cloud-based Azure Information Protection. For more information, see [Migrating from AD RMS to Azure Information Protection](/information-protection/plan-design/migrate-from-ad-rms-to-azure-rms). You will not be able to use Microsoft Purview Message Encryption until you have completed the migration to Azure Information Protection. To import TPDs from Azure RMS A TPD is an XML file that contains information about your organization's rights ## I have the previous version of OME set up with Active Directory Rights Management not Azure Information Protection, what do I do? <a name="importTPDs"> </a> -You can continue to use your existing Office 365 Message Encryption mail flow rules with Active Directory Rights Management, but you can't configure or use the new OME capabilities. Instead, you need to migrate to Azure Information Protection. For information about migration and what this means for your organization, see [Migrating from AD RMS to Azure Information Protection](/information-protection/deploy-use/prepare-environment-adrms). +You can continue to use your existing Office 365 Message Encryption mail flow rules with Active Directory Rights Management, but you can't configure or use Microsoft Purview Message Encryption. Instead, you need to migrate to Azure Information Protection. For information about migration and what this means for your organization, see [Migrating from AD RMS to Azure Information Protection](/information-protection/deploy-use/prepare-environment-adrms). ## Next steps <a name="importTPDs"> </a> -Once you've completed Azure Rights Management setup, if you want to enable the new OME capabilities, see [Set up new Office 365 Message Encryption capabilities built on top of Azure Information Protection.](./set-up-new-message-encryption-capabilities.md) +Once you've completed Azure Rights Management setup, if you want to enable Microsoft Purview Message Encryption, see [Set up Microsoft Purview Message Encryption](./set-up-new-message-encryption-capabilities.md). -After you've set up your organization to use the new OME capabilities, you're ready to [Define mail flow rules to protect email messages with new OME capabilities](define-mail-flow-rules-to-encrypt-email.md). +After you've set up your organization to use Microsoft Purview Message Encryption, you're ready to [Define mail flow rules](define-mail-flow-rules-to-encrypt-email.md). ## Related topics <a name="importTPDs"> </a> After you've set up your organization to use the new OME capabilities, you're re [Technical reference details about encryption in Office 365](technical-reference-details-about-encryption.md) -[What is Azure Rights Management?](/information-protection/understand-explore/what-is-azure-rms) +[What is Azure Rights Management?](/information-protection/understand-explore/what-is-azure-rms)
compliance	Set Up Basic Audit	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-basic-audit.md	Title: "Set up Basic Audit in Microsoft 365" + Title: "Set up Audit (Standard) in Microsoft 365" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "This article describes how to set up Basic Audit so you can start searching for auditing activities performed by users and admins in your organization." +description: "This article describes how to set up Audit (Standard) so you can start searching for auditing activities performed by users and admins in your organization." -# Set up Basic Audit in Microsoft 365 +# Set up Microsoft Purview Audit (Standard) -Basic Audit in Microsoft 365 lets you search for audit records for activities performed in the different Microsoft 365 services by users and admins. Because Basic Audit is enabled by default for most Microsoft 365 and Office 365 organizations, there's only a few things you need to do before you and others in your organization can search the audit log. +Microsoft Purview Audit (Standard) in Microsoft 365 lets you search for audit records for activities performed in the different Microsoft 365 services by users and admins. Because Audit (Standard) is enabled by default for most Microsoft 365 and Office 365 organizations, there's only a few things you need to do before you and others in your organization can search the audit log. -This article discusses the following steps necessary to set up Basic Audit. +This article discusses the following steps necessary to set up Audit (Standard). -![Steps to set up Basic Audit.](../media/BasicAuditingWorkflow.png) +![Steps to set up Audit (Standard).](../media/BasicAuditingWorkflow.png) These steps include ensuring the proper organizational subscriptions and user licensing required to generate and preserve audit records and assigning permissions to team members of your security operations, IT, compliance, and legal teams so that can search the audit log. -For more information, see [Basic Audit in Microsoft 365](auditing-solutions-overview.md#basic-audit). +For more information, see [Audit (Standard) in Microsoft 365](auditing-solutions-overview.md#audit-standard). ## Step 1: Verify organization subscription and user licensing -Licensing for Basic Audit requires the appropriate organization subscription that provides access to audit log search tool and per-user licensing that's required to log and retain audit records. +Licensing for Audit (Standard) requires the appropriate organization subscription that provides access to audit log search tool and per-user licensing that's required to log and retain audit records. -When an audited activity is performed by a user or admin, an audit record is generated and stored in the audit log for your organization. In Basic Audit, audit records are retained and searchable in the audit log for 90 days. +When an audited activity is performed by a user or admin, an audit record is generated and stored in the audit log for your organization. In Audit (Standard), audit records are retained and searchable in the audit log for 90 days. -For a list of subscription and licensing requirements for Basic Audit, see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). +For a list of subscription and licensing requirements for Audit (Standard), see [Auditing solutions in Microsoft 365](auditing-solutions-overview.md#licensing-requirements). ## Step 2: Assign permissions to search the audit log The following screenshot shows the two audit-related roles assigned to the Organ ## Step 3: Search the audit log -Now you're ready to search the audit log in the Microsoft 365 compliance center. +Now you're ready to search the audit log in the Microsoft Purview compliance portal. 1. Go to <https://compliance.microsoft.com> and sign in using an account that has been assigned the appropriate audit permissions. -2. In the left navigation pane of the Microsoft 365 compliance center, click Show all and then click Audit. +2. In the left navigation pane of the compliance portal, click Show all and then click Audit. 3. On the Audit page, configure the search using the following conditions on the Search tab.
compliance	Set Up Compliance Boundaries	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-compliance-boundaries.md	# Set up compliance boundaries for eDiscovery investigations -The guidance in this article can be applied when using either Core eDiscovery or Advanced eDiscovery to manage investigations. +The guidance in this article can be applied when using either Microsoft Purview eDiscovery (Standard) or Microsoft Purview eDiscovery (Premium) to manage investigations. Compliance boundaries create logical boundaries within an organization that control the user content locations (such as mailboxes, OneDrive accounts, and SharePoint sites) that eDiscovery managers can search. Also, compliance boundaries control who can access eDiscovery cases used to manage the legal, human resources, or other investigations within your organization. The need for compliance boundaries is often necessary for multi-national corporations that have to respect geographical boarders and regulations and for governments, which are often divided into different agencies. In Microsoft 365, compliance boundaries help you meet these requirements when performing content searches and managing investigations with eDiscovery cases. In this example, Contoso LTD is an organization that consists of two subsidiarie - [Role groups](assign-ediscovery-permissions.md#rbac-roles-related-to-ediscovery) provide the following functions for compliance boundaries: - - Control who can see the eDiscovery cases in the Microsoft 365 compliance center. This means that eDiscovery managers and investigators can only see the eDiscovery cases in their agency. + - Control who can see the eDiscovery cases in the Microsoft Purview compliance portal. This means that eDiscovery managers and investigators can only see the eDiscovery cases in their agency. - Control who can assign members to an eDiscovery case. This means eDiscovery managers and investigators can only assign members to cases that they themselves are a member of. For a complete list, see the full list of supported [mailbox filters](/powershel ## Step 2: Create a role group for each agency -The next step is to create the role groups in the Microsoft 365 compliance center that will align with your agencies. We recommend that you create a role group by copying the built-in eDiscovery Managers group, adding the appropriate members, and removing roles that may not be applicable to your needs. For more information about eDiscovery-related roles, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +The next step is to create the role groups in the compliance portal that will align with your agencies. We recommend that you create a role group by copying the built-in eDiscovery Managers group, adding the appropriate members, and removing roles that may not be applicable to your needs. For more information about eDiscovery-related roles, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). -To create the role groups, go to the Permissions page in the Microsoft 365 compliance center and create a role group for each team in each agency that will use compliance boundaries and eDiscovery cases to manage investigations. +To create the role groups, go to the Permissions page in the compliance portal and create a role group for each team in each agency that will use compliance boundaries and eDiscovery cases to manage investigations. Using the Contoso compliance boundaries scenario, four role groups need to be created and the appropriate members added to each one. Here's how the search permission filters are applied for each agency in this sce ## Step 4: Create an eDiscovery case for intra-agency investigations -The final step is to create a Core eDiscovery case or Advanced eDiscovery case in the Microsoft 365 compliance center and then add the role group that you created in Step 2 as a member of the case. This results in two important characteristics of using compliance boundaries: +The final step is to create a eDiscovery (Standard) case or eDiscovery (Premium) case in the compliance portal and then add the role group that you created in Step 2 as a member of the case. This results in two important characteristics of using compliance boundaries: -- Only members of the role group added to the case will be able to see and access the case in the Microsoft 365 compliance center. For example, if the Fourth Coffee Investigators role group is the only member of a case, then members of the Fourth Coffee eDiscovery Managers role group (or members of any other role group) won't be able to see or access the case. +- Only members of the role group added to the case will be able to see and access the case in the compliance portal. For example, if the Fourth Coffee Investigators role group is the only member of a case, then members of the Fourth Coffee eDiscovery Managers role group (or members of any other role group) won't be able to see or access the case. - When a member of the role group assigned to a case runs a search associated with the case, they will only be able to search the content locations within their agency (which is defined by the search permissions filter that you created in Step 3.) To create a case and assign members: -1. Go to the Core eDiscovery or Advanced eDiscovery page in the Microsoft 365 compliance center and create a case. +1. Go to the eDiscovery (Standard) or eDiscovery (Premium) page in the compliance portal and create a case. 2. In the list of cases, click the name of the case you created. 3. Add role groups as members to the case. For instructions, see the one of the following articles: - - [Add members to a Core eDiscovery case](get-started-core-ediscovery.md#step-4-optional-add-members-to-a-core-ediscovery-case) + - [Add members to a eDiscovery (Standard) case](get-started-core-ediscovery.md#step-4-optional-add-members-to-a-ediscovery-standard-case) - - [Add members to an Advanced eDiscovery case](add-or-remove-members-from-a-case-in-advanced-ediscovery.md) + - [Add members to an eDiscovery (Premium) case](add-or-remove-members-from-a-case-in-advanced-ediscovery.md) > [!NOTE] > When adding a role group to a case, you can only add the role groups that you are a member of. Search permissions filters also let you control where content is routed for expo To simplify the concept, the Region parameter controls the datacenter that is used to search for content in SharePoint and OneDrive. This doesn't apply to searching for content in Exchange because Exchange content searches aren't bound by the geographic location of datacenters. Also, the same Region parameter value may also dictate the datacenter that exports are routed through. This is often necessary to control the movement of data across geographic boarders. > [!NOTE] -> If you're using Advanced eDiscovery, the Region parameter doesn't control the region that data is exported from. Data is exported from the organization's central location. Also, searching for content in SharePoint and OneDrive isn't bound by the geographic location of datacenters. All datacenters are searched. For more information about Advanced eDiscovery, see [Overview of the Advanced eDiscovery solution in Microsoft 365](overview-ediscovery-20.md). +> If you're using eDiscovery (Premium), the Region parameter doesn't control the region that data is exported from. Data is exported from the organization's central location. Also, searching for content in SharePoint and OneDrive isn't bound by the geographic location of datacenters. All datacenters are searched. For more information about eDiscovery (Premium), see [Overview of the eDiscovery (Premium) solution in Microsoft 365](overview-ediscovery-20.md). Here are examples of using the Region parameter when creating search permission filters for compliance boundaries. This assumes that the Fourth Coffee subsidiary is located in North America and that Coho Winery is in Europe. Keep the following things in mind when searching and exporting content in multi- - When searching for content in SharePoint and OneDrive, the Region parameter directs searches to either the primary or satellite location where the eDiscovery manager will conduct eDiscovery investigations. If an eDiscovery manager searches SharePoint and OneDrive sites outside of the region that's specified in the search permissions filter, no search results are returned. -- When exporting search results from Core eDiscovery, content from all content locations (including Exchange, Skype for Business, SharePoint, OneDrive, and other services that you can search by using the Content Search tool) are uploaded to the Azure Storage location in the datacenter that's specified by the Region parameter. This helps organizations stay within compliance by not allowing content to be exported across controlled borders. If no region is specified in the search permissions filter, content is uploaded to the organization's primary datacenter. +- When exporting search results from eDiscovery (Standard), content from all content locations (including Exchange, Skype for Business, SharePoint, OneDrive, and other services that you can search by using the Content Search tool) are uploaded to the Azure Storage location in the datacenter that's specified by the Region parameter. This helps organizations stay within compliance by not allowing content to be exported across controlled borders. If no region is specified in the search permissions filter, content is uploaded to the organization's primary datacenter. - When exporting content from Advanced eDiscovery, you can't control where content is uploaded by using the Region parameter. Content is uploaded to an Azure Storage location in a datacenter in your organization's central location. For a list of geo locations based on your central location, see [Microsoft 365 Multi-Geo eDiscovery configuration](../enterprise/multi-geo-ediscovery-configuration.md). + When exporting content from eDiscovery (Premium), you can't control where content is uploaded by using the Region parameter. Content is uploaded to an Azure Storage location in a datacenter in your organization's central location. For a list of geo locations based on your central location, see [Microsoft 365 Multi-Geo eDiscovery configuration](../enterprise/multi-geo-ediscovery-configuration.md). - You can edit an existing search permissions filter to add or change the region by running the following command: Keep the following limitations in mind when managing eDiscovery cases and invest Who can create and manage search permissions filters (using New-ComplianceSecurityFilter and Set-ComplianceSecurityFilter cmdlets)? -To create, view, and modify search permissions filters, you have to be a member of the Organization Management role group in the Microsoft 365 compliance center. +To create, view, and modify search permissions filters, you have to be a member of the Organization Management role group in the compliance portal. If an eDiscovery manager is assigned to more than one role group that spans multiple agencies, how do they search for content in one agency or the other? It takes up to three days for a search permissions filter to enforce the complia Can an eDiscovery manager see content from two separate compliance boundaries? -Yes, this can be done when searching Exchange mailboxes by adding the eDiscovery manager to role groups that have visibility to both agencies. However when searching SharePoint sites and OneDrive accounts, an eDiscovery manager can search for content in different compliance boundaries only if the agencies are in the same region or geo location. Note: This limitation for sites doesn't apply in Advanced eDiscovery because searching for content in SharePoint and OneDrive isn't bound by geographic location. +Yes, this can be done when searching Exchange mailboxes by adding the eDiscovery manager to role groups that have visibility to both agencies. However when searching SharePoint sites and OneDrive accounts, an eDiscovery manager can search for content in different compliance boundaries only if the agencies are in the same region or geo location. Note: This limitation for sites doesn't apply in eDiscovery (Premium) because searching for content in SharePoint and OneDrive isn't bound by geographic location. Do search permissions filters work for eDiscovery case holds, Microsoft 365 retention policies, or DLP?
compliance	Set Up Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-encryption.md	description: "With Office 365, some encryption capabilities are turned on by def # Set up encryption in Office 365 Enterprise + Encryption can protect your content from being read by unauthorized users. Because [encryption in Office 365](encryption.md) can be done using various technologies and methods, there isn't one single place where you turn on or set up encryption. This article provides information about various ways you can set up or configure encryption as part of your information protection strategy. > [!TIP] With Office 365, several encryption capabilities are available by default. Addit \|\|\| \|Files are saved on Windows computers\|Encryption at the computer level can be done using BitLocker on Windows devices. As an enterprise administrator or IT Pro, you can set this up using the Microsoft Deployment Toolkit (MDT). See [Set up MDT for BitLocker](/windows/deployment/deploy-windows-mdt/set-up-mdt-for-bitlocker).\| \|Files are saved on mobile devices\|Some kinds of mobile devices encrypt files that are saved to those devices by default. With [Capabilities of built-in Mobile Device Management for Office 365](https://support.microsoft.com/office/capabilities-of-built-in-mobile-device-management-for-microsoft-365-a1da44e5-7475-4992-be91-9ccec25905b0), you can set policies that determine whether to allow mobile devices to access data in Office 365. For example, you can set a policy that allows only devices that encrypt content to access Office 365 data. See [Create and deploy device security policies](https://support.microsoft.com/office/create-and-deploy-device-security-policies-d310f556-8bfb-497b-9bd7-fe3c36ea2fd6). <p> For additional control over how mobile devices interact with Office 365, you can consider adding [Microsoft Intune](/mem/intune/fundamentals/setup-steps).\| -\|You need control over the encryption keys used to encrypt your data in Microsoft's data centers\|As an Office 365 administrator, you can control your organization's encryption keys and then configure Office 365 to use them to encrypt your data at rest in Microsoft's data centers. <p> [Service encryption with Customer Key in Office 365](customer-key-overview.md)\| +\|You need control over the encryption keys used to encrypt your data in Microsoft's data centers\|As an Office 365 administrator, you can control your organization's encryption keys and then configure Office 365 to use them to encrypt your data at rest in Microsoft's data centers. <p> [Service encryption with Microsoft Purview Customer Key](customer-key-overview.md)\| \|People are communicating via email (Exchange Online)\|As an Exchange Online administrator, you have several options for configuring email encryption. These include: <ul><li>Using [Office 365 message encryption (OME)](set-up-new-message-encryption-capabilities.md) with Azure Rights Management (Azure RMS) to enable people to send encrypted messages inside or outside your organization</li><li>Using [S/MIME](/exchange/security-and-compliance/smime-exo/smime-exo) to encrypt and digitally sign email messages</li><li>Using TLS to [set up connectors for secure mail flow with another organization](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner)</li></ul> <p> See [Email encryption in Office 365](./email-encryption.md).\| \|Files are accessed from team sites or document libraries (OneDrive for Business or SharePoint Online)\|When people are working with files saved to OneDrive for Business or SharePoint Online, TLS connections are used. This is built into Office 365 automatically. See [Data Encryption in OneDrive for Business and SharePoint Online](./data-encryption-in-odb-and-spo.md).\| \|Files are shared in online meetings and IM conversations (Skype for Business Online)\|When people are working with files using Skype for Business Online, TLS is used for the connection. This is built into Office 365 automatically. See [Security and Archiving (Skype for Business Online)](/office365/servicedescriptions/skype-for-business-online-service-description/skype-for-business-online-features).\|
compliance	Set Up Irm In Sp Admin Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-irm-in-sp-admin-center.md	# Set up Information Rights Management (IRM) in SharePoint admin center + Within SharePoint Online, IRM protection is applied to files at the list and library level. Before your organization can use IRM protection, you must first set up Rights Management. IRM relies on the Azure Rights Management service from Azure Information Protection to encrypt and assign usage restrictions. Some Microsoft 365 plans include Azure Rights Management, but not all. To learn more, read [How Office applications and services support Azure Rights Management](/azure/information-protection/understand-explore/office-apps-services-support). ## Turn on IRM service using SharePoint admin center Once you've enabled IRM for SharePoint Online, you can start applying rights man The new OneDrive sync client for Windows now supports synchronizing IRM-protected SharePoint document libraries and OneDrive locations (as long as the IRM setting for the library isn't set to expire document access rights). For more information, or to get started deploying the new sync client, see [Deploy the new OneDrive sync client for Windows](/onedrive/deploy-on-windows). -[Top of page](set-up-irm-in-sp-admin-center.md) +[Top of page](set-up-irm-in-sp-admin-center.md)
compliance	Set Up New Message Encryption Capabilities	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-new-message-encryption-capabilities.md	Title: "Set up new Message Encryption capabilities" + Title: "Set up Microsoft Purview Message Encryption" f1.keywords: - NOCSH Previously updated : 4/30/2019 Last updated : 4/16/2022 audience: ITPro ms.assetid: 7ff0c040-b25c-4378-9904-b1b50210d00e - Strat_O365_IP - M365-security-compliance -description: Learn about the new Office 365 Message Encryption capabilities that enable protected email communication with people inside and outside your organization. +description: Learn about Microsoft Purview Message Encryption that enables protected email communication with people inside and outside your organization. - seo-marvel-apr2020 - admindeeplinkMAC - admindeeplinkEXCHANGE -# Set up new Message Encryption capabilities +# Set up Message Encryption -The new Office 365 Message Encryption (OME) capabilities allow organizations to share protected email with anyone on any device. Users can exchange protected messages with other Microsoft 365 organizations, as well as non-customers using Outlook.com, Gmail, and other email services. -Follow the steps below to ensure that the new OME capabilities are available in your organization. +Microsoft Purview Message Encryption allows organizations to share protected email with anyone on any device. Users can exchange protected messages with other Microsoft 365 organizations, as well as third-parties using Outlook.com, Gmail, and other email services. + +Follow the steps below to ensure that Microsoft Purview Message Encryption is available in your organization. ## Verify that Azure Rights Management is active -The new OME capabilities leverage the protection features in [Azure Rights Management Services (Azure RMS)](/azure/information-protection/what-is-information-protection), the technology used by [Azure Information Protection](/azure/information-protection/what-is-azure-rms) to protect emails and documents via encryption and access controls. +Microsoft Purview Message Encryption leverages the protection features in [Azure Rights Management Services (Azure RMS)](/azure/information-protection/what-is-information-protection), the technology used by [Azure Information Protection](/azure/information-protection/what-is-azure-rms) to protect emails and documents via encryption and access controls. -The only prerequisite for using the new OME capabilities is that [Azure Rights Management](/azure/information-protection/what-is-azure-rms) must be activated in your organization's tenant. If it is, Microsoft 365 activates the new OME capabilities automatically and you don't need to do anything. +The only prerequisite for using Microsoft Purview Message Encryption is that [Azure Rights Management](/azure/information-protection/what-is-azure-rms) must be activated in your organization's tenant. If it is, Microsoft 365 activates message encryption automatically and you don't need to do anything. Azure RMS is also activated automatically for most eligible plans, so you probably don't have to do anything in this regard either. See [Activating Azure Rights Management](/azure/information-protection/activate-service) for more information. > [!IMPORTANT] -> If you use Active Directory Rights Management service (AD RMS) with Exchange Online, you need to [migrate to Azure Information Protection](/azure/information-protection/migrate-from-ad-rms-to-azure-rms) before you can use the new OME capabilities. OME is not compatible with AD RMS. +> If you use Active Directory Rights Management service (AD RMS) with Exchange Online, you need to [migrate to Azure Information Protection](/azure/information-protection/migrate-from-ad-rms-to-azure-rms) before you can use message encryption. Microsoft Purview Message Encryption is not compatible with AD RMS. For more information, see: -- [What subscriptions do I need to use the new OME capabilities?](ome-faq.yml#what-subscriptions-do-i-need-to-use-the-new-ome-capabilities-) to check whether your subscription plan includes Azure Information Protection (which includes Azure RMS functionality). +- [Message Encryption FAQ](ome-faq.yml) to check whether your subscription plan includes Azure Information Protection (which includes Azure RMS functionality). - [Azure Information Protection](https://azure.microsoft.com/services/information-protection/) for information about purchasing an eligible subscription. ### Manually activating Azure Rights Management If you disabled Azure RMS, or if it was not automatically activated for any reas This is an optional step. Allowing Microsoft to manage the root key for Azure Information Protection is the default setting and recommended best practice for most organizations. If this is the case, you don't need to do anything. -There are many reasons, for example compliance requirements, that may necessitate you generating and managing your own root key (also known as bring your own key (BYOK)). If this is the case, we recommend that you complete the required steps before setting up the new OME capabilities. See [Planning and implementing your Azure Information Protection tenant key](/information-protection/plan-design/plan-implement-tenant-key) for more. +There are many reasons, for example compliance requirements, that may necessitate you generating and managing your own root key (also known as bring your own key (BYOK)). If this is the case, we recommend that you complete the required steps before setting up Microsoft Purview Message Encryption. See [Planning and implementing your Azure Information Protection tenant key](/information-protection/plan-design/plan-implement-tenant-key) for more. -## Verify new OME configuration in Exchange Online PowerShell +## Verify Microsoft Purview Message Encryption configuration in Exchange Online PowerShell -You can verify that your Microsoft 365 tenant is properly configured to use the new OME capabilities in [Exchange Online PowerShell](/powershell/exchange/exchange-online-powershell). +You can verify that your Microsoft 365 tenant is properly configured to use Microsoft Purview Message Encryption in [Exchange Online PowerShell](/powershell/exchange/exchange-online-powershell). 1. [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) using an account with global administrator permissions in your Microsoft 365 tenant. 2. Run the Get-IRMConfiguration cmdlet. - You should see a value of $True for the AzureRMSLicensingEnabled parameter, which indicates that OME is configured in your tenant. If it is not, use Set-IRMConfiguration to set the value of AzureRMSLicensingEnabled to $True to enable OME. + You should see a value of $True for the AzureRMSLicensingEnabled parameter, which indicates that Microsoft Purview Message Encryption is configured in your tenant. If it is not, use Set-IRMConfiguration to set the value of AzureRMSLicensingEnabled to $True to enable Microsoft Purview Message Encryption. 3. Run the Test-IRMConfiguration cmdlet using the following syntax: You can verify that your Microsoft 365 tenant is properly configured to use the Remove-PSSession $session ``` -## Next steps: Define mail flow rules to use new OME capabilities +## Next steps: Define mail flow rules to use Microsoft Purview Message Encryption -If there are previously configured mail flow rules to encrypt email in your organization, you need to update the existing rules to use the new OME capabilities. For new deployments, you need to create new mail flow rules. +If there are previously configured mail flow rules to encrypt email in your organization, you need to update the existing rules to use Microsoft Purview Message Encryption. For new deployments, you need to create new mail flow rules. > [!IMPORTANT] -> If you do not update existing mail flow rules, your users will continue to receive encrypted mail that uses the previous HTML attachment format, instead of the new seamless OME experience. +> If you do not update existing mail flow rules, your users will continue to receive encrypted mail that uses the previous HTML attachment format, instead of the new seamless experience. Mail flow rules determine under what conditions email messages should be encrypted, as well as conditions for removing that encryption. When you set an action for a rule, any messages that match the rule conditions are encrypted when they're sent. -For steps on creating mail flow rules for OME, see [Define mail flow rules to encrypt email messages in Office 365](define-mail-flow-rules-to-encrypt-email.md). +For steps on creating mail flow rules message encryption, see [Define mail flow rules to encrypt email messages in Office 365](define-mail-flow-rules-to-encrypt-email.md). -To update existing rules to use the new OME capabilities: +To update existing rules to use Microsoft Purview Message Encryption: 1. In the Microsoft 365 admin center, go to Admin centers > <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange</a>. 2. In the Exchange admin center, go to Mail flow > Rules.
compliance	Single Item Error Remediation	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/single-item-error-remediation.md	search.appverid: - MET150 ms.assetid: -description: "You can fix a processing error in a document in a review set in Advanced eDiscovery without having to follow the bulk error remediation process." +description: "You can fix a processing error in a document in a review set in eDiscovery (Premium) without having to follow the bulk error remediation process." -# Single item error remediation in Advanced eDiscovery +# Single item error remediation in eDiscovery (Premium) -Error remediation gives Advanced eDiscovery users the ability to rectify data issues that prevent Advanced eDiscovery from properly processing the content. For example, files that are password protected can't be processed because those files are locked or encrypted. Previously, you could only remediate errors in bulk by using [this workflow](error-remediation-when-processing-data-in-advanced-ediscovery.md). But sometimes, it doesn't make sense to remediate errors in multiple files when youΓÇÖre unsure if any of those files are responsive to the case youΓÇÖre investigating. It also might not make sense to remediate errors before youΓÇÖve had a chance to review the file metadata (such as file location or who had access) to help you make up-front decisions about responsiveness. A new feature called single item error remediation gives eDiscovery managers the ability to view the metadata of files with a processing error and if necessary remediate the error directly in the review set. The article discusses how to identify, ignore, and remediate files with processing errors in a review set. +Error remediation gives Microsoft Purview eDiscovery (Premium) users the ability to rectify data issues that prevent eDiscovery (Premium) from properly processing the content. For example, files that are password protected can't be processed because those files are locked or encrypted. Previously, you could only remediate errors in bulk by using [this workflow](error-remediation-when-processing-data-in-advanced-ediscovery.md). But sometimes, it doesn't make sense to remediate errors in multiple files when youΓÇÖre unsure if any of those files are responsive to the case youΓÇÖre investigating. It also might not make sense to remediate errors before youΓÇÖve had a chance to review the file metadata (such as file location or who had access) to help you make up-front decisions about responsiveness. A new feature called single item error remediation gives eDiscovery managers the ability to view the metadata of files with a processing error and if necessary remediate the error directly in the review set. The article discusses how to identify, ignore, and remediate files with processing errors in a review set. ## Identify documents with errors
compliance	Sit Common Scenarios	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-common-scenarios.md	# Common usage scenarios for sensitive information types + This article describes how to implement some common sensitive information type (SIT) use case scenarios. You can use these procedures as examples and adapt them to your specific needs. ## Protect credit card numbers Contoso Bank needs to classify the credit card numbers that they issue as sensit ## Test numbers similar to Social Security numbers -Contoso has identified a few nine-digit test numbers that trigger false positive matches in the Social Security Number (SSN) data loss prevention (DLP) policy. They would like to exclude these numbers from the list of valid matches for SSN. +Contoso has identified a few nine-digit test numbers that trigger false positive matches in the Social Security Number (SSN) Microsoft Purview data loss prevention (DLP) policy. They would like to exclude these numbers from the list of valid matches for SSN. Suggested solution
compliance	Sit Custom Sit Filters	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-custom-sit-filters.md	Title: "Custom Sensitive Information Type Filters Reference" + Title: "Custom sensitive information type filters reference" f1.keywords: - NOCSH description: "This article presents a list of the filters that can be encoded in # Custom sensitive information type filters reference + In Microsoft you can define filters or other checks while creating a custom sensitive information types (SIT). ## List of supported filters and use cases The filters will be applied on all the instances classified by any of the pa ## More information -- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
compliance	Sit Edm Notifications Activities	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-edm-notifications-activities.md	# Create notifications for exact data match activities + When you [create custom sensitive information types with exact data match (EDM)](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types), there are a number of activities that are created in the [audit log](search-the-audit-log-in-security-and-compliance.md#before-you-search-the-audit-log). You can use the [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert) PowerShell cmdlet to create notifications that let you know when these activities occur: - CreateSchema To learn more about DLP licensing, see [Microsoft 365 licensing guidance for sec ## Related articles - [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types)-- [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert) +- [New-ProtectionAlert](/powershell/module/exchange/new-protectionalert)
compliance	Sit Functions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-functions.md	description: Learn what the sensitive information type functions look for. # Sensitive information type functions + Sensitive information types (SIT) can use functions as primary elements to identify sensitive items. For example, the Credit Card Number sensitive information type uses the Func_credit_card function to detect credit card number. This article explains what these functions look for, to help you understand how the predefined sensitive information types work. For more information, see [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
compliance	Sit Get Started Exact Data Match Based Sits Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-based-sits-overview.md	# Get started with exact data match based sensitive information types -Creating and making an exact data match (EDM) based sensitive information type (SIT) available is a multi-phase process. They can be used in data loss prevention policies, eDiscovery and certain content governance tasks This article outlines the workflow and links to the procedures for each of the phases + +Creating and making an exact data match (EDM) based sensitive information type (SIT) available is a multi-phase process. They can be used in Microsoft Purview data loss prevention policies, eDiscovery and certain content governance tasks This article outlines the workflow and links to the procedures for each of the phases ## Before you begin See the [data loss prevention service description](/office365/servicedescription \|\|\|\|\| \|Office SCC\|compliance.microsoft.com\|scc.office365.us\|scc.protection.apps.mil\| \|Microsoft 365 Defender portal\|security.microsoft.com\|security.microsoft.us\|security.apps.mil\| -\|Microsoft 365 Compliance center\|compliance.microsoft.com\|compliance.microsoft.us\|compliance.apps.mil\| +\|Microsoft Purview compliance portal\|compliance.microsoft.com\|compliance.microsoft.us\|compliance.apps.mil\| ## The work flow at a glance See the [data loss prevention service description](/office365/servicedescription \|[Phase 1: Export source data for exact data match based sensitive information type](sit-get-started-exact-data-match-export-data.md#export-source-data-for-exact-data-match-based-sensitive-information-type)\|- Read access to the sensitive data\| \|[Phase 2: Create the schema for exact data match based sensitive information types](sit-get-started-exact-data-match-create-schema.md#create-the-schema-for-exact-data-match-based-sensitive-information-types)\|- Access to the sensitive information type wizard in the Microsoft 365 admin center </br>- access to [Microsoft 365 admin center via Security & Compliance PowerShell](/powershell/exchange/connect-to-scc-powershell) \| \|[Phase 3: Hash and upload the sensitive information source table for exact data match sensitive information types](sit-get-started-exact-data-match-hash-upload.md#hash-and-upload-the-sensitive-information-source-table-for-exact-data-match-sensitive-information-types)\|- Custom security group and user account </br>- Hash and upload from one computer: local admin access to a computer with direct internet access and to host the EDM Upload Agent </br>- Hash and upload from separate computers: local admin access to a computer with direct internet access and host the EDM Upload Agent for the upload and local admin access to a secure computer to host the EDM Upload Agent to hash the sensitive information source table </br>- Read access to the sensitive information source table file </br> the schema file \| -\|[Phase 4: Create exact data match sensitive information type/rule package](sit-get-started-exact-data-match-create-rule-package.md#create-exact-data-match-sensitive-information-typerule-package) \|- Access to the Microsoft 365 Compliance Center \| -\|[Test an exact data match sensitive information type](sit-get-started-exact-data-match-test.md#test-an-exact-data-match-sensitive-information-type)\| - Access to the Microsoft 365 Compliance Center +\|[Phase 4: Create exact data match sensitive information type/rule package](sit-get-started-exact-data-match-create-rule-package.md#create-exact-data-match-sensitive-information-typerule-package) \|- Access to the Microsoft Purview compliance portal \| +\|[Test an exact data match sensitive information type](sit-get-started-exact-data-match-test.md#test-an-exact-data-match-sensitive-information-type)\| - Access to the Microsoft Purview compliance portal ## See also
compliance	Sit Get Started Exact Data Match Create Rule Package	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package.md	# Create exact data match sensitive information type/rule package + You can create an exact data match (EDM) sensitive information type (SIT) by using the [the EDM schema and SIT wizard](#use-the-edm-schema-and-sit-wizard) in the Compliance center or create the rule package XML file [manually](#create-a-rule-package-manually). You can also combine both by using one method to create the schema and later edit it using the other method. If you are not familiar with EDM based SITS or their implementation, you should familiarize yourself with: See [Sensitive information type entity definitions](sensitive-information-type-e ### Use the exact data match schema and sensitive information type pattern wizard -1. In the Microsoft 365 Compliance center for your tenant go to Data classification > Exact data matches. +1. In the Microsoft Purview compliance portal for your tenant go to Data classification > Exact data matches. 2. Choose EDM sensitive info types and Create EDM sensitive info type to open the sensitive info type configuration wizard. See [Sensitive information type entity definitions](sensitive-information-type-e ## Create a rule package manually -This procedure shows you how to create a file in XML format called a rule package (with Unicode encoding), and then upload it into Microsoft 365 using Compliance center PowerShell cmdlets. +This procedure shows you how to create a file in XML format called a rule package (with Unicode encoding), and then upload it into Microsoft Purview using Compliance center PowerShell cmdlets. > [!NOTE] > If the SIT that you map to can detect multi-word corroborative evidence, the secondary elements you define in a manually created rule package can be mapped to the SIT. For example, the name `John Smith` would not match as a secondary element because we'd compare `John` and `Smith` found in the content separately to the term `John Smith` uploaded in one of the fields, if that corroborative evidence field wasn't mapped to a SIT that can detect that pattern.
compliance	Sit Get Started Exact Data Match Create Schema	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-create-schema.md	# Create the schema for exact data match based sensitive information types + You can create the schema and EDM SIT by using the [Use the exact data match schema and sensitive information type pattern wizard](#use-the-exact-data-match-schema-and-sensitive-information-type-pattern-wizard) or [manually](#create-exact-data-match-schema-manually-and-upload). You can also combine both by using one method to create the schema and later edit it using the other method. If you are not familiar with EDM-based SITS or their implementation, you should familiarize yourself with: You can use this wizard to help simplify the schema file creation process. ## Use the exact data match schema and sensitive information type pattern wizard -1. In the Microsoft 365 Compliance center for your tenant go to Data classification > Exact data matches > EDM schemas. +1. In the Microsoft Purview compliance portal for your tenant go to Data classification > Exact data matches > EDM schemas. 2. Choose Create EDM schema to open the schema wizard configuration flyout. The `ignoredDelimiters` flag doesn't support: ## Next step -- [Hash and upload the sensitive information source table for exact data match sensitive information types](sit-get-started-exact-data-match-hash-upload.md#hash-and-upload-the-sensitive-information-source-table-for-exact-data-match-sensitive-information-types) +- [Hash and upload the sensitive information source table for exact data match sensitive information types](sit-get-started-exact-data-match-hash-upload.md#hash-and-upload-the-sensitive-information-source-table-for-exact-data-match-sensitive-information-types)
compliance	Sit Get Started Exact Data Match Export Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-export-data.md	# Export source data for exact data match based sensitive information type + The sensitive data table is a text file containing rows of values against which you will be comparing content in your documents to identify sensitive data. These values might be personally identifiable information, product records, or other sensitive data in text form that you want to detect in content and take protective actions on.
compliance	Sit Get Started Exact Data Match Hash Upload	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-hash-upload.md	# Hash and upload the sensitive information source table for exact data match sensitive information types + This article shows you how to hash and upload your sensitive information source table. ## Hash and upload the sensitive information source table
compliance	Sit Get Started Exact Data Match Test	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-test.md	# Test an exact data match sensitive information type + After your exact data match (EDM) sensitive information type (SIT) has been created and an hour after verifying that your sensitive information table has finished uploading and indexing, you can test that it detects the information you want to detect by using the test function in the sensitive information types section in the Compliance center. >[!NOTE:] Test-DataClassification -ClassificationNames ΓÇ£[Your EDM sensitive info type] To force re-crawling of existing content in a SharePoint site or library or in OneDrive, follow the instructions in [Manually request crawling and reindexing of a site, a library or a list](/sharepoint/crawl-site-content). -## Test your EDM SIT in MIP policies +## Test your EDM SIT with information protection policies You can see where your EDM SIT is being used and how accurate it is in production by using them in policies: You can see where your EDM SIT is being used and how accurate it is in productio 1. Tune your policies as appropriate. -Once you're satisfied with the results of your testing and tuning, your EDM based custom SIT is ready for use in Information Protection policies, like: +Once you're satisfied with the results of your testing and tuning, your EDM based custom SIT is ready for use in information protection policies, like: - [DLP policies](create-test-tune-dlp-policy.md#create-test-and-tune-a-dlp-policy) - [Auto-labeling policies](apply-sensitivity-label-automatically.md#how-to-configure-auto-labeling-for-office-apps) If you don't find any matches, here are some troubleshooting tips. \|SIT test function doesn't detect any matches at all. \| Check if the SIT you selected includes requirements for additional keywords or other validations. For the built-in SITs, see [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md#sensitive-information-type-entity-definitions) to verify what the minimum requirements are for matching each type. \| \|The Test functionality works but your SharePoint or OneDrive items aren't being detected in DLP or auto-labeling rules \| Check if the documents you would expect to match show up in Content Explorer. If they aren't there, remember that only content created after the changes to the sensitive information type will show as matches. You have to recrawl the sites and libraries for pre-existing items to show up. See [Manually request crawling and reindexing of a site, a library or a list](/sharepoint/crawl-site-content) for details on recrawling SharePoint and OneDrive. \| \|DLP or auto-labeling rules that require multiple matches don't trigger \|Check that the proximity requirements for both your EDM type and the base sensitive information types are met. For example, if the maximum distance of between the primary element and supporting keywords is 300 characters, but the keywords are only present in the first row of a long table, only the first few rows of matching values are likely to meet the proximity requirements. Modify your SIT definitions to support more relaxed proximity rules or use the anywhere in the document option for the additional evidence conditions. \| -\|Detection of an EDM type is inconsistent or erratic \|Check that the sensitive information type you used as the base for the primary element in your EDM type isn't detecting unnecessary content. Using a SIT that matches too much unrelated content, like any word, any number, or all email addresses, might cause the service to saturate and ignore relevant matches. Check the number of content pieces that match the sensitive type you used for your primary elements in content explorer. </br> To estimate if the SIT is matching too much content: </br> - Dividing the number of content items in Content Explorer by the number of days since the sensitive type was created. </br> - If the number of matches per day is in the range of hundreds of thousands or millions, it's possible that the primary SIT is too broad. See [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types) for recommendations and best practices on selecting the right sensitive information type for an EDM type. \| +\|Detection of an EDM type is inconsistent or erratic \|Check that the sensitive information type you used as the base for the primary element in your EDM type isn't detecting unnecessary content. Using a SIT that matches too much unrelated content, like any word, any number, or all email addresses, might cause the service to saturate and ignore relevant matches. Check the number of content pieces that match the sensitive type you used for your primary elements in content explorer. </br> To estimate if the SIT is matching too much content: </br> - Dividing the number of content items in Content Explorer by the number of days since the sensitive type was created. </br> - If the number of matches per day is in the range of hundreds of thousands or millions, it's possible that the primary SIT is too broad. See [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types) for recommendations and best practices on selecting the right sensitive information type for an EDM type. \|
compliance	Sit Learn About Exact Data Match Based Sits	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits.md	# Learn about exact data match based sensitive information types -[Sensitive information types](sensitive-information-type-learn-about.md) are used to help identify sensitive items so that you can prevent them from being inadvertently or inappropriately shared, to help in locating relevant data in eDiscovery, and to apply governance actions to certain types of information. You define a custom sensitive information type (SIT) based on: + +[Sensitive information types](sensitive-information-type-learn-about.md)┬áare used to help identify sensitive items so that you can prevent them from being inadvertently or inappropriately shared, to help in locating relevant data in eDiscovery, and to apply governance actions to certain types of information. You define a custom sensitive information type (SIT) based on: - patterns - keyword evidence such as employee, social security number, or ID But what if you wanted a custom sensitive information type (SIT) that uses exact ![EDM-based classification.](../media/EDMClassification.png) -EDM-based classification enables you to create custom sensitive information types that refer to exact values in a database of sensitive information. The database can be refreshed daily, and contain up to 100 million rows of data. So as employees, patients, or clients come and go, and records change, your custom sensitive information types remain current and applicable. And, you can use EDM-based classification with policies, such as [data loss prevention policies](dlp-learn-about-dlp.md) or [Microsoft Cloud App Security file policies](/cloud-app-security/data-protection-policies). +EDM-based classification enables you to create custom sensitive information types that refer to exact values in a database of sensitive information. The database can be refreshed daily, and contain up to 100 million rows of data. So as employees, patients, or clients come and go, and records change, your custom sensitive information types remain current and applicable. And, you can use EDM-based classification with policies, such as┬á[Microsoft Purview data loss prevention policies](dlp-learn-about-dlp.md) or┬á[Microsoft Cloud App Security file policies](/cloud-app-security/data-protection-policies). > [!NOTE] -> Microsoft 365 Information Protection supports double byte character set languages for: +> Microsoft Purview Information Protection supports double byte character set languages for: > > - Chinese (simplified) > - Chinese (traditional) Proximity - Number of characters between primary and supporting element ### You supply your own schema and data -[Microsoft 365 comes with more than 200 SITS](sensitive-information-type-entity-definitions.md) with predefined schemas, regex patterns, keywords and confidence levels. With EDM SITs, you are responsible for defining the schema as well as primary and secondary fields that identify sensitive items. Because the schema and primary and secondary data values are highly sensitive, you'll be encrypting them via a [hash](/dotnet/standard/security/ensuring-data-integrity-with-hash-codes) function that includes a randomly generated or self-supplied [salt](https://en.wikipedia.org/wiki/Salt_(cryptography)#:~:text=The%20salt%20value%20is%20generated%20at%20random%20and,the%20salt%20value%20and%20hashed%20value%20are%20stored.) value. Those hashed values are then uploaded to the service, so your sensitive data is never in the open. +[Microsoft Purview comes with more than 200 SITS](sensitive-information-type-entity-definitions.md) with predefined schemas, regex patterns, keywords and confidence levels. With EDM SITs, you are responsible for defining the schema as well as primary and secondary fields that identify sensitive items. Because the schema and primary and secondary data values are highly sensitive, you'll be encrypting them via a [hash](/dotnet/standard/security/ensuring-data-integrity-with-hash-codes) function that includes a randomly generated or self-supplied [salt](https://en.wikipedia.org/wiki/Salt_(cryptography)#:~:text=The%20salt%20value%20is%20generated%20at%20random%20and,the%20salt%20value%20and%20hashed%20value%20are%20stored.) value. Those hashed values are then uploaded to the service, so your sensitive data is never in the open. ### Primary and secondary support elements
compliance	Sit Manage Custom Sits Compliance Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-manage-custom-sits-compliance-center.md	Title: "Manage custom sensitive information types in Compliance Center" + Title: "Manage custom sensitive information types in compliance center" f1.keywords: - NOCSH # Manage custom sensitive information types in the Compliance center + This article walks you through the steps to modify and remove an existing custom sensitive information type in the Compliance center. ## Modify custom sensitive information types in the Compliance Center
compliance	Sit Modify A Custom Sensitive Information Type In Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-modify-a-custom-sensitive-information-type-in-powershell.md	description: "Learn how to modify a custom sensitive information using PowerShel # Modify a custom sensitive information type using PowerShell + In Compliance center PowerShell, modifying a custom sensitive information type requires you to: 1. Export the existing rule package that contains the custom sensitive information type to an XML file (or use the existing XML file if you have it). For detailed syntax and parameter information, see [Set-DlpSensitiveInformationT ## More information -- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) - [Sensitive information type functions](sit-functions.md)
compliance	Sit Modify Edm Schema Configurable Match	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-modify-edm-schema-configurable-match.md	# Modify Exact Data Match schema to use configurable match -Exact Data Match (EDM) based classification enables you to create custom sensitive information types that refer to exact values in a database of sensitive information. When you need to allow for variants of a exact string, you can use configurable match to tell Microsoft 365 to ignore case and some delimiters. + +Exact Data Match (EDM) based classification enables you to create custom sensitive information types that refer to exact values in a database of sensitive information. When you need to allow for variants of a exact string, you can use configurable match to tell Microsoft Purview to ignore case and some delimiters. > [!IMPORTANT] > Use this procedure to modify an existing EDM schema and data file. Exact Data Match (EDM) based classification enables you to create custom sensiti - [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types) - [Sensitive information type-entity definitions](sensitive-information-type-entity-definitions.md) - [Custom sensitive information types](./sensitive-information-type-learn-about.md)-- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Microsoft Defender for Cloud Apps](/cloud-app-security) - [New-DlpEdmSchema](/powershell/module/exchange/new-dlpedmschema)
compliance	Sit Modify Keyword Dictionary	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-modify-keyword-dictionary.md	search.appverid: - MET150 - seo-marvel-apr2020 -description: "Learn how to modify a keyword dictionary in the Microsoft 365 Compliance Center." +description: "Learn how to modify a keyword dictionary in the Microsoft Purview compliance portal." # Modify a keyword dictionary + You might need to modify keywords in one of your keyword dictionaries, or modify one of the built-in dictionaries. You can do this through PowerShell or through the Compliance center. ## Modify a keyword dictionary in Compliance center
compliance	Sit Regex Validators Additional Checks	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-regex-validators-additional-checks.md	# Sensitive information type REGEX validators and additional check + > [!IMPORTANT] > Microsoft Customer Service & Support can't assist with creating custom classifications or regular expression patterns. Support engineers can provide limited support for the feature, such as, providing sample regular expression patterns for testing purposes, or assisting with troubleshooting an existing regular expression pattern that's not triggering as expected, but can't provide assurances that any custom content-matching development will fulfill your requirements or obligations.
compliance	Sit Remove A Custom Sensitive Information Type In Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-remove-a-custom-sensitive-information-type-in-powershell.md	description: "Learn how to remove a custom sensitive information type using Powe # Remove a custom sensitive information type using PowerShell + In Compliance center PowerShell, there are two methods to remove custom sensitive information types: - Remove individual custom sensitive information types: Use the method documented in [Modify a custom sensitive information type using PowerShell](sit-modify-a-custom-sensitive-information-type-in-powershell.md#modify-a-custom-sensitive-information-type-using-powershell). You export the custom rule package that contains the custom sensitive information type, remove the sensitive information type from the XML file, and import the updated XML file back into the existing custom rule package. In Compliance center PowerShell, there are two methods to remove custom sensitiv ## More information -- [Learn about data loss prevention](dlp-learn-about-dlp.md) +- [Learn about Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md) - [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md)
compliance	Sit Use Exact Data Manage Schema	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-use-exact-data-manage-schema.md	# Manage your exact data match schema + ## Editing the schema for EDM-based classification manually If you want to make changes to your EDM schema, for example the edm.xml file, such as changing which fields are used for EDM-based classification, follow these steps:
compliance	Sit Use Exact Data Refresh Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-use-exact-data-refresh-data.md	Title: "Refresh your exact data matchsensitive information source table file" + Title: "Refresh your exact data match sensitive information source table file" f1.keywords: - NOCSH # Refresh your exact data match sensitive information source table file + You can refresh your sensitive information database up to 5 times in every 24 hour period. You'll have to rehash and upload your sensitive information source table. 1. Re-export the sensitive data to an app, such as Microsoft Excel, and save the file in .csv, .tsv format or pipe (\|) delimited format. Keep the same file name and location you used when you previously hashed and uploaded the file. See, [Export source data for exact data match based sensitive information type](sit-get-started-exact-data-match-export-data.md#export-source-data-for-exact-data-match-based-sensitive-information-type) for details on exporting your sensitive data and getting it into the correct format.
compliance	Smart Tags	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/smart-tags.md	Title: "Set up smart tags in Advanced eDiscovery" + Title: "Set up smart tags in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: -description: "Smart tags let you apply the machine learning capabilities when reviewing content in an Advanced eDiscovery case. Use smart tag groups to display the results of machine learning detection models, such as the attorney-client privilege model." +description: "Smart tags let you apply the machine learning capabilities when reviewing content in an eDiscovery (Premium) case. Use smart tag groups to display the results of machine learning detection models, such as the attorney-client privilege model." -# Set up smart tags in Advanced eDiscovery +# Set up smart tags in eDiscovery (Premium) -Machine learning (ML) capabilities in Advanced eDiscovery can help you make the decision process more efficient when reviewing case documents in a review set. Smart tags are a way to bring the ML capabilities to where the decisions are recorded: when tagging documents during review. When you create a smart tag group, then the decisions that are the result of the ML model that you've associated with the smart tag group are displayed in-line with the tags in the tag group. This helps see the ML results information in-line when you're reviewing specific documents. +Machine learning (ML) capabilities in Microsoft Purview eDiscovery (Premium) can help you make the decision process more efficient when reviewing case documents in a review set. Smart tags are a way to bring the ML capabilities to where the decisions are recorded: when tagging documents during review. When you create a smart tag group, then the decisions that are the result of the ML model that you've associated with the smart tag group are displayed in-line with the tags in the tag group. This helps see the ML results information in-line when you're reviewing specific documents. ## How to set up a smart tag group
compliance	Sp Compatible Pdf Readers For Irm	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sp-compatible-pdf-readers-for-irm.md	Title: "SharePoint-Compatible PDF readers that support Microsoft Information Rights Management services" + Title: "SharePoint-compatible PDF readers that support IRM services" f1.keywords: - NOCSH # SharePoint-Compatible PDF readers that support Microsoft Information Rights Management services + Microsoft SharePoint 2013 supports Information Rights Management (IRM) protection of PDF documents. With that support, users can upload PDF documents to IRM-protected libraries, and upon download, the files will be protected using Microsoft Office IRM. To use PDF files in libraries that the owner has protected with IRM, the user will need to obtain one of the following PDF-compatible readers:
compliance	Supported Filetypes Ediscovery20	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/supported-filetypes-ediscovery20.md	Title: "Supported file types in Advanced eDiscovery" + Title: "Supported file types in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "A list of supported file types in Microsoft 365 Advanced eDiscovery, including image file types supported by the OCR functionality in Advanced eDiscovery." +description: "A list of supported file types in Microsoft 365 eDiscovery (Premium), including image file types supported by the OCR functionality in eDiscovery (Premium)." -# Supported file types in Advanced eDiscovery +# Supported file types in eDiscovery (Premium) -Advanced eDiscovery supports many file types at many different levels. The support files types are described in the following tables in this article. This list isn't finalized, and we will add new file types as we continue our validation testing. These tables indicate if a file type is supported for text extraction (and Optical Character Recognition or OCR text extraction for image files), viewable in the native viewer and also support in the Annotate viewer in Advanced eDiscovery. +Microsoft Purview eDiscovery (Premium) supports many file types at many different levels. The support files types are described in the following tables in this article. This list isn't finalized, and we will add new file types as we continue our validation testing. These tables indicate if a file type is supported for text extraction (and Optical Character Recognition or OCR text extraction for image files), viewable in the native viewer and also support in the Annotate viewer in eDiscovery (Premium). ## Archive / Container
compliance	Tagging And Relevance Training In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-and-relevance-training-in-advanced-ediscovery.md	Title: "Tagging and Relevance training in Advanced eDiscovery" + Title: "Tagging and Relevance training in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: 8576cc86-d51b-4285-b54b-67184714cc62 -description: "Learn the steps to tag and then work with a training sample of 40 files during the Relevance training stage of Advanced eDiscovery." +description: "Learn the steps to tag and then work with a training sample of 40 files during the Relevance training stage of eDiscovery (Premium)." -# Tagging and Relevance training in Advanced eDiscovery +# Tagging and Relevance training in eDiscovery (Premium) -This article describes the procedure for working with the Relevance training module in Advanced eDiscovery. +This article describes the procedure for working with the Relevance training module in Microsoft Purview eDiscovery (Premium). -After Assessment is completed in Advanced eDiscovery, and you enter the Relevance training stage, a training sample of 40 files is brought into the Tag tab for tagging. +After Assessment is completed in eDiscovery (Premium), and you enter the Relevance training stage, a training sample of 40 files is brought into the Tag tab for tagging. ## Performing Relevance training
compliance	Tagging Documents	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-documents.md	search.appverid: - MOE150 - MET150 ms.assetid: -description: "Tagging documents in a review set helps remove unnecessary content and identify relevant content in an Advanced eDiscovery case." +description: "Tagging documents in a review set helps remove unnecessary content and identify relevant content in an eDiscovery (Premium) case." -# Tag documents in a review set in Advanced eDiscovery +# Tag documents in a review set in eDiscovery (Premium) Organizing content in a review set is important to complete various workflows in the eDiscovery process. This includes: Organizing content in a review set is important to complete various workflows in When experts, attorneys, or other users review content in a review set, their opinions related to the content can be captured by using tags. For example, if the intent is to cull unnecessary content, a user can tag documents with a tag such as "non-responsive". After content has been reviewed and tagged, a review set search can be created to exclude any content tagged as "non-responsive". This process eliminates the non-responsive content from the next steps in the eDiscovery workflow. The tagging panel in a review set can be customized for every case so that the tags support the intended review workflow for the case. > [!NOTE] -> The scope of tags is an Advanced eDiscovery case. That means a case can only have one set of tags that reviewers can use to tag review set documents. You can't set up a different set of tags for use in different review sets in the same case. +> The scope of tags is an eDiscovery (Premium) case. That means a case can only have one set of tags that reviewers can use to tag review set documents. You can't set up a different set of tags for use in different review sets in the same case. ## Tag types -Advanced eDiscovery provides two types of tags: +eDiscovery (Premium) provides two types of tags: - Single choice tags: Restricts reviewers to selecting a single tag within a group. These types of tags can be useful to ensure that reviewers don't select conflicting tags such as "responsive" and "non-responsive". Single choice tags appear as radio buttons. You can further organize tags by nesting them within a section. For example, if ## Creating and applying tags -Tagging items in review sets is a two-step process. The first step is to create the tags that are then applied to review set items. After you create tags, you and other reviewers can apply them to items in a review set. As previously explained, an Advanced eDiscovery case can only have one set of tags that reviewers can use to tag review set items. +Tagging items in review sets is a two-step process. The first step is to create the tags that are then applied to review set items. After you create tags, you and other reviewers can apply them to items in a review set. As previously explained, an eDiscovery (Premium) case can only have one set of tags that reviewers can use to tag review set items. ### Create tags With the tag structure in place, reviewers can apply tags to items in a review s - Include associated family items: This option applies the same tag to the associated family items of items that are tagged. Family items are items that share the same FamilyId metadata property value. For example, a document that's attached to an email message shares the same FamilyId as the email message. So if this option is selected for this example, the email message and the document are tagged, even though the document might not be included in the list of review set items. - - Include associated conversation items: This option applies the same tag to all items that are in the same Teams or Yammer conversation as the items that are tagged. Conversation items are items that share the same ConversationId metadata property value. All messages, posts, and corresponding transcript file of a conversation share the same ConversationId. If this option is selected, then all items in the same conversation (and transcript file) are tagged, even though some of those conversation items might not be included in the list of review set items. For more information about conversation items, see the "Grouping" section in [Advanced eDiscovery workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md#grouping). + - Include associated conversation items: This option applies the same tag to all items that are in the same Teams or Yammer conversation as the items that are tagged. Conversation items are items that share the same ConversationId metadata property value. All messages, posts, and corresponding transcript file of a conversation share the same ConversationId. If this option is selected, then all items in the same conversation (and transcript file) are tagged, even though some of those conversation items might not be included in the list of review set items. For more information about conversation items, see the "Grouping" section in [eDiscovery (Premium) workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md#grouping). - None: This option doesn't apply tags to family items or conversation items. It only applies tags to the items that are selected or to all items in the review set list.
compliance	Teams Workflow In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/teams-workflow-in-advanced-ediscovery.md	Title: "Teams workflow in Advanced eDiscovery" + Title: "Teams workflow in eDiscovery (Premium)" f1.keywords: - NOCSH ms.localizationpriority: medium search.appverid: - MET150 -description: "Learn how to preserve, collect, review, and export content from Microsoft Teams in Advanced eDiscovery." +description: "Learn how to preserve, collect, review, and export content from Microsoft Teams in eDiscovery (Premium)." -# Advanced eDiscovery workflow for content in Microsoft Teams +# eDiscovery (Premium) workflow for content in Microsoft Teams -This article provides a comprehensive set of procedures, guidelines, and best practices for using Advanced eDiscovery to preserve, collect, review, and export content from Microsoft Teams. The goal of this article is to help you optimize your eDiscovery workflow for Teams content. +This article provides a comprehensive set of procedures, guidelines, and best practices for using Microsoft Purview eDiscovery (Premium) to preserve, collect, review, and export content from Microsoft Teams. The goal of this article is to help you optimize your eDiscovery workflow for Teams content. -There are five categories of Teams content that you can collect and process using Advanced eDiscovery: +There are five categories of Teams content that you can collect and process using eDiscovery (Premium): - Teams 1:1 chats. Chat messages, posts, and attachments shared in a Teams conversation between two people. Teams 1:1 chats are also called conversations. There are five categories of Teams content that you can collect and process usin ## Where Teams content is stored -A prerequisite to managing Teams content in Advanced eDiscovery is to understand the type of Teams content that you can collect, process, and review in Advanced eDiscovery and where that content is stored in Microsoft 365. The following table lists Teams content type and where each is stored. +A prerequisite to managing Teams content in eDiscovery (Premium) is to understand the type of Teams content that you can collect, process, and review in eDiscovery (Premium) and where that content is stored in Microsoft 365. The following table lists Teams content type and where each is stored. \| \|Location of chat messages and posts\|Location of files and attachments\| \|\|\|\| A prerequisite to managing Teams content in Advanced eDiscovery is to understand ## Create a case for Teams content -The first step to managing Teams content in Advanced eDiscovery is to create a case using the new case format that's optimized for managing Teams content. Here's the benefits of using the new case format for Teams content: +The first step to managing Teams content in eDiscovery (Premium) is to create a case using the new case format that's optimized for managing Teams content. Here's the benefits of using the new case format for Teams content: - Support for conversation threading, in which additional messages in the same conversation that include responsive items are automatically collected and added to review sets. The first step to managing Teams content in Advanced eDiscovery is to create a c - Collections up to 1 TB can be added to review sets, which let you collect and amounts large amounts of Teams content in a case. -For more information about the increased case limits, see [Use the new case format in Advanced eDiscovery](advanced-ediscovery-new-case-format.md). +For more information about the increased case limits, see [Use the new case format in eDiscovery (Premium)](advanced-ediscovery-new-case-format.md). To create a case: 1. Go to <https://compliance.microsoft.com> and sign in. -2. In the left navigation pane of the Microsoft 365 compliance center, click eDiscovery > Advanced. +2. In the left navigation pane of the Microsoft Purview compliance portal, click eDiscovery > Advanced. -3. On the Advanced eDiscovery page, click the Cases tab, and then click Create a case. +3. On the eDiscovery (Premium) page, click the Cases tab, and then click Create a case. The New eDiscovery case flyout page is displayed. The Case format section provides the option to create a case using the new case format. The next step is to identify the users who are the data custodians in your inves To add custodians to a case and preserve custodial data sources: -1. Go to the Advanced eDiscovery case that you created in the previous section, and then click Data sources. +1. Go to the eDiscovery (Premium) case that you created in the previous section, and then click Data sources. 2. On the Data sources page, click Add data source > Add new custodians. To add custodians to a case and preserve custodial data sources: 7. On the Hold settings page, click Next to review the custodians settings. Click Submit to add the custodians to the case. -For more information about adding and preserving data sources in an Advanced eDiscovery case, see: +For more information about adding and preserving data sources in an eDiscovery (Premium) case, see: -- [Add custodians to an Advanced eDiscovery case](add-custodians-to-case.md) +- [Add custodians to an eDiscovery (Premium) case](add-custodians-to-case.md) -- [Add non-custodial data sources to an Advanced eDiscovery case](non-custodial-data-sources.md) +- [Add non-custodial data sources to an eDiscovery (Premium) case](non-custodial-data-sources.md) ## Collect Teams content and add to review set You also have the option of not running a draft collection and adding the collec To create a collection of Teams content: -1. Go to the Advanced eDiscovery case that you added the custodians to in the previous section, and then click Collections. +1. Go to the eDiscovery (Premium) case that you added the custodians to in the previous section, and then click Collections. 2. On the Collections page, select New collection > Standard collection. To create a collection of Teams content: ## Review Teams content in a review set -After you add collections of Teams content to a review set, the next step is to review the content for its relevance to your investigation and cull it if necessary. An important prerequisite to reviewing Teams content is understanding how Advanced eDiscovery processes Teams chat conversations and attachments when adding them to a review set. This processing of Teams content results in the following three things: +After you add collections of Teams content to a review set, the next step is to review the content for its relevance to your investigation and cull it if necessary. An important prerequisite to reviewing Teams content is understanding how eDiscovery (Premium) processes Teams chat conversations and attachments when adding them to a review set. This processing of Teams content results in the following three things: - [Grouping](#grouping). How messages, posts, and replies Teams conversations are grouped together and presented in the review set. This also includes attachments in chat conversations are extracted and group within the conversation. -- [Transcript conversation threading](#transcript-conversation-threading). How Advanced eDiscovery determines what additional content from a conversation to collect to provide context around items that matched the collection criteria. +- [Transcript conversation threading](#transcript-conversation-threading). How eDiscovery (Premium) determines what additional content from a conversation to collect to provide context around items that matched the collection criteria. -- [Deduplication](#deduplication-of-teams-content). How Advanced eDiscovery handles duplicate Teams content. +- [Deduplication](#deduplication-of-teams-content). How eDiscovery (Premium) handles duplicate Teams content. -- [Metadata](#metadata-for-teams-content). Metadata properties that Advanced eDiscovery adds to Teams content after it's collected and added to a review set. +- [Metadata](#metadata-for-teams-content). Metadata properties that eDiscovery (Premium) adds to Teams content after it's collected and added to a review set. Understand grouping, conversation threading, deduplication, and Teams metadata will help you optimize the review and analysis of Teams content. This section also has [tips for viewing Teams content in a review set](#tips-for-viewing-teams-content-in-a-review-set). The following screenshots show an example of conversation in the Teams client an ### Transcript conversation threading -Conversation threading functionality in the new case format in Advanced eDiscovery helps you identify contextual content related to items that may be relevant to your investigation. This feature produces distinct conversation views that include chat messages that precede and follow the items match the search query during collection. This capability allows you to efficiently and rapidly review complete chat conversations (called threaded conversations) in Microsoft Teams. As previous explained, chat conversations are reconstructed in HTML transcript files when Advanced eDiscovery adds Teams content to a review set. +Conversation threading functionality in the new case format in eDiscovery (Premium) helps you identify contextual content related to items that may be relevant to your investigation. This feature produces distinct conversation views that include chat messages that precede and follow the items match the search query during collection. This capability allows you to efficiently and rapidly review complete chat conversations (called threaded conversations) in Microsoft Teams. As previous explained, chat conversations are reconstructed in HTML transcript files when eDiscovery (Premium) adds Teams content to a review set. -Here's the logic used by Advanced eDiscovery to include additional messages and replies transcript files that provide context around the items match the collection query (called responsive items) you used when collecting Teams content. Different threading behaviors are based on the types of chats and the search query used to collect the responsive items. There are two common collection scenarios: +Here's the logic used by eDiscovery (Premium) to include additional messages and replies transcript files that provide context around the items match the collection query (called responsive items) you used when collecting Teams content. Different threading behaviors are based on the types of chats and the search query used to collect the responsive items. There are two common collection scenarios: - Queries that use search parameters, such as keywords and property:value pairs Here's the logic used by Advanced eDiscovery to include additional messages and The following list describes the deduplication (and duplication) behavior when collecting Teams content into a review set. -- Each transcript file added to a review set should be a one-to-one mapping to content stored in data locations. That means Advanced eDiscovery doesn't collect any Teams content that has already been added to the review set. If a chat message is already collected in a review set, Advanced eDiscovery doesn't add the same message from the same data location to the review set in subsequent collections. +- Each transcript file added to a review set should be a one-to-one mapping to content stored in data locations. That means eDiscovery (Premium) doesn't collect any Teams content that has already been added to the review set. If a chat message is already collected in a review set, eDiscovery (Premium) doesn't add the same message from the same data location to the review set in subsequent collections. - For 1:1 and group chats, copies of messages are stored in the mailbox of each conversation participant. Copies of the same conversation that exist in different participants' mailboxes are collected with different metadata. As a result, each instance of the conversation is treated as unique and brought into the review set in separate transcript files. So if all participants of a 1:1 or group chat are added as custodians in a case and included in the scope of a collection, then copies of each transcript (for the same conservation) are added to the review set and will be grouped together with the same ConversationId. Each of these copies is associated with a corresponding custodian. Tip: The Custodian column in the review set list identifies the custodian for the corresponding transcript file. The following list describes the deduplication (and duplication) behavior when c ### Metadata for Teams content -In large review sets with thousands or millions of items, it can be difficult to narrow the scope of your review to Teams content. To help you focus your review on Teams content, there are metadata properties that are specific to Teams content. You can use these properties to organize the columns in the review list and [configure filters and queries](review-set-search.md) to optimize the review of Teams content. These metadata properties are also included when you export Teams content from Advanced eDiscovery, to help you organize and view content post-export or in third-party eDiscovery tools. +In large review sets with thousands or millions of items, it can be difficult to narrow the scope of your review to Teams content. To help you focus your review on Teams content, there are metadata properties that are specific to Teams content. You can use these properties to organize the columns in the review list and [configure filters and queries](review-set-search.md) to optimize the review of Teams content. These metadata properties are also included when you export Teams content from eDiscovery (Premium), to help you organize and view content post-export or in third-party eDiscovery tools. The following table describes metadata properties for Teams content. The following table describes metadata properties for Teams content. \|Recipients\|A list of all users who received a message within the transcript conversation.\| \|TeamsChannelName\|The Teams channel name of the transcript.\| -For descriptions of other Advanced eDiscovery metadata properties, see [Document metadata fields in Advanced eDiscovery](document-metadata-fields-in-Advanced-eDiscovery.md). +For descriptions of other eDiscovery (Premium) metadata properties, see [Document metadata fields in eDiscovery (Premium)](document-metadata-fields-in-Advanced-eDiscovery.md). ## Export Teams content Here are some tips and best practices for viewing Teams content in a review set. ## Deleting Teams chat messages -You can use Advanced eDiscovery and the Microsoft Graph Explorer to respond to data spillage incidents, when content containing confidential or malicious information is released through Teams chat messages.ΓÇï Admins in your organization can search for and delete chat messages in Microsoft Teams. This can help you remove sensitive information or inappropriate content in Teams chat messages. For more information, see [Search and purge chat messages in Teams](search-and-delete-Teams-chat-messages.md). +You can use eDiscovery (Premium) and the Microsoft Graph Explorer to respond to data spillage incidents, when content containing confidential or malicious information is released through Teams chat messages.ΓÇï Admins in your organization can search for and delete chat messages in Microsoft Teams. This can help you remove sensitive information or inappropriate content in Teams chat messages. For more information, see [Search and purge chat messages in Teams](search-and-delete-Teams-chat-messages.md). ## Reference guide -Here's a quick reference guide for using Advanced eDiscovery for Microsoft Teams. This guide summarizes the keys points for using Advanced eDiscovery to preserve, collect, review, and export content from Microsoft Teams. +Here's a quick reference guide for using eDiscovery (Premium) for Microsoft Teams. This guide summarizes the keys points for using eDiscovery (Premium) to preserve, collect, review, and export content from Microsoft Teams. -![Thumbnail for reference guide for using Advanced eDiscovery for Microsoft Teams.](../media/AeDTeamsReferenceGuide-thumbnail.png) +![Thumbnail for reference guide for using eDiscovery (Premium) for Microsoft Teams.](../media/AeDTeamsReferenceGuide-thumbnail.png) [Download as a PDF file](https://download.microsoft.com/download/9/e/4/9e4eec6f-c476-452f-b414-4bd4b5c39dca/AeDTeamsReferenceGuide.pdf)
compliance	Technical Reference Details About Encryption	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/technical-reference-details-about-encryption.md	# Technical reference details about encryption + Refer to this article to learn about certificates, technologies, and TLS cipher suites used for [encryption in Office 365](encryption.md). This article also provides details about planned deprecations. - If you're looking for overview information, see [Encryption in Office 365](encryption.md).
compliance	Terms Conditions	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/terms-conditions.md	Title: "Microsoft 365 Compliance trial terms and conditions" + Title: "Microsoft Purview trial terms and conditions" f1.keywords: - NOCSH ms.localizationpriority: high search.appverid: - MOE150 - MET150 -description: "Microsoft 365 Compliance trial terms and conditions." +description: "Microsoft Purview trial terms and conditions." -# Microsoft Compliance trial terms and conditions +# Microsoft 365 trial terms and conditions -By participating in [the free trial (ΓÇ£TrialΓÇ¥) of the Microsoft Compliance Services](compliance-easy-trials.md), you agree to be bound by our [Online Services Terms](https://go.microsoft.com/fwlink/?linkid=2108910) and the following terms (ΓÇ£Trial TermsΓÇ¥), if there is a conflict the Trial Terms shall govern. The Trial period will be for 90 days from the date you activate the Trial. Unless you purchase a subscription to Microsoft Compliance prior to the expiration or termination of your Trial period, you will no longer have access to (i) any data related to the features of the Trial that you entered into your account, and (ii) configurations or customizations made by you or for you using the features of the Trial. Microsoft reserves the right to terminate or modify the Trial and/or these Trial Terms at any time without prior notice and without liability. Trial offer is not available for customers in all regions and countries. + +By participating in [the free trial (ΓÇ£TrialΓÇ¥) of the Microsoft Purview solutions](compliance-easy-trials.md), you agree to be bound by our [Product Terms](https://go.microsoft.com/fwlink/?linkid=2108910) and the following terms (ΓÇ£Trial TermsΓÇ¥), provided that in the event of a conflict the Trial Terms shall govern. The Trial period will be for ninety (90) days from the date you activate the Trial. Unless you purchase a subscription to Microsoft Purview prior to the expiration or termination of your Trial period, you will no longer have access to (i) any data related to the features of the Trial that you entered into your account, and (ii) configurations or customizations made by you or for you using the features of the Trial. Microsoft reserves the right to terminate or modify the Trial and/or these Trial Terms at any time without prior notice and without liability. Trial offer is not available for customers in all regions and countries.
compliance	Test Relevance Analysis In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/test-relevance-analysis-in-advanced-ediscovery.md	Title: Test Relevance analysis in Advanced eDiscovery + Title: Test Relevance analysis in eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: 1b092f7c-ea55-44f5-b419-63f3458fd7e0 -description: "Learn how to use the Test tab after Batch calculation in Advanced eDiscovery to test, compare, and validate the overall quality of processing." +description: "Learn how to use the Test tab after Batch calculation in eDiscovery (Premium) to test, compare, and validate the overall quality of processing." -# Test Relevance analysis in Advanced eDiscovery +# Test Relevance analysis in eDiscovery (Premium) -The Test tab in Advanced eDiscovery enables you to test, compare, and validate the overall quality of processing. These tests are performed after Batch calculation. By tagging the files in the collection, an expert makes the final judgment about whether each tagged file is relevant to the case. +The Test tab in Microsoft Purview eDiscovery (Premium) enables you to test, compare, and validate the overall quality of processing. These tests are performed after Batch calculation. By tagging the files in the collection, an expert makes the final judgment about whether each tagged file is relevant to the case. In single and multiple-issue scenarios, tests are typically performed per issue. Results can be viewed after each test, and test results can be reworked with specified sample test files. ## Testing the rest -The "Test the Rest" test is used to validate culling decisions, for example, to review only files above a specific Relevance cutoff score based on the final Advanced eDiscovery results. The expert reviews a sample of files under a selected cutoff score to evaluate the number of relevant files within that set. +The "Test the Rest" test is used to validate culling decisions, for example, to review only files above a specific Relevance cutoff score based on the final eDiscovery (Premium) results. The expert reviews a sample of files under a selected cutoff score to evaluate the number of relevant files within that set. This test provides statistics and a comparison between the Review set and the Test the Rest population. The results of the review set are those calculated by Relevance during Training. The results include calculations based on settings and input parameters, such as:
compliance	Themes In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/themes-in-advanced-ediscovery.md	Title: Themes - eDiscovery + Title: Themes in eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: "Use Themes in Advanced eDiscovery to organize review sets by finding the dominant theme in each document." +description: "Use Themes in eDiscovery (Premium) to organize review sets by finding the dominant theme in each document." -# Themes in Advanced eDiscovery +# Themes in eDiscovery (Premium) How does a person write a document? They generally start with one or more ideas they want to convey in the document, and compose using words that align with the ideas. The more prevalent an idea is, the more frequent the words that are related to that idea tend to be. This informs how people consume documents as well. The important thing to understand from reading a document is the ideas that the document is trying to convey, which ideas appear where, and what the relationships between the ideas are. This can be extended to how a person wants to consume a set of documents. They want to see which ideas are present in the sets, and which documents are talking about those ideas. Also, if they find a particular document of interest, they want to be able to see documents that discuss similar ideas. -The Themes functionality in Advanced eDiscovery attempts to mimic how humans reason about documents, by analyzing the themes that are discussed in a review set and assigning a theme to documents in the review set. In Advanced eDiscovery, Themes goes one step further and identifies the dominant theme in each document. The dominant theme is the one that appears the most often in a document. +The Themes functionality in eDiscovery (Premium) attempts to mimic how humans reason about documents, by analyzing the themes that are discussed in a review set and assigning a theme to documents in the review set. In eDiscovery (Premium), Themes goes one step further and identifies the dominant theme in each document. The dominant theme is the one that appears the most often in a document. ## How does Themes work? -The Themes functionality analyzes documents with text in a review set to parse out common themes that appear across all the documents in the review set. Advanced eDiscovery assigns those themes to the documents in which they appear. It also labels each theme with the words used in the documents that are representative of the theme. Because a document can contain various types of subject matter, Advanced eDiscovery often assigns multiple themes to documents. The theme that appears most prominently in a document is designated as its dominant theme. +The Themes functionality analyzes documents with text in a review set to parse out common themes that appear across all the documents in the review set. eDiscovery (Premium) assigns those themes to the documents in which they appear. It also labels each theme with the words used in the documents that are representative of the theme. Because a document can contain various types of subject matter, eDiscovery (Premium) often assigns multiple themes to documents. The theme that appears most prominently in a document is designated as its dominant theme.
compliance	Tls 1 2 In Office 365 Gcc	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tls-1-2-in-office-365-gcc.md	appliesto: # Disabling TLS 1.0 and 1.1 in Microsoft 365 GCC High and DoD + ## Summary In order to comply with the latest compliance standards for the Federal Risk and Authorization Management Program (FedRAMP), we are disabling Transport Layer Security (TLS) versions 1.1 and 1.0 in Microsoft 365 for GCC High and DoD environments. This change was previously announced through Microsoft Support in [Preparing for the mandatory use of TLS 1.2 in Office 365](https://support.microsoft.com/help/4057306/preparing-for-tls-1-2-in-office-365).
compliance	Tls 1.0 And 1.1 Deprecation For Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tls-1.0-and-1.1-deprecation-for-office-365.md	appliesto: # Disabling TLS 1.0 and 1.1 for Microsoft 365 + > [!IMPORTANT] > We temporarily halted disablement of TLS 1.0 and 1.1 for commercial customers due to COVID-19. As supply chains have adjusted and certain countries open back up, we restarted the TLS 1.2 enforcement rollout on October 15, 2020. Rollout will continue over the following weeks and months.
compliance	Track Relevance Analysis In Advanced Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/track-relevance-analysis-in-advanced-ediscovery.md	Title: "Track Relevance analysis in Advanced eDiscovery" + Title: "Track Relevance analysis in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MET150 ms.assetid: 3ab1e2c3-28cf-4bf5-b0a8-c0222f32bdf5 -description: "Learn how to view and interpret the Relevance training status and results for case issues in Advanced eDiscovery." +description: "Learn how to view and interpret the Relevance training status and results for case issues in eDiscovery (Premium)." -# Track Relevance analysis in Advanced eDiscovery +# Track Relevance analysis in eDiscovery (Premium) -In Advanced eDiscovery, the Relevance Track tab displays the calculated validity of the Relevance training performed in the Tag tab and indicates the next step to take in the iterative training process in Relevance. +In Microsoft Purview eDiscovery (Premium), the Relevance Track tab displays the calculated validity of the Relevance training performed in the Tag tab and indicates the next step to take in the iterative training process in Relevance. ## Tracking Relevance training status In Advanced eDiscovery, the Relevance Track tab displays the calculated validity ### Reaching stable training levels -After the assessment files have attained a stable level of training, Advanced eDiscovery is ready for Batch calculation. +After the assessment files have attained a stable level of training, eDiscovery (Premium) is ready for Batch calculation. > [!NOTE] > Usually, after three stable training samples, the next step is "Batch calculation". There may be exceptions, for example, when there were changes to the tagging of files from earlier samples or when seed files were added. If you want to import new files after Batch calculation, the administrator can a ### Assessing tagging consistency -If there are inconsistencies in file tagging, it can affect the analysis. The Advanced eDiscovery tagging consistency process can be used when results are not optimal or consistency is in doubt. A list of possible inconsistently tagged files is returned, and they can be reviewed and retagged, as necessary. +If there are inconsistencies in file tagging, it can affect the analysis. The eDiscovery (Premium) tagging consistency process can be used when results are not optimal or consistency is in doubt. A list of possible inconsistently tagged files is returned, and they can be reviewed and retagged, as necessary. > [!NOTE] > After seven or more training rounds following assessment, tagging consistency can be viewed in Relevance \> Track \> Issue \> Detailed results \> Training progress. This review is done for one issue at a time. In the Relevance \> Track tab, expand an issue's row, and next to Detailed ### Keywords -A keyword is a unique string, word, phrase, or sequence of words in a file identified by Advanced eDiscovery as a significant indicator of whether a file is relevant. The "Include" columns list keyword and weights in files tagged as Relevant, and the "Exclude" columns lists keywords and weights in files tagged as Not relevant. +A keyword is a unique string, word, phrase, or sequence of words in a file identified by eDiscovery (Premium) as a significant indicator of whether a file is relevant. The "Include" columns list keyword and weights in files tagged as Relevant, and the "Exclude" columns lists keywords and weights in files tagged as Not relevant. -Advanced eDiscovery assigns negative or positive keyword weight values. The higher the weight, the higher the likelihood that a file in which the keyword appears is assigned a higher Relevance score during Batch calculation. +eDiscovery (Premium) assigns negative or positive keyword weight values. The higher the weight, the higher the likelihood that a file in which the keyword appears is assigned a higher Relevance score during Batch calculation. -The Advanced eDiscovery list of keywords can be used to supplement a list built by an expert or as an indirect sanity check at any point in the file review process. +The eDiscovery (Premium) list of keywords can be used to supplement a list built by an expert or as an indirect sanity check at any point in the file review process. ### Training progress The Training Progress pane includes a training progress graph and quality in - Warning: Many files may be tagged inconsistently. (Red light displayed) -Training progress graph: Shows the degree of Relevance training stability after many Relevance training cycles in comparison to the F-measure value. As we move from the left to the right across the graph, the confidence interval narrows and is used, along with the F-measure, by Advanced eDiscovery Relevance to determine stability when the Relevance training results are optimized. +Training progress graph: Shows the degree of Relevance training stability after many Relevance training cycles in comparison to the F-measure value. As we move from the left to the right across the graph, the confidence interval narrows and is used, along with the F-measure, by eDiscovery (Premium) Relevance to determine stability when the Relevance training results are optimized. > [!NOTE] > Relevance uses F2, an F-measure metric where Recall receives twice as much weight as Precision. For cases with high richness (over 25%), Relevance uses F1 (1:1 ratio). The F-measure ratio can be configured in Relevance setup \> Advanced settings. The Batch calculation results pane includes the number of files that were sc ### Training statistics -The Training statistics pane displays statistics and graphs based on results from Advanced eDiscovery Relevance training. +The Training statistics** pane displays statistics and graphs based on results from eDiscovery (Premium) Relevance training. ![Relevance Track training statistics.](../media/9a07740e-20d3-49fb-b9b9-84265e0a1836.png)
compliance	Troubleshooting Azcopy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/troubleshooting-azcopy.md	Title: "Troubleshoot AzCopy in Advanced eDiscovery" + Title: "Troubleshoot AzCopy in eDiscovery (Premium)" f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 ms.assetid: -description: Troubleshoot errors for Azure AzCopy when loading non-Office 365 data for error remediation in Advanced eDiscovery. +description: Troubleshoot errors for Azure AzCopy when loading non-Office 365 data for error remediation in eDiscovery (Premium). - seo-marvel-mar2020 - seo-marvel-apr2020 -# Troubleshoot AzCopy in Advanced eDiscovery +# Troubleshoot AzCopy in eDiscovery (Premium) -When loading non-Microsoft 365 data or documents for error remediation in Advanced eDiscovery, the user interface supplies an Azure AzCopy command that contains parameters with the location of where the files that you want to upload are stored and the Azure storage location that the files will be uploaded to. To upload your documents, you copy this command and then run it in a Command Prompt on your local computer. The follow screenshot shows an example of an AzCopy command: +When loading non-Microsoft 365 data or documents for error remediation in Microsoft Purview eDiscovery (Premium), the user interface supplies an Azure AzCopy command that contains parameters with the location of where the files that you want to upload are stored and the Azure storage location that the files will be uploaded to. To upload your documents, you copy this command and then run it in a Command Prompt on your local computer. The follow screenshot shows an example of an AzCopy command: ![Upload non-Microsoft 365 files.](../media/46ba68f6-af11-4e70-bb91-5fc7973516e3.png) Usually the command that's provided works when you run it. However, there may be ## The supported version of AzCopy isn't installed on the local computer -At this time, you must use AzCopy v8.1 to load non-Microsoft 365 data in Advanced eDiscovery. The AzCopy command that's displayed on the Upload files page shown in the previous screenshot returns an error if you're not using AzCopy v8.1. To install this version, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). +At this time, you must use AzCopy v8.1 to load non-Microsoft 365 data in eDiscovery (Premium). The AzCopy command that's displayed on the Upload files page shown in the previous screenshot returns an error if you're not using AzCopy v8.1. To install this version, see [Transfer data with the AzCopy v8.1 on Windows](/previous-versions/azure/storage/storage-use-azcopy). ## AzCopy isn't installed on the local computer or it's not installed in the default location
compliance	Turn Audit Log Search On Or Off	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/turn-audit-log-search-on-or-off.md	search.appverid: - MET150 ms.assetid: e893b19a-660c-41f2-9074-d3631c95a014 -description: How to turn on or off the Audit log search feature in the Microsoft 365 compliance center to enable or disable the ability of admins to search the audit log. +description: How to turn on or off the Audit log search feature in the Microsoft Purview compliance portal to enable or disable the ability of admins to search the audit log. # Turn auditing on or off Audit logging will be turned on by default for Microsoft 365 and Office 365 enterprise organizations. However, when setting up a new Microsoft 365 or Office 365 organization, you should verify the auditing status for your organization. For instructions, see the [Verify the auditing status for your organization](#verify-the-auditing-status-for-your-organization) section in this article. -When auditing in the Microsoft 365 compliance center is turned on, user and admin activity from your organization is recorded in the audit log and retained for 90 days, and up to one year depending on the license assigned to users. However, your organization may have reasons for not wanting to record and retain audit log data. In those cases, a global admin may decide to turn off auditing in Microsoft 365. +When auditing in the Microsoft Purview compliance portal is turned on, user and admin activity from your organization is recorded in the audit log and retained for 90 days, and up to one year depending on the license assigned to users. However, your organization may have reasons for not wanting to record and retain audit log data. In those cases, a global admin may decide to turn off auditing in Microsoft 365. > [!IMPORTANT] -> If you turn off auditing in Microsoft 365, you can't use the Office 365 Management Activity API or Microsoft Sentinel to access auditing data for your organization. Turning off auditing by following the steps in this article means that no results will be returned when you search the audit log using the Microsoft 365 compliance center or when you run the Search-UnifiedAuditLog cmdlet in Exchange Online PowerShell. This also means that audit logs won't be available through the Office 365 Management Activity API or Microsoft Sentinel. +> If you turn off auditing in Microsoft 365, you can't use the Office 365 Management Activity API or Microsoft Sentinel to access auditing data for your organization. Turning off auditing by following the steps in this article means that no results will be returned when you search the audit log using the compliance portal or when you run the Search-UnifiedAuditLog cmdlet in Exchange Online PowerShell. This also means that audit logs won't be available through the Office 365 Management Activity API or Microsoft Sentinel. ## Before you turn auditing on or off - You have to be assigned the Audit Logs role in Exchange Online to turn auditing on or off in your Microsoft 365 organization. By default, this role is assigned to the Compliance Management and Organization Management role groups on the Permissions page in the Exchange admin center. Global admins in Microsoft 365 are members of the Organization Management role group in Exchange Online. > [!NOTE] - > Users have to be assigned permissions in Exchange Online to turn auditing on or off. If you assign users the Audit Logs role on the Permissions page in the Microsoft 365 compliance center, they won't be able to turn auditing on or off. This is because the underlying cmdlet is an Exchange Online PowerShell cmdlet. + > Users have to be assigned permissions in Exchange Online to turn auditing on or off. If you assign users the Audit Logs role on the Permissions page in the compliance portal, they won't be able to turn auditing on or off. This is because the underlying cmdlet is an Exchange Online PowerShell cmdlet. - For step-by-step instructions on searching the audit log, see [Search the audit log](search-the-audit-log-in-security-and-compliance.md). For more information about the Microsoft 365 Management Activity API, see [Get started with Microsoft 365 Management APIs](/office/office-365-management-api/get-started-with-office-365-management-apis). A value of `True` for the _UnifiedAuditLogIngestionEnabled_ property indicates ## Turn on auditing -If auditing is not turned on for your organization, you can turn it on in the Microsoft 365 compliance center or by using Exchange Online PowerShell. It may take several hours after you turn on auditing before you can return results when you search the audit log. +If auditing is not turned on for your organization, you can turn it on in the compliance portal or by using Exchange Online PowerShell. It may take several hours after you turn on auditing before you can return results when you search the audit log. ### Use the compliance center to turn on auditing 1. Go to <https://compliance.microsoft.com> and sign in. -2. In the left navigation pane of the Microsoft 365 compliance center, click Audit. +2. In the left navigation pane of the compliance portal, click Audit. If auditing is not turned on for your organization, a banner is displayed prompting you start recording user and admin activity. You have to use Exchange Online PowerShell to turn off auditing. The value of `False` for the _UnifiedAuditLogIngestionEnabled_ property indicates that auditing is turned off. - - Go to the Audit page in the Microsoft 365 compliance center. + - Go to the Audit page in the compliance portal. If auditing is not turned on for your organization, a banner is displayed prompting you start recording user and admin activity.
compliance	Use A Script To Add Users To A Hold In Ediscovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-a-script-to-add-users-to-a-hold-in-ediscovery.md	Title: "Use a script to add users to a hold in a Core eDiscovery case" + Title: "Use a script to add users to a hold in a eDiscovery (Standard) case" f1.keywords: - NOCSH ms.assetid: bad352ff-d5d2-45d8-ac2a-6cb832f10e73 - seo-marvel-apr2020 - admindeeplinkSPO -description: "Learn how to run a script to add mailboxes & OneDrive for Business sites to a new hold associated with an eDiscovery case in the Microsoft 365 compliance center." +description: "Learn how to run a script to add mailboxes & OneDrive for Business sites to a new hold associated with an eDiscovery case in the Microsoft Purview compliance portal." -# Use a script to add users to a hold in a Core eDiscovery case +# Use a script to add users to a hold in a eDiscovery (Standard) case -Security & Compliance Center PowerShell provides cmdlets that let you automate time-consuming tasks related to creating and managing eDiscovery cases. Currently, using the Core eDiscovery case in the Microsoft 365 compliance center to place a large number of custodian content locations on hold takes time and preparation. For example, before you create a hold, you have to collect the URL for each OneDrive for Business site that you want to place on hold. Then for each user you want to place on hold, you have to add their mailbox and their OneDrive for Business site to the hold. You can use the script in this article to automate this process. +Security & Compliance Center PowerShell provides cmdlets that let you automate time-consuming tasks related to creating and managing eDiscovery cases. Currently, using the Microsoft Purview eDiscovery (Standard) case in the Microsoft Purview compliance portal to place a large number of custodian content locations on hold takes time and preparation. For example, before you create a hold, you have to collect the URL for each OneDrive for Business site that you want to place on hold. Then for each user you want to place on hold, you have to add their mailbox and their OneDrive for Business site to the hold. You can use the script in this article to automate this process. The script prompts you for the name of your organization's My Site domain (for example, `contoso` in the URL https://contoso-my.sharepoint.com), the name of an existing eDiscovery case, the name of the new hold that associated with the case, a list of email addresses of the users you want to put on hold, and a search query to use if you want to create a query-based hold. The script then gets the URL for the OneDrive for Business site for each user in the list, creates the new hold, and then adds the mailbox and OneDrive for Business site for each user in the list to the hold. The script also generates log files that contain information about the new hold. Here are the steps to make this happen: ## Before you add users to a hold -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center and a SharePoint Online administrator to run the script in Step 3. For more information, see [Assign eDiscovery permissions in the Office 365 Security & Compliance Center](assign-ediscovery-permissions.md). +- You have to be a member of the eDiscovery Manager role group in the compliance portal and a SharePoint Online administrator to run the script in Step 3. For more information, see [Assign eDiscovery permissions in the OfficeΓÇì 365 Security & Compliance Center](assign-ediscovery-permissions.md). -- A maximum of 1,000 mailboxes and 100 sites can be added to a hold that's associated with a Core eDiscovery case in the Microsoft 365 compliance center. Assuming that every user that you want to place on hold has a OneDrive for Business site, you can add a maximum of 100 users to a hold using the script in this article. +- A maximum of 1,000 mailboxes and 100 sites can be added to a hold that's associated with an eDiscovery case in the compliance portal. Assuming that every user that you want to place on hold has a OneDrive for Business site, you can add a maximum of 100 users to a hold using the script in this article. - Be sure to save the list of users that you create in Step 2 and the script in Step 3 to the same folder. That will make it easier to run the script. When you run the script in this step, it will prompt you for the following infor - Search query for a query-based hold: You can create a query-based hold so that only the content that meets the specified search criteria is placed on hold. To place all content on hold, just press Enter when you're prompted for a search query. -- Turning on the hold or not: You can have the script turn on the hold after it's created or you can have the script create the hold without enabling it. If you don't have the script turn on the hold, you can turn it on later in the Microsoft 365 compliance center or by running the following PowerShell commands: +- Turning on the hold or not: You can have the script turn on the hold after it's created or you can have the script create the hold without enabling it. If you don't have the script turn on the hold, you can turn it on later in the compliance portal or by running the following PowerShell commands: ```powershell Set-CaseHoldPolicy -Identity <name of the hold> -Enabled $true After you've collected the information that the script will prompt you for, the " " write-host "*********************************************" write-host " Security & Compliance Center PowerShell " -foregroundColor yellow -backgroundcolor darkgreen -write-host " Core eDiscovery cases - Add users to a hold " -foregroundColor yellow -backgroundcolor darkgreen +write-host " eDiscovery (Standard) cases - Add users to a hold " -foregroundColor yellow -backgroundcolor darkgreen write-host "*******************************************" " " # Connect to SCC PowerShell using modern authentication Write-host "Script complete!" -foregroundColor Yellow 4. Enter the information that the script prompts you for. - The script connects to Security & Compliance Center PowerShell, and then creates the new hold in the eDiscovery case and adds the mailboxes and OneDrive for Business for the users in the list. You can go to the case on the eDiscovery page in the Microsoft 365 compliance center to view the new hold. + The script connects to Security & Compliance Center PowerShell, and then creates the new hold in the eDiscovery case and adds the mailboxes and OneDrive for Business for the users in the list. You can go to the case on the eDiscovery** page in the compliance portal to view the new hold. After the script is finished running, it creates the following log files, and saves them to the folder where the script is located.
compliance	Use Content Search For Targeted Collections	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-for-targeted-collections.md	search.appverid: - MET150 ms.assetid: e3cbc79c-5e97-43d3-8371-9fbc398cd92e -description: "Use Content search in the Microsoft 365 compliance center to perform a targeted collection, which searches for items in a specific mailbox or site folder." +description: "Use Content search in the Microsoft Purview compliance portal to perform a targeted collection, which searches for items in a specific mailbox or site folder." # Use Content search for targeted collections -The Content search tool in the Microsoft 365 compliance center doesn't provide a direct way in the UI to search specific folders in Exchange mailboxes or SharePoint and OneDrive for Business sites. However, it's possible to search specific folders (called a targeted collection) by specifying the folder ID property for email or path (DocumentLink) property for sites in the actual search query syntax. Using Content Search to perform a targeted collection is useful when you're confident that items responsive to a case or privileged items are located in a specific mailbox or site folder. You can use the script in this article to obtain the folder ID for mailbox folders or the path (DocumentLink) for folders on a SharePoint and OneDrive for Business site. Then you can use the folder ID or path in a search query to return items located in the folder. +The Content search tool in the Microsoft Purview compliance portal doesn't provide a direct way in the UI to search specific folders in Exchange mailboxes or SharePoint and OneDrive for Business sites. However, it's possible to search specific folders (called a targeted collection) by specifying the folder ID property for email or path (DocumentLink) property for sites in the actual search query syntax. Using Content Search to perform a targeted collection is useful when you're confident that items responsive to a case or privileged items are located in a specific mailbox or site folder. You can use the script in this article to obtain the folder ID for mailbox folders or the path (DocumentLink) for folders on a SharePoint and OneDrive for Business site. Then you can use the folder ID or path in a search query to return items located in the folder. > [!NOTE] > To return content located in a folder in a SharePoint or OneDrive for Business site, the script in this topic uses the DocumentLink managed property instead of the Path property. The DocumentLink property is more robust than the Path property because it will return all content in a folder, whereas the Path property won't return some media files. ## Before you run a targeted collection -- You have to be a member of the eDiscovery Manager role group in the Microsoft 365 compliance center to run the script in Step 1. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). +- You have to be a member of the eDiscovery Manager role group in the compliance portal to run the script in Step 1. For more information, see [Assign eDiscovery permissions](assign-ediscovery-permissions.md). - You also have to be assigned the Mail Recipients role in your Exchange Online organization. This is required to run the Get-MailboxFolderStatistics cmdlet, which is included in the script. By default, the Mail Recipients role is assigned to the Organization Management and Recipient Management role groups in Exchange Online. For more information about assigning permissions in Exchange Online, see [Manage role group members](/exchange/manage-role-group-members-exchange-2013-help). You could also create a custom role group, assign the Mail Recipients role to it, and then add the members who need to run the script in Step 1. For more information, see [Manage role groups](/Exchange/permissions-exo/role-groups). To display a list of mailbox folders or site documentlink (path) names: ######################################################################################################### # This PowerShell script will prompt you for: # # * Admin credentials for a user who can run the Get-MailboxFolderStatistics cmdlet in Exchange # - # Online and who is an eDiscovery Manager in the Microsoft 365 compliance center. # + # Online and who is an eDiscovery Manager in the compliance portal. # # The script will then: # # * If an email address is supplied: list the folders for the target mailbox. # # * If a SharePoint or OneDrive for Business site is supplied: list the documentlinks (folder paths) # To display a list of mailbox folders or site documentlink (path) names: ######################################################################################################### # Collect the target email address or SharePoint Url $addressOrSite = Read-Host "Enter an email address or a URL for a SharePoint or OneDrive for Business site" - # Authenticate with Exchange Online and the Microsoft 365 compliance center (Exchange Online Protection - EOP) + # Authenticate with Exchange Online and the compliance portal (Exchange Online Protection - EOP) if ($addressOrSite.IndexOf("@") -ige 0) { # List the folder Ids for the target mailbox Here's an example of the output returned by the script for site folders. ## Step 2: Use a folder ID or documentlink to perform a targeted collection -After you've run the script to collect a list of folder IDs or document links for a specific user, the next step to go to the Microsoft 365 compliance center and create a new Content Search to search a specific folder. You'll use the `folderid:<folderid>` or `documentlink:<path>` property:value pair in the search query that you configure in the Content Search keyword box (or as the value for the ContentMatchQuery parameter if you use the New-ComplianceSearch cmdlet). You can combine the `folderid` or `documentlink` property with other search parameters or search conditions. If you only include the `folderid` or `documentlink` property in the query, the search will return all items located in the specified folder. +After you've run the script to collect a list of folder IDs or document links for a specific user, the next step to go to the compliance portal and create a new Content Search to search a specific folder. You'll use the `folderid:<folderid>` or `documentlink:<path>` property:value pair in the search query that you configure in the Content Search keyword box (or as the value for the ContentMatchQuery parameter if you use the New-ComplianceSearch cmdlet). You can combine the `folderid` or `documentlink` property with other search parameters or search conditions. If you only include the `folderid` or `documentlink` property in the query, the search will return all items located in the specified folder. 1. Go to <https://compliance.microsoft.com> and sign in using the account and credentials that you used to run the script in Step 1.
compliance	Use Content Search To Search Third Party Data That Was Imported	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-to-search-third-party-data-that-was-imported.md	# Use Content Search to search third-party data imported by a custom partner connector -You can use the [Content search eDiscovery tool](content-search.md) in the Microsoft 365 compliance center to search for items imported to mailboxes in Microsoft 365 from a third-party data source. You can create a query to search all imported third-party data items or you can create a query to search specific third-party data items. Also, you can also create a query-based retention policy or a query-based eDiscovery hold to preserve third-party data. +You can use the [Content search eDiscovery tool](content-search.md) in the Microsoft Purview compliance portal to search for items imported to mailboxes in Microsoft 365 from a third-party data source. You can create a query to search all imported third-party data items or you can create a query to search specific third-party data items. Also, you can also create a query-based retention policy or a query-based eDiscovery hold to preserve third-party data. For more information about working with a partner to import third-party data and a list of the third-party data types that you can import to Microsoft 365, see [Work with a partner to archive third-party data in Office 365](work-with-partner-to-archive-third-party-data.md).
compliance	Use Drive Shipping To Import Pst Files To Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-drive-shipping-to-import-pst-files-to-office-365.md	Title: "Use drive shipping to import your organization's PST files" + Title: "Use drive shipping to import PST files" f1.keywords: - NOCSH For frequently asked questions about using drive shipping to import PST files to ## Before you import PST files -- You have to be assigned the Mailbox Import Export role in Exchange Online to create import jobs in the Microsoft 365 compliance center and import PST files to user mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a role group, assign the Mailbox Import Export role, and then add yourself as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups](/Exchange/permissions-exo/role-groups). +- You have to be assigned the Mailbox Import Export role in Exchange Online to create import jobs in the Microsoft Purview compliance portal and import PST files to user mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a role group, assign the Mailbox Import Export role, and then add yourself as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups](/Exchange/permissions-exo/role-groups). In addition to the Mailbox Import Export role, you also have to be assigned the Mail Recipients role in Exchange Online. By default, this role is assigned to the Organization Management and Recipient Management roles groups in Exchange Online. For frequently asked questions about using drive shipping to import PST files to The first step is to download the tool and that you use in Step 2 to copy PST files to the hard drive. > [!IMPORTANT] -> You have to use Azure Import/Export tool version 1 (WAimportExportV1) to successfully import PST files by using the drive shipping method. Version 2 of the Azure Import/Export tool isn't supported and using it will result in incorrectly preparing the hard drive for the import job. Be sure to download the Azure Import/Export tool from the Microsoft 365 compliance center by following the procedures in this step. +> You have to use Azure Import/Export tool version 1 (WAimportExportV1) to successfully import PST files by using the drive shipping method. Version 2 of the Azure Import/Export tool isn't supported and using it will result in incorrectly preparing the hard drive for the import job. Be sure to download the Azure Import/Export tool from the Microsoft Purview compliance portal by following the procedures in this step. 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left navigation pane of the Microsoft 365 compliance center, click Information governance \> Import. +2. In the left navigation pane of the compliance portal, click Information governance \> Import. > [!NOTE] - > As previously stated, you have to be assigned the appropriate permissions to access the Import page in the Microsoft 365 compliance center. + > As previously stated, you have to be assigned the appropriate permissions to access the Import page in the compliance portal. 3. On the Import tab, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) New import job. The first step is to download the tool and that you use in Step 2 to copy PST fi Download the Azure Import/Export tool to download and install the Azure Import/Export (version 1) tool. - - In the pop-up window, click Save \> Save as to save the WaImportExportV1.zip file to a folder on your local computer. + - In the pop-up window, click Save \> Save as to save the WaImportExportV1.zip file to a folder on your local computer. - Extract the WaImportExportV1.zip file. -7. Click Cancel to close the wizard. +7. Click Cancel to close the wizard. - You come back to the Import page in the Microsoft 365 compliance center when you create the import job in Step 4. + You come back to the Import page in the compliance portal when you create the import job in Step 4. ## Step 2: Copy the PST files to the hard drive -The next step is to use the WAImportExport.exe tool to copy PST files to the hard drive. This tool encrypts the hard drive with BitLocker, copies the PSTs to the hard drive, and creates a journal file that stores information about the copy process. To complete this step, the PST files have to be located in a file share or file server in your organization. This is known as the source directory in the following procedure. +The next step is to use the WAImportExport.exe tool to copy PST files to the hard drive. This tool encrypts the hard drive with BitLocker, copies the PSTs to the hard drive, and creates a journal file that stores information about the copy process. To complete this step, the PST files have to be located in a file share or file server in your organization. This is known as the source directory in the following procedure. As previously stated, each PST file that you copy to the hard drive should be no larger than 20 GB. PST files larger than 20 GB may impact the performance of the PST import process that you start in Step 6. > [!IMPORTANT] -> After you run the WAImportExport.exe tool the first time for a hard drive, you have to use a different syntax each time after that. This syntax is explained in step 4 of this procedure to copy PST files to the hard drive. +> After you run the WAImportExport.exe tool the first time for a hard drive, you have to use a different syntax each time after that. This syntax is explained in step 4 of this procedure to copy PST files to the hard drive. 1. Open a Command Prompt on your local computer. > [!TIP] - > If you run the command prompt as an administrator (by selecting "Run as administrator" when you open it) error messages will be displayed in the command prompt window. This can help you troubleshoot problems running the WAImportExport.exe tool. + > If you run the command prompt as an administrator (by selecting "Run as administrator" when you open it) error messages will be displayed in the command prompt window. This can help you troubleshoot problems running the WAImportExport.exe tool. 2. Go to the directory where you installed the WAImportExport.exe tool in Step 1. - 3. Run the following command the first time that you use the WAImportExport.exe to copy PST files to a hard drive. ```powershell The next step is to create the PST Import job in the Import service in Office 36 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left navigation pane of the Microsoft 365 compliance center, click Information governance \> Import. +2. In the left navigation pane of the compliance portal, click Information governance \> Import. 3. On the Import tab, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) New import job. > [!NOTE] - > As previously stated, you have to be assigned the appropriate permissions to access the Import page in the Microsoft 365 compliance center. + > As previously stated, you have to be assigned the appropriate permissions to access the Import page in the compliance portal. 4. Type a name for the PST import job, and then click Next. Use lowercase letters, numbers, hyphens, and underscores. You can't use uppercase letters or include spaces in the name. After you've shipped the hard drive to Microsoft, complete the following procedu 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left navigation pane of the Microsoft 365 compliance center, click Information governance > Import. +2. In the left navigation pane of the compliance portal, click Information governance > Import. 3. On the Import tab, click the job for the drive shipment that you want to enter the tracking number for. After PST files are uploaded to Azure, the status is changed to Analysis in pr 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left navigation pane of the Microsoft 365 compliance center, click Information governance \> Import**. +2. In the left navigation pane of the compliance portal, click Information governance \> Import**. 3. On the Import tab, select the import job that you created in Step 4 and click Import to Office 365. To install the Azure Storage Explorer and connect to your Azure Storage area: 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left pane of the Microsoft 365 compliance center, click Information governance > Import. +2. In the left pane of the compliance portal, click Information governance > Import. 3. On the Import tab, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) New import job**.
compliance	Use Network Upload To Import Pst Files	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-network-upload-to-import-pst-files.md	Title: "Use network upload to import your organization's PST files" + Title: "Use network upload to import PST files" f1.keywords: - NOCSH You have to perform Step 1 only once to import PST files to Microsoft 365 mailbo ## Before you import PST files -- You have to be assigned the Mailbox Import Export role in Exchange Online to create import jobs in the Microsoft 365 compliance center and import PST files to user mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a role group, assign the Mailbox Import Export role, and then add yourself as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups](/Exchange/permissions-exo/role-groups). +- You have to be assigned the Mailbox Import Export role in Exchange Online to create import jobs in the Microsoft Purview compliance portal and import PST files to user mailboxes. By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a role group, assign the Mailbox Import Export role, and then add yourself as a member. For more information, see the "Add a role to a role group" or the "Create a role group" sections in [Manage role groups](/Exchange/permissions-exo/role-groups). In addition to the Mailbox Import Export role, you also have to be assigned the Mail Recipients role in Exchange Online. By default, this role is assigned to the Organization Management and Recipient Management roles groups in Exchange Online. The first step is to download the AzCopy tool, which is the tool that you run in 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left pane of the Microsoft 365 compliance center, click Information governance \> Import. +2. In the left pane of the compliance portal, click Information governance \> Import. > [!NOTE] - > You have to be assigned the appropriate permissions to access the Import page in the Microsoft 365 compliance center. See the Before you begin section for more information. + > You have to be assigned the appropriate permissions to access the Import page in the compliance portal. See the Before you begin section for more information. 3. On the Import tab, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) New import job. The next step is to create the PST Import job in the Import service in Microsoft 1. Go to <https://compliance.microsoft.com> and sign in using the credentials for an administrator account in your organization. -2. In the left pane of the Microsoft 365 compliance center, click Information governance > Import. +2. In the left pane of the compliance portal, click Information governance > Import. 3. On the Import tab, click ![Add Icon.](../media/ITPro-EAC-AddIcon.gif) New import job. > [!NOTE] - > You have to be assigned the appropriate permissions to access the Import page in the Microsoft 365 compliance center to create an import job. See the Before you begin section for more information. + > You have to be assigned the appropriate permissions to access the Import page in the compliance portal to create an import job. See the Before you begin section for more information. 4. Type a name for the PST import job, and then click Next. Use lowercase letters, numbers, hyphens, and underscores. You can't use uppercase letters or include spaces in the name. The next step is to create the PST Import job in the Import service in Microsoft After you create the import job in Step 5, Microsoft 365 analyzes the data in the PST files (in a safe and secure manner) by identifying the age of the items and the different message types included in the PST files. When the analysis is completed and the data is ready to import, you have the option to import all the data contained in the PST files or you can trim the data that's imported by setting filters that control what data gets imported. -1. On the Import tab in the Microsoft 365 compliance center, select the import jobs that you created in Step 5 and then click Import to Microsoft 365. +1. On the Import tab in the compliance portal, select the import jobs that you created in Step 5 and then click Import to Microsoft 365. The Filter your data page is displayed. It contains the data insights resulting from the analysis performed on the PST files by Microsoft 365, including information about the age of the data. At this point, you have the option to filter the data that will be imported or import all the data as is. After you create the import job in Step 5, Microsoft 365 analyzes the data in th - The data is available to the user from all devices because it's stored in the cloud. - - It helps address compliance needs of your organization by letting you apply Microsoft 365 compliance features to the data from the PST files that you imported. This includes: + - It helps address compliance needs of your organization by letting you apply Microsoft Purview features to the data from the PST files that you imported. This includes: - Enabling [archive mailboxes](enable-archive-mailboxes.md) and [auto-expanding archiving](enable-autoexpanding-archiving.md) to give users additional mailbox storage space to store the data that you imported. Here's an illustration and description of the network upload process to import P ![Workflow of the network upload process to import PST files to Microsoft 365.](../media/9e05a19e-1e7a-4f1f-82df-9118f51588c4.png) -1. Download the PST import tool and key to private Azure Storage location: The first step is to download the AzCopy command-line tool and an access key used to upload the PST files to an Azure Storage location in the Microsoft cloud. You obtain these from the Import page in the Microsoft 365 compliance center. The key (called a secure access signature (SAS) key, provides you with the necessary permissions to upload PST files to a private and secure Azure Storage location. This access key is unique to your organization and helps prevent unauthorized access to your PST files after they're uploaded to the Microsoft cloud. Importing PST files doesn't require your organization to have a separate Azure subscription. +1. Download the PST import tool and key to private Azure Storage location: The first step is to download the AzCopy command-line tool and an access key used to upload the PST files to an Azure Storage location in the Microsoft cloud. You obtain these from the Import page in the compliance portal. The key (called a secure access signature (SAS) key, provides you with the necessary permissions to upload PST files to a private and secure Azure Storage location. This access key is unique to your organization and helps prevent unauthorized access to your PST files after they're uploaded to the Microsoft cloud. Importing PST files doesn't require your organization to have a separate Azure subscription. 2. Upload the PST files to the Azure Storage location: The next step is to use the azcopy.exe tool (downloaded in step 1) to upload and store your PST files in an Azure Storage location that resides in the same regional Microsoft datacenter where your organization is located. To upload them, the PST files that you want to import have to be located in a file share or file server in your organization. Here's an illustration and description of the network upload process to import P 3. Create a PST import mapping file: After the PST files have been uploaded to the Azure Storage location, the next step is to create a comma-separated value (CSV) file that specifies which user mailboxes the PST files will be imported to, note that a PST file can be imported to a user's primary mailbox or their archive mailbox. The Microsoft 365 Import service uses the information in the CSV file to import the PST files. -4. Create a PST import job: The next step is to create a PST import job on the Import PST files page in the Microsoft 365 compliance center and submit the PST import mapping file created in the previous step. After you create the import job, Microsoft 365 analyzes the data in the PST files and then gives you an opportunity to set filters that control what data actually gets imported to the mailboxes specified in the PST import mapping file. +4. Create a PST import job: The next step is to create a PST import job on the Import PST files page in the compliance portal and submit the PST import mapping file created in the previous step. After you create the import job, Microsoft 365 analyzes the data in the PST files and then gives you an opportunity to set filters that control what data actually gets imported to the mailboxes specified in the PST import mapping file. 5. Filter the PST data that will be imported to mailboxes: After the import job is created and started, Microsoft 365 analyzes the data in the PST files (safely and securely) by identifying the age of the items and the different message types included in the PST files. When the analysis is completed and the data is ready to import, you have the option to import all the data contained in the PST files or you can trim the data that's imported by setting filters that control what data gets imported. -6. Start the PST import job: After the import job is started, Microsoft 365 uses the information in the PST import mapping file to import the PSTs files from the Azure Storage location to user mailboxes. Status information about the import job (including information about each PST file being imported) is displayed on the Import PST files page in the Microsoft 365 compliance center. When the import job is finished, the status for the job is set to Complete. +6. Start the PST import job: After the import job is started, Microsoft 365 uses the information in the PST import mapping file to import the PSTs files from the Azure Storage location to user mailboxes. Status information about the import job (including information about each PST file being imported) is displayed on the Import PST files page in the compliance portal. When the import job is finished, the status for the job is set to Complete.
compliance	Use Notifications And Policy Tips	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-notifications-and-policy-tips.md	description: Learn how to add a policy tip to a data loss prevention (DLP) polic # Send email notifications and show policy tips for DLP policies -You can use a data loss prevention (DLP) policy to identify, monitor, and protect sensitive information across Office 365. You want people in your organization who work with this sensitive information to stay compliant with your DLP policies, but you don't want to block them unnecessarily from getting their work done. This is where email notifications and policy tips can help. + +You can use a Microsoft Purview data loss prevention (DLP) policy to identify, monitor, and protect sensitive information across Office 365. You want people in your organization who work with this sensitive information to stay compliant with your DLP policies, but you don't want to block them unnecessarily from getting their work done. This is where email notifications and policy tips can help. ![Message bar shows policy tip in Excel 2016](../media/7002ff54-1656-4a6c-993f-37427d6508c8.png) When you create a DLP policy, you can enable User notifications. When user n 2. Sign in using your work or school account. You're now in the Security & Compliance Center. -3. In the Security & Compliance Center \> left navigation \> Data loss prevention \> Policy \> + Create a policy. +3. In the Microsoft Purview compliance portal \> left navigation \> Data loss prevention \> Policy \> + Create a policy. ![Create a policy button.](../media/b1e48a08-92e2-47ca-abdc-4341694ddc7c.png) If the policy tips are configured to allow override, you can choose **Show Detai ![Policy tip dialog where you can override the policy tip.](../media/f97e836c-04bd-44b4-aec6-ed9526ea31f8.png) -Note that when you add sensitive information to an email, there may be latency between when the sensitive information is added and when the policy tip appears. When emails are encrypted with Office Message Encryption (OME) and the policy used to detect them uses the detect encryption condition policy tips will not appear. +Note that when you add sensitive information to an email, there may be latency between when the sensitive information is added and when the policy tip appears. When emails are encrypted with Microsoft Purview Message Encryption and the policy used to detect them uses the detect encryption condition policy tips will not appear. ### Outlook 2013 and later supports showing policy tips for only some conditions
compliance	Use Sharing Auditing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-sharing-auditing.md	The first step is to search the audit log for sharing events. For more informati 2. Sign in using your work or school account. -3. In the left pane of the Microsoft 365 compliance center, click Audit. +3. In the left pane of the Microsoft Purview compliance portal, click Audit. The Audit page is displayed.
compliance	View Custodian Activity	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-custodian-activity.md	search.appverid: - MET150 ms.assetid: -description: Use the Advanced eDiscovery Custodian Management tool to easily access and search the activity for custodians within your case. +description: Use the eDiscovery (Premium) Custodian Management tool to easily access and search the activity for custodians within your case. - seo-marvel-mar2020 - admindeeplinkEXCHANGE # View custodian audit activity -Need to find if a user viewed a specific document or purged an item from their mailbox? Advanced eDiscovery is now integrated with the existing audit log search tool in the Microsoft 365 compliance center. Using this embedded experience, you can use the Advanced eDiscovery Custodian Management tool to facilitate your investigation by easily accessing and searching the activity for custodians within your case. +Need to find if a user viewed a specific document or purged an item from their mailbox? Microsoft Purview eDiscovery (Premium) is now integrated with the existing audit log search tool in the Microsoft Purview compliance portal. Using this embedded experience, you can use the eDiscovery (Premium) Custodian Management tool to facilitate your investigation by easily accessing and searching the activity for custodians within your case. ## Get permissions -You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the Permissions page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. To give a user the ability to search the Advanced eDiscovery audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group. For more information, see Manage role groups in Exchange Online. +You have to be assigned the View-Only Audit Logs or Audit Logs role in Exchange Online to search the audit log. By default, these roles are assigned to the Compliance Management and Organization Management role groups on the Permissions page in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a>. To give a user the ability to search the eDiscovery (Premium) audit log with the minimum level of privileges, you can create a custom role group in Exchange Online, add the View-Only Audit Logs or Audit Logs role, and then add the user as a member of the new role group. For more information, see Manage role groups in Exchange Online. > [!IMPORTANT] -> If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the Microsoft 365 compliance center, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet. +> If you assign a user the View-Only Audit Logs or Audit Logs role on the Permissions page in the compliance portal, they won't be able to search the audit log. You have to assign the permissions in Exchange Online. This is because the underlying cmdlet used to search the audit log is an Exchange Online cmdlet. ## Step 1: Search the audit log for activities performed by a custodian -1. Go to eDiscovery > Advanced eDiscovery and open the case. +1. Go to eDiscovery > eDiscovery (Premium) and open the case. 2. Click the Sources tab.
compliance	View Documents In Review Set	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-documents-in-review-set.md	Title: View documents in a review set in Advanced eDiscovery + Title: View documents in a review set in eDiscovery (Premium) f1.keywords: - NOCSH search.appverid: - MOE150 - MET150 -description: "Choose how you view content in Advanced eDiscovery, such as text, annotate, converted, or native view." +description: "Choose how you view content in eDiscovery (Premium), such as text, annotate, converted, or native view." -# View documents in a review set in Advanced eDiscovery +# View documents in a review set in eDiscovery (Premium) -Advanced eDiscovery displays content via several viewers each with different purposes. The various viewers can be used by clicking on any document within a review set. The viewers currently provided are: +eDiscovery (Premium) displays content via several viewers each with different purposes. The various viewers can be used by clicking on any document within a review set. The viewers currently provided are: - File metadata - Native view
compliance	View Keyword Statistics For Content Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-keyword-statistics-for-content-search.md	ms.localizationpriority: medium search.appverid: - MOE150 - MET150 -description: "Learn how to use the search statistics feature to display statistics for Content searches and searches associated with a Core eDiscovery case in the Microsoft 365 compliance center." +description: "Learn how to use the search statistics feature to display statistics for Content searches and searches associated with a eDiscovery (Standard) case in the Microsoft Purview compliance portal." # View statistics for eDiscovery search results -After you create and run a Content search or a search associated with a Core eDiscovery case, you can view statistics about the estimated search results. This includes a summary of the search results (similar to the summary of the estimated search results displayed on the search flyout page), the query statistics such as the number of content locations with items that match the search query, and the identity of content locations that have the most matching items. +After you create and run a Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case, you can view statistics about the estimated search results. This includes a summary of the search results (similar to the summary of the estimated search results displayed on the search flyout page), the query statistics such as the number of content locations with items that match the search query, and the identity of content locations that have the most matching items. Additionally, you can use the keywords list to configure a search to return statistics for each keyword in a search query. This lets you compare the number of results returned by each keyword in a query. You can also download search statistics to a CSV file. This lets you use the fil ## Get statistics for searches -To display statistics for a Content search or a search associated with a Core eDiscovery case.: +To display statistics for a Content search or a search associated with a eDiscovery (Standard) case.: -1. In the Microsoft 365 compliance center, click Show all, and then do one of the following: +1. In the Microsoft Purview compliance portal, click Show all, and then do one of the following: - Click Content search and then select a search to display the flyout page. As previous explained, the Condition report section shows the search query a To create a keyword list and view keyword statistics for a search: -1. In the Microsoft 365 compliance center, create a new Content search or a search associated with a Core eDiscovery case. +1. In the compliance portal, create a new Content search or a search associated with a eDiscovery (Standard) case. 2. On the Conditions page of the search wizard. select the Show keyword list checkbox.
compliance	View The Dlp Reports	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-the-dlp-reports.md	description: Use the DLP reports in Office 365 to view the number of DLP policy # View the reports for data loss prevention -After you create your data loss prevention (DLP) policies, you'll want to verify that they're working as you intended and helping you to stay compliant. With the DLP reports in the Security & Compliance Center, you can quickly view: + +After you create your Microsoft Purview data loss prevention (DLP) policies, you'll want to verify that they're working as you intended and helping you to stay compliant. With the DLP reports in the Security & Compliance Center, you can quickly view: - DLP policy matches This report shows the count of DLP policy matches over time. You can filter the report by date, location, policy, or action. You can use this report to:
compliance	What Is Stored In Exo Mailbox	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-is-stored-in-exo-mailbox.md	description: "Content produced by cloud-based apps in Microsoft 365 is stored or # Content stored in Exchange Online mailboxes for eDiscovery -A mailbox in Exchange Online is primarily used to store email-related items such as messages, calendar items, tasks, and notes. But that's changing as more cloud-based apps also store their data in a user's mailbox. One advantage of storing data in a mailbox is that you can use the search tools in content search, Core eDiscovery, and Advanced eDiscovery to find, view, and export the data from these cloud-based apps. The data from some of these apps is stored in hidden folders located in a non-interpersonal message (non-IPM) subtree in the mailbox. Data from other cloud-based apps might not be stored _in_ the mailbox, but it's _associated with_ the mailbox, and is returned in searches (if that data matches the search query). Regardless of whether cloud-based data is stored in or associated with a user mailbox, the data is typically not visible in an email client when a user opens their mailbox. +A mailbox in Exchange Online is primarily used to store email-related items such as messages, calendar items, tasks, and notes. But that's changing as more cloud-based apps also store their data in a user's mailbox. One advantage of storing data in a mailbox is that you can use the search tools in content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) to find, view, and export the data from these cloud-based apps. The data from some of these apps is stored in hidden folders located in a non-interpersonal message (non-IPM) subtree in the mailbox. Data from other cloud-based apps might not be stored _in_ the mailbox, but it's _associated with_ the mailbox, and is returned in searches (if that data matches the search query). Regardless of whether cloud-based data is stored in or associated with a user mailbox, the data is typically not visible in an email client when a user opens their mailbox. The following table lists the apps that either stores or associates data with a cloud-based mailbox. The table also describes the type of content that each app produces. The following table lists the apps that either stores or associates data with a \| > [!NOTE] -> <sup></sup> At this time, if a hold is placed on a mailbox (by using holds in Core eDiscovery or Advanced eDiscovery cases), content from this app will not be preserved by the hold. +> <sup></sup> At this time, if a hold is placed on a mailbox (by using holds in eDiscovery (Standard) or eDiscovery (Premium) cases), content from this app will not be preserved by the hold.
compliance	What The Dlp Policy Templates Include	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-the-dlp-policy-templates-include.md	Title: "What the DLP policy templates include" + Title: "What DLP policy templates include" f1.keywords: - NOCSH description: Learn what the data loss prevention (DLP) policy templates in the O # What the DLP policy templates include -Data loss prevention (DLP) in the Security & Compliance Center includes ready-to-use policy templates that address common compliance requirements, such as helping you to protect sensitive information subject to the U.S. Health Insurance Act (HIPAA), U.S. Gramm-Leach-Bliley Act (GLBA), or U.S. Patriot Act. This topic lists all of the policy templates, what types of sensitive information they look for, and what the default conditions and actions are. This topic does not include every detail of how each policy template is configured; instead, the topic presents with you enough information to help you decide which template is the best starting point for your scenario. Remember, you can customize these policy templates to meet your specific requirements. + +Microsoft Purview Data loss prevention (DLP) in the Security & Compliance Center includes ready-to-use policy templates that address common compliance requirements, such as helping you to protect sensitive information subject to the U.S. Health Insurance Act (HIPAA), U.S. Gramm-Leach-Bliley Act (GLBA), or U.S. Patriot Act. This topic lists all of the policy templates, what types of sensitive information they look for, and what the default conditions and actions are. This topic does not include every detail of how each policy template is configured; instead, the topic presents with you enough information to help you decide which template is the best starting point for your scenario. Remember, you can customize these policy templates to meet your specific requirements. ## Australia Financial Data
compliance	Whats New	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md	Title: What's new in Microsoft 365 compliance + Title: What's new in Microsoft Purview f1.keywords: - NOCSH description: Whether it be adding new solutions to the compliance center, updati -# What's new in Microsoft 365 compliance +# What's new in Microsoft Purview -Whether it be adding new solutions to the [Microsoft 365 compliance center](microsoft-365-compliance-center.md), updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. Take a look below to see whatΓÇÖs new in Microsoft 365 compliance today. + +Whether it be adding new solutions to the [Microsoft Purview compliance portal](microsoft-365-compliance-center.md), updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. Take a look below to see whatΓÇÖs new in Microsoft Purview today. > [!NOTE] > Some compliance features get rolled out at different speeds to our customers. If you aren't seeing a feature yet, try adding yourself to [targeted release](/office365/admin/manage/release-options-in-office-365). Whether it be adding new solutions to the [Microsoft 365 compliance center](micr > > And visit the [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap) to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released. +## April 2022 + +### Changes to product names + +To meet the challenges of today's decentralized, data-rich workplace, we're introducing [Microsoft Purview](https://aka.ms/microsoftpurview), a comprehensive set of solutions which helps you understand, govern, and protect your entire data estate. This new brand family combines the capabilities of the former Microsoft Purview Data Map and the Microsoft 365 compliance portfolio that customers already rely on, providing unified data governance and risk management for your organization. + +\| Former Name \| New Name \| Description \| +\|:-\|:-\|:-\| +\| Microsoft 365 Advanced Audit <br><br> Microsoft 365 Basic Audit \| Microsoft Purview Audit (Premium) <br><br> Microsoft Purview Audit (Standard)\| Auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. To learn more, see [Microsoft Purview Advanced Audit (Premium)](advanced-audit.md) and [Microsoft Purview Advanced Audit (Standard)](set-up-basic-audit.md). \| +\| Microsoft 365 Communication Compliance \| Microsoft Purview Communication Compliance \| Communication Compliance helps minimize risks by helping you quickly detect, capture, and take remediation actions for company communication channels and policy violations. To learn more, see [Microsoft Purview Communication Compliance](communication-compliance-solution-overview.md). \| +\| Microsoft Compliance Manager \| Microsoft Purview Compliance Manager \| Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. To learn more, see [Microsoft Purview Compliance Manager](compliance-manager.md). \| +\| Microsoft 365 Customer Key \| Microsoft Purview Customer Key \| Customer Key provides extra protection against viewing of data by unauthorized systems or personnel, and complements BitLocker disk encryption in Microsoft data centers. To learn more, see [Microsoft Purview Customer Key](customer-key-overview.md). \| +\| Office 365 Customer Lockbox \| Microsoft Purview Customer Lockbox \| Customer Lockbox ensures that Microsoft can't access your content to do service operations without your explicit approval. Customer Lockbox brings you into the approval workflow process that Microsoft uses to ensure only authorized requests allow access to your content. To learn more, see [Microsoft Purview Customer Lockbox](customer-lockbox-requests.md). \| +\| Data Loss Prevention \| Microsoft Purview Data Loss Prevention \| DLP helps protect sensitive data and reduce risk by preventing users from inappropriately sharing that data with people who shouldn't have it. To learn more, see [Microsoft Purview Data Loss Prevention](dlp-learn-about-dlp.md). \| +\| Double Key Encryption for Microsoft 365 \| Microsoft Purview Double Key Encryption \| Double Key Encryption (DKE) uses two keys together to access protected content. Microsoft stores one key in Microsoft Azure, and you hold the other key. To learn more, see [Microsoft Purview Double Key Encryption](double-key-encryption.md) \| +\| Microsoft 365 Information Barriers \| Microsoft Purview Information Barriers \| Information Barriers is a solution which restricts communication and collaboration between certain people inside your organization to safeguard internal information. To learn more, see [Microsoft Purview Information Barriers](information-barriers-solution-overview.md). \| +\| Microsoft Information Protection \| Microsoft Purview Information Protection \| Information protection helps you discover, classify, and protect sensitive information wherever it lives or travels. To learn more, see [Microsoft Purview Information Protection](information-protection.md). \| +\| Microsoft Information Governance \| Microsoft Purview Data Lifecycle Management \| Data lifecycle management provides you with tools and capabilities to retain the content that you need to keep and delete the content that you don't. To learn more, see [Microsoft Purview Data Lifecycle Management](data-lifecycle-management.md). \| +\| Microsoft 365 Insider Risk Management \| Microsoft Purview Insider Risk Management \| Insider risk management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. To learn more, see [Microsoft Purview Insider Risk Management](insider-risk-management.md). \| +\| Office 365 Message Encryption \| Microsoft Purview Message Encryption \| With Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. To learn more, see [Microsoft Purview Message Encryption](ome.md). \| +\| Privileged Access Management in Microsoft 365 \| Microsoft Purview Privileged Access Management \| Privileged Access Management helps protect your organization from breaches and helps to meet compliance best practices by limiting standing access to sensitive data or access to critical configuration settings. To learn more, see [Microsoft Purview Privileged Access Management](privileged-access-management-solution-overview.md). \| +\| Microsoft data connectors \| Microsoft Purview data connectors \| Microsoft 365 lets administrators use data connectors to import and archive non-Microsoft, third-party data from social media platforms, instant messaging platforms, and document collaboration platforms, to mailboxes in your Microsoft 365 organization. To learn more, see [Microsoft Purview data connectors](compliance-extensibility.md). \| +\| Microsoft 365 Advanced eDiscovery <br><br> Microsoft 365 Core eDiscovery \| Microsoft Purview eDiscovery (Premium) <br><br> Microsoft Purview eDiscovery (Standard) \| Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. To learn more, see [Microsoft Purview eDiscovery (Premium)](overview-ediscovery-20.md) and [Microsoft Purview eDiscovery (Standard)](get-started-core-ediscovery.md). \| +\| Microsoft 365 compliance center \| Microsoft Purview compliance portal \| Admin portal to access solutions and solution catalog within the Microsoft 365 E5 Compliance suite. To learn more, see [Microsoft Purview compliance portal](microsoft-365-compliance-center.md). \| + ## February 2022 ### eDiscovery -- [Manage custodian communications templates in Advanced eDiscovery](advanced-ediscovery-communications-library.md) - eDiscovery managers can now create custodian communications templates that can be used in any Advanced eDiscovery case in the organization.-- [Manage issuing officers in Advanced eDiscovery](advanced-ediscovery-issuing-officers.md) - eDiscovery managers can add a list of issuing officers that can be assigned to custodian communications in any Advanced eDiscovery case in the organization. +- [Manage custodian communications templates in eDiscovery (Premium)](advanced-ediscovery-communications-library.md) - eDiscovery managers can now create custodian communications templates that can be used in any eDiscovery (Premium) case in the organization. +- [Manage issuing officers in eDiscovery (Premium)](advanced-ediscovery-issuing-officers.md) - eDiscovery managers can add a list of issuing officers that can be assigned to custodian communications in any eDiscovery (Premium) case in the organization. -### Information governance and records management +### Data lifecycle management and records management - [Adaptive scopes](retention.md#adaptive-or-static-policy-scopes-for-retention) for retention policies and retention label policies are now generally available (GA). The instructions for [configuring an adaptive scope](retention-settings.md#to-configure-an-adaptive-scope) now include more information for SharePoint site scopes: Blog post reference for using custom site properties and how to use the site property SiteTemplate to include or exclude specific site types with the advanced query builder.-- [Policy lookup](retention.md#policy-lookup) in the Information Governance solution is now generally available (GA. +- [Policy lookup](retention.md#policy-lookup) in the data lifecycle management solution is now generally available (GA. - PowerShell alternative to the records management setting that allows users to delete labeled items in SharePoint and OneDrive by using AllowFilesWithKeepLabelToBeDeletedSPO and AllowFilesWithKeepLabelToBeDeletedODB from [Get-PnPTenant](/powershell/module/sharepoint-pnp/get-pnptenant) and [Set-PnPTenant]( /powershell/module/sharepoint-pnp/set-pnptenant). ### Sensitivity labels -- New guidance [Why choose MIP built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md) if you are using the Azure Information Protection (AIP) unified labeling client for Windows computers. This page includes information about the new private preview for Office apps. +- New guidance [Why choose built-in labeling over the AIP add-in for Office apps](sensitivity-labels-aip.md) if you are using the Azure Information Protection (AIP) unified labeling client for Windows computers. This page includes information about the new private preview for Office apps. - New settings for [auto-labeling policies](apply-sensitivity-label-automatically.md#how-to-configure-auto-labeling-policies-for-sharepoint-onedrive-and-exchange): - Additional settings for email to support always applying a matched sensitivity label, and to apply encryption to email received from outside the organization. - Exclusions for specific instances (users, groups, sites) are supported by using the new Excluded option when the default selection of All is specified for Included. Whether it be adding new solutions to the [Microsoft 365 compliance center](micr ## January 2022 -### Microsoft Information Governance +### Microsoft Purview Data Lifecycle Management -- The [Microsoft Information Governance in Microsoft 365](manage-information-governance.md) page and section of the documentation is substantially revised and restructured to help you more easily find information that relates to the solutions you configure in the Microsoft 365 compliance center: Data Connectors, Information Governance, and Records Management. As part of this revision, the documentation provides a clearer distinction for the retention scenarios for information governance vs. records management.-- [Learn about information governance](information-governance.md) - new, to support the restructure.-- [Get started with information governance](get-started-with-information-governance.md) - new, to replace "Get started with retention", this article includes getting started steps for all information governance capabilities, which include retention.-- [Create retention labels for exceptions to your retention policies](create-retention-labels-information-governance.md) - new, identified scenario for using retention labels for information governance rather than records management.-- [Learn about archive mailboxes](archive-mailboxes.md) - new, to support the restructure, contains conceptual information that was previously in Enable archive mailboxes. +- The documentation for what was formerly Microsoft Information Governance has been substantially revised and restructured to help you more easily find information that relates to the solutions you configure in the Microsoft Purview compliance portal: Data Connectors, Data Lifecycle Management, and Records Management. As part of this revision, the documentation provides a clearer distinction for the retention scenarios for data lifecycle management vs. records management. +- [Learn about data lifecycle management](data-lifecycle-management.md) - new, to support the restructure. +- [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md) - new, to replace "Get started with retention", this article includes getting started steps for all data lifecycle management capabilities, which include retention. +- [Create retention labels for exceptions to your retention policies](create-retention-labels-data-lifecycle-management.md) - new, identified scenario for using retention labels for data lifecycle management rather than records management. +- [Learn about archive mailboxes](archive-mailboxes.md) - new, to support the restructure, contains conceptual information that was previously in the "Enable archive mailboxes" article. ### Microsoft Priva Whether it be adding new solutions to the [Microsoft 365 compliance center](micr ### Sensitivity labels -- Support for the new [MIP role groups and roles](get-started-with-sensitivity-labels.md#permissions-required-to-create-and-manage-sensitivity-labels), now in preview. +- Support for new [role groups and roles](get-started-with-sensitivity-labels.md#permissions-required-to-create-and-manage-sensitivity-labels), now in preview. - New [monitoring capabilities](apply-sensitivity-label-automatically.md#monitoring-your-auto-labeling-policy) for auto-labeling policies. - Now rolling out: default label for existing documents in Current Channel (Preview), and justification text for Office on the web. - Announced for the July Semi-Annual Enterprise Channel with version 2202+: Co-authoring and auditing for Outlook. Whether it be adding new solutions to the [Microsoft 365 compliance center](micr ### eDiscovery -- [Advanced eDiscovery workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md#reference-guide) - updated with a new downloadable quick reference guide for managing Teams content in Advanced eDiscovery +- [eDiscovery (Premium) workflow for content in Microsoft Teams](teams-workflow-in-advanced-ediscovery.md#reference-guide) - updated with a new downloadable quick reference guide for managing Teams content in eDiscovery (Premium) -### Information governance +### Data lifecycle management - [Enable archive mailboxes in the compliance center](enable-archive-mailboxes.md#run-diagnostics-on-archive-mailboxes) - added section about new diagnostics tool for archive mailboxes - [Use network upload to import your organization's PST files to Microsoft 365](use-network-upload-to-import-pst-files.md#step-2-upload-your-pst-files-to-microsoft-365) - PST import now supports AzCopy v10 Whether it be adding new solutions to the [Microsoft 365 compliance center](micr ### Information protection -- [Deploy a MIP solution](information-protection-solution.md) - New step-by-step guidance for customers looking for a prescriptive roadmap to deploy Microsoft Information Protection (MIP) +- [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md) - New step-by-step guidance for customers looking for a prescriptive roadmap to deploy Microsoft Purview Information Protection ### Retention and records management Whether it be adding new solutions to the [Microsoft 365 compliance center](micr ### Compliance Manager -New content updates can be viewed in [What's new in Microsoft Compliance Manager](compliance-manager-whats-new.md). +New content updates can be viewed in [What's new in Microsoft Purview Compliance Manager](compliance-manager-whats-new.md). ### Device Onboarding The following articles were added for device onboarding: - [Onboard macOS devices into Microsoft 365 overview (preview)](device-onboarding-macos-overview.md)-- [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md) +- [Onboard and offboard macOS devices into Microsoft Purview solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md) - [Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md)-- [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md) +- [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md) - [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md) ### eDiscovery -- [Use the new case format in Advanced eDiscovery](advanced-ediscovery-new-case-format.md) new case format was released to general availability and renamed from "large case format" +- [Use the new case format in eDiscovery (Premium)](advanced-ediscovery-new-case-format.md) new case format was released to general availability and renamed from "large case format" ### Retention and records management - Rolling out: New record management settings that control whether labeled items in SharePoint and OneDrive can be deleted by users. Previously, retention labels configured to retain content and that didn't mark items as records prevented users from deleting labeled content in SharePoint when this action was allowed in OneDrive. For more information, see [How retention works for SharePoint and OneDrive](retention-policies-sharepoint.md#how-retention-works-for-sharepoint-and-onedrive). Added the following new articles: - [Refresh your sensitive information source table file](sit-use-exact-data-refresh-data.md) ### Sensitivity labels-- The scope name for [Azure Purview labels](/azure/purview/create-sensitivity-label) is now "Schematized data assets". +- The scope name for [Microsoft Purview Data Map labels](/azure/purview/create-sensitivity-label) is now "Schematized data assets". ## October 2021 Datacenter asset management ### Data Loss Prevention -- [Learn about Data Loss Prevention](endpoint-dlp-learn-about.md) was updated for macOS support and advanced classification; updated for creating a custom DLP policy to audit activity for all supported file types. +- [Learn about Microsoft Purview Data Loss Prevention](endpoint-dlp-learn-about.md) was updated for macOS support and advanced classification; updated for creating a custom DLP policy to audit activity for all supported file types. - [Get started with Microsoft 365 Endpoint data loss prevention](endpoint-dlp-getting-started.md) was updated for macOS support and advanced classification. - [Using Endpoint data loss prevention](endpoint-dlp-using.md) was updated for macOS support and advanced classification. - [Data Loss Prevention policy tips reference](dlp-policy-tips-reference.md) was updated for macOS support and advanced classification. - [Onboard macOS devices into Microsoft 365 (preview)](device-onboarding-macos-overview.md) was updated for macOS support and advanced classification. - Added the following new pages for onboarding devices: - - [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md) + - [Onboard and offboard macOS devices into Microsoft Purview solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md) - [Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md) - - [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md) + - [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md) - [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md) ### eDiscovery -- [Collect cloud attachments in Advanced eDiscovery](advanced-ediscovery-cloud-attachments.md) in addition to collecting the latest version of a cloud attachment, you can collect the version that was shared in an email message or Teams chat conversation; collecting the shared version is made possible by the new capability of automatically applying a retention label to cloud attachments.-- [Set up historical versions in Advanced eDiscovery](advanced-ediscovery-historical-versions.md) new functionality that indexes all versions of documents stored on a SharePoint site for search; this means that document versions that contain content that match a collection query are returned in the search results. +- [Collect cloud attachments in eDiscovery (Premium)](advanced-ediscovery-cloud-attachments.md) in addition to collecting the latest version of a cloud attachment, you can collect the version that was shared in an email message or Teams chat conversation; collecting the shared version is made possible by the new capability of automatically applying a retention label to cloud attachments. +- [Set up historical versions in eDiscovery (Premium)](advanced-ediscovery-historical-versions.md) new functionality that indexes all versions of documents stored on a SharePoint site for search; this means that document versions that contain content that match a collection query are returned in the search results. ### Encryption - [Use end-to-end encryption for one-to-one Microsoft Teams calls (Public preview)](/microsoftteams/teams-end-to-end-encryption) New content for the public preview. -### Information governance +### Data lifecycle management - [Set up a connector to import Epic EHR audit data](import-epic-data.md) new connector lets you import data from Epic electronic healthcare records system to support new general patient data misuse scenario for insider risk management. - [Set up a connector to import healthcare EHR audit data](import-healthcare-data.md) new connector lets you import data from an electronic healthcare records system to support new general patient data misuse scenario for insider risk management. Datacenter asset management ### eDiscovery -- [Use the KQL editor to build search queries](ediscovery-kql-editor.md) public preview of a new way to create search queries in Content search, Core eDiscovery, and Advanced eDiscovery; the KQL editor provides autocompletion for supported searchable properties and conditions and displays lists of supported values for standard properties and conditions; the KQL editor also provides error detection and suggestions for fixes of potential errors in search queries +- [Use the KQL editor to build search queries](ediscovery-kql-editor.md) public preview of a new way to create search queries in Content search, eDiscovery (Standard), and eDiscovery (Premium); the KQL editor provides autocompletion for supported searchable properties and conditions and displays lists of supported values for standard properties and conditions; the KQL editor also provides error detection and suggestions for fixes of potential errors in search queries ### Information barriers
compliance	Work With Partner To Archive Third Party Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/work-with-partner-to-archive-third-party-data.md	description: Learn how to set up a custom connector to import third-party data f # Work with a partner to archive third-party data -You can work with a Microsoft Partner to import and archive data from a third-party data source to Microsoft 365. A partner can provide you with a custom connector that is configured to extract items from the third-party data source (on a regular basis) and then import those items. The partner connector converts the content of an item from the data source to an email message format and then stores the items in mailboxes. After third-party data is imported, you can apply Microsoft 365 compliance features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, and Microsoft 365 retention policies to this data. +You can work with a Microsoft Partner to import and archive data from a third-party data source to Microsoft 365. A partner can provide you with a custom connector that is configured to extract items from the third-party data source (on a regular basis) and then import those items. The partner connector converts the content of an item from the data source to an email message format and then stores the items in mailboxes. After third-party data is imported, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, and Microsoft 365 retention policies to this data. > [!IMPORTANT] > The [Communication compliance](communication-compliance.md) solution in Microsoft 365 can't be applied to the third-party data imported by partner connectors mentioned in this article.
contentunderstanding	Adoption Getstarted	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/adoption-getstarted.md	Think of the intelligent content services available in SharePoint Syntex as havi - Content understanding: Create no-code AI models to classify and extract information from content to automatically apply metadata for knowledge discovery and reuse. Learn more about [content understanding](document-understanding-overview.md). - Content processing: Automate capture, ingestion, and categorization of content and streamline content-centric processes using Power Automate. Learn more about [content processing](form-processing-overview.md).-- Content compliance: Control and manage content to improve security and governance with integration to Microsoft Information Protection. +- Content compliance: Control and manage content to improve security and governance with integration to Microsoft Purview Information Protection. With new AI services and capabilities, you can build content understanding and classification apps directly into the content management flow using SharePoint Syntex. There are two different ways of understanding your content. The model type you use is based on file format and use case.
contentunderstanding	Apply A Retention Label To A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/apply-a-retention-label-to-a-model.md	Retention labels let you apply retention settings to the documents that your mod You can apply a pre-existing retention label to your model through your model settings on your model's home page. > [!Important] -> For retention labels to be available to apply to your document understanding models, they need to be [created](../compliance/file-plan-manager.md#create-retention-labels) and [published](../compliance/create-apply-retention-labels.md#how-to-publish-retention-labels) in the Microsoft 365 compliance center. +> For retention labels to be available to apply to your document understanding models, they need to be [created](../compliance/file-plan-manager.md#create-retention-labels) and [published](../compliance/create-apply-retention-labels.md#how-to-publish-retention-labels) in the Microsoft Purview compliance portal. ## To add a retention label to a document understanding model For example, all Insurance notice documents that your model identifies will al ## To add a retention label to a form processing model > [!Important] -> For retention labels to be available to apply to your form processing model, they need to be [created](../compliance/file-plan-manager.md#create-retention-labels) and [published](../compliance/create-apply-retention-labels.md#how-to-publish-retention-labels) in the Microsoft 365 compliance center. +> For retention labels to be available to apply to your form processing model, they need to be [created](../compliance/file-plan-manager.md#create-retention-labels) and [published](../compliance/create-apply-retention-labels.md#how-to-publish-retention-labels) in the Microsoft Purview compliance portal. You can either apply a retention label to a form processing model when you are creating a model, or apply it to an existing model.
contentunderstanding	Apply A Sensitivity Label To A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/apply-a-sensitivity-label-to-a-model.md	Sensitivity labels let you apply encryption to the documents that your models id You can apply a pre-existing sensitivity label to your model through your model settings on your model's home page. The label must already be published to be available for selection from model settings. Labels apply to Office files for Word (.docx), PowerPoint (.pptx), and Excel (.xlsx). > [!Important] -> For sensitivity labels to be available to apply to your document understanding models, they need to be created and published in the [Microsoft 365 Compliance Center](../compliance/microsoft-365-compliance-center.md). +> For sensitivity labels to be available to apply to your document understanding models, they need to be [created and published in the Microsoft Purview compliance portal](../admin/security-and-compliance/set-up-compliance.md). ## Add a sensitivity label to a document understanding model For example, all financial documents that your model identifies also will have t ## Add a sensitivity label to a form processing model > [!Important] -> For sensitivity labels to be available to apply to your form processing model, they need to be [created and published in the Microsoft 365 Compliance Center](../business-premium/m365bp-set-up-compliance.md). +> For sensitivity labels to be available to apply to your form processing model, they need to be [created and published in the Microsoft Purview compliance portal](../admin/security-and-compliance/set-up-compliance.md). You can either apply a sensitivity label to a form processing model when you are creating a model, or apply it to an existing model.
contentunderstanding	Difference Between Document Understanding And Form Processing Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model.md	Use the following table to understand when to use forms processing and when to u \| Classification type\| Settable classifier is used to give clues to the system on what data to extract.\| Trainable classifier with optional extractors using machine teaching to assign document location on what data to extract.\| \| Locations \| Trained for a single document library.\| Can be applied to multiple libraries.\| \| Supported file types\| Train on PDF, JPG, PNG format, total 50 MB and 500 pages.\| Train on 5-10 PDF, Office, or email files, including negative examples.<br>Office files are truncated at 64k characters. OCR-scanned files are limited to 20 pages.\| -\| Integrate with managed metadata \| No \| Yes, by training entity extractor referencing a configured managed metadata field.\| -\| Compliance feature integration when Microsoft Information Protection is enabled \| Set published Retention labels.<br>Set Sensitivity labels is coming. \| Set published Retention labels.<br>Set published Sensitivity labels. \| +\| Integrate with Managed Metadata \| No \| Yes, by training entity extractor referencing a configured managed metadata field.\| +\| Compliance feature integration with Microsoft Purview Information Protection \| Set published retention labels.<br>Set sensitivity labels is coming. \| Set published retention labels.<br>Set published sensitivity labels. \| \| Supported regions\| Form processing relies on Power Platform. For information about global availability for Power Platform and AI Builder, see [Power Platform availability](https://dynamics.microsoft.com/geographic-availability/). \| Available in all regions.\| \| Transactional cost \| Uses AI Builder credits.<br>Credits can be purchased in batches of 1M.<br>1M credits are included when 300+ SharePoint Syntex licenses are purchased.<br>1M credits will allow processing of 2,000 file pages.<br>\| N/A \| \| Capacity \| Uses the default Power Platform environment (custom environments with Dataverse database supported). \| Does not have capacity restrictions.\|
contentunderstanding	Set Up Content Understanding	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/set-up-content-understanding.md	Prior to setup, make sure to plan for the best way to set up and configure conte As an admin, you can also make changes to your selected settings anytime after setup, and throughout the content understanding management settings in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a>. -If you plan to use a custom Power Platform environment, you must [install the AI Builder for Project Cortex app in this environment](/power-platform/admin/manage-apps#install-an-app-in-the-environment-view) and [allocate AI Builder credits](/power-platform/admin/capacity-add-on) to it before you can create form processing models. +If you plan to use a custom Power Platform environment, you must [install the AI Builder for Project Cortex app in this environment](/power-platform/admin/manage-apps#install-an-app-in-the-environment-view) and [allocate AI Builder credits](/power-platform/admin/capacity-add-on) to it before you can create form processing models. When using a custom environment, model creators must be assigned the Environment Maker security role and model users must be assigned the Basic User security role. See [Assign a security role to a user](/power-platform/admin/assign-security-roles) for more information. + +Users creating models in a [content center site](/microsoft-365/contentunderstanding/create-a-content-center) must be site members. Users creating models locally outside the content center must be site owners of those sites. ### Licensing For details about SharePoint Syntex licensing, see [SharePoint Syntex licensing] Click Next. -5. On the Create Content Center page, you can create a SharePoint content center site on which your users can create and manage document understanding models. If you previously created a content center from the SharePoint admin center, that information will display here and you can just select Next. +5. On the Create Content Center page, you can create a SharePoint content center site where your users can create and manage document understanding models. If you previously created a content center from the SharePoint admin center, that information will display here and you can just select Next. 1. For Site name, type the name you want to give your content center site.
enterprise	Administering A Multi Geo Environment	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/administering-a-multi-geo-environment.md	BCS, Secure Store, and Apps all have separate instances in each satellite locati ## Compliance admin center -There is one central compliance center for a multi-geo tenant: [Microsoft 365 Compliance admin center](https://compliance.microsoft.com/). +There is one central compliance center for a multi-geo tenant: [Microsoft Purview admin center](https://compliance.microsoft.com/). ## eDiscovery You can set your IP DLP policies for OneDrive for Business, SharePoint, and Exch The DLP policies are automatically synchronized based on their applicability to each geo location. -Implementing Information Protection and Data Loss prevention policies to all users in a geo location is not an option available in the UI, instead you must select the applicable accounts for the policy or apply the policy globally to all accounts. +Implementing Information Protection and Microsoft Purview Data Loss Prevention policies to all users in a geo location is not an option available in the UI, instead you must select the applicable accounts for the policy or apply the policy globally to all accounts. ## Microsoft Power Apps
enterprise	Assign Licenses To User Accounts With Microsoft 365 Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell.md	$addLicenses = @( Set-MgUserLicense -UserId "belinda@litwareinc.com" -AddLicenses $addLicenses -RemoveLicenses @() ``` -This example assigns SPE_E5 (Microsoft 365 E5) with the MICROSOFTBOOKINGS (Microsoft Bookings) and LOCKBOX_ENTERPRISE (Customer LockBox) services turned off: +This example assigns SPE_E5 (Microsoft 365 E5) with the MICROSOFTBOOKINGS (Microsoft Bookings) and LOCKBOX_ENTERPRISE (Customer Lockbox) services turned off: ```powershell $e5Sku = Get-MgSubscribedSku -All \| Where SkuPartNumber -eq 'SPE_E5'
enterprise	Content Delivery Networks	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/content-delivery-networks.md	Although not a part of the Office 365 CDN, you can use these CDNs in your Office ### Azure CDN >[!NOTE] ->Beginning in Q3 2020, SharePoint Online will begin caching videos on the Azure CDN to support improved video playback and reliability. Popular videos will be streamed from the CDN endpoint closest to the user. This data will remain within the Microsoft 365 compliance boundary. This is a free service for all tenants and it does not require any customer action to configure. +>Beginning in Q3 2020, SharePoint Online will begin caching videos on the Azure CDN to support improved video playback and reliability. Popular videos will be streamed from the CDN endpoint closest to the user. This data will remain within the Microsoft Purview boundary. This is a free service for all tenants and it does not require any customer action to configure. You can use the Azure CDN to deploy your own CDN instance for hosting custom web parts, libraries and other resource assets, which allows you to apply access keys to your CDN storage and exert greater control over your CDN configuration. Use of the Azure CDN is not free, and requires an Azure subscription.
enterprise	Contoso Info Protect	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/contoso-info-protect.md	Contoso performed an analysis of their data and determined the following classif \| Level 1: Baseline \| Level 2: Sensitive \| Level 3: Highly regulated \| \|:-\|:--\|:--\| -\| Data is encrypted and available only to authenticated users.<BR> <BR> Provided for all data stored on-premises and in cloud-based storage and workloads. Data is encrypted while it resides in the service and in transit between the service and client devices. <BR><BR>Examples of Level 1 data are normal business communications (email) and files for administrative, sales, and support workers. \| Level 1 plus strong authentication and data loss protection.<BR> <BR> Strong authentication includes Azure AD Multi-Factor Authentication (MFA) with SMS validation. Data loss prevention ensures that sensitive or critical information doesn't travel outside the Microsoft cloud.<BR><BR>Examples of Level 2 data are financial and legal information and research and development data for new products. \| Level 2 plus the highest levels of encryption, authentication, and auditing.<BR><BR>The highest levels of encryption for data at rest and in the cloud, compliant with regional regulations, combined with MFA with smart cards and granular auditing and alerting.<BR> <BR>Examples of Level 3 data are customer and partner personal information, product engineering specifications, and proprietary manufacturing techniques. \| +\| Data is encrypted and available only to authenticated users.<BR> <BR> Provided for all data stored on-premises and in cloud-based storage and workloads. Data is encrypted while it resides in the service and in transit between the service and client devices. <BR><BR>Examples of Level 1 data are normal business communications (email) and files for administrative, sales, and support workers. \| Level 1 plus strong authentication and data loss protection.<BR> <BR> Strong authentication includes Azure AD Multi-Factor Authentication (MFA) with SMS validation. Microsoft Purview Data Loss Prevention ensures that sensitive or critical information doesn't travel outside the Microsoft cloud.<BR><BR>Examples of Level 2 data are financial and legal information and research and development data for new products. \| Level 2 plus the highest levels of encryption, authentication, and auditing.<BR><BR>The highest levels of encryption for data at rest and in the cloud, compliant with regional regulations, combined with MFA with smart cards and granular auditing and alerting.<BR> <BR>Examples of Level 3 data are customer and partner personal information, product engineering specifications, and proprietary manufacturing techniques. \| \|\|\|\| ## Contoso information policies
enterprise	Contoso Security Summary	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/contoso-security-summary.md	To follow security best practices and Microsoft 365 for enterprise deployment re - Prevent intranet data leaks with Data Loss Prevention - Contoso configured [Data Loss Prevention](../compliance/dlp-learn-about-dlp.md) policies for Exchange Online, SharePoint, and OneDrive for Business to prevent users from accidentally or intentionally sharing sensitive data. + Contoso configured [Microsoft Purview Data Loss Prevention](../compliance/dlp-learn-about-dlp.md) policies for Exchange Online, SharePoint, and OneDrive for Business to prevent users from accidentally or intentionally sharing sensitive data. - Prevent device data leaks Windows Information Protection
enterprise	Cross Tenant Mailbox Migration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cross-tenant-mailbox-migration.md	No, after a cross tenant mailbox migration, eDiscovery against the migrated user \| Name \| \| \| - \| Advanced eDiscovery Storage (500 GB) \| + \| eDiscovery (Premium) Storage (500 GB) \| \| Customer Lockbox \| \| Data Loss Prevention \| \| Exchange Enterprise CAL Services (EOP, DLP) \| No, after a cross tenant mailbox migration, eDiscovery against the migrated user \| Microsoft Bookings \| \| Microsoft Business Center \| \| Microsoft MyAnalytics (Full) \| - \| Office 365 Advanced eDiscovery \| + \| Office 365 eDiscovery (Premium) \| \| Microsoft Defender for Office 365 (Plan 1) \| \| Microsoft Defender for Office 365 (Plan 2) \| \| Office 365 Privileged Access Management \|
enterprise	Disable Access To Services With Microsoft 365 Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/disable-access-to-services-with-microsoft-365-powershell.md	User Success efb87545-963c-4e0d-99df-69c6916d9eb0 EXCHANGE_S_ENT For a complete list of license plans (also known as product names), their included service plans, and their corresponding friendly names, see [Product names and service plan identifiers for licensing](/azure/active-directory/users-groups-roles/licensing-service-plan-reference). (Search using the ServicePlanId to lookup service plan's corresponding friendly name). -The following example assigns SPE_E5 (Microsoft 365 E5) with the MICROSOFTBOOKINGS (Microsoft Bookings) and LOCKBOX_ENTERPRISE (Customer LockBox) services turned off: +The following example assigns SPE_E5 (Microsoft 365 E5) with the MICROSOFTBOOKINGS (Microsoft Bookings) and LOCKBOX_ENTERPRISE (Customer Lockbox) services turned off: ```powershell $e5Sku = Get-MgSubscribedSku -All \| Where SkuPartNumber -eq 'SPE_E5'
enterprise	Microsoft 365 Endpoints	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-endpoints.md	description: For destination IP addresses and URLs for Microsoft 365 traffic, us Endpoints are the set of destination IP addresses, DNS domain names, and URLs for Microsoft 365 traffic on the Internet. -To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by your client browsers and the devices in your edge network. These devices include firewalls, SSL Break and Inspect and packet inspection devices, and data loss prevention systems. +To optimize performance to Microsoft 365 cloud-based services, these endpoints need special handling by your client browsers and the devices in your edge network. These devices include firewalls, SSL Break and Inspect and packet inspection devices, and data loss prevention systems. See [Managing Microsoft 365 endpoints](managing-office-365-endpoints.md) for the details.
enterprise	Microsoft 365 Mailbox Utilization Service Alerts	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-mailbox-utilization-service-alerts.md	If you don't take action to resolve the quota issues, you can expect to see this ## More information -- For information about troubleshooting and resolving archive mailbox issues, see [Microsoft 365 compliance troubleshooting](/office365/troubleshoot/microsoft-365-compliance-welcome). +- For information about troubleshooting and resolving archive mailbox issues, see [Microsoft Purview troubleshooting](/office365/troubleshoot/microsoft-365-compliance-welcome). - For guidance about identifying the holds placed on a mailbox, see [How to identify the type of hold placed on a mailbox](../compliance/identify-a-hold-on-an-exchange-online-mailbox.md).
enterprise	Microsoft 365 Network Connectivity Principles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-network-connectivity-principles.md	Microsoft 365 administrators can create PAC (Proxy Automatic Configuration) scri #### Microsoft 365 security features <a name="BKMK_WebSvc"> </a> -Microsoft is transparent about datacenter security, operational security, and risk reduction around Microsoft 365 servers and the network endpoints that they represent. Microsoft 365 built-in security features are available for reducing network security risk, such as Data Loss Prevention, Anti-Virus, Multi-Factor Authentication, Customer Lock Box, Defender for Office 365, Microsoft 365 Threat Intelligence, Microsoft 365 Secure Score, Exchange Online Protection, and Network DDOS Security. +Microsoft is transparent about datacenter security, operational security, and risk reduction around Microsoft 365 servers and the network endpoints that they represent. Microsoft 365 built-in security features are available for reducing network security risk, such as Microsoft Purview Data Loss Prevention, Anti-Virus, Multi-Factor Authentication, Customer Lock Box, Defender for Office 365, Microsoft 365 Threat Intelligence, Microsoft 365 Secure Score, Exchange Online Protection, and Network DDOS Security. For more information on Microsoft datacenter and Global Network security, see the [Microsoft Trust Center](https://www.microsoft.com/trustcenter/security). A holistic approach to enhanced security should include consideration of the fol - Ensures local egress for Microsoft 365 traffic - Improvements can be addressed incrementally as described in the [Incremental optimization](microsoft-365-network-connectivity-principles.md#BKMK_IncOpt) section. Some optimization techniques may offer better cost/benefit ratios depending on your network architecture, and you should choose optimizations that make the most sense for your organization. -For more information on Microsoft 365 security and compliance, see the articles [Microsoft 365 security](../security/index.yml) and [Microsoft 365 compliance](../compliance/index.yml). +For more information on Microsoft 365 security and compliance, see the articles [Microsoft 365 security](../security/index.yml) and [Microsoft Purview](../compliance/index.yml). ## Incremental optimization <a name="BKMK_IncOpt"> </a>
enterprise	Microsoft 365 U S Government Dod Endpoints	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-dod-endpoints.md	Data columns shown are: Notes for this table: -- The Security and Compliance Center (SCC) provides support for Azure ExpressRoute for Office 365. The same applies for many features exposed through the SCC such as Reporting, Auditing, Advanced eDiscovery, Unified DLP, and Data Governance. Two specific features, PST Import and eDiscovery Export, currently do not support Azure ExpressRoute with only Office 365 route filters due to their dependency on Azure Blob Storage. To consume those features, you need separate connectivity to Azure Blob Storage using any supportable Azure connectivity options, which include Internet connectivity or Azure ExpressRoute with Azure Public route filters. You have to evaluate establishing such connectivity for both of those features. The Office 365 Information Protection team is aware of this limitation and is actively working to bring support for Azure ExpressRoute for Office 365 as limited to Office 365 route filters for both of those features. +- The Security and Compliance Center (SCC) provides support for Azure ExpressRoute for Office 365. The same applies for many features exposed through the SCC such as Reporting, Auditing, eDiscovery (Premium), Unified DLP, and Data Governance. Two specific features, PST Import and eDiscovery Export, currently do not support Azure ExpressRoute with only Office 365 route filters due to their dependency on Azure Blob Storage. To consume those features, you need separate connectivity to Azure Blob Storage using any supportable Azure connectivity options, which include Internet connectivity or Azure ExpressRoute with Azure Public route filters. You have to evaluate establishing such connectivity for both of those features. The Office 365 Information Protection team is aware of this limitation and is actively working to bring support for Azure ExpressRoute for Office 365 as limited to Office 365 route filters for both of those features. - There are additional optional endpoints for Microsoft 365 Apps for enterprise that are not listed and are not required for users to launch Microsoft 365 Apps for enterprise applications and edit documents. Optional endpoints are hosted in Microsoft datacenters and do not process, transmit, or store customer data. We recommend that user connections to these endpoints be directed to the default Internet egress perimeter.
enterprise	Microsoft 365 U S Government Gcc High Endpoints	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints.md	Data columns shown are: Notes for this table: -- The Security and Compliance Center (SCC) provides support for Azure ExpressRoute for Office 365. The same applies for many features exposed through the SCC such as Reporting, Auditing, Advanced eDiscovery, Unified DLP, and Data Governance. Two specific features, PST Import and eDiscovery Export, currently do not support Azure ExpressRoute with only Office 365 route filters due to their dependency on Azure Blob Storage. To consume those features, you need separate connectivity to Azure Blob Storage using any supportable Azure connectivity options, which include Internet connectivity or Azure ExpressRoute with Azure Public route filters. You have to evaluate establishing such connectivity for both of those features. The Office 365 Information Protection team is aware of this limitation and is actively working to bring support for Azure ExpressRoute for Office 365 as limited to Office 365 route filters for both of those features. +- The Security and Compliance Center (SCC) provides support for Azure ExpressRoute for Office 365. The same applies for many features exposed through the SCC such as Reporting, Auditing, eDiscovery (Premium), Unified DLP, and Data Governance. Two specific features, PST Import and eDiscovery Export, currently do not support Azure ExpressRoute with only Office 365 route filters due to their dependency on Azure Blob Storage. To consume those features, you need separate connectivity to Azure Blob Storage using any supportable Azure connectivity options, which include Internet connectivity or Azure ExpressRoute with Azure Public route filters. You have to evaluate establishing such connectivity for both of those features. The Office 365 Information Protection team is aware of this limitation and is actively working to bring support for Azure ExpressRoute for Office 365 as limited to Office 365 route filters for both of those features. - There are additional optional endpoints for Microsoft 365 Apps for enterprise that are not listed and are not required for users to launch Microsoft 365 Apps for enterprise applications and edit documents. Optional endpoints are hosted in Microsoft datacenters and do not process, transmit, or store customer data. We recommend that user connections to these endpoints be directed to the default Internet egress perimeter.
enterprise	Modern Desktop Deployment And Management Lab	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab.md	The Windows and Office 365 deployment lab kit is designed to help you plan, test The lab provides you with an automatically provisioned virtual lab environment, including domain-joined desktop clients, a domain controller, an internet gateway, and a fully configured Configuration Manager instance. The labs include evaluation versions of the following products: - -\|Windows 10 Lab \|Windows 11 Lab \| -\|\|\| -\|Windows 10 Enterprise, Version 21H1 \| Windows 11 Enterprise \| -\|Microsoft Endpoint Configuration Manager, Version 2103 \| Microsoft Endpoint Configuration Manager, Version 2111 \| -\|Windows Assessment and Deployment Kit for Windows 10 \| Windows Assessment and Deployment Kit for Windows 11 \| -\|Windows Server 2019 \| Windows Server 2022 \| +\|Windows 10 Lab\|Windows 11 Lab\| +\|\|\| +\|Windows 10 Enterprise, Version 21H1\|Windows 11 Enterprise\| +\|Microsoft Endpoint Configuration Manager, Version 2103\|Microsoft Endpoint Configuration Manager, Version 2111\| +\|Windows Assessment and Deployment Kit for Windows 10\|Windows Assessment and Deployment Kit for Windows 11\| +\|Windows Server 2019\|Windows Server 2022\| The labs are also designed to be connected to trials for: The labs are also designed to be connected to trials for: ## Step-by-step labs -Detailed lab guides take you through multiple deployment and management scenarios. The labs have been updated for the latest versions of Intune and Configuration Manager. Note: A new Windows 11 version of the lab is now available. The lab guides include the following scenarios: +Detailed lab guides take you through multiple deployment and management scenarios. The labs have been updated for the latest versions of Intune and Configuration Manager. Note: A new Windows 11 version of the lab is now available. The lab guides include the following scenarios: ### Plan and prepare infrastructure -- Cloud Management Gateway +- Cloud Management Gateway - Tenant attach and co-management - Endpoint analytics - Optimize update delivery -### Deploy Windows +### Deploy Windows - OS deployment task sequences in Configuration Manager - Windows Autopilot -### Service Windows +### Service Windows - Servicing Windows using Group Policy - Servicing Windows using Microsoft Intune Detailed lab guides take you through multiple deployment and management scenario - Deploy Microsoft Teams - Assignment filters -### Managing Microsoft Edge +### Managing Microsoft Edge -- Deploy and Update Edge +- Deploy and Update Edge - IE Mode-- Setup Enterprise New Tab Page +- Setup Enterprise New Tab Page -### Security and Compliance +### Security and Compliance -- BitLocker -- Microsoft Defender Antivirus -- Windows Hello for Business +- BitLocker +- Microsoft Defender Antivirus +- Windows Hello for Business > [!NOTE] > Please use a broadband internet connection to download this content and allow approximately 30 minutes for automatic provisioning. The lab environment requires a minimum of 16 GB of available memory and 150 GB of free disk space. For optimal performance, 32 GB of available memory and 300 GB of free space is recommended. The Windows 10 lab expires May 16, 2022. The Windows 11 lab expires May 6, 2022. New versions will be published prior to expiration. Detailed lab guides take you through multiple deployment and management scenario - [Microsoft 365 for business](https://products.office.com/business/office) - [Introducing Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) - [Windows 11 for business](https://www.microsoft.com/windows/business)-
enterprise	Multi Geo Ediscovery Configuration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/multi-geo-ediscovery-configuration.md	description: Learn how to use the Region parameter to configure eDiscovery for u # Microsoft 365 Multi-Geo eDiscovery configuration -[Advanced eDiscovery capabilities](../compliance/overview-ediscovery-20.md) allow a multi-geo eDiscovery administrator to search all of the geos without needing to utilize a "Region" security filter. Data is exported to the Azure instance of the central location of the multi-geo tenant. The same happens with applying a hold on a custodian, however, the Hold statistics inside the hold won't appear without the "Region" security filter. Hold statistics showing 0 does not mean the hold failed as long as hold status is showing On (successful). +[eDiscovery (Premium) capabilities](../compliance/overview-ediscovery-20.md) allow a multi-geo eDiscovery administrator to search all of the geos without needing to utilize a "Region" security filter. Data is exported to the Azure instance of the central location of the multi-geo tenant. The same happens with applying a hold on a custodian, however, the Hold statistics inside the hold won't appear without the "Region" security filter. Hold statistics showing 0 does not mean the hold failed as long as hold status is showing On (successful). -Without advanced eDiscovery capabilities, an eDiscovery manager or administrator of a multi-geo tenant will be able to conduct eDiscovery only in the central location of that tenant. To support the ability to conduct eDiscovery for satellite locations, a new compliance security filter parameter named "Region" is available via PowerShell. This parameter can be used by tenants whose central location is in North America, Europe, or Asia Pacific. Advanced eDiscovery is recommended for tenants whose central location is not in North America, Europe, or Asia Pacific and who need to perform eDiscovery across satellite geo locations. +Without eDiscovery (Premium) capabilities, an eDiscovery manager or administrator of a multi-geo tenant will be able to conduct eDiscovery only in the central location of that tenant. To support the ability to conduct eDiscovery for satellite locations, a new compliance security filter parameter named "Region" is available via PowerShell. This parameter can be used by tenants whose central location is in North America, Europe, or Asia Pacific. eDiscovery (Premium) is recommended for tenants whose central location is not in North America, Europe, or Asia Pacific and who need to perform eDiscovery across satellite geo locations. The Microsoft 365 global administrator must assign eDiscovery Manager permissions to allow others to perform eDiscovery and assign a "Region" parameter in their applicable Compliance Security Filter to specify the region for conducting eDiscovery as satellite location, otherwise, no eDiscovery will be carried out for the satellite location. Only one "Region" security filter per user is supported, so all the regions need to be inside the same security filter.
enterprise	O365 Data Locations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/o365-data-locations.md	The performance of Microsoft 365 is not simply proportional to a user's distance ### How does Microsoft help me comply with my national, regional, and industry-specific regulations? -To help you comply with national, regional, and industry-specific requirements governing the collection and use of individuals' data, Microsoft 365 offers the most comprehensive set of compliance offerings of any global cloud productivity provider. Please review [our compliance offerings](/compliance/regulatory/offering-home) and more details in the [Microsoft 365 Compliance](https://go.microsoft.com/fwlink/p/?linkid=862317) section on the Microsoft Trust Center. Also, certain Microsoft 365 plans offer further compliance solutions to help you manage your data, comply with legal and regulatory requirements, and monitor actions taken on your data. +To help you comply with national, regional, and industry-specific requirements governing the collection and use of individuals' data, Microsoft 365 offers the most comprehensive set of compliance offerings of any global cloud productivity provider. Please review [our compliance offerings](/compliance/regulatory/offering-home) and more details in the [Microsoft Purview](https://go.microsoft.com/fwlink/p/?linkid=862317) section on the Microsoft Trust Center. Also, certain Microsoft 365 plans offer further compliance solutions to help you manage your data, comply with legal and regulatory requirements, and monitor actions taken on your data. ### Who can access your data and according to what rules?
enterprise	Setup Guides For Microsoft 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/setup-guides-for-microsoft-365.md	The solutions in this guide will help you gain visibility into user activities, * With the communication compliance solution, you can identify and act on communication risks for items like workplace violence, insider trading, harassment, code of conduct, and regulatory compliance violations. * The insider risk management solution helps you identify, investigate, and take action on risks for intellectual property theft, sensitive data leaks, security violations, data spillage, and confidentiality violations. -### Microsoft information protection setup guide +### Information protection setup guide -Get an overview of the capabilities you can apply to your Information Protection strategy so you can be confident your sensitive information is protected. Use a four-stage lifecycle approach in which you discover, classify, protect, and monitor sensitive information. The [Microsoft information protection setup guide](https://aka.ms/mipsetupguide) provides guidance for completing each of these stages. +Get an overview of the capabilities you can apply to your information protection strategy so you can be confident your sensitive information is protected. Use a four-stage lifecycle approach in which you discover, classify, protect, and monitor sensitive information. The [Microsoft information protection setup guide](https://aka.ms/mipsetupguide) provides guidance for completing each of these stages. -### Microsoft information governance setup guide +### Data lifecycle management setup guide -The [Microsoft Information governance setup guide](https://aka.ms/migsetupguide) provides you with the information you'll need to set up and manage your organization's governance strategy, to ensure that your data is classified and managed according to the specific lifecycle guidelines you set. With this guide, you'll learn how to create, auto-apply, or publish labels, label policies, and retention policies that are applied to your organization's reusable content and compliance records. You'll also get information on importing CSV files with a file plan for bulk scenarios or for applying them manually to individual documents. +The [Microsoft information governance setup guide](https://aka.ms/migsetupguide) provides you with the information you'll need to set up and manage your organization's governance strategy, to ensure that your data is classified and managed according to the specific lifecycle guidelines you set. With this guide, you'll learn how to create, auto-apply, or publish labels, label policies, and retention policies that are applied to your organization's reusable content and compliance records. You'll also get information on importing CSV files with a file plan for bulk scenarios or for applying them manually to individual documents. ### Microsoft Defender for Cloud Apps setup guide
includes	Microsoft 365 Content Updates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md	<!-- This file is generated automatically each week. Changes made to this file will be overwritten.-->--- -## Week of April 04, 2022 -- -\| Published On \|Topic title \| Change \| -\|\|\|--\| -\| 4/4/2022 \| [Manage guest access in Microsoft 365 groups](/microsoft-365/admin/create-groups/manage-guest-access-in-groups?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Set up Microsoft 365 Business Standard with a new or existing domain](/microsoft-365/admin/setup/setup-business-standard?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Create and edit AutoPilot profiles](/microsoft-365/business-premium/create-and-edit-autopilot-profiles?view=o365-21vianet) \| renamed \| -\| 4/4/2022 \| [Publish retention labels and apply them in apps to retain or delete content](/microsoft-365/compliance/create-apply-retention-labels?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Insider risk solutions](/microsoft-365/compliance/insider-risk-solution-overview?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Manage sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Overview of Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-overview?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Sign up for Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-sign-up?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| -\| 4/4/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [External Domain Name System records for Office 365](/microsoft-365/enterprise/external-domain-name-system-records?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Try Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 1. Implement App Protection Policies](/microsoft-365/solutions/manage-devices-with-intune-app-protection?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 3. Set up compliance policies for devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-compliance-policies?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Manage devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Service encryption with Customer Key](/microsoft-365/compliance/customer-key-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Set up Customer Key](/microsoft-365/compliance/customer-key-set-up?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| -\| 4/5/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Configure Microsoft Defender for Endpoint on Android features](/microsoft-365/security/defender-endpoint/android-configure?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-whatsnew?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Implement attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Plan ASR rules attack surface reduction deployment rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [ASR rules deployment prerequisites](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Integrate your SIEM tools with Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-siem?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Enable Corelight integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/corelight-integration?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Protection](/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Device discovery frequently asked questions](/microsoft-365/security/defender-endpoint/device-discovery-faq?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Exclude devices in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/exclude-devices?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Investigate Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/investigate-alerts?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Puppet](/microsoft-365/security/defender-endpoint/linux-install-with-puppet?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Set preferences for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-preferences?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [How to schedule scans with Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-schedule-scan-mde?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Troubleshoot performance issues for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-support-perf?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Device inventory](/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Device Installation](/microsoft-365/security/defender-endpoint/mde-device-control-device-installation?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Manage Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-maintenance-operations?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Set up and configure Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Get started with Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-plan1-getting-started?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender Antivirus on Windows Server](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-android?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-ios?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/security-config-management?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Troubleshoot Microsoft Defender for Endpoint service issues](/microsoft-365/security/defender-endpoint/troubleshoot-mdatp?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender Antivirus event IDs and error codes](/microsoft-365/security/defender-endpoint/troubleshoot-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Web protection](/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [CloudAppEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-cloudappevents-table?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [EmailAttachmentInfo table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailattachmentinfo-table?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [EmailEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailevents-table?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Get expert training on advanced hunting](/microsoft-365/security/defender/advanced-hunting-expert-training?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Migrate advanced hunting queries from Microsoft Defender for Endpoint](/microsoft-365/security/defender/advanced-hunting-migrate-from-mde?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Work with advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-query-results?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Alert grading for suspicious email forwarding activity](/microsoft-365/security/defender/alert-grading-playbook-email-forwarding?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Alert grading for suspicious inbox manipulation rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-manipulation-rules?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Partner access through Microsoft 365 Defender APIs](/microsoft-365/security/defender/api-partner-access?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender](/microsoft-365/security/defender/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Deploy services supported by Microsoft 365 Defender](/microsoft-365/security/defender/deploy-supported-services?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 1. Triage and analyze your first incident](/microsoft-365/security/defender/first-incident-analyze?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 3. Perform a post-incident review of your first incident](/microsoft-365/security/defender/first-incident-post?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Prepare your security posture for your first incident](/microsoft-365/security/defender/first-incident-prepare?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 1. Plan for Microsoft 365 Defender operations readiness](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-plan?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 4. Define Microsoft 365 Defender roles, responsibilities, and oversight](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-roles?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-alerts?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-incidents?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [View and manage actions in the Action center](/microsoft-365/security/defender/m365d-autoir-actions?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Frequently asked questions when turning on Microsoft 365 Defender](/microsoft-365/security/defender/m365d-enable-faq?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Defender for Endpoint in Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-security-center-mde?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Track your Microsoft Secure Score history and meet goals](/microsoft-365/security/defender/microsoft-secure-score-history-metrics-trends?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Set up your Microsoft 365 Defender trial lab or pilot environment](/microsoft-365/security/defender/setup-m365deval?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Coin miners](/microsoft-365/security/intelligence/coinminer-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [How Microsoft identifies malware and potentially unwanted applications](/microsoft-365/security/intelligence/criteria?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Fileless threats](/microsoft-365/security/intelligence/fileless-threats?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Macro malware](/microsoft-365/security/intelligence/macro-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Phishing trends and techniques](/microsoft-365/security/intelligence/phishing-trends?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [How to protect against phishing attacks](/microsoft-365/security/intelligence/phishing?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Troubleshoot MSI portal errors caused by admin block](/microsoft-365/security/intelligence/portal-submission-troubleshooting?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Prevent malware infection](/microsoft-365/security/intelligence/prevent-malware-infection?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Rootkits](/microsoft-365/security/intelligence/rootkits-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Submit files for analysis by Microsoft](/microsoft-365/security/intelligence/submission-guide?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Supply chain attacks](/microsoft-365/security/intelligence/supply-chain-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Tech Support Scams](/microsoft-365/security/intelligence/support-scams?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Trojan malware](/microsoft-365/security/intelligence/trojans-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Unwanted software](/microsoft-365/security/intelligence/unwanted-software?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Virus Information Alliance](/microsoft-365/security/intelligence/virus-information-alliance-criteria?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Microsoft Virus Initiative](/microsoft-365/security/intelligence/virus-initiative-criteria?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Worms](/microsoft-365/security/intelligence/worms-malware?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 4/5/2022 \| [Use named entities in your data loss prevention policies (preview)](/microsoft-365/compliance/named-entities-use?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) \| added \| -\| 4/6/2022 \| [Enable co-authoring for documents encrypted by sensitivity labels in Microsoft 365](/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Shared devices](/microsoft-365/managed-desktop/service-description/shared-devices?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Microsoft 365 guest sharing settings reference](/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Add DNS records to connect your domain](/microsoft-365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Change history for Microsoft Managed Desktop documentation](/microsoft-365/managed-desktop/change-history-managed-desktop?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Enable attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Operationalize attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Plan attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Test attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Attack surface reduction (ASR) rules deployment overview](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Understand and use attack surface reduction (ASR)](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [User reported message settings](/microsoft-365/security/office-365-security/user-submission?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Restrict access to content using sensitivity labels to apply encryption](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) \| modified \| -\| 4/6/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Choose between Basic Mobility and Security and Intune](/microsoft-365/admin/basic-mobility-security/choose-between-basic-mobility-and-security-and-intune?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Manage multiple tenants](/microsoft-365/admin/multi-tenant/manage?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Add custom and required questions to the booking page](/microsoft-365/bookings/add-questions?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Add staff to Bookings](/microsoft-365/bookings/add-staff?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Microsoft Bookings](/microsoft-365/bookings/bookings-overview?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Configure SMS text notifications and reminders in Microsoft Bookings](/microsoft-365/bookings/bookings-sms?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Comparison chart: Bookings web app vs. Bookings Teams app](/microsoft-365/bookings/comparison-chart?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Create a manual booking](/microsoft-365/bookings/create-a-manual-booking?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Customize and publish your booking page](/microsoft-365/bookings/customize-booking-page?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Define your service offerings in Bookings](/microsoft-365/bookings/define-service-offerings?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Delete a booking calendar](/microsoft-365/bookings/delete-calendar?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Employee working hours in Microsoft Bookings](/microsoft-365/bookings/employee-hours?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Enter your business information](/microsoft-365/bookings/enter-business-information?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Get Access to Microsoft Bookings](/microsoft-365/bookings/get-access?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Get the Microsoft Bookings app for iOS and Android](/microsoft-365/bookings/get-bookings-app?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Metrics and activity tracking in Microsoft Bookings](/microsoft-365/bookings/metrics-and-activity-tracking?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Reporting information for Microsoft Bookings](/microsoft-365/bookings/reporting-info?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Set buffer time in Microsoft Bookings](/microsoft-365/bookings/set-buffer-time?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Set language and time zones in Microsoft Bookings](/microsoft-365/bookings/set-language-time-zones?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Set your scheduling policies](/microsoft-365/bookings/set-scheduling-policies?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Turn Microsoft Bookings on or off](/microsoft-365/bookings/turn-bookings-on-or-off?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [About registration numbers and under-review notifications](/microsoft-365/commerce/about-registration-numbers?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Add licenses to a VLSC subscription](/microsoft-365/commerce/licenses/add-licenses-bought-through-vlsc?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Add licenses using a product key](/microsoft-365/commerce/licenses/add-licenses-using-product-key?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Manage ISV app licenses](/microsoft-365/commerce/licenses/manage-third-party-app-licenses?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Manage SAAS apps for your organization](/microsoft-365/commerce/manage-saas-apps?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Enter your Microsoft Open product key](/microsoft-365/commerce/purchases-from-microsoft-open?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Verify eligibility for Microsoft 365 Education subscriptions](/microsoft-365/commerce/subscriptions/verify-academic-eligibility?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Get started with information barriers](/microsoft-365/compliance/information-barriers-policies?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Connect to Microsoft 365 with PowerShell](/microsoft-365/enterprise/connect-to-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Securing Teams media traffic for VPN split tunneling](/microsoft-365/enterprise/microsoft-365-vpn-securing-teams?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Schedule Microsoft Defender Antivirus protection updates](/microsoft-365/security/defender-endpoint/manage-protection-update-schedule-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Add more SharePoint storage to your subscription](/microsoft-365/commerce/add-storage-space?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Tax Information](/microsoft-365/commerce/billing-and-payments/tax-information?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Understand billing accounts](/microsoft-365/commerce/manage-billing-accounts?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) \| added \| -\| 4/7/2022 \| [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [DeviceLogonEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-devicelogonevents-table?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Overview - Advanced hunting](/microsoft-365/security/defender/advanced-hunting-overview?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Understand the analyst report section in threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Top scoring in industry tests - Microsoft 365 Defender](/microsoft-365/security/defender/top-scoring-industry-tests?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [What's new in Microsoft 365 Defender](/microsoft-365/security/defender/whats-new?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| Evaluate Microsoft Defender for Office 365 \| removed \| -\| 4/7/2022 \| [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Step 5. Deploy device profiles in Microsoft Intune](/microsoft-365/solutions/manage-devices-with-intune-configuration-profiles?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Submit suspicious files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) \| added \| -\| 4/7/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Configure and review priority accounts in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-review-priority-account?view=o365-21vianet) \| added \| -\| 4/7/2022 \| [User tags in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/user-tags?view=o365-21vianet) \| modified \| -\| 4/7/2022 \| [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Microsoft 365 admin center browser usage reports](/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-device-usage-preview?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Microsoft 365 admin center Teams user activity reports](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Enable archive mailboxes for Microsoft 365 Compliance](/microsoft-365/compliance/enable-archive-mailboxes?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Apply a document understanding model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-model) \| modified \| -\| 4/8/2022 \| [Create an extractor Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-an-extractor) \| modified \| -\| 4/8/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| -\| 4/8/2022 \| [Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/prebuilt-models) \| modified \| -\| 4/8/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Microsoft 365 group expiration policy](/microsoft-365/solutions/microsoft-365-groups-expiration-policy?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Sensitive information type entity definitions](/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Use setup wizard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [An overview of Microsoft LTI apps](/microsoft-365/lti/index?view=o365-21vianet) \| modified \| -\| 4/8/2022 \| [Submit files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) \| modified \| -- -## Week of March 21, 2022 -- -\| Published On \|Topic title \| Change \| -\|\|\|--\| -\| 3/21/2022 \| [Enable shared channels with all external organizations](/microsoft-365/solutions/allow-direct-connect-with-all-organizations?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Collaborate with external participants in a channel](/microsoft-365/solutions/collaborate-teams-direct-connect?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Limit guest sharing to specific organizations](/microsoft-365/solutions/limit-guest-sharing-to-specific-organization?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Limit who can be invited by an organization](/microsoft-365/solutions/limit-invitations-from-specific-organization?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Limit organizations where users can have guest accounts](/microsoft-365/solutions/limit-organizations-where-users-have-guest-accounts?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Limit who can invite guests](/microsoft-365/solutions/limit-who-can-invite-guests?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Plan external collaboration](/microsoft-365/solutions/plan-external-collaboration?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Require conditional access for people outside your organization](/microsoft-365/solutions/trust-conditional-access-from-other-organizations?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Collaborate with guests in a team](/microsoft-365/solutions/collaborate-as-team?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Collaborating with people outside your organization](/microsoft-365/solutions/collaborate-with-people-outside-your-organization?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Configure teams with protection for highly sensitive data](/microsoft-365/solutions/configure-teams-highly-sensitive-protection?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Configure teams with protection for sensitive data](/microsoft-365/solutions/configure-teams-sensitive-protection?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Configure Teams with three tiers of file sharing security](/microsoft-365/solutions/configure-teams-three-tiers-protection?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Create a secure guest sharing environment](/microsoft-365/solutions/create-secure-guest-sharing-environment?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [End of lifecycle options for groups, teams, and Yammer](/microsoft-365/solutions/end-life-cycle-groups-teams-sites-yammer?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Groups services interactions](/microsoft-365/solutions/groups-services-interactions?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Governing access in Microsoft 365 groups, Teams, and SharePoint](/microsoft-365/solutions/groups-teams-access-governance?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Set up secure file and document sharing and collaboration with Teams in Microsoft 365](/microsoft-365/solutions/setup-secure-collaboration-with-teams?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Detect channel signals with communication compliance](/microsoft-365/compliance/communication-compliance-channels?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Get started with Data loss prevention for Power BI](/microsoft-365/compliance/dlp-powerbi-get-started?view=o365-21vianet) \| added \| -\| 3/21/2022 \| [Create and configure retention policies to automatically retain or delete content](/microsoft-365/compliance/create-retention-policies?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Data loss prevention and Microsoft Teams](/microsoft-365/compliance/dlp-microsoft-teams?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Advanced eDiscovery limits](/microsoft-365/compliance/limits-ediscovery20?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Limits for Content search and Core eDiscovery in the compliance center](/microsoft-365/compliance/limits-for-content-search?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Learn about retention for Teams](/microsoft-365/compliance/retention-policies-teams?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Configure retention settings to automatically retain or delete content](/microsoft-365/compliance/retention-settings?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Learn about retention policies & labels to automatically retain or delete content](/microsoft-365/compliance/retention?view=o365-21vianet) \| modified \| -\| 3/21/2022 \| [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 admin center SharePoint site usage reports](/microsoft-365/admin/activity-reports/sharepoint-site-usage-ww?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Configurable settings reference for Microsoft Managed Desktop](/microsoft-365/managed-desktop/working-with-managed-desktop/config-setting-ref?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Onboard devices without Internet access to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/onboard-offline-machines?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Enable Modern authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 compliance solutions trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-playbook?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Records Management in Microsoft 365](/microsoft-365/compliance/records-management?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Set up Advanced Audit in Microsoft 365](/microsoft-365/compliance/set-up-advanced-audit?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 documentation # < 60 chars](/microsoft-365/index?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 Security for Business Decision Makers (BDMs)](/microsoft-365/security/microsoft-365-security-for-bdm?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Find ransomware with advanced hunting](/microsoft-365/security/defender/advanced-hunting-find-ransomware?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Get relevant info about an entity with go hunt](/microsoft-365/security/defender/advanced-hunting-go-hunt?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Link query results to an incident](/microsoft-365/security/defender/advanced-hunting-link-to-incident?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Work with advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-query-results?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Data tables in the Microsoft 365 Defender advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-schema-tables?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Take action on advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-take-action?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Create an app to access Microsoft 365 Defender APIs on behalf of a user](/microsoft-365/security/defender/api-create-app-user-context?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Create an app to access Microsoft 365 Defender without a user](/microsoft-365/security/defender/api-create-app-web?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Hello World for Microsoft 365 Defender REST API](/microsoft-365/security/defender/api-hello-world?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Partner access through Microsoft 365 Defender APIs](/microsoft-365/security/defender/api-partner-access?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Configure your Event Hub](/microsoft-365/security/defender/configure-event-hub?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender](/microsoft-365/security/defender/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Create and manage custom detection rules in Microsoft 365 Defender](/microsoft-365/security/defender/custom-detection-rules?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Device profile in Microsoft 365 security portal](/microsoft-365/security/defender/device-profile?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Review Microsoft Defender for Endpoint architecture requirements and key concepts](/microsoft-365/security/defender/eval-defender-endpoint-architecture?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Enable Microsoft Defender for Endpoint evaluation](/microsoft-365/security/defender/eval-defender-endpoint-enable-eval?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Step 4. Evaluate Microsoft Defender for Endpoint overview, including reviewing the architecture](/microsoft-365/security/defender/eval-defender-endpoint-overview?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Pilot Microsoft Defender for Endpoint](/microsoft-365/security/defender/eval-defender-endpoint-pilot?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Review architecture requirements and the technical framework for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-architecture?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Enable the evaluation environment for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-enable-eval?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Step 2. An Overview of Microsoft 365 Defender for Identity evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Pilot Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-pilot?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Try Microsoft 365 Defender incident response capabilities in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-additional?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Run an attack simulation in a Microsoft 365 Defender pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-simulate-attack?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Pilot Microsoft Defender for Office 365, use the evaluation in your production environment](/microsoft-365/security/defender/eval-defender-office-365-pilot?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft cloud architecture models - enterprise resource planning](/microsoft-365/solutions/cloud-architecture-models?view=o365-21vianet) \| modified \| -\| 3/22/2022 \| [Microsoft 365 productivity illustrations](/microsoft-365/solutions/productivity-illustrations?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Top 20 most-viewed admin help articles this month # < 60 chars](/microsoft-365/admin/top-m365-admin-articles?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Learn about auto-expanding archiving](/microsoft-365/compliance/autoexpanding-archiving?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Change history for Microsoft Managed Desktop documentation](/microsoft-365/managed-desktop/change-history-managed-desktop?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| Microsoft Security Guidance - Political campaigns & nonprofits \| removed \| -\| 3/23/2022 \| [Insider risk management cases](/microsoft-365/compliance/insider-risk-management-cases?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Configure Microsoft 365 Lighthouse portal security](/microsoft-365/lighthouse/m365-lighthouse-configure-portal-security?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Microsoft 365 Lighthouse frequently asked questions (FAQs)](/microsoft-365/lighthouse/m365-lighthouse-faq?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Requirements for Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-requirements?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Threat Explorer and Real-time detections basics in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/real-time-detections?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Remove yourself from the blocked senders list and address 5.7.511 Access denied errors](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Microsoft 365 solution and architecture center # < 60 chars](/microsoft-365/solutions/index?view=o365-21vianet) \| modified \| -\| 3/23/2022 \| [Microsoft 365 productivity illustrations](/microsoft-365/solutions/productivity-illustrations?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Onboard macOS devices into Microsoft 365 overview (preview)](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Microsoft 365 Lighthouse Windows 365 (Cloud PCs) page overview](/microsoft-365/lighthouse/m365-lighthouse-win365-page-overview?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Manage Microsoft feedback for your organization](/microsoft-365/admin/manage/manage-feedback-ms-org?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Azure Active Directory setup guides](/microsoft-365/admin/misc/azure-ad-setup-guides?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [GDPR simplified A guide for your small business](/microsoft-365/admin/security-and-compliance/gdpr-compliance?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Increase threat protection for Microsoft 365 Business Premium](/microsoft-365/admin/security-and-compliance/set-up-compliance?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Set up Windows devices for Microsoft 365 Business Premium users](/microsoft-365/admin/setup/set-up-windows-devices?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Increase threat protection for Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-increase-protection?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Outbound delivery pools](/microsoft-365/security/office-365-security/high-risk-delivery-pool-for-outbound-messages?view=o365-21vianet) \| modified \| -\| 3/24/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Customer Lockbox Requests](/microsoft-365/compliance/customer-lockbox-requests?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Get started driving adoption of Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-getstarted) \| modified \| -\| 3/25/2022 \| [Scenarios and use cases for Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-scenarios) \| modified \| -\| 3/25/2022 \| [Run a trial of Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/trial-syntex) \| modified \| -\| 3/25/2022 \| [Manage Skype for Business Online with PowerShell](/microsoft-365/enterprise/manage-skype-for-business-online-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure advanced features in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/advanced-features?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Advanced hunting schema reference](/microsoft-365/security/defender-endpoint/advanced-hunting-schema-reference?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [View and organize the Microsoft Defender for Endpoint Alerts queue](/microsoft-365/security/defender-endpoint/alerts-queue?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Provide feedback on the Microsoft Defender for Endpoint Client Analyzer tool](/microsoft-365/security/defender-endpoint/analyzer-feedback?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Understand the client analyzer HTML report](/microsoft-365/security/defender-endpoint/analyzer-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure Microsoft Defender for Endpoint risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune](/microsoft-365/security/defender-endpoint/android-intune?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Hello World for Microsoft Defender for Endpoint API](/microsoft-365/security/defender-endpoint/api-hello-world?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [How to use Power Automate Connector to set up a Flow for events](/microsoft-365/security/defender-endpoint/api-microsoft-flow?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint APIs connection to Power BI](/microsoft-365/security/defender-endpoint/api-power-bi?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Implement attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Operationalize attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Plan ASR rules attack surface reduction deployment rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Test attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [ASR rules deployment prerequisites](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use attack surface reduction rules to prevent malware infection](/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Visit the Action center to see remediation actions](/microsoft-365/security/defender-endpoint/auto-investigation-action-center?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Collaborate with external participants in a channel](/microsoft-365/solutions/collaborate-teams-direct-connect?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft 365 Security for Business Decision Makers (BDMs)](/microsoft-365/security/microsoft-365-security-for-bdm?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage active content in Office documents for IT admins](/microsoft-365/security/active-content-in-trusted-docs?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Behavioral blocking and containment](/microsoft-365/security/defender-endpoint/behavioral-blocking-containment?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Check the health state of the sensor at Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/check-sensor-status?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Client behavioral blocking](/microsoft-365/security/defender-endpoint/client-behavioral-blocking?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Cloud protection and sample submission at Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Cloud protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Collect diagnostic data of Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/collect-diagnostic-data?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable block at first sight to detect malware in seconds](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard Windows devices to Microsoft Defender for Endpoint via Group Policy](/microsoft-365/security/defender-endpoint/configure-endpoints-gp?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard Windows devices using Configuration Manager](/microsoft-365/security/defender-endpoint/configure-endpoints-sccm?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard Windows devices using a local script](/microsoft-365/security/defender-endpoint/configure-endpoints-script?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboarding tools and methods for Windows devices](/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure and validate exclusions based on extension, name, or location](/microsoft-365/security/defender-endpoint/configure-extension-file-exclusions-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Optimize ASR rule deployment and detections](/microsoft-365/security/defender-endpoint/configure-machines-asr?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Get devices onboarded to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-machines-onboarding?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Increase compliance to the Microsoft Defender for Endpoint security baseline](/microsoft-365/security/defender-endpoint/configure-machines-security-baseline?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Ensure your devices are configured properly](/microsoft-365/security/defender-endpoint/configure-machines?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure and manage Microsoft Threat Experts capabilities](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure and validate Microsoft Defender Antivirus network connections](/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure device proxy and Internet connection settings](/microsoft-365/security/defender-endpoint/configure-proxy-internet?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable and configure Microsoft Defender Antivirus protection capabilities](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Connected applications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/connected-applications?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Contact Microsoft Defender for Endpoint support](/microsoft-365/security/defender-endpoint/contact-support?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable Corelight integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/corelight-integration?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Customize controlled folder access](/microsoft-365/security/defender-endpoint/customize-controlled-folders?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Data collection for advanced troubleshooting on Windows](/microsoft-365/security/defender-endpoint/data-collection-analyzer?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deployment phases](/microsoft-365/security/defender-endpoint/deployment-phases?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint in rings](/microsoft-365/security/defender-endpoint/deployment-rings?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Plan your Microsoft Defender for Endpoint deployment](/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Protect your organization's data with device control](/microsoft-365/security/defender-endpoint/device-control-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint device timeline event flags](/microsoft-365/security/defender-endpoint/device-timeline-event-flag?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Turn on cloud protection in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable controlled folder access](/microsoft-365/security/defender-endpoint/enable-controlled-folders?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Turn on exploit protection to help mitigate against attacks](/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable Microsoft Defender for IoT integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Turn on network protection](/microsoft-365/security/defender-endpoint/enable-network-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Evaluate network protection](/microsoft-365/security/defender-endpoint/evaluate-network-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint evaluation lab](/microsoft-365/security/defender-endpoint/evaluation-lab?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use Microsoft Defender for Endpoint APIs](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-nativeapp?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create an Application to access Microsoft Defender for Endpoint without a user](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-partners?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create an app to access Microsoft Defender for Endpoint without a user](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-webapp?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Grant access to managed security service provider (MSSP)](/microsoft-365/security/defender-endpoint/grant-mssp-access?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Host firewall reporting in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Import, export, and deploy exploit protection configurations](/microsoft-365/security/defender-endpoint/import-export-exploit-protection-emet-xml?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create indicators for files](/microsoft-365/security/defender-endpoint/indicator-file?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use sensitivity labels to prioritize incident response](/microsoft-365/security/defender-endpoint/information-protection-investigation?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/investigate-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate connection events that occur behind forward proxies](/microsoft-365/security/defender-endpoint/investigate-behind-proxy?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate Microsoft Defender for Endpoint files](/microsoft-365/security/defender-endpoint/investigate-files?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate incidents in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-incidents?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate devices in the Defender for Endpoint Devices list](/microsoft-365/security/defender-endpoint/investigate-machines?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate a user account in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-user?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-install-unmanaged?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [App-based deployment for Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-install?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot issues and find answers on FAQs related to Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-troubleshoot?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable the limited periodic Microsoft Defender Antivirus scanning feature](/microsoft-365/security/defender-endpoint/limited-periodic-scanning-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Ansible](/microsoft-365/security/defender-endpoint/linux-install-with-ansible?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Puppet](/microsoft-365/security/defender-endpoint/linux-install-with-puppet?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [How to schedule scans with Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-schedule-scan-mde?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Device control for macOS](/microsoft-365/security/defender-endpoint/mac-device-control-overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure and validate exclusions for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-exclusions?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Log in to Jamf Pro](/microsoft-365/security/defender-endpoint/mac-install-jamfpro-login?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manual deployment for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-install-manually?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Intune-based deployment for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-install-with-intune?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Set up device groups in Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-device-groups?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enroll Microsoft Defender for Endpoint on macOS devices into Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-enroll-devices?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot kernel extension issues in Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-support-kext?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot license issues for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-support-license?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot performance issues for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-support-perf?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [New configuration profiles for macOS Catalina and newer versions of macOS](/microsoft-365/security/defender-endpoint/mac-sysext-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Deploy updates for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-updates?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Device health and compliance report in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/machine-reports?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create and manage device tags](/microsoft-365/security/defender-endpoint/machine-tags?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Device inventory](/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/manage-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint incidents](/microsoft-365/security/defender-endpoint/manage-incidents?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Overview of management and APIs](/microsoft-365/security/defender-endpoint/management-apis?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Device Installation](/microsoft-365/security/defender-endpoint/mde-device-control-device-installation?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-maintenance-operations?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Set up and configure Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Get started with Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-plan1-getting-started?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender Antivirus on Windows Server](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-mac?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender Offline in Windows](/microsoft-365/security/defender-endpoint/microsoft-defender-offline?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender Antivirus in the Windows Security app](/microsoft-365/security/defender-endpoint/microsoft-defender-security-center-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Threat Experts](/microsoft-365/security/defender-endpoint/microsoft-threat-experts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Minimum requirements for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Network device discovery and vulnerability management](/microsoft-365/security/defender-endpoint/network-devices?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard previous versions of Windows on Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/onboard-downlevel?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboarding using Microsoft Endpoint Configuration Manager](/microsoft-365/security/defender-endpoint/onboarding-endpoint-configuration-manager?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboarding using Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/onboarding-endpoint-manager?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create an onboarding or offboarding notification rule](/microsoft-365/security/defender-endpoint/onboarding-notification?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Onboard to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/onboarding?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Hide the Microsoft Defender Antivirus interface](/microsoft-365/security/defender-endpoint/prevent-end-user-interaction-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Turn on the preview experience in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/preview-settings?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Printer Protection](/microsoft-365/security/defender-endpoint/printer-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Set up Microsoft Defender for Endpoint deployment](/microsoft-365/security/defender-endpoint/production-deployment?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Stream Microsoft Defender for Endpoint events to Azure Event Hubs](/microsoft-365/security/defender-endpoint/raw-data-export-event-hub?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Stream Microsoft Defender for Endpoint events to your Storage account](/microsoft-365/security/defender-endpoint/raw-data-export-storage?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Review alerts in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/review-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Review the results of Microsoft Defender Antivirus scans](/microsoft-365/security/defender-endpoint/review-scan-results-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Run the client analyzer on Windows](/microsoft-365/security/defender-endpoint/run-analyzer-windows?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Run a detection test on a device to verify it has been properly onboarded to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/run-detection-test?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender Security Center Security operations dashboard](/microsoft-365/security/defender-endpoint/security-operations-dashboard?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Make the switch from non-Microsoft endpoint protection to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/switch-to-mde-overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Prepare](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-1?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Setup](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-2?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Onboard](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-3?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Techniques in the device timeline](/microsoft-365/security/defender-endpoint/techniques-device-timeline?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Understand the analyst report section in threat analytics.](/microsoft-365/security/defender-endpoint/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Track and respond to emerging threats with Microsoft Defender for Endpoint threat analytics](/microsoft-365/security/defender-endpoint/threat-analytics?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Event timeline in threat and vulnerability management](/microsoft-365/security/defender-endpoint/threat-and-vuln-mgt-event-timeline?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Threat protection report in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/threat-protection-reports?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft 365 Defender time zone settings](/microsoft-365/security/defender-endpoint/time-settings?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Report and troubleshoot Microsoft Defender for Endpoint ASR Rules](/microsoft-365/security/defender-endpoint/troubleshoot-asr-rules?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Collect support logs in Microsoft Defender for Endpoint using live response](/microsoft-365/security/defender-endpoint/troubleshoot-collect-support-log?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot onboarding issues and error messages](/microsoft-365/security/defender-endpoint/troubleshoot-onboarding-error-messages?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot Microsoft Defender for Endpoint onboarding issues](/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot performance issues](/microsoft-365/security/defender-endpoint/troubleshoot-performance-issues?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Troubleshoot onboarding issues related to Security Management for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/troubleshoot-security-config-mgt?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Assign device value - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-assign-device-value?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Dashboard insights - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-dashboard-insights?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Plan for end-of-support software and software versions](/microsoft-365/security/defender-endpoint/tvm-end-of-support-software?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create and view exceptions for security recommendations - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-exception?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Exposure score in threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-exposure-score?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Secure Score for Devices](/microsoft-365/security/defender-endpoint/tvm-microsoft-secure-score-devices?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Security recommendations by threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-security-recommendation?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Software inventory in threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-software-inventory?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Vulnerable devices report - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-vulnerable-devices-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Vulnerabilities in my organization - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-weaknesses?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Mitigate zero-day vulnerabilities - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-zero-day-vulnerabilities?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [View and organize the Incidents queue](/microsoft-365/security/defender-endpoint/view-incidents-queue?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Web content filtering](/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Monitoring web browsing security in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/web-protection-monitoring?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Web protection](/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Respond to web threats in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/web-protection-response?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Why cloud protection should be enabled for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/why-cloud-protection-should-be-on-mdav?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure Directory Services account in Microsoft Defender for Identity](/microsoft-365/security/defender-identity/directory-service-accounts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity entity tags in Microsoft 365 Defender](/microsoft-365/security/defender-identity/entity-tags?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity detection exclusions in Microsoft 365 Defender](/microsoft-365/security/defender-identity/exclusions?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity security alerts in Microsoft 365 Defender](/microsoft-365/security/defender-identity/manage-security-alerts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity notifications in Microsoft 365 Defender](/microsoft-365/security/defender-identity/notifications?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity sensor health and settings in Microsoft 365 Defender](/microsoft-365/security/defender-identity/sensor-health?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Identity VPN integration in Microsoft 365 Defender](/microsoft-365/security/defender-identity/vpn-integration?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [About the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/about-defender-for-office-365-trial?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Address compromised user accounts with automated investigation and response](/microsoft-365/security/office-365-security/address-compromised-users-quickly?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Admin review for reported messages](/microsoft-365/security/office-365-security/admin-review-reported-message?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage submissions](/microsoft-365/security/office-365-security/admin-submission?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Anti-spoofing protection](/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Attack simulation training deployment considerations and FAQ](/microsoft-365/security/office-365-security/attack-simulation-training-faq?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Insights and reports Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-insights?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create custom payloads for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Protection features in Azure Information Protection rolling out to existing tenants](/microsoft-365/security/office-365-security/azure-ip-protection-features?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Campaign Views in Microsoft Defender for Office 365 Plan](/microsoft-365/security/office-365-security/campaigns?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configuration analyzer for security policies](/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Create safe sender lists](/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Email security with Threat Explorer in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-security-in-microsoft-defender?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/enable-the-report-message-add-in?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Identity and device access policies for allowing guest and external user B2B access - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies-guest-access?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Impersonation insight](/microsoft-365/security/office-365-security/impersonation-insight?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use Microsoft Defender for Office 365 together with Microsoft Defender for Endpoint](/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Spoof intelligence insight](/microsoft-365/security/office-365-security/learn-about-spoof-intelligence?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Mail flow insights in the Mail flow dashboard](/microsoft-365/security/office-365-security/mail-flow-insights-v2?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/manage-quarantined-messages-and-files?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage your allows in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/manage-tenant-allows?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Recommended Microsoft Defender for Cloud Apps policies for SaaS apps - Microsoft 365 Enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/mcas-saas-access-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [The Microsoft Defender for Office 365 email entity page](/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/mdo-for-spo-odb-and-teams?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Auto-forwarded messages insight](/microsoft-365/security/office-365-security/mfi-auto-forwarded-messages-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Top domain mail flow status insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-domain-mail-flow-status-insight?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Mail flow map](/microsoft-365/security/office-365-security/mfi-mail-flow-map-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Fix possible mail loop insight](/microsoft-365/security/office-365-security/mfi-mail-loop-insight?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [New domains being forwarded email insight](/microsoft-365/security/office-365-security/mfi-new-domains-being-forwarded-email?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [New users forwarding email insight](/microsoft-365/security/office-365-security/mfi-new-users-forwarding-email?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Non-accepted domain report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-accepted-domain-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Non-delivery report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-delivery-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Outbound and inbound mail flow insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-outbound-and-inbound-mail-flow?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Queues insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-queue-alerts-and-queues?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Fix slow mail flow rules insight](/microsoft-365/security/office-365-security/mfi-slow-mail-flow-rules-insight?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [SMTP Auth clients insight and report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-smtp-auth-clients-report?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 3: Onboard](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-onboard?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 1: Prepare](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-prepare?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 2: Setup](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-setup?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Monitor for leaks of personal data](/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2](/microsoft-365/security/office-365-security/office-365-ti?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO](/microsoft-365/security/office-365-security/old-index?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Office 365 Security including Microsoft Defender for Office 365 and Exchange Online Protection](/microsoft-365/security/office-365-security/overview?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Permissions in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/permissions-microsoft-365-security-center?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Step-by-step threat protection stack in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/protection-stack-microsoft-defender-for-office365?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Report false positives and false negatives in Outlook](/microsoft-365/security/office-365-security/report-false-positives-and-false-negatives?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Smart reports, insights - Microsoft 365 Security & Compliance Center](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Safe Documents in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-docs?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Security dashboard overview](/microsoft-365/security/office-365-security/security-dashboard?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Security recommendations for priority accounts in Microsoft 365, priority accounts, priority accounts in Office 365, priority accounts in Microsoft 365](/microsoft-365/security/office-365-security/security-recommendations-for-priority-accounts?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Submit malware and non-malware to Microsoft for analysis](/microsoft-365/security/office-365-security/submitting-malware-and-non-malware-to-microsoft-for-analysis?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Recommended Teams policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/teams-access-policies?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Threat hunting in Threat Explorer for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/threat-hunting-in-threat-explorer?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Microsoft Defender for Office 365 trial playbook](/microsoft-365/security/office-365-security/trial-playbook-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [How to use DKIM for email in your custom domain](/microsoft-365/security/office-365-security/use-dkim-to-validate-outbound-email?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use DMARC to validate email, setup steps](/microsoft-365/security/office-365-security/use-dmarc-to-validate-email?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Use Azure Privileged Identity Management (PIM) in Microsoft Defender for Office 365 to limit admin access to cyber security tools.](/microsoft-365/security/office-365-security/use-privileged-identity-management-in-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Quarantine notifications (end-user spam notifications) in Microsoft 365](/microsoft-365/security/office-365-security/use-spam-notifications-to-release-and-report-quarantined-messages?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Remove yourself from the blocked senders list and address 5.7.511 Access denied errors](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [View mail flow reports in the Reports dashboard](/microsoft-365/security/office-365-security/view-mail-flow-reports?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Manage spoofed senders using the spoof intelligence policy and spoof intelligence insight](/microsoft-365/security/office-365-security/walkthrough-spoof-intelligence-insight?view=o365-21vianet) \| modified \| -\| 3/25/2022 \| [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work?view=o365-21vianet) \| modified \| -- -## Week of March 14, 2022 -- -\| Published On \|Topic title \| Change \| -\|\|\|--\| -\| 3/14/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Get started with content explorer](/microsoft-365/compliance/data-classification-content-explorer?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Use Office 365 Content Delivery Network (CDN) with SharePoint Online](/microsoft-365/enterprise/use-microsoft-365-cdn-with-spo?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [How to check Microsoft 365 service health](/microsoft-365/enterprise/view-service-health?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft Defender for Endpoint - Mobile Threat Defense](/microsoft-365/security/defender-endpoint/mtd?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/enable-the-report-message-add-in?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Enable Modern Authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft 365 auditing solutions](/microsoft-365/compliance/auditing-solutions-overview?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft 365 eDiscovery solutions](/microsoft-365/compliance/ediscovery?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Create documents using content assembly in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/content-assembly) \| modified \| -\| 3/14/2022 \| [Office 365 IP Address and URL web service](/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Network connectivity in the Microsoft 365 Admin Center](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft 365 network assessment](/microsoft-365/enterprise/office-365-network-mac-perf-score?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Overview of Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-overview?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Microsoft 365 Apps for enterprise](/microsoft-365/managed-desktop/get-started/m365-apps?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Configurable settings reference for Microsoft Managed Desktop](/microsoft-365/managed-desktop/working-with-managed-desktop/config-setting-ref?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| -\| 3/14/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Idle session timeout for Microsoft 365](/microsoft-365/admin/manage/idle-session-timeout-web-apps?view=o365-21vianet) \| added \| -\| 3/15/2022 \| [Enable Modern Authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Customer Lockbox Requests](/microsoft-365/compliance/customer-lockbox-requests?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Create documents using content assembly in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/content-assembly) \| modified \| -\| 3/15/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Deploy Microsoft 365 Lighthouse baselines](/microsoft-365/lighthouse/m365-lighthouse-deploy-baselines?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Overview of using baselines to deploy standard tenant configurations](/microsoft-365/lighthouse/m365-lighthouse-deploy-standard-tenant-configurations-overview?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Step 2. An Overview of Microsoft 365 Defender for Identity evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Evaluate and pilot Microsoft 365 Defender, an XDR solution](/microsoft-365/security/defender/eval-overview?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Define mail flow rules to encrypt email messages](/microsoft-365/compliance/define-mail-flow-rules-to-encrypt-email?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Differences between estimated and actual eDiscovery search results](/microsoft-365/compliance/differences-between-estimated-and-actual-ediscovery-search-results?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Microsoft 365 eDiscovery solutions](/microsoft-365/compliance/ediscovery?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Restrict access to content using sensitivity labels to apply encryption](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Get started with the Microsoft Service Trust Portal](/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Manage Office 365 Message Encryption](/microsoft-365/compliance/manage-office-365-message-encryption?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| Meet data protection and regulatory requirements with Compliance Manager for Microsoft cloud services \| removed \| -\| 3/15/2022 \| [Advanced Message Encryption](/microsoft-365/compliance/ome-advanced-message-encryption?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Revoke email encrypted by Advanced Message Encryption](/microsoft-365/compliance/revoke-ome-encrypted-mail?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Known issues with Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-known-issues?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Set up roles to manage customer tenants](/microsoft-365/lighthouse/m365-lighthouse-set-up-roles?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Best practices for unauthenticated sharing](/microsoft-365/solutions/best-practices-anonymous-sharing?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/15/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Top 20 most-viewed admin help articles this month # < 60 chars](/microsoft-365/admin/top-m365-admin-articles?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Working with device groups in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-device-groups-mdb?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Review remediation actions in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-review-remediation-actions-devices?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Set up Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-setup?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Archive Slack eDiscovery data to Microsoft 365 using a data connector provided by Microsoft](/microsoft-365/compliance/archive-slack-data-microsoft?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard macOS devices into Microsoft 365 overview (preview)](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune-mde?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using Microsoft Intune (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard and offboard macOS devices into Microsoft 365 Compliance solutions using JAMF Pro (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Design a Data loss prevention policy](/microsoft-365/compliance/dlp-policy-design?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Learn about named entities (preview)](/microsoft-365/compliance/named-entities-learn?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Use named entities in your data loss prevention policies (preview)](/microsoft-365/compliance/named-entities-use?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Common usage scenarios for sensitive information types](/microsoft-365/compliance/sit-common-scenarios?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Get started with exact data match based sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-based-sits-overview?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Create exact data match sensitive information type/rule package](/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Create the schema for exact data match based sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-create-schema?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Export source data for exact data match based sensitive information type](/microsoft-365/compliance/sit-get-started-exact-data-match-export-data?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Hash and upload the sensitive information source table for exact data match sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-hash-upload?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Test an exact data match sensitive information type](/microsoft-365/compliance/sit-get-started-exact-data-match-test?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Learn about exact data match based sensitive information types](/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Manage your exact data match schema](/microsoft-365/compliance/sit-use-exact-data-manage-schema?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Refresh your exact data matchsensitive information source table file](/microsoft-365/compliance/sit-use-exact-data-refresh-data?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Search for metadata in document libraries in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/metadata-search) \| modified \| -\| 3/16/2022 \| [Work with document understanding model explanations in PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-explanations) \| modified \| -\| 3/16/2022 \| [Export and import document understanding models with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-import-export) \| modified \| -\| 3/16/2022 \| [Manage SharePoint Syntex with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-intro) \| modified \| -\| 3/16/2022 \| [Use PowerShell to request processing by a document understanding model](/microsoft-365/contentunderstanding/powershell-syntex-processing) \| modified \| -\| 3/16/2022 \| [Publish document understanding models with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-publishing) \| modified \| -\| 3/16/2022 \| [Localize the user experience](/microsoft-365/managed-desktop/get-started/localization?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Shared devices](/microsoft-365/managed-desktop/service-description/shared-devices?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Device groups in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-create-edit-device-groups?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Manage custom rules for firewall policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-custom-rules-firewall?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Microsoft 365 Lighthouse and Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-lighthouse-integration?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Manage devices in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-manage-devices?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Review remediation actions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-review-remediation-actions?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Microsoft Defender for Business troubleshooting](/microsoft-365/security/defender-business/mdb-troubleshooting?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Configure Microsoft Defender for Endpoint risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Integration with Microsoft Defender for Cloud](/microsoft-365/security/defender-endpoint/azure-server-integration?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Delete a file from the live response library](/microsoft-365/security/defender-endpoint/delete-library?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [App-based deployment for Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-install?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [List library files](/microsoft-365/security/defender-endpoint/list-library-files?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Live response library methods and properties](/microsoft-365/security/defender-endpoint/live-response-library-methods?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/security-config-management?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Server migration scenarios for the new version of Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/server-migration?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Upload files to the live response library](/microsoft-365/security/defender-endpoint/upload-library?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Link query results to an incident](/microsoft-365/security/defender/advanced-hunting-link-to-incident?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Train your security staff for Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender-train-security-staff?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [End-user notifications for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-traning-end-user-notifications?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Microsoft Compliance Configuration Analyzer for Compliance Manager](/microsoft-365/compliance/compliance-manager-mcca?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Get started with Microsoft Compliance Manager](/microsoft-365/compliance/compliance-manager-setup?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Get started with the Microsoft Service Trust Portal](/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Readiness assessment tools](/microsoft-365/managed-desktop/get-ready/readiness-assessment-tool?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| -\| 3/16/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Create and configure retention policies to automatically retain or delete content](/microsoft-365/compliance/create-retention-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Evaluate and pilot Microsoft 365 Defender, an XDR solution](/microsoft-365/security/defender/eval-overview?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| Redirecting accounts from Office 365 Security and Compliance Center to the new Microsoft 365 Defender \| removed \| -\| 3/17/2022 \| [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-mdo-anti-phishing-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Basic Mobility and Security frequently-asked questions (FAQ)](/microsoft-365/admin/basic-mobility-security/frequently-asked-questions?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Centralized Deployment FAQ](/microsoft-365/admin/manage/centralized-deployment-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 Business Premium frequently asked questions](/microsoft-365/admin/misc/microsoft-365-business-faqs?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Domains Frequently Asked Questions](/microsoft-365/admin/setup/domains-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Bookings Frequently Asked Questions](/microsoft-365/bookings/bookings-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Downloads Frequently Asked Questions](/microsoft-365/commerce/licenses/downloads-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Online service activation for Open program Frequently Asked Questions](/microsoft-365/commerce/licenses/online-service-activation-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Product keys Frequently Asked Questions](/microsoft-365/commerce/licenses/product-keys-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Home Use Program frequently-asked questions (FAQ)](/microsoft-365/commerce/microsoft-home-use-program-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Self-service purchase FAQ](/microsoft-365/commerce/subscriptions/self-service-purchase-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Compliance Manager premium assessments trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-manager-assessment-playbook?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 compliance solutions trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-playbook?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [About the Microsoft 365 compliance trial](/microsoft-365/compliance/compliance-easy-trials?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Compliance Manager FAQ](/microsoft-365/compliance/compliance-manager-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [FAQ about importing PST files](/microsoft-365/compliance/faqimporting-pst-files-to-office-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Message Encryption FAQ](/microsoft-365/compliance/ome-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Plan for security & compliance](/microsoft-365/compliance/plan-for-security-and-compliance?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Protect user and device access](/microsoft-365/compliance/protect-access-to-data-and-services?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Set up encryption in Office 365 Enterprise](/microsoft-365/compliance/set-up-encryption?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 Compliance trial terms and conditions](/microsoft-365/compliance/terms-conditions?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Address space calculator for Azure gateway subnets](/microsoft-365/enterprise/address-space-calculator-for-azure-gateway-subnets?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Test Microsoft 365 with Test Lab Guides (TLGs)](/microsoft-365/enterprise/cloud-adoption-test-lab-guides-tlgs?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Create SharePoint Online sites and add users with PowerShell](/microsoft-365/enterprise/create-sharepoint-sites-and-add-users-with-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Data move general FAQ](/microsoft-365/enterprise/data-move-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Get started with PowerShell for Microsoft 365](/microsoft-365/enterprise/getting-started-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Hybrid solutions](/microsoft-365/enterprise/hybrid-solutions?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Integrated apps and Azure AD for Microsoft 365 administrators](/microsoft-365/enterprise/integrated-apps-and-azure-ads?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 for enterprise Test Lab Guides](/microsoft-365/enterprise/m365-enterprise-test-lab-guides?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage Microsoft 365 with PowerShell](/microsoft-365/enterprise/manage-microsoft-365-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage Microsoft 365 with Windows PowerShell for DAP partners](/microsoft-365/enterprise/manage-microsoft-365-with-windows-powershell-for-delegated-access-permissions-dap-p?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage SharePoint with PowerShell](/microsoft-365/enterprise/manage-sharepoint-online-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage SharePoint Online site groups with PowerShell](/microsoft-365/enterprise/manage-sharepoint-site-groups-with-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage SharePoint Online users and groups with PowerShell](/microsoft-365/enterprise/manage-sharepoint-users-and-groups-with-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage Microsoft 365 user accounts, licenses, and groups with PowerShell](/microsoft-365/enterprise/manage-user-accounts-and-licenses-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 endpoints](/microsoft-365/enterprise/microsoft-365-endpoints?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 community resources for PowerShell](/microsoft-365/enterprise/microsoft-365-powershell-community-resources?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Set up your network for Microsoft 365](/microsoft-365/enterprise/set-up-network-for-microsoft-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Skype for Business Online in Office 365 - Admin Help](/microsoft-365/enterprise/skype-for-business-online?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Use PowerShell to migrate email to Microsoft 365](/microsoft-365/enterprise/use-powershell-for-email-migration-to-microsoft-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Use PowerShell to create reports for Microsoft 365](/microsoft-365/enterprise/use-windows-powershell-to-create-reports-in-microsoft-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 Lighthouse frequently asked questions (FAQs)](/microsoft-365/lighthouse/m365-lighthouse-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Defender for Business troubleshooting](/microsoft-365/security/defender-business/mdb-troubleshooting?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Attack surface reduction frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/attack-surface-reduction-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [About the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/about-defender-for-office-365-trial?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Manage submissions](/microsoft-365/security/office-365-security/admin-submission?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [ASF settings in EOP](/microsoft-365/security/office-365-security/advanced-spam-filtering-asf-options?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Alerts in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/alerts?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-malware protection FAQ](/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-spam and anti-malware protection](/microsoft-365/security/office-365-security/anti-spam-and-anti-malware-protection?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-spam message headers](/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-spam protection FAQ](/microsoft-365/security/office-365-security/anti-spam-protection-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-spoofing protection FAQ](/microsoft-365/security/office-365-security/anti-spoofing-protection-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Bulk complaint level values](/microsoft-365/security/office-365-security/bulk-complaint-level-values?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Configure junk email settings on Exchange Online mailboxes](/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Delegated administration FAQ](/microsoft-365/security/office-365-security/delegated-administration-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [EOP general FAQ](/microsoft-365/security/office-365-security/eop-general-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [EOP queued, deferred, and bounced messages FAQ](/microsoft-365/security/office-365-security/eop-queued-deferred-and-bounced-messages-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Monitor for leaks of personal data](/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Evaluate Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-evaluation?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2](/microsoft-365/security/office-365-security/office-365-ti?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO](/microsoft-365/security/office-365-security/old-index?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Office 365 Security including Microsoft Defender for Office 365 and Exchange Online Protection](/microsoft-365/security/office-365-security/overview?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Permissions in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/permissions-microsoft-365-security-center?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Protect against threats in Microsoft Defender for Office 365, Anti-malware, Anti-Phishing, Anti-spam, Safe links, Safe attachments, Zero-hour auto purge (ZAP), MDO security configuration](/microsoft-365/security/office-365-security/protect-against-threats?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Quarantined messages FAQ](/microsoft-365/security/office-365-security/quarantine-faq?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Report spam, non-spam, and phishing messages to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Reporting and message trace](/microsoft-365/security/office-365-security/reporting-and-message-trace-in-exchange-online-protection?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Smart reports, insights - Microsoft 365 Security & Compliance Center](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Security dashboard overview](/microsoft-365/security/office-365-security/security-dashboard?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Security recommendations for priority accounts in Microsoft 365, priority accounts, priority accounts in Office 365, priority accounts in Microsoft 365](/microsoft-365/security/office-365-security/security-recommendations-for-priority-accounts?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft 365 security roadmap - Top priorities](/microsoft-365/security/office-365-security/security-roadmap?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Sending mail to Microsoft 365](/microsoft-365/security/office-365-security/sending-mail-to-office-365?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Services for non-customers sending mail to Microsoft 365](/microsoft-365/security/office-365-security/services-for-non-customers?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Recommended Teams policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/teams-access-policies?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) \| modified \| -\| 3/17/2022 \| [Microsoft Defender for Office 365 trial playbook](/microsoft-365/security/office-365-security/trial-playbook-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Document metadata fields in Advanced eDiscovery](/microsoft-365/compliance/document-metadata-fields-in-advanced-ediscovery?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Apply a sensitivity label to a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-sensitivity-label-to-a-model) \| modified \| -\| 3/18/2022 \| [Fix issues found by the readiness assessment tool](/microsoft-365/managed-desktop/get-ready/readiness-assessment-fix?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Microsoft Edge](/microsoft-365/managed-desktop/get-started/edge-browser-app?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Anti-spam message headers](/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Create custom payloads for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Bulk complaint level values](/microsoft-365/security/office-365-security/bulk-complaint-level-values?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Campaign Views in Microsoft Defender for Office 365 Plan](/microsoft-365/security/office-365-security/campaigns?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Configure spam filter policies](/microsoft-365/security/office-365-security/configure-your-spam-filter-policies?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-email-messages?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Microsoft 365 security roadmap - Top priorities](/microsoft-365/security/office-365-security/security-roadmap?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Sending mail to Microsoft 365](/microsoft-365/security/office-365-security/sending-mail-to-office-365?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Services for non-customers sending mail to Microsoft 365](/microsoft-365/security/office-365-security/services-for-non-customers?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Set up SPF to help prevent spoofing](/microsoft-365/security/office-365-security/set-up-spf-in-office-365-to-help-prevent-spoofing?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) \| modified \| -\| 3/18/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| -- -## Week of March 07, 2022 -- -\| Published On \|Topic title \| Change \| -\|\|\|--\| -\| 3/7/2022 \| [Declare records by using retention labels](/microsoft-365/compliance/declare-records?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Use file plan to manage retention labels throughout the content lifecycle](/microsoft-365/compliance/file-plan-manager?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Visit the Action center to see remediation actions](/microsoft-365/security/defender-endpoint/auto-investigation-action-center?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [View the details and results of an automated investigation](/microsoft-365/security/defender-endpoint/autoir-investigation-results?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Use automated investigations to investigate and remediate threats](/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Automation levels in automated investigation and remediation](/microsoft-365/security/defender-endpoint/automation-levels?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Configure automated investigation and remediation capabilities](/microsoft-365/security/defender-endpoint/configure-automated-investigations-remediation?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Configure device discovery](/microsoft-365/security/defender-endpoint/configure-device-discovery?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Create indicators for files](/microsoft-365/security/defender-endpoint/indicator-file?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Review remediation actions following automated investigations](/microsoft-365/security/defender-endpoint/manage-auto-investigation?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Security recommendations by threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-security-recommendation?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Alert grading for suspicious email forwarding activity](/microsoft-365/security/defender/alert-grading-playbook-email-forwarding?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Alert grading for suspicious inbox manipulation rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-manipulation-rules?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Alert grading playbooks](/microsoft-365/security/defender/alert-grading-playbooks?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Review architecture requirements and the technical framework for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-architecture?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Enable the evaluation environment for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-enable-eval?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 2. Evaluate Microsoft 365 Defender for Identity overview, set up evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Pilot Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-pilot?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Try Microsoft 365 Defender incident response capabilities in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-additional?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Run an attack simulation in a Microsoft 365 Defender pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-simulate-attack?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 6. Investigate and respond using Microsoft 365 Defender in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 1. Triage and analyze your first incident](/microsoft-365/security/defender/first-incident-analyze?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Responding to your first incident](/microsoft-365/security/defender/first-incident-overview?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Example of an identity-based attack](/microsoft-365/security/defender/first-incident-path-identity?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Example of a phishing email attack](/microsoft-365/security/defender/first-incident-path-phishing?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 3. Perform a post-incident review of your first incident](/microsoft-365/security/defender/first-incident-post?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Prepare your security posture for your first incident](/microsoft-365/security/defender/first-incident-prepare?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 2. Remediate your first incident](/microsoft-365/security/defender/first-incident-remediate?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Prioritize incidents in Microsoft 365 Defender](/microsoft-365/security/defender/incident-queue?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Investigate and respond with Microsoft 365 Defender](/microsoft-365/security/defender/incident-response-overview?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 1. Plan for Microsoft 365 Defender operations readiness](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-plan?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 2. Perform a SOC integration readiness assessment using the Zero Trust Framework](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-readiness?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 4. Define Microsoft 365 Defender roles, responsibilities, and oversight](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-roles?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 3. Plan for Microsoft 365 Defender integration with your SOC catalog of services](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-services?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 6. Identify SOC maintenance tasks](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-tasks?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Integrating Microsoft 365 Defender into your security operations](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-alerts?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-incidents?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Investigate users in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-users?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Go to the Action center to view and approve your automated investigation and remediation tasks](/microsoft-365/security/defender/m365d-action-center?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [View and manage actions in the Action center](/microsoft-365/security/defender/m365d-autoir-actions?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Address false positives or false negatives in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir-report-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Details and results of an automated investigation](/microsoft-365/security/defender/m365d-autoir-results?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Configure automated investigation and response capabilities in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-configure-auto-investigation-response?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Remediation actions in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-remediation-actions?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Manage incidents in Microsoft 365 Defender](/microsoft-365/security/defender/manage-incidents?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Microsoft 365 Defender integration with Microsoft Sentinel](/microsoft-365/security/defender/microsoft-365-defender-integration-with-azure-sentinel?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Train your security staff for Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender-train-security-staff?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Review and manage remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-review-approve-pending-completed-actions?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Identity and device access policies for allowing guest and external user B2B access - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies-guest-access?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Contoso's COVID-19 response and support for hybrid work](/microsoft-365/solutions/contoso-remote-onsite-work?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 4. Deploy endpoint management for your devices, PCs, and other endpoints](/microsoft-365/solutions/empower-people-to-work-remotely-manage-endpoints?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 2. Provide remote access to on-premises apps and services](/microsoft-365/solutions/empower-people-to-work-remotely-remote-access?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 1. Increase sign-in security for hybrid workers with MFA](/microsoft-365/solutions/empower-people-to-work-remotely-secure-sign-in?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 3: Deploy security and compliance for hybrid workers](/microsoft-365/solutions/empower-people-to-work-remotely-security-compliance?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 5. Deploy hybrid worker productivity apps and services](/microsoft-365/solutions/empower-people-to-work-remotely-teams-productivity-apps?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 6: Train your workers and address usage feedback](/microsoft-365/solutions/empower-people-to-work-remotely-train-monitor-usage?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Set up your infrastructure for hybrid work with Microsoft 365](/microsoft-365/solutions/empower-people-to-work-remotely?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 2. Deploy attack detection and response](/microsoft-365/solutions/ransomware-protection-microsoft-365-attack-detection-response?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 4. Protect devices](/microsoft-365/solutions/ransomware-protection-microsoft-365-devices?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 3. Protect identities](/microsoft-365/solutions/ransomware-protection-microsoft-365-identities?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 5. Protect information](/microsoft-365/solutions/ransomware-protection-microsoft-365-information?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Step 1. Configure security baselines](/microsoft-365/solutions/ransomware-protection-microsoft-365-security-baselines?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Deploy ransomware protection for your Microsoft 365 tenant](/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [What's new in Microsoft 365 compliance](/microsoft-365/compliance/whats-new?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Create a model on a local SharePoint site with Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-local-model) \| added \| -\| 3/7/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| -\| 3/7/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| -\| 3/7/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft Defender for Identity notifications in Microsoft 365 Defender](/microsoft-365/security/defender-identity/notifications?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/prebuilt-models) \| modified \| -\| 3/8/2022 \| [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [What's new in Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Collect support logs in Microsoft Defender for Endpoint using live response](/microsoft-365/security/defender-endpoint/troubleshoot-collect-support-log?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center browser usage reports](/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center email activity reports](/microsoft-365/admin/activity-reports/email-activity-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center email apps usage reports](/microsoft-365/admin/activity-reports/email-apps-usage-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center forms activity reports](/microsoft-365/admin/activity-reports/forms-activity-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft Dynamics 365 customer voice activity reports](/microsoft-365/admin/activity-reports/forms-pro-activity-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center mailbox usage reports](/microsoft-365/admin/activity-reports/mailbox-usage?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Office activations reports](/microsoft-365/admin/activity-reports/microsoft-office-activations-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-device-usage-preview?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| Microsoft Teams device usage \| removed \| -\| 3/8/2022 \| [Microsoft 365 admin center Teams user activity reports](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| Microsoft 365 admin center reports - Microsoft Teams user activity \| removed \| -\| 3/8/2022 \| [Microsoft 365 admin center apps usage reports](/microsoft-365/admin/activity-reports/microsoft365-apps-usage-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center groups reports](/microsoft-365/admin/activity-reports/office-365-groups-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 OneDrive for Business activity reports](/microsoft-365/admin/activity-reports/onedrive-for-business-activity-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 OneDrive for Business usage reports](/microsoft-365/admin/activity-reports/onedrive-for-business-usage-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center SharePoint activity reports](/microsoft-365/admin/activity-reports/sharepoint-activity-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center SharePoint site usage reports](/microsoft-365/admin/activity-reports/sharepoint-site-usage-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Viva Insights activity reports](/microsoft-365/admin/activity-reports/viva-insights-activity?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Viva Learning activity reports](/microsoft-365/admin/activity-reports/viva-learning-activity?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Yammer activity reports](/microsoft-365/admin/activity-reports/yammer-activity-report-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Yammer device usage reports](/microsoft-365/admin/activity-reports/yammer-device-usage-report-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft 365 admin center Yammer groups activity reports](/microsoft-365/admin/activity-reports/yammer-groups-activity-report-ww?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Choose between Basic Mobility and Security and Intune](/microsoft-365/admin/basic-mobility-security/choose-between-basic-mobility-and-security-and-intune?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Create device security policies in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/create-device-security-policies?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Enroll your mobile device using Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/enroll-your-mobile-device?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Troubleshoot Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/troubleshoot?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Wipe a mobile device in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/wipe-mobile-device?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [DLP policy conditions, exceptions, and actions](/microsoft-365/compliance/dlp-conditions-and-exceptions?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Export documents from a review set](/microsoft-365/compliance/export-documents-from-review-set?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Search for and delete email messages in your organization](/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Configure Microsoft 365 Multi-Geo eDiscovery](/microsoft-365/enterprise/multi-geo-ediscovery-configuration?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Turn on network protection](/microsoft-365/security/defender-endpoint/enable-network-protection?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| -\| 3/8/2022 \| [Allow members to send as or send on behalf of a group](/microsoft-365/solutions/allow-members-to-send-as-or-send-on-behalf-of-group?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Working with device groups in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-device-groups-mdb?view=o365-21vianet) \| added \| -\| 3/9/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| added \| -\| 3/9/2022 \| [Review remediation actions in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-review-remediation-actions-devices?view=o365-21vianet) \| added \| -\| 3/9/2022 \| [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-21vianet) \| added \| -\| 3/9/2022 \| [Integrate Microsoft OneDrive LTI with Blackboard](/microsoft-365/lti/onedrive-lti-blackboard?view=o365-21vianet) \| added \| -\| 3/9/2022 \| [Import custodians to an Advanced eDiscovery case](/microsoft-365/compliance/bulk-add-custodians?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Create eDiscovery holds in a Core eDiscovery case](/microsoft-365/compliance/create-ediscovery-holds?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Manage holds in Advanced eDiscovery](/microsoft-365/compliance/managing-holds?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Search the audit log in the Microsoft 365 compliance center](/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Use Content search for targeted collections](/microsoft-365/compliance/use-content-search-for-targeted-collections?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Configure anti-malware policies](/microsoft-365/security/office-365-security/configure-anti-malware-policies?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Test Base FAQ](/microsoft-365/test-base/faq?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Overview](/microsoft-365/test-base/overview?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Automatically apply a sensitivity label to content in Microsoft 365](/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Create custom sensitive information types](/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Disposition of content](/microsoft-365/compliance/disposition?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Using Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-using?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Limits for retention policies and retention label policies](/microsoft-365/compliance/retention-limits?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Accessibility mode in SharePoint Syntex](/microsoft-365/contentunderstanding/accessibility-mode) \| modified \| -\| 3/9/2022 \| [Scenarios and use cases for Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-scenarios) \| modified \| -\| 3/9/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| -\| 3/9/2022 \| [Duplicate a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/duplicate-a-model) \| modified \| -\| 3/9/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Minimum requirements for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Top scoring in industry tests - Microsoft 365 Defender](/microsoft-365/security/defender/top-scoring-industry-tests?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| -\| 3/9/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View and organize the Microsoft Defender for Endpoint Alerts queue](/microsoft-365/security/defender-endpoint/alerts-queue?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Onboard non-persistent virtual desktop infrastructure (VDI) devices](/microsoft-365/security/defender-endpoint/configure-endpoints-vdi?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [How to schedule an update of the Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-update-mde-linux?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| added \| -\| 3/10/2022 \| [Automatically apply a sensitivity label to content in Microsoft 365](/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [eDiscovery solution series Data spillage scenario - Search and purge](/microsoft-365/compliance/data-spillage-scenariosearch-and-purge?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Predictive coding in Advanced eDiscovery - Quick start](/microsoft-365/compliance/predictive-coding-quick-start?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Form processing overview in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/form-processing-overview) \| modified \| -\| 3/10/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| -\| 3/10/2022 \| [Analyze how your models are used in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/model-usage-analytics) \| modified \| -\| 3/10/2022 \| [Rename a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/rename-a-model) \| modified \| -\| 3/10/2022 \| [Rename an extractor in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/rename-an-extractor) \| modified \| -\| 3/10/2022 \| [Network connectivity in the Microsoft 365 Admin Center](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Device groups in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-create-edit-device-groups?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Manage custom rules for firewall policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-custom-rules-firewall?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Get help and support for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-get-help?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Microsoft 365 Lighthouse and Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-lighthouse-integration?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Manage devices in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-manage-devices?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Review remediation actions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-review-remediation-actions?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Understand the analyst report section in threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| -\| 3/10/2022 \| [View and release quarantined messages from shared mailboxes](/microsoft-365/security/office-365-security/view-and-release-quarantined-messages-from-shared-mailboxes?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Investigate and remediate communication compliance alerts](/microsoft-365/compliance/communication-compliance-investigate-remediate?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Learn about communication compliance](/microsoft-365/compliance/communication-compliance?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Office TLS Certificate Changes](/microsoft-365/compliance/encryption-office-365-tls-certificates-changes?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| -\| 3/11/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Configure retention settings to automatically retain or delete content](/microsoft-365/compliance/retention-settings?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Windows and Office 365 deployment lab kit](/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Upgrade distribution lists to Microsoft 365 Groups in Outlook](/microsoft-365/admin/manage/upgrade-distribution-lists?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Export documents from a review set](/microsoft-365/compliance/export-documents-from-review-set?view=o365-21vianet) \| modified \| -\| 3/11/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \| ++++ +## Week of April 04, 2022 ++ +\| Published On \|Topic title \| Change \| +\|\|\|--\| +\| 4/4/2022 \| [Manage guest access in Microsoft 365 groups](/microsoft-365/admin/create-groups/manage-guest-access-in-groups?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Set up Microsoft 365 Business Standard with a new or existing domain](/microsoft-365/admin/setup/setup-business-standard?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Create and edit AutoPilot profiles](/microsoft-365/business-premium/create-and-edit-autopilot-profiles?view=o365-21vianet) \| renamed \| +\| 4/4/2022 \| [Publish retention labels and apply them in apps to retain or delete content](/microsoft-365/compliance/create-apply-retention-labels?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Insider risk solutions](/microsoft-365/compliance/insider-risk-solution-overview?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Manage sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Overview of Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-overview?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Sign up for Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-sign-up?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| +\| 4/4/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [External Domain Name System records for Office 365](/microsoft-365/enterprise/external-domain-name-system-records?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Try Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 1. Implement App Protection Policies](/microsoft-365/solutions/manage-devices-with-intune-app-protection?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 3. Set up compliance policies for devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-compliance-policies?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Manage devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Service encryption with Customer Key](/microsoft-365/compliance/customer-key-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Set up Customer Key](/microsoft-365/compliance/customer-key-set-up?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| +\| 4/5/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Configure Microsoft Defender for Endpoint on Android features](/microsoft-365/security/defender-endpoint/android-configure?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-whatsnew?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Implement attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Plan ASR rules attack surface reduction deployment rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [ASR rules deployment prerequisites](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Integrate your SIEM tools with Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-siem?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Enable Corelight integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/corelight-integration?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Protection](/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Device discovery frequently asked questions](/microsoft-365/security/defender-endpoint/device-discovery-faq?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Exclude devices in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/exclude-devices?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Investigate Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/investigate-alerts?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Puppet](/microsoft-365/security/defender-endpoint/linux-install-with-puppet?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Set preferences for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-preferences?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [How to schedule scans with Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-schedule-scan-mde?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Troubleshoot performance issues for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-support-perf?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Device inventory](/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint Device Control Device Installation](/microsoft-365/security/defender-endpoint/mde-device-control-device-installation?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Manage Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-maintenance-operations?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Set up and configure Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Get started with Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-plan1-getting-started?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender Antivirus on Windows Server](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-android?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-ios?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/security-config-management?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Troubleshoot Microsoft Defender for Endpoint service issues](/microsoft-365/security/defender-endpoint/troubleshoot-mdatp?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender Antivirus event IDs and error codes](/microsoft-365/security/defender-endpoint/troubleshoot-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Web protection](/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [What's new in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [CloudAppEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-cloudappevents-table?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [EmailAttachmentInfo table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailattachmentinfo-table?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [EmailEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailevents-table?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Get expert training on advanced hunting](/microsoft-365/security/defender/advanced-hunting-expert-training?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Migrate advanced hunting queries from Microsoft Defender for Endpoint](/microsoft-365/security/defender/advanced-hunting-migrate-from-mde?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Work with advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-query-results?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Alert grading for suspicious email forwarding activity](/microsoft-365/security/defender/alert-grading-playbook-email-forwarding?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Alert grading for suspicious inbox manipulation rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-manipulation-rules?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Partner access through Microsoft 365 Defender APIs](/microsoft-365/security/defender/api-partner-access?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender](/microsoft-365/security/defender/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Deploy services supported by Microsoft 365 Defender](/microsoft-365/security/defender/deploy-supported-services?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 1. Triage and analyze your first incident](/microsoft-365/security/defender/first-incident-analyze?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 3. Perform a post-incident review of your first incident](/microsoft-365/security/defender/first-incident-post?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Prepare your security posture for your first incident](/microsoft-365/security/defender/first-incident-prepare?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 1. Plan for Microsoft 365 Defender operations readiness](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-plan?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 4. Define Microsoft 365 Defender roles, responsibilities, and oversight](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-roles?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-alerts?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-incidents?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [View and manage actions in the Action center](/microsoft-365/security/defender/m365d-autoir-actions?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Frequently asked questions when turning on Microsoft 365 Defender](/microsoft-365/security/defender/m365d-enable-faq?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Defender for Endpoint in Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-security-center-mde?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Track your Microsoft Secure Score history and meet goals](/microsoft-365/security/defender/microsoft-secure-score-history-metrics-trends?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Set up your Microsoft 365 Defender trial lab or pilot environment](/microsoft-365/security/defender/setup-m365deval?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Coin miners](/microsoft-365/security/intelligence/coinminer-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [How Microsoft identifies malware and potentially unwanted applications](/microsoft-365/security/intelligence/criteria?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Fileless threats](/microsoft-365/security/intelligence/fileless-threats?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Macro malware](/microsoft-365/security/intelligence/macro-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Phishing trends and techniques](/microsoft-365/security/intelligence/phishing-trends?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [How to protect against phishing attacks](/microsoft-365/security/intelligence/phishing?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Troubleshoot MSI portal errors caused by admin block](/microsoft-365/security/intelligence/portal-submission-troubleshooting?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Prevent malware infection](/microsoft-365/security/intelligence/prevent-malware-infection?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Rootkits](/microsoft-365/security/intelligence/rootkits-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Submit files for analysis by Microsoft](/microsoft-365/security/intelligence/submission-guide?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Supply chain attacks](/microsoft-365/security/intelligence/supply-chain-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Tech Support Scams](/microsoft-365/security/intelligence/support-scams?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Trojan malware](/microsoft-365/security/intelligence/trojans-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Unwanted software](/microsoft-365/security/intelligence/unwanted-software?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Virus Information Alliance](/microsoft-365/security/intelligence/virus-information-alliance-criteria?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Microsoft Virus Initiative](/microsoft-365/security/intelligence/virus-initiative-criteria?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Worms](/microsoft-365/security/intelligence/worms-malware?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 4/5/2022 \| [Use named entities in your data loss prevention policies (preview)](/microsoft-365/compliance/named-entities-use?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) \| added \| +\| 4/6/2022 \| [Enable co-authoring for documents encrypted by sensitivity labels in Microsoft 365](/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Shared devices](/microsoft-365/managed-desktop/service-description/shared-devices?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Microsoft 365 guest sharing settings reference](/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Add DNS records to connect your domain](/microsoft-365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Change history for Microsoft Managed Desktop documentation](/microsoft-365/managed-desktop/change-history-managed-desktop?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Enable attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Operationalize attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Plan attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Test attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Attack surface reduction (ASR) rules deployment overview](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Understand and use attack surface reduction (ASR)](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [User reported message settings](/microsoft-365/security/office-365-security/user-submission?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Restrict access to content using sensitivity labels to apply encryption](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) \| modified \| +\| 4/6/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Choose between Basic Mobility and Security and Intune](/microsoft-365/admin/basic-mobility-security/choose-between-basic-mobility-and-security-and-intune?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Manage multiple tenants](/microsoft-365/admin/multi-tenant/manage?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Add custom and required questions to the booking page](/microsoft-365/bookings/add-questions?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Add staff to Bookings](/microsoft-365/bookings/add-staff?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Microsoft Bookings](/microsoft-365/bookings/bookings-overview?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Configure SMS text notifications and reminders in Microsoft Bookings](/microsoft-365/bookings/bookings-sms?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Comparison chart: Bookings web app vs. Bookings Teams app](/microsoft-365/bookings/comparison-chart?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Create a manual booking](/microsoft-365/bookings/create-a-manual-booking?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Customize and publish your booking page](/microsoft-365/bookings/customize-booking-page?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Define your service offerings in Bookings](/microsoft-365/bookings/define-service-offerings?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Delete a booking calendar](/microsoft-365/bookings/delete-calendar?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Employee working hours in Microsoft Bookings](/microsoft-365/bookings/employee-hours?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Enter your business information](/microsoft-365/bookings/enter-business-information?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Get Access to Microsoft Bookings](/microsoft-365/bookings/get-access?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Get the Microsoft Bookings app for iOS and Android](/microsoft-365/bookings/get-bookings-app?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Metrics and activity tracking in Microsoft Bookings](/microsoft-365/bookings/metrics-and-activity-tracking?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Reporting information for Microsoft Bookings](/microsoft-365/bookings/reporting-info?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Set buffer time in Microsoft Bookings](/microsoft-365/bookings/set-buffer-time?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Set language and time zones in Microsoft Bookings](/microsoft-365/bookings/set-language-time-zones?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Set your scheduling policies](/microsoft-365/bookings/set-scheduling-policies?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Turn Microsoft Bookings on or off](/microsoft-365/bookings/turn-bookings-on-or-off?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [About registration numbers and under-review notifications](/microsoft-365/commerce/about-registration-numbers?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Add licenses to a VLSC subscription](/microsoft-365/commerce/licenses/add-licenses-bought-through-vlsc?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Add licenses using a product key](/microsoft-365/commerce/licenses/add-licenses-using-product-key?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Manage ISV app licenses](/microsoft-365/commerce/licenses/manage-third-party-app-licenses?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Manage SAAS apps for your organization](/microsoft-365/commerce/manage-saas-apps?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Enter your Microsoft Open product key](/microsoft-365/commerce/purchases-from-microsoft-open?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Verify eligibility for Microsoft 365 Education subscriptions](/microsoft-365/commerce/subscriptions/verify-academic-eligibility?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Get started with information barriers](/microsoft-365/compliance/information-barriers-policies?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Connect to Microsoft 365 with PowerShell](/microsoft-365/enterprise/connect-to-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Securing Teams media traffic for VPN split tunneling](/microsoft-365/enterprise/microsoft-365-vpn-securing-teams?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Schedule Microsoft Defender Antivirus protection updates](/microsoft-365/security/defender-endpoint/manage-protection-update-schedule-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Add more SharePoint storage to your subscription](/microsoft-365/commerce/add-storage-space?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Tax Information](/microsoft-365/commerce/billing-and-payments/tax-information?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Understand billing accounts](/microsoft-365/commerce/manage-billing-accounts?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) \| added \| +\| 4/7/2022 \| [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [DeviceLogonEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-devicelogonevents-table?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Overview - Advanced hunting](/microsoft-365/security/defender/advanced-hunting-overview?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Understand the analyst report section in threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Top scoring in industry tests - Microsoft 365 Defender](/microsoft-365/security/defender/top-scoring-industry-tests?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [What's new in Microsoft 365 Defender](/microsoft-365/security/defender/whats-new?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| Evaluate Microsoft Defender for Office 365 \| removed \| +\| 4/7/2022 \| [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Step 5. Deploy device profiles in Microsoft Intune](/microsoft-365/solutions/manage-devices-with-intune-configuration-profiles?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Submit suspicious files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) \| added \| +\| 4/7/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Configure and review priority accounts in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-review-priority-account?view=o365-21vianet) \| added \| +\| 4/7/2022 \| [User tags in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/user-tags?view=o365-21vianet) \| modified \| +\| 4/7/2022 \| [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Microsoft 365 admin center browser usage reports](/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-device-usage-preview?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Microsoft 365 admin center Teams user activity reports](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Enable archive mailboxes for Microsoft Purview](/microsoft-365/compliance/enable-archive-mailboxes?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Apply a document understanding model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-model) \| modified \| +\| 4/8/2022 \| [Create an extractor Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-an-extractor) \| modified \| +\| 4/8/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| +\| 4/8/2022 \| [Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/prebuilt-models) \| modified \| +\| 4/8/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Microsoft 365 group expiration policy](/microsoft-365/solutions/microsoft-365-groups-expiration-policy?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Sensitive information type entity definitions](/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Use setup wizard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [An overview of Microsoft LTI apps](/microsoft-365/lti/index?view=o365-21vianet) \| modified \| +\| 4/8/2022 \| [Submit files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) \| modified \| ++ +## Week of March 21, 2022 ++ +\| Published On \|Topic title \| Change \| +\|\|\|--\| +\| 3/21/2022 \| [Enable shared channels with all external organizations](/microsoft-365/solutions/allow-direct-connect-with-all-organizations?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Collaborate with external participants in a channel](/microsoft-365/solutions/collaborate-teams-direct-connect?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Limit guest sharing to specific organizations](/microsoft-365/solutions/limit-guest-sharing-to-specific-organization?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Limit who can be invited by an organization](/microsoft-365/solutions/limit-invitations-from-specific-organization?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Limit organizations where users can have guest accounts](/microsoft-365/solutions/limit-organizations-where-users-have-guest-accounts?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Limit who can invite guests](/microsoft-365/solutions/limit-who-can-invite-guests?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Plan external collaboration](/microsoft-365/solutions/plan-external-collaboration?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Require conditional access for people outside your organization](/microsoft-365/solutions/trust-conditional-access-from-other-organizations?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Collaborate with guests in a team](/microsoft-365/solutions/collaborate-as-team?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Collaborating with people outside your organization](/microsoft-365/solutions/collaborate-with-people-outside-your-organization?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Configure teams with protection for highly sensitive data](/microsoft-365/solutions/configure-teams-highly-sensitive-protection?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Configure teams with protection for sensitive data](/microsoft-365/solutions/configure-teams-sensitive-protection?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Configure Teams with three tiers of file sharing security](/microsoft-365/solutions/configure-teams-three-tiers-protection?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Create a secure guest sharing environment](/microsoft-365/solutions/create-secure-guest-sharing-environment?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [End of lifecycle options for groups, teams, and Yammer](/microsoft-365/solutions/end-life-cycle-groups-teams-sites-yammer?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Groups services interactions](/microsoft-365/solutions/groups-services-interactions?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Governing access in Microsoft 365 groups, Teams, and SharePoint](/microsoft-365/solutions/groups-teams-access-governance?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Set up secure file and document sharing and collaboration with Teams in Microsoft 365](/microsoft-365/solutions/setup-secure-collaboration-with-teams?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Detect channel signals with communication compliance](/microsoft-365/compliance/communication-compliance-channels?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Get started with Data loss prevention for Power BI](/microsoft-365/compliance/dlp-powerbi-get-started?view=o365-21vianet) \| added \| +\| 3/21/2022 \| [Create and configure retention policies to automatically retain or delete content](/microsoft-365/compliance/create-retention-policies?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Data loss prevention and Microsoft Teams](/microsoft-365/compliance/dlp-microsoft-teams?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [eDiscovery (Premium) limits](/microsoft-365/compliance/limits-ediscovery20?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Limits for Content search and eDiscovery (Standard) in the compliance center](/microsoft-365/compliance/limits-for-content-search?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Learn about retention for Teams](/microsoft-365/compliance/retention-policies-teams?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Configure retention settings to automatically retain or delete content](/microsoft-365/compliance/retention-settings?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Learn about retention policies & labels to automatically retain or delete content](/microsoft-365/compliance/retention?view=o365-21vianet) \| modified \| +\| 3/21/2022 \| [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 admin center SharePoint site usage reports](/microsoft-365/admin/activity-reports/sharepoint-site-usage-ww?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Configurable settings reference for Microsoft Managed Desktop](/microsoft-365/managed-desktop/working-with-managed-desktop/config-setting-ref?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Onboard devices without Internet access to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/onboard-offline-machines?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Enable Modern authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft Purview solutions trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-playbook?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Records Management in Microsoft 365](/microsoft-365/compliance/records-management?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Set up Advanced Audit in Microsoft 365](/microsoft-365/compliance/set-up-advanced-audit?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 documentation # < 60 chars](/microsoft-365/index?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 Security for Business Decision Makers (BDMs)](/microsoft-365/security/microsoft-365-security-for-bdm?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Find ransomware with advanced hunting](/microsoft-365/security/defender/advanced-hunting-find-ransomware?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Get relevant info about an entity with go hunt](/microsoft-365/security/defender/advanced-hunting-go-hunt?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Link query results to an incident](/microsoft-365/security/defender/advanced-hunting-link-to-incident?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Work with advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-query-results?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Data tables in the Microsoft 365 Defender advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-schema-tables?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Take action on advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-take-action?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Create an app to access Microsoft 365 Defender APIs on behalf of a user](/microsoft-365/security/defender/api-create-app-user-context?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Create an app to access Microsoft 365 Defender without a user](/microsoft-365/security/defender/api-create-app-web?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Hello World for Microsoft 365 Defender REST API](/microsoft-365/security/defender/api-hello-world?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Partner access through Microsoft 365 Defender APIs](/microsoft-365/security/defender/api-partner-access?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Configure your Event Hub](/microsoft-365/security/defender/configure-event-hub?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender](/microsoft-365/security/defender/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Create and manage custom detection rules in Microsoft 365 Defender](/microsoft-365/security/defender/custom-detection-rules?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Device profile in Microsoft 365 security portal](/microsoft-365/security/defender/device-profile?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Review Microsoft Defender for Endpoint architecture requirements and key concepts](/microsoft-365/security/defender/eval-defender-endpoint-architecture?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Enable Microsoft Defender for Endpoint evaluation](/microsoft-365/security/defender/eval-defender-endpoint-enable-eval?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Step 4. Evaluate Microsoft Defender for Endpoint overview, including reviewing the architecture](/microsoft-365/security/defender/eval-defender-endpoint-overview?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Pilot Microsoft Defender for Endpoint](/microsoft-365/security/defender/eval-defender-endpoint-pilot?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Review architecture requirements and the technical framework for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-architecture?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Enable the evaluation environment for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-enable-eval?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Step 2. An Overview of Microsoft 365 Defender for Identity evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Pilot Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-pilot?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Try Microsoft 365 Defender incident response capabilities in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-additional?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Run an attack simulation in a Microsoft 365 Defender pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-simulate-attack?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Pilot Microsoft Defender for Office 365, use the evaluation in your production environment](/microsoft-365/security/defender/eval-defender-office-365-pilot?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft cloud architecture models - enterprise resource planning](/microsoft-365/solutions/cloud-architecture-models?view=o365-21vianet) \| modified \| +\| 3/22/2022 \| [Microsoft 365 productivity illustrations](/microsoft-365/solutions/productivity-illustrations?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Top 20 most-viewed admin help articles this month # < 60 chars](/microsoft-365/admin/top-m365-admin-articles?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Learn about auto-expanding archiving](/microsoft-365/compliance/autoexpanding-archiving?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Change history for Microsoft Managed Desktop documentation](/microsoft-365/managed-desktop/change-history-managed-desktop?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| Microsoft Security Guidance - Political campaigns & nonprofits \| removed \| +\| 3/23/2022 \| [Insider risk management cases](/microsoft-365/compliance/insider-risk-management-cases?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Configure Microsoft 365 Lighthouse portal security](/microsoft-365/lighthouse/m365-lighthouse-configure-portal-security?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Microsoft 365 Lighthouse frequently asked questions (FAQs)](/microsoft-365/lighthouse/m365-lighthouse-faq?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Requirements for Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-requirements?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Threat Explorer and Real-time detections basics in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/real-time-detections?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Remove yourself from the blocked senders list and address 5.7.511 Access denied errors](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Microsoft 365 solution and architecture center # < 60 chars](/microsoft-365/solutions/index?view=o365-21vianet) \| modified \| +\| 3/23/2022 \| [Microsoft 365 productivity illustrations](/microsoft-365/solutions/productivity-illustrations?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Onboard macOS devices into Microsoft 365 overview (preview)](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Microsoft 365 Lighthouse Windows 365 (Cloud PCs) page overview](/microsoft-365/lighthouse/m365-lighthouse-win365-page-overview?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Manage Microsoft feedback for your organization](/microsoft-365/admin/manage/manage-feedback-ms-org?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Azure Active Directory setup guides](/microsoft-365/admin/misc/azure-ad-setup-guides?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [GDPR simplified A guide for your small business](/microsoft-365/admin/security-and-compliance/gdpr-compliance?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Increase threat protection for Microsoft 365 Business Premium](/microsoft-365/admin/security-and-compliance/set-up-compliance?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Set up Windows devices for Microsoft 365 Business Premium users](/microsoft-365/admin/setup/set-up-windows-devices?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Increase threat protection for Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-increase-protection?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Outbound delivery pools](/microsoft-365/security/office-365-security/high-risk-delivery-pool-for-outbound-messages?view=o365-21vianet) \| modified \| +\| 3/24/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Customer Lockbox Requests](/microsoft-365/compliance/customer-lockbox-requests?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Get started driving adoption of Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-getstarted) \| modified \| +\| 3/25/2022 \| [Scenarios and use cases for Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-scenarios) \| modified \| +\| 3/25/2022 \| [Run a trial of Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/trial-syntex) \| modified \| +\| 3/25/2022 \| [Manage Skype for Business Online with PowerShell](/microsoft-365/enterprise/manage-skype-for-business-online-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure advanced features in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/advanced-features?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Advanced hunting schema reference](/microsoft-365/security/defender-endpoint/advanced-hunting-schema-reference?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [View and organize the Microsoft Defender for Endpoint Alerts queue](/microsoft-365/security/defender-endpoint/alerts-queue?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Provide feedback on the Microsoft Defender for Endpoint Client Analyzer tool](/microsoft-365/security/defender-endpoint/analyzer-feedback?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Understand the client analyzer HTML report](/microsoft-365/security/defender-endpoint/analyzer-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure Microsoft Defender for Endpoint risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune](/microsoft-365/security/defender-endpoint/android-intune?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Hello World for Microsoft Defender for Endpoint API](/microsoft-365/security/defender-endpoint/api-hello-world?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [How to use Power Automate Connector to set up a Flow for events](/microsoft-365/security/defender-endpoint/api-microsoft-flow?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint APIs connection to Power BI](/microsoft-365/security/defender-endpoint/api-power-bi?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Implement attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Operationalize attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Plan ASR rules attack surface reduction deployment rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Test attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [ASR rules deployment prerequisites](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use attack surface reduction rules to prevent malware infection](/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Visit the Action center to see remediation actions](/microsoft-365/security/defender-endpoint/auto-investigation-action-center?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Collaborate with external participants in a channel](/microsoft-365/solutions/collaborate-teams-direct-connect?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft 365 Security for Business Decision Makers (BDMs)](/microsoft-365/security/microsoft-365-security-for-bdm?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage active content in Office documents for IT admins](/microsoft-365/security/active-content-in-trusted-docs?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Behavioral blocking and containment](/microsoft-365/security/defender-endpoint/behavioral-blocking-containment?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Check the health state of the sensor at Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/check-sensor-status?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Client behavioral blocking](/microsoft-365/security/defender-endpoint/client-behavioral-blocking?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Cloud protection and sample submission at Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Cloud protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Collect diagnostic data of Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/collect-diagnostic-data?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable block at first sight to detect malware in seconds](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard Windows devices to Microsoft Defender for Endpoint via Group Policy](/microsoft-365/security/defender-endpoint/configure-endpoints-gp?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard Windows devices using Configuration Manager](/microsoft-365/security/defender-endpoint/configure-endpoints-sccm?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard Windows devices using a local script](/microsoft-365/security/defender-endpoint/configure-endpoints-script?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboarding tools and methods for Windows devices](/microsoft-365/security/defender-endpoint/configure-endpoints?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure and validate exclusions based on extension, name, or location](/microsoft-365/security/defender-endpoint/configure-extension-file-exclusions-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Optimize ASR rule deployment and detections](/microsoft-365/security/defender-endpoint/configure-machines-asr?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Get devices onboarded to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-machines-onboarding?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Increase compliance to the Microsoft Defender for Endpoint security baseline](/microsoft-365/security/defender-endpoint/configure-machines-security-baseline?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Ensure your devices are configured properly](/microsoft-365/security/defender-endpoint/configure-machines?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure and manage Microsoft Threat Experts capabilities](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure and validate Microsoft Defender Antivirus network connections](/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure device proxy and Internet connection settings](/microsoft-365/security/defender-endpoint/configure-proxy-internet?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable and configure Microsoft Defender Antivirus protection capabilities](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Connected applications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/connected-applications?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Contact Microsoft Defender for Endpoint support](/microsoft-365/security/defender-endpoint/contact-support?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable Corelight integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/corelight-integration?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Customize controlled folder access](/microsoft-365/security/defender-endpoint/customize-controlled-folders?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Data collection for advanced troubleshooting on Windows](/microsoft-365/security/defender-endpoint/data-collection-analyzer?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deployment phases](/microsoft-365/security/defender-endpoint/deployment-phases?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint in rings](/microsoft-365/security/defender-endpoint/deployment-rings?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Plan your Microsoft Defender for Endpoint deployment](/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Protect your organization's data with device control](/microsoft-365/security/defender-endpoint/device-control-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint device timeline event flags](/microsoft-365/security/defender-endpoint/device-timeline-event-flag?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Turn on cloud protection in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable controlled folder access](/microsoft-365/security/defender-endpoint/enable-controlled-folders?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Turn on exploit protection to help mitigate against attacks](/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable Microsoft Defender for IoT integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Turn on network protection](/microsoft-365/security/defender-endpoint/enable-network-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Evaluate network protection](/microsoft-365/security/defender-endpoint/evaluate-network-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint evaluation lab](/microsoft-365/security/defender-endpoint/evaluation-lab?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use Microsoft Defender for Endpoint APIs](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-nativeapp?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create an Application to access Microsoft Defender for Endpoint without a user](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-partners?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create an app to access Microsoft Defender for Endpoint without a user](/microsoft-365/security/defender-endpoint/exposed-apis-create-app-webapp?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Grant access to managed security service provider (MSSP)](/microsoft-365/security/defender-endpoint/grant-mssp-access?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Host firewall reporting in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Import, export, and deploy exploit protection configurations](/microsoft-365/security/defender-endpoint/import-export-exploit-protection-emet-xml?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create indicators for files](/microsoft-365/security/defender-endpoint/indicator-file?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use sensitivity labels to prioritize incident response](/microsoft-365/security/defender-endpoint/information-protection-investigation?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/investigate-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate connection events that occur behind forward proxies](/microsoft-365/security/defender-endpoint/investigate-behind-proxy?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate Microsoft Defender for Endpoint files](/microsoft-365/security/defender-endpoint/investigate-files?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate incidents in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-incidents?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate devices in the Defender for Endpoint Devices list](/microsoft-365/security/defender-endpoint/investigate-machines?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate a user account in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-user?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-install-unmanaged?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [App-based deployment for Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-install?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot issues and find answers on FAQs related to Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-troubleshoot?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable the limited periodic Microsoft Defender Antivirus scanning feature](/microsoft-365/security/defender-endpoint/limited-periodic-scanning-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Ansible](/microsoft-365/security/defender-endpoint/linux-install-with-ansible?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy Microsoft Defender for Endpoint on Linux with Puppet](/microsoft-365/security/defender-endpoint/linux-install-with-puppet?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [How to schedule scans with Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-schedule-scan-mde?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Device control for macOS](/microsoft-365/security/defender-endpoint/mac-device-control-overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure and validate exclusions for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-exclusions?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Log in to Jamf Pro](/microsoft-365/security/defender-endpoint/mac-install-jamfpro-login?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manual deployment for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-install-manually?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Intune-based deployment for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-install-with-intune?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Set up device groups in Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-device-groups?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enroll Microsoft Defender for Endpoint on macOS devices into Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-enroll-devices?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro](/microsoft-365/security/defender-endpoint/mac-jamfpro-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot kernel extension issues in Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-support-kext?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot license issues for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-support-license?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot performance issues for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-support-perf?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [New configuration profiles for macOS Catalina and newer versions of macOS](/microsoft-365/security/defender-endpoint/mac-sysext-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Deploy updates for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-updates?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Device health and compliance report in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/machine-reports?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create and manage device tags](/microsoft-365/security/defender-endpoint/machine-tags?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Device inventory](/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/manage-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint incidents](/microsoft-365/security/defender-endpoint/manage-incidents?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Overview of management and APIs](/microsoft-365/security/defender-endpoint/management-apis?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Device Installation](/microsoft-365/security/defender-endpoint/mde-device-control-device-installation?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-maintenance-operations?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Set up and configure Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Get started with Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-plan1-getting-started?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender Antivirus on Windows Server](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-mac?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender Offline in Windows](/microsoft-365/security/defender-endpoint/microsoft-defender-offline?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender Antivirus in the Windows Security app](/microsoft-365/security/defender-endpoint/microsoft-defender-security-center-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Threat Experts](/microsoft-365/security/defender-endpoint/microsoft-threat-experts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Minimum requirements for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Network device discovery and vulnerability management](/microsoft-365/security/defender-endpoint/network-devices?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard previous versions of Windows on Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/onboard-downlevel?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboarding using Microsoft Endpoint Configuration Manager](/microsoft-365/security/defender-endpoint/onboarding-endpoint-configuration-manager?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboarding using Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/onboarding-endpoint-manager?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create an onboarding or offboarding notification rule](/microsoft-365/security/defender-endpoint/onboarding-notification?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Onboard to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/onboarding?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Hide the Microsoft Defender Antivirus interface](/microsoft-365/security/defender-endpoint/prevent-end-user-interaction-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Turn on the preview experience in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/preview-settings?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Endpoint Device Control Printer Protection](/microsoft-365/security/defender-endpoint/printer-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Set up Microsoft Defender for Endpoint deployment](/microsoft-365/security/defender-endpoint/production-deployment?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Stream Microsoft Defender for Endpoint events to Azure Event Hubs](/microsoft-365/security/defender-endpoint/raw-data-export-event-hub?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Stream Microsoft Defender for Endpoint events to your Storage account](/microsoft-365/security/defender-endpoint/raw-data-export-storage?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Review alerts in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/review-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Review the results of Microsoft Defender Antivirus scans](/microsoft-365/security/defender-endpoint/review-scan-results-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Run the client analyzer on Windows](/microsoft-365/security/defender-endpoint/run-analyzer-windows?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Run a detection test on a device to verify it has been properly onboarded to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/run-detection-test?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender Security Center Security operations dashboard](/microsoft-365/security/defender-endpoint/security-operations-dashboard?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Make the switch from non-Microsoft endpoint protection to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/switch-to-mde-overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Prepare](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-1?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Setup](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-2?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Switch to Microsoft Defender for Endpoint - Onboard](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-3?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Techniques in the device timeline](/microsoft-365/security/defender-endpoint/techniques-device-timeline?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Understand the analyst report section in threat analytics.](/microsoft-365/security/defender-endpoint/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Track and respond to emerging threats with Microsoft Defender for Endpoint threat analytics](/microsoft-365/security/defender-endpoint/threat-analytics?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Event timeline in threat and vulnerability management](/microsoft-365/security/defender-endpoint/threat-and-vuln-mgt-event-timeline?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Threat protection report in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/threat-protection-reports?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft 365 Defender time zone settings](/microsoft-365/security/defender-endpoint/time-settings?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Report and troubleshoot Microsoft Defender for Endpoint ASR Rules](/microsoft-365/security/defender-endpoint/troubleshoot-asr-rules?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Collect support logs in Microsoft Defender for Endpoint using live response](/microsoft-365/security/defender-endpoint/troubleshoot-collect-support-log?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot onboarding issues and error messages](/microsoft-365/security/defender-endpoint/troubleshoot-onboarding-error-messages?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot Microsoft Defender for Endpoint onboarding issues](/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot performance issues](/microsoft-365/security/defender-endpoint/troubleshoot-performance-issues?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Troubleshoot onboarding issues related to Security Management for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/troubleshoot-security-config-mgt?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Assign device value - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-assign-device-value?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Dashboard insights - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-dashboard-insights?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Plan for end-of-support software and software versions](/microsoft-365/security/defender-endpoint/tvm-end-of-support-software?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create and view exceptions for security recommendations - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-exception?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Exposure score in threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-exposure-score?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Secure Score for Devices](/microsoft-365/security/defender-endpoint/tvm-microsoft-secure-score-devices?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Security recommendations by threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-security-recommendation?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Software inventory in threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-software-inventory?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Vulnerable devices report - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-vulnerable-devices-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Vulnerabilities in my organization - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-weaknesses?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Mitigate zero-day vulnerabilities - threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-zero-day-vulnerabilities?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [View and organize the Incidents queue](/microsoft-365/security/defender-endpoint/view-incidents-queue?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Web content filtering](/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Monitoring web browsing security in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/web-protection-monitoring?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Web protection](/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Respond to web threats in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/web-protection-response?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Why cloud protection should be enabled for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/why-cloud-protection-should-be-on-mdav?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure Directory Services account in Microsoft Defender for Identity](/microsoft-365/security/defender-identity/directory-service-accounts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity entity tags in Microsoft 365 Defender](/microsoft-365/security/defender-identity/entity-tags?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity detection exclusions in Microsoft 365 Defender](/microsoft-365/security/defender-identity/exclusions?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity security alerts in Microsoft 365 Defender](/microsoft-365/security/defender-identity/manage-security-alerts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity notifications in Microsoft 365 Defender](/microsoft-365/security/defender-identity/notifications?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity sensor health and settings in Microsoft 365 Defender](/microsoft-365/security/defender-identity/sensor-health?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Identity VPN integration in Microsoft 365 Defender](/microsoft-365/security/defender-identity/vpn-integration?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [About the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/about-defender-for-office-365-trial?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Address compromised user accounts with automated investigation and response](/microsoft-365/security/office-365-security/address-compromised-users-quickly?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Admin review for reported messages](/microsoft-365/security/office-365-security/admin-review-reported-message?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage submissions](/microsoft-365/security/office-365-security/admin-submission?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Anti-spoofing protection](/microsoft-365/security/office-365-security/anti-spoofing-protection?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Attack simulation training deployment considerations and FAQ](/microsoft-365/security/office-365-security/attack-simulation-training-faq?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Insights and reports Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-insights?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create custom payloads for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Protection features in Azure Information Protection rolling out to existing tenants](/microsoft-365/security/office-365-security/azure-ip-protection-features?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Campaign Views in Microsoft Defender for Office 365 Plan](/microsoft-365/security/office-365-security/campaigns?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configuration analyzer for security policies](/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Create safe sender lists](/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Email security with Threat Explorer in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-security-in-microsoft-defender?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/enable-the-report-message-add-in?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Identity and device access policies for allowing guest and external user B2B access - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies-guest-access?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Impersonation insight](/microsoft-365/security/office-365-security/impersonation-insight?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use Microsoft Defender for Office 365 together with Microsoft Defender for Endpoint](/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Spoof intelligence insight](/microsoft-365/security/office-365-security/learn-about-spoof-intelligence?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Mail flow insights in the Mail flow dashboard](/microsoft-365/security/office-365-security/mail-flow-insights-v2?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/manage-quarantined-messages-and-files?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage your allows in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/manage-tenant-allows?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Recommended Microsoft Defender for Cloud Apps policies for SaaS apps - Microsoft 365 Enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/mcas-saas-access-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [The Microsoft Defender for Office 365 email entity page](/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/mdo-for-spo-odb-and-teams?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Auto-forwarded messages insight](/microsoft-365/security/office-365-security/mfi-auto-forwarded-messages-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Top domain mail flow status insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-domain-mail-flow-status-insight?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Mail flow map](/microsoft-365/security/office-365-security/mfi-mail-flow-map-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Fix possible mail loop insight](/microsoft-365/security/office-365-security/mfi-mail-loop-insight?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [New domains being forwarded email insight](/microsoft-365/security/office-365-security/mfi-new-domains-being-forwarded-email?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [New users forwarding email insight](/microsoft-365/security/office-365-security/mfi-new-users-forwarding-email?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Non-accepted domain report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-accepted-domain-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Non-delivery report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-non-delivery-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Outbound and inbound mail flow insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-outbound-and-inbound-mail-flow?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Queues insight in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-queue-alerts-and-queues?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Fix slow mail flow rules insight](/microsoft-365/security/office-365-security/mfi-slow-mail-flow-rules-insight?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [SMTP Auth clients insight and report in the Mail flow dashboard](/microsoft-365/security/office-365-security/mfi-smtp-auth-clients-report?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 3: Onboard](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-onboard?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 1: Prepare](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-prepare?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Migrate to Microsoft Defender for Office 365 Phase 2: Setup](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-setup?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Monitor for leaks of personal data](/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2](/microsoft-365/security/office-365-security/office-365-ti?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO](/microsoft-365/security/office-365-security/old-index?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Office 365 Security including Microsoft Defender for Office 365 and Exchange Online Protection](/microsoft-365/security/office-365-security/overview?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Permissions in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/permissions-microsoft-365-security-center?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Step-by-step threat protection stack in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/protection-stack-microsoft-defender-for-office365?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Report false positives and false negatives in Outlook](/microsoft-365/security/office-365-security/report-false-positives-and-false-negatives?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Smart reports, insights - Microsoft 365 Security & Compliance Center](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Safe Documents in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-docs?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Security dashboard overview](/microsoft-365/security/office-365-security/security-dashboard?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Security recommendations for priority accounts in Microsoft 365, priority accounts, priority accounts in Office 365, priority accounts in Microsoft 365](/microsoft-365/security/office-365-security/security-recommendations-for-priority-accounts?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Submit malware and non-malware to Microsoft for analysis](/microsoft-365/security/office-365-security/submitting-malware-and-non-malware-to-microsoft-for-analysis?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Recommended Teams policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/teams-access-policies?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Threat hunting in Threat Explorer for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/threat-hunting-in-threat-explorer?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Microsoft Defender for Office 365 trial playbook](/microsoft-365/security/office-365-security/trial-playbook-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [How to use DKIM for email in your custom domain](/microsoft-365/security/office-365-security/use-dkim-to-validate-outbound-email?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use DMARC to validate email, setup steps](/microsoft-365/security/office-365-security/use-dmarc-to-validate-email?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Use Azure Privileged Identity Management (PIM) in Microsoft Defender for Office 365 to limit admin access to cyber security tools.](/microsoft-365/security/office-365-security/use-privileged-identity-management-in-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Quarantine notifications (end-user spam notifications) in Microsoft 365](/microsoft-365/security/office-365-security/use-spam-notifications-to-release-and-report-quarantined-messages?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Remove yourself from the blocked senders list and address 5.7.511 Access denied errors](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [View mail flow reports in the Reports dashboard](/microsoft-365/security/office-365-security/view-mail-flow-reports?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Manage spoofed senders using the spoof intelligence policy and spoof intelligence insight](/microsoft-365/security/office-365-security/walkthrough-spoof-intelligence-insight?view=o365-21vianet) \| modified \| +\| 3/25/2022 \| [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work?view=o365-21vianet) \| modified \| ++ +## Week of March 14, 2022 ++ +\| Published On \|Topic title \| Change \| +\|\|\|--\| +\| 3/14/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Get started with content explorer](/microsoft-365/compliance/data-classification-content-explorer?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Use Office 365 Content Delivery Network (CDN) with SharePoint Online](/microsoft-365/enterprise/use-microsoft-365-cdn-with-spo?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [How to check Microsoft 365 service health](/microsoft-365/enterprise/view-service-health?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft Defender for Endpoint - Mobile Threat Defense](/microsoft-365/security/defender-endpoint/mtd?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/enable-the-report-message-add-in?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Enable Modern Authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft 365 auditing solutions](/microsoft-365/compliance/auditing-solutions-overview?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft 365 eDiscovery solutions](/microsoft-365/compliance/ediscovery?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Create documents using content assembly in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/content-assembly) \| modified \| +\| 3/14/2022 \| [Office 365 IP Address and URL web service](/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Network connectivity in the Microsoft 365 Admin Center](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft 365 network assessment](/microsoft-365/enterprise/office-365-network-mac-perf-score?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Overview of Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-overview?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Microsoft 365 Apps for enterprise](/microsoft-365/managed-desktop/get-started/m365-apps?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Configurable settings reference for Microsoft Managed Desktop](/microsoft-365/managed-desktop/working-with-managed-desktop/config-setting-ref?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| +\| 3/14/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Idle session timeout for Microsoft 365](/microsoft-365/admin/manage/idle-session-timeout-web-apps?view=o365-21vianet) \| added \| +\| 3/15/2022 \| [Enable Modern Authentication for Office 2013 on Windows devices](/microsoft-365/admin/security-and-compliance/enable-modern-authentication?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Customer Lockbox Requests](/microsoft-365/compliance/customer-lockbox-requests?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Use sensitivity labels with Microsoft Teams, Microsoft 365 groups, and SharePoint sites](/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Create documents using content assembly in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/content-assembly) \| modified \| +\| 3/15/2022 \| [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Deploy Microsoft 365 Lighthouse baselines](/microsoft-365/lighthouse/m365-lighthouse-deploy-baselines?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Overview of using baselines to deploy standard tenant configurations](/microsoft-365/lighthouse/m365-lighthouse-deploy-standard-tenant-configurations-overview?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Create the Microsoft 365 Defender Evaluation Environment for greater cyber security and XDR](/microsoft-365/security/defender/eval-create-eval-environment?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Step 2. An Overview of Microsoft 365 Defender for Identity evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Evaluate and pilot Microsoft 365 Defender, an XDR solution](/microsoft-365/security/defender/eval-overview?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Define mail flow rules to encrypt email messages](/microsoft-365/compliance/define-mail-flow-rules-to-encrypt-email?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Differences between estimated and actual eDiscovery search results](/microsoft-365/compliance/differences-between-estimated-and-actual-ediscovery-search-results?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Microsoft 365 eDiscovery solutions](/microsoft-365/compliance/ediscovery?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Restrict access to content using sensitivity labels to apply encryption](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Get started with the Microsoft Service Trust Portal](/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Manage Office 365 Message Encryption](/microsoft-365/compliance/manage-office-365-message-encryption?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| Meet data protection and regulatory requirements with Compliance Manager for Microsoft cloud services \| removed \| +\| 3/15/2022 \| [Advanced Message Encryption](/microsoft-365/compliance/ome-advanced-message-encryption?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Revoke email encrypted by Advanced Message Encryption](/microsoft-365/compliance/revoke-ome-encrypted-mail?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Known issues with Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-known-issues?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Set up roles to manage customer tenants](/microsoft-365/lighthouse/m365-lighthouse-set-up-roles?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Best practices for unauthenticated sharing](/microsoft-365/solutions/best-practices-anonymous-sharing?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/15/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Top 20 most-viewed admin help articles this month # < 60 chars](/microsoft-365/admin/top-m365-admin-articles?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Working with device groups in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-device-groups-mdb?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Review remediation actions in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-review-remediation-actions-devices?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Set up Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-setup?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Archive Slack eDiscovery data to Microsoft 365 using a data connector provided by Microsoft](/microsoft-365/compliance/archive-slack-data-microsoft?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard macOS devices into Microsoft 365 overview (preview)](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune-mde?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard and offboard macOS devices into Microsoft Purview solutions using Microsoft Intune (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Design a Data loss prevention policy](/microsoft-365/compliance/dlp-policy-design?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Learn about named entities (preview)](/microsoft-365/compliance/named-entities-learn?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Use named entities in your data loss prevention policies (preview)](/microsoft-365/compliance/named-entities-use?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Common usage scenarios for sensitive information types](/microsoft-365/compliance/sit-common-scenarios?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Get started with exact data match based sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-based-sits-overview?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Create exact data match sensitive information type/rule package](/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Create the schema for exact data match based sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-create-schema?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Export source data for exact data match based sensitive information type](/microsoft-365/compliance/sit-get-started-exact-data-match-export-data?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Hash and upload the sensitive information source table for exact data match sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-hash-upload?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Test an exact data match sensitive information type](/microsoft-365/compliance/sit-get-started-exact-data-match-test?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Learn about exact data match based sensitive information types](/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Manage your exact data match schema](/microsoft-365/compliance/sit-use-exact-data-manage-schema?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Refresh your exact data matchsensitive information source table file](/microsoft-365/compliance/sit-use-exact-data-refresh-data?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Search for metadata in document libraries in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/metadata-search) \| modified \| +\| 3/16/2022 \| [Work with document understanding model explanations in PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-explanations) \| modified \| +\| 3/16/2022 \| [Export and import document understanding models with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-import-export) \| modified \| +\| 3/16/2022 \| [Manage SharePoint Syntex with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-intro) \| modified \| +\| 3/16/2022 \| [Use PowerShell to request processing by a document understanding model](/microsoft-365/contentunderstanding/powershell-syntex-processing) \| modified \| +\| 3/16/2022 \| [Publish document understanding models with PowerShell](/microsoft-365/contentunderstanding/powershell-syntex-publishing) \| modified \| +\| 3/16/2022 \| [Localize the user experience](/microsoft-365/managed-desktop/get-started/localization?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Shared devices](/microsoft-365/managed-desktop/service-description/shared-devices?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Device groups in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-create-edit-device-groups?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Manage custom rules for firewall policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-custom-rules-firewall?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Microsoft 365 Lighthouse and Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-lighthouse-integration?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Manage devices in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-manage-devices?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Review remediation actions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-review-remediation-actions?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Microsoft Defender for Business troubleshooting](/microsoft-365/security/defender-business/mdb-troubleshooting?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Configure Microsoft Defender for Endpoint risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Integration with Microsoft Defender for Cloud](/microsoft-365/security/defender-endpoint/azure-server-integration?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Delete a file from the live response library](/microsoft-365/security/defender-endpoint/delete-library?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [App-based deployment for Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-install?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [List library files](/microsoft-365/security/defender-endpoint/list-library-files?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Live response library methods and properties](/microsoft-365/security/defender-endpoint/live-response-library-methods?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/security-config-management?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Server migration scenarios for the new version of Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/server-migration?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Upload files to the live response library](/microsoft-365/security/defender-endpoint/upload-library?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Link query results to an incident](/microsoft-365/security/defender/advanced-hunting-link-to-incident?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Train your security staff for Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender-train-security-staff?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [End-user notifications for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-traning-end-user-notifications?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Microsoft Compliance Configuration Analyzer for Compliance Manager](/microsoft-365/compliance/compliance-manager-mcca?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Get started with Microsoft Compliance Manager](/microsoft-365/compliance/compliance-manager-setup?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Get started with the Microsoft Service Trust Portal](/microsoft-365/compliance/get-started-with-service-trust-portal?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Readiness assessment tools](/microsoft-365/managed-desktop/get-ready/readiness-assessment-tool?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) \| modified \| +\| 3/16/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Create and configure retention policies to automatically retain or delete content](/microsoft-365/compliance/create-retention-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Evaluate and pilot Microsoft 365 Defender, an XDR solution](/microsoft-365/security/defender/eval-overview?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| Redirecting accounts from Office 365 Security and Compliance Center to the new Microsoft 365 Defender \| removed \| +\| 3/17/2022 \| [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-mdo-anti-phishing-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Permissions - Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Basic Mobility and Security frequently-asked questions (FAQ)](/microsoft-365/admin/basic-mobility-security/frequently-asked-questions?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Centralized Deployment FAQ](/microsoft-365/admin/manage/centralized-deployment-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 Business Premium frequently asked questions](/microsoft-365/admin/misc/microsoft-365-business-faqs?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Domains Frequently Asked Questions](/microsoft-365/admin/setup/domains-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Bookings Frequently Asked Questions](/microsoft-365/bookings/bookings-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Downloads Frequently Asked Questions](/microsoft-365/commerce/licenses/downloads-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Online service activation for Open program Frequently Asked Questions](/microsoft-365/commerce/licenses/online-service-activation-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Product keys Frequently Asked Questions](/microsoft-365/commerce/licenses/product-keys-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Home Use Program frequently-asked questions (FAQ)](/microsoft-365/commerce/microsoft-home-use-program-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Self-service purchase FAQ](/microsoft-365/commerce/subscriptions/self-service-purchase-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Compliance Manager premium assessments trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-manager-assessment-playbook?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Purview solutions trial playbook](/microsoft-365/compliance/compliance-easy-trials-compliance-playbook?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [About the Microsoft Purview trial](/microsoft-365/compliance/compliance-easy-trials?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Compliance Manager FAQ](/microsoft-365/compliance/compliance-manager-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [FAQ about importing PST files](/microsoft-365/compliance/faqimporting-pst-files-to-office-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Message Encryption FAQ](/microsoft-365/compliance/ome-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Plan for security & compliance](/microsoft-365/compliance/plan-for-security-and-compliance?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Protect user and device access](/microsoft-365/compliance/protect-access-to-data-and-services?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Set up encryption in Office 365 Enterprise](/microsoft-365/compliance/set-up-encryption?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Purview trial terms and conditions](/microsoft-365/compliance/terms-conditions?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Address space calculator for Azure gateway subnets](/microsoft-365/enterprise/address-space-calculator-for-azure-gateway-subnets?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Test Microsoft 365 with Test Lab Guides (TLGs)](/microsoft-365/enterprise/cloud-adoption-test-lab-guides-tlgs?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Create SharePoint Online sites and add users with PowerShell](/microsoft-365/enterprise/create-sharepoint-sites-and-add-users-with-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Data move general FAQ](/microsoft-365/enterprise/data-move-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Get started with PowerShell for Microsoft 365](/microsoft-365/enterprise/getting-started-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Hybrid solutions](/microsoft-365/enterprise/hybrid-solutions?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Integrated apps and Azure AD for Microsoft 365 administrators](/microsoft-365/enterprise/integrated-apps-and-azure-ads?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 for enterprise Test Lab Guides](/microsoft-365/enterprise/m365-enterprise-test-lab-guides?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage Microsoft 365 with PowerShell](/microsoft-365/enterprise/manage-microsoft-365-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage Microsoft 365 with Windows PowerShell for DAP partners](/microsoft-365/enterprise/manage-microsoft-365-with-windows-powershell-for-delegated-access-permissions-dap-p?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage SharePoint with PowerShell](/microsoft-365/enterprise/manage-sharepoint-online-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage SharePoint Online site groups with PowerShell](/microsoft-365/enterprise/manage-sharepoint-site-groups-with-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage SharePoint Online users and groups with PowerShell](/microsoft-365/enterprise/manage-sharepoint-users-and-groups-with-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage Microsoft 365 user accounts, licenses, and groups with PowerShell](/microsoft-365/enterprise/manage-user-accounts-and-licenses-with-microsoft-365-powershell?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 endpoints](/microsoft-365/enterprise/microsoft-365-endpoints?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 community resources for PowerShell](/microsoft-365/enterprise/microsoft-365-powershell-community-resources?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Set up your network for Microsoft 365](/microsoft-365/enterprise/set-up-network-for-microsoft-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Skype for Business Online in Office 365 - Admin Help](/microsoft-365/enterprise/skype-for-business-online?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Use PowerShell to migrate email to Microsoft 365](/microsoft-365/enterprise/use-powershell-for-email-migration-to-microsoft-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Use PowerShell to create reports for Microsoft 365](/microsoft-365/enterprise/use-windows-powershell-to-create-reports-in-microsoft-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 Lighthouse frequently asked questions (FAQs)](/microsoft-365/lighthouse/m365-lighthouse-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Defender for Business troubleshooting](/microsoft-365/security/defender-business/mdb-troubleshooting?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Attack surface reduction frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/attack-surface-reduction-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [About the Microsoft Defender for Office 365 trial](/microsoft-365/security/office-365-security/about-defender-for-office-365-trial?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Manage submissions](/microsoft-365/security/office-365-security/admin-submission?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [ASF settings in EOP](/microsoft-365/security/office-365-security/advanced-spam-filtering-asf-options?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Alerts in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/alerts?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-malware protection FAQ](/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-spam and anti-malware protection](/microsoft-365/security/office-365-security/anti-spam-and-anti-malware-protection?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-spam message headers](/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-spam protection FAQ](/microsoft-365/security/office-365-security/anti-spam-protection-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-spoofing protection FAQ](/microsoft-365/security/office-365-security/anti-spoofing-protection-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Bulk complaint level values](/microsoft-365/security/office-365-security/bulk-complaint-level-values?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Configure junk email settings on Exchange Online mailboxes](/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Delegated administration FAQ](/microsoft-365/security/office-365-security/delegated-administration-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [EOP general FAQ](/microsoft-365/security/office-365-security/eop-general-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [EOP queued, deferred, and bounced messages FAQ](/microsoft-365/security/office-365-security/eop-queued-deferred-and-bounced-messages-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Monitor for leaks of personal data](/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Evaluate Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-evaluation?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2](/microsoft-365/security/office-365-security/office-365-ti?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO](/microsoft-365/security/office-365-security/old-index?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Office 365 Security including Microsoft Defender for Office 365 and Exchange Online Protection](/microsoft-365/security/office-365-security/overview?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Permissions in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/permissions-microsoft-365-security-center?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Protect against threats in Microsoft Defender for Office 365, Anti-malware, Anti-Phishing, Anti-spam, Safe links, Safe attachments, Zero-hour auto purge (ZAP), MDO security configuration](/microsoft-365/security/office-365-security/protect-against-threats?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Quarantined messages FAQ](/microsoft-365/security/office-365-security/quarantine-faq?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Report spam, non-spam, and phishing messages to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Reporting and message trace](/microsoft-365/security/office-365-security/reporting-and-message-trace-in-exchange-online-protection?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Smart reports, insights - Microsoft 365 Security & Compliance Center](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Security dashboard overview](/microsoft-365/security/office-365-security/security-dashboard?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Security recommendations for priority accounts in Microsoft 365, priority accounts, priority accounts in Office 365, priority accounts in Microsoft 365](/microsoft-365/security/office-365-security/security-recommendations-for-priority-accounts?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft 365 security roadmap - Top priorities](/microsoft-365/security/office-365-security/security-roadmap?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Sending mail to Microsoft 365](/microsoft-365/security/office-365-security/sending-mail-to-office-365?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Services for non-customers sending mail to Microsoft 365](/microsoft-365/security/office-365-security/services-for-non-customers?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Recommended Teams policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/teams-access-policies?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Threat Explorer and Real-time detections](/microsoft-365/security/office-365-security/threat-explorer?view=o365-21vianet) \| modified \| +\| 3/17/2022 \| [Microsoft Defender for Office 365 trial playbook](/microsoft-365/security/office-365-security/trial-playbook-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Document metadata fields in eDiscovery (Premium)](/microsoft-365/compliance/document-metadata-fields-in-advanced-ediscovery?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Apply a sensitivity label to a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-sensitivity-label-to-a-model) \| modified \| +\| 3/18/2022 \| [Fix issues found by the readiness assessment tool](/microsoft-365/managed-desktop/get-ready/readiness-assessment-fix?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Microsoft Edge](/microsoft-365/managed-desktop/get-started/edge-browser-app?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Anti-spam message headers](/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Create custom payloads for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Bulk complaint level values](/microsoft-365/security/office-365-security/bulk-complaint-level-values?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Campaign Views in Microsoft Defender for Office 365 Plan](/microsoft-365/security/office-365-security/campaigns?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Configure spam filter policies](/microsoft-365/security/office-365-security/configure-your-spam-filter-policies?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Investigate malicious email that was delivered in Microsoft 365, Find and investigate malicious email](/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-email-messages?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Microsoft 365 security roadmap - Top priorities](/microsoft-365/security/office-365-security/security-roadmap?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Sending mail to Microsoft 365](/microsoft-365/security/office-365-security/sending-mail-to-office-365?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Services for non-customers sending mail to Microsoft 365](/microsoft-365/security/office-365-security/services-for-non-customers?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Set up SPF to help prevent spoofing](/microsoft-365/security/office-365-security/set-up-spf-in-office-365-to-help-prevent-spoofing?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Spam confidence level](/microsoft-365/security/office-365-security/spam-confidence-levels?view=o365-21vianet) \| modified \| +\| 3/18/2022 \| [Views in Threat Explorer and real-time detections](/microsoft-365/security/office-365-security/threat-explorer-views?view=o365-21vianet) \| modified \| ++ +## Week of March 07, 2022 ++ +\| Published On \|Topic title \| Change \| +\|\|\|--\| +\| 3/7/2022 \| [Declare records by using retention labels](/microsoft-365/compliance/declare-records?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Use file plan to manage retention labels throughout the content lifecycle](/microsoft-365/compliance/file-plan-manager?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Visit the Action center to see remediation actions](/microsoft-365/security/defender-endpoint/auto-investigation-action-center?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [View the details and results of an automated investigation](/microsoft-365/security/defender-endpoint/autoir-investigation-results?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Use automated investigations to investigate and remediate threats](/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Automation levels in automated investigation and remediation](/microsoft-365/security/defender-endpoint/automation-levels?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Configure automated investigation and remediation capabilities](/microsoft-365/security/defender-endpoint/configure-automated-investigations-remediation?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Configure device discovery](/microsoft-365/security/defender-endpoint/configure-device-discovery?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Create indicators for files](/microsoft-365/security/defender-endpoint/indicator-file?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Review remediation actions following automated investigations](/microsoft-365/security/defender-endpoint/manage-auto-investigation?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Security recommendations by threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-security-recommendation?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Alert grading for suspicious email forwarding activity](/microsoft-365/security/defender/alert-grading-playbook-email-forwarding?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Alert grading for suspicious inbox manipulation rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-manipulation-rules?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Alert grading playbooks](/microsoft-365/security/defender/alert-grading-playbooks?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Review architecture requirements and the technical framework for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-architecture?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Enable the evaluation environment for Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-enable-eval?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 2. Evaluate Microsoft 365 Defender for Identity overview, set up evaluation](/microsoft-365/security/defender/eval-defender-identity-overview?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Pilot Microsoft Defender for Identity](/microsoft-365/security/defender/eval-defender-identity-pilot?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Try Microsoft 365 Defender incident response capabilities in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-additional?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Run an attack simulation in a Microsoft 365 Defender pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond-simulate-attack?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 6. Investigate and respond using Microsoft 365 Defender in a pilot environment](/microsoft-365/security/defender/eval-defender-investigate-respond?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 1. Triage and analyze your first incident](/microsoft-365/security/defender/first-incident-analyze?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Responding to your first incident](/microsoft-365/security/defender/first-incident-overview?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Example of an identity-based attack](/microsoft-365/security/defender/first-incident-path-identity?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Example of a phishing email attack](/microsoft-365/security/defender/first-incident-path-phishing?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 3. Perform a post-incident review of your first incident](/microsoft-365/security/defender/first-incident-post?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Prepare your security posture for your first incident](/microsoft-365/security/defender/first-incident-prepare?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 2. Remediate your first incident](/microsoft-365/security/defender/first-incident-remediate?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Prioritize incidents in Microsoft 365 Defender](/microsoft-365/security/defender/incident-queue?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Investigate and respond with Microsoft 365 Defender](/microsoft-365/security/defender/incident-response-overview?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 1. Plan for Microsoft 365 Defender operations readiness](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-plan?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 2. Perform a SOC integration readiness assessment using the Zero Trust Framework](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-readiness?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 4. Define Microsoft 365 Defender roles, responsibilities, and oversight](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-roles?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 3. Plan for Microsoft 365 Defender integration with your SOC catalog of services](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-services?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 6. Identify SOC maintenance tasks](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-tasks?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Integrating Microsoft 365 Defender into your security operations](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-alerts?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-incidents?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Investigate users in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-users?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Go to the Action center to view and approve your automated investigation and remediation tasks](/microsoft-365/security/defender/m365d-action-center?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [View and manage actions in the Action center](/microsoft-365/security/defender/m365d-autoir-actions?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Address false positives or false negatives in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir-report-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Details and results of an automated investigation](/microsoft-365/security/defender/m365d-autoir-results?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Configure automated investigation and response capabilities in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-configure-auto-investigation-response?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Remediation actions in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-remediation-actions?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Manage incidents in Microsoft 365 Defender](/microsoft-365/security/defender/manage-incidents?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Microsoft 365 Defender integration with Microsoft Sentinel](/microsoft-365/security/defender/microsoft-365-defender-integration-with-azure-sentinel?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Train your security staff for Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender-train-security-staff?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Custom reporting solutions with automated investigation and response](/microsoft-365/security/office-365-security/air-custom-reporting?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [How to report false positives or false negatives following automated investigation in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-report-false-positives-negatives?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Review and manage remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-review-approve-pending-completed-actions?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [View the results of an automated investigation in Microsoft 365](/microsoft-365/security/office-365-security/air-view-investigation-results?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [How automated investigation and response works in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/automated-investigation-response-office?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Email analysis in investigations for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-analysis-investigations?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Identity and device access policies for allowing guest and external user B2B access - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies-guest-access?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Common Zero Trust identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-policies?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Prerequisite work for implementing identity and device access policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/identity-access-prerequisites?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Continuous access evaluation for Microsoft 365 - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Zero Trust identity and device access configurations - Microsoft 365 for enterprise](/microsoft-365/security/office-365-security/microsoft-365-policies-configurations?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Automated investigation and response in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/office-365-air?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Secure email recommended policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/secure-email-recommended-policies?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Recommended secure document policies - Microsoft 365 for enterprise \\| Microsoft Docs](/microsoft-365/security/office-365-security/sharepoint-file-access-policies?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Contoso's COVID-19 response and support for hybrid work](/microsoft-365/solutions/contoso-remote-onsite-work?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 4. Deploy endpoint management for your devices, PCs, and other endpoints](/microsoft-365/solutions/empower-people-to-work-remotely-manage-endpoints?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 2. Provide remote access to on-premises apps and services](/microsoft-365/solutions/empower-people-to-work-remotely-remote-access?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 1. Increase sign-in security for hybrid workers with MFA](/microsoft-365/solutions/empower-people-to-work-remotely-secure-sign-in?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 3: Deploy security and compliance for hybrid workers](/microsoft-365/solutions/empower-people-to-work-remotely-security-compliance?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 5. Deploy hybrid worker productivity apps and services](/microsoft-365/solutions/empower-people-to-work-remotely-teams-productivity-apps?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 6: Train your workers and address usage feedback](/microsoft-365/solutions/empower-people-to-work-remotely-train-monitor-usage?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Set up your infrastructure for hybrid work with Microsoft 365](/microsoft-365/solutions/empower-people-to-work-remotely?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 2. Deploy attack detection and response](/microsoft-365/solutions/ransomware-protection-microsoft-365-attack-detection-response?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 4. Protect devices](/microsoft-365/solutions/ransomware-protection-microsoft-365-devices?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 3. Protect identities](/microsoft-365/solutions/ransomware-protection-microsoft-365-identities?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 5. Protect information](/microsoft-365/solutions/ransomware-protection-microsoft-365-information?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Step 1. Configure security baselines](/microsoft-365/solutions/ransomware-protection-microsoft-365-security-baselines?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Deploy ransomware protection for your Microsoft 365 tenant](/microsoft-365/solutions/ransomware-protection-microsoft-365?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [What's new in Microsoft Purview](/microsoft-365/compliance/whats-new?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Create a model on a local SharePoint site with Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-local-model) \| added \| +\| 3/7/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| +\| 3/7/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) \| modified \| +\| 3/7/2022 \| [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft Defender for Identity notifications in Microsoft 365 Defender](/microsoft-365/security/defender-identity/notifications?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/prebuilt-models) \| modified \| +\| 3/8/2022 \| [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [What's new in Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Collect support logs in Microsoft Defender for Endpoint using live response](/microsoft-365/security/defender-endpoint/troubleshoot-collect-support-log?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center browser usage reports](/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center email activity reports](/microsoft-365/admin/activity-reports/email-activity-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center email apps usage reports](/microsoft-365/admin/activity-reports/email-apps-usage-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center forms activity reports](/microsoft-365/admin/activity-reports/forms-activity-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft Dynamics 365 customer voice activity reports](/microsoft-365/admin/activity-reports/forms-pro-activity-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center mailbox usage reports](/microsoft-365/admin/activity-reports/mailbox-usage?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Office activations reports](/microsoft-365/admin/activity-reports/microsoft-office-activations-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-device-usage-preview?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| Microsoft Teams device usage \| removed \| +\| 3/8/2022 \| [Microsoft 365 admin center Teams user activity reports](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| Microsoft 365 admin center reports - Microsoft Teams user activity \| removed \| +\| 3/8/2022 \| [Microsoft 365 admin center apps usage reports](/microsoft-365/admin/activity-reports/microsoft365-apps-usage-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center groups reports](/microsoft-365/admin/activity-reports/office-365-groups-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 OneDrive for Business activity reports](/microsoft-365/admin/activity-reports/onedrive-for-business-activity-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 OneDrive for Business usage reports](/microsoft-365/admin/activity-reports/onedrive-for-business-usage-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center SharePoint activity reports](/microsoft-365/admin/activity-reports/sharepoint-activity-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center SharePoint site usage reports](/microsoft-365/admin/activity-reports/sharepoint-site-usage-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Viva Insights activity reports](/microsoft-365/admin/activity-reports/viva-insights-activity?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Viva Learning activity reports](/microsoft-365/admin/activity-reports/viva-learning-activity?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Yammer activity reports](/microsoft-365/admin/activity-reports/yammer-activity-report-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Yammer device usage reports](/microsoft-365/admin/activity-reports/yammer-device-usage-report-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft 365 admin center Yammer groups activity reports](/microsoft-365/admin/activity-reports/yammer-groups-activity-report-ww?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Choose between Basic Mobility and Security and Intune](/microsoft-365/admin/basic-mobility-security/choose-between-basic-mobility-and-security-and-intune?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Create device security policies in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/create-device-security-policies?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Enroll your mobile device using Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/enroll-your-mobile-device?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Troubleshoot Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/troubleshoot?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Wipe a mobile device in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/wipe-mobile-device?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [DLP policy conditions, exceptions, and actions](/microsoft-365/compliance/dlp-conditions-and-exceptions?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Export documents from a review set](/microsoft-365/compliance/export-documents-from-review-set?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Search for and delete email messages in your organization](/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Configure Microsoft 365 Multi-Geo eDiscovery](/microsoft-365/enterprise/multi-geo-ediscovery-configuration?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Turn on network protection](/microsoft-365/security/defender-endpoint/enable-network-protection?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Configuring and controlling external email forwarding in Microsoft 365.](/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-21vianet) \| modified \| +\| 3/8/2022 \| [Allow members to send as or send on behalf of a group](/microsoft-365/solutions/allow-members-to-send-as-or-send-on-behalf-of-group?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Working with device groups in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-device-groups-mdb?view=o365-21vianet) \| added \| +\| 3/9/2022 \| [Onboard your organization's devices to Microsoft Defender for Business](/microsoft-365/business-premium/m365bp-onboard-devices-mdb?view=o365-21vianet) \| added \| +\| 3/9/2022 \| [Review remediation actions in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-review-remediation-actions-devices?view=o365-21vianet) \| added \| +\| 3/9/2022 \| [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-21vianet) \| added \| +\| 3/9/2022 \| [Integrate Microsoft OneDrive LTI with Blackboard](/microsoft-365/lti/onedrive-lti-blackboard?view=o365-21vianet) \| added \| +\| 3/9/2022 \| [Import custodians to an eDiscovery (Premium) case](/microsoft-365/compliance/bulk-add-custodians?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Create eDiscovery holds in a eDiscovery (Standard) case](/microsoft-365/compliance/create-ediscovery-holds?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Manage holds in eDiscovery (Premium)](/microsoft-365/compliance/managing-holds?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Search the audit log in the Microsoft Purview compliance portal](/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Use Content search for targeted collections](/microsoft-365/compliance/use-content-search-for-targeted-collections?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Configure anti-malware policies](/microsoft-365/security/office-365-security/configure-anti-malware-policies?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Test Base FAQ](/microsoft-365/test-base/faq?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Overview](/microsoft-365/test-base/overview?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Automatically apply a sensitivity label to content in Microsoft 365](/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Create custom sensitive information types](/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Disposition of content](/microsoft-365/compliance/disposition?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Using Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-using?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Limits for retention policies and retention label policies](/microsoft-365/compliance/retention-limits?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Accessibility mode in SharePoint Syntex](/microsoft-365/contentunderstanding/accessibility-mode) \| modified \| +\| 3/9/2022 \| [Scenarios and use cases for Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/adoption-scenarios) \| modified \| +\| 3/9/2022 \| [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) \| modified \| +\| 3/9/2022 \| [Duplicate a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/duplicate-a-model) \| modified \| +\| 3/9/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Minimum requirements for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/minimum-requirements?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Top scoring in industry tests - Microsoft 365 Defender](/microsoft-365/security/defender/top-scoring-industry-tests?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) \| modified \| +\| 3/9/2022 \| [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View and organize the Microsoft Defender for Endpoint Alerts queue](/microsoft-365/security/defender-endpoint/alerts-queue?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Onboard non-persistent virtual desktop infrastructure (VDI) devices](/microsoft-365/security/defender-endpoint/configure-endpoints-vdi?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Onboard Windows servers to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-server-endpoints?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [How to schedule an update of the Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-update-mde-linux?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Use Cost management in the Microsoft 365 admin center](/microsoft-365/commerce/use-cost-mgmt?view=o365-21vianet) \| added \| +\| 3/10/2022 \| [Automatically apply a sensitivity label to content in Microsoft 365](/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [eDiscovery solution series Data spillage scenario - Search and purge](/microsoft-365/compliance/data-spillage-scenariosearch-and-purge?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Predictive coding in eDiscovery (Premium) - Quick start](/microsoft-365/compliance/predictive-coding-quick-start?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Form processing overview in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/form-processing-overview) \| modified \| +\| 3/10/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| +\| 3/10/2022 \| [Analyze how your models are used in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/model-usage-analytics) \| modified \| +\| 3/10/2022 \| [Rename a model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/rename-a-model) \| modified \| +\| 3/10/2022 \| [Rename an extractor in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/rename-an-extractor) \| modified \| +\| 3/10/2022 \| [Network connectivity in the Microsoft 365 Admin Center](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Device groups in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-create-edit-device-groups?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Manage custom rules for firewall policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-custom-rules-firewall?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Get help and support for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-get-help?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Microsoft 365 Lighthouse and Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-lighthouse-integration?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Manage devices in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-manage-devices?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Reports in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-reports?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Respond to and mitigate threats in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-respond-mitigate-threats?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Review remediation actions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-review-remediation-actions?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Assign roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Use the wizard to set up Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View and manage incidents in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-manage-incidents?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View your Threat & Vulnerability Management dashboard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-tvm-dashboard?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Understand the analyst report section in threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics-analyst-reports?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) \| modified \| +\| 3/10/2022 \| [View and release quarantined messages from shared mailboxes](/microsoft-365/security/office-365-security/view-and-release-quarantined-messages-from-shared-mailboxes?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Investigate and remediate communication compliance alerts](/microsoft-365/compliance/communication-compliance-investigate-remediate?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Learn about communication compliance](/microsoft-365/compliance/communication-compliance?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Office TLS Certificate Changes](/microsoft-365/compliance/encryption-office-365-tls-certificates-changes?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Introduction to Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/index) \| modified \| +\| 3/11/2022 \| [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Configure retention settings to automatically retain or delete content](/microsoft-365/compliance/retention-settings?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Windows and Office 365 deployment lab kit](/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Upgrade distribution lists to Microsoft 365 Groups in Outlook](/microsoft-365/admin/manage/upgrade-distribution-lists?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Export documents from a review set](/microsoft-365/compliance/export-documents-from-review-set?view=o365-21vianet) \| modified \| +\| 3/11/2022 \| [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov?view=o365-21vianet) \| modified \|
includes	Purview Rebrand Banner	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/purview-rebrand-banner.md	<!-- This file is maintained by the Compliance content team. Please connect Robert Mazzoli (robmazz) before making any changes.--> >[!NOTE] ->Microsoft 365 compliance is now called Microsoft Purview and the solutions within the compliance area have been rebranded. For more information about Microsoft Purview, see [Title of the Announcement](aka.ms/microsoftpurviewblog). +>Microsoft 365 compliance is now called Microsoft Purview and the solutions within the compliance area have been rebranded. For more information about Microsoft Purview, see the [blog announcement](https://aka.ms/microsoftpurviewblog).
managed-desktop	Technologies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/intro/technologies.md	We recommend that your IT admins configure the following settings. \| -- \| -- \| \| Windows Hello for Business \| You should implement Windows Hello for Business to replace passwords with strong two-factor authentication for Microsoft Managed Desktop devices. For more information, see [Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-identity-verification). \| \| Application Virtualization \| You can deploy Application Virtualization (App-V) packages using the Intune Win32 app management client. For more information, see [Application Virtualization](/windows/application-management/app-v/appv-technical-reference). \| -\| Microsoft 365 data loss prevention \| You should implement Microsoft 365 data loss prevention to monitor the actions taken on items you've determined to be sensitive, and to help prevent the unintentional sharing of those items. For more information, see [Microsoft 365 data loss prevention](../../compliance/endpoint-dlp-learn-about.md). \| +\| Microsoft Purview data loss prevention \| You should implement data loss prevention to monitor the actions taken on items you've determined to be sensitive, and to help prevent the unintentional sharing of those items. For more information, see [data loss prevention](../../compliance/endpoint-dlp-learn-about.md). \| Features included and managed as part of Microsoft Managed Desktop:
scheduler	Scheduler Setup	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/scheduler/scheduler-setup.md	Tenant admins need to set up a Scheduler assistant mailbox and obtain Scheduler Learn more: [Scheduler for Microsoft 365 licensing](https://www.microsoft.com/microsoft-365/meeting-scheduler-pricing) -> [!Note] -> Meeting attendees do not need a Scheduler or Microsoft 365 license. <br>The Scheduler assistant mailbox does not require a Microsoft 365 or a Scheduler license. +> [!NOTE] +> Meeting attendees do not need a Scheduler or Microsoft 365 license. +> +> The Scheduler assistant mailbox does not require a Microsoft 365 or a Scheduler license. ## Prerequisites -\| Prerequisite \| Description \| -\|-\|-\| -\|A Scheduler assistant mailbox for the tenant \|An Exchange equipment type resource mailbox that acts as the Scheduler assistant mailbox for your tenant to send and receive emails to and from Cortana. All emails sent to Cortana are retained in your tenantΓÇÖs Cortana mailbox based on your retention policy. The Scheduler assistant mailbox is typically named ΓÇ£CortanaΓÇ¥ or ΓÇ£Cortana SchedulerΓÇ¥ since all the emails from the assistant will be signed Cortana.<ul><li>Create an equipment type Exchange resource mailbox</li><li>Name the mailboxΓÇÖs display name and primary SMTP address `Cortana <cortana@yourdomain.com>` or `Cortana Scheduler <cortana.scheduler@yourdomain.com>`.</li></ul>Note: The Scheduler assistant mailbox does not require a Microsoft 365 or a Scheduler license.\| -\|Exchange Online mailbox \|Meeting organizers must have an Exchange Online mailbox and calendar typically as part of their Microsoft 365 license. In addition, meeting organizers must have a Scheduler license. The Scheduler license enables the Scheduler assistant to use the meeting organizerΓÇÖs mailbox and calendar to schedule meetings for them.<br/><br/> See Scheduler for Microsoft 365 for licensing and pricing information. <br/><br/>Note: Meeting attendees do not need a Scheduler or Microsoft 365 license. Meeting attendees can be internal or external to the tenant. Meeting attendees only need access to an email address.\| - +\|Prerequisite\|Description\| +\|\|\| +\|A Scheduler assistant mailbox for the tenant \|An Exchange equipment type resource mailbox that acts as the Scheduler assistant mailbox for your tenant to send and receive emails to and from Cortana. All emails sent to Cortana are retained in your tenant's Cortana mailbox based on your retention policy. The Scheduler assistant mailbox is typically named "Cortana" or "Cortana Scheduler" since all the emails from the assistant will be signed Cortana. <ul><li>Create an equipment type Exchange resource mailbox</li><li>Name the mailbox's display name and primary SMTP address `Cortana <cortana@yourdomain.com>` or `Cortana Scheduler <cortana.scheduler@yourdomain.com>`.</li></ul> <br/> Note: The Scheduler assistant mailbox does not require a Microsoft 365 or a Scheduler license.\| +\|Exchange Online mailbox \|Meeting organizers must have an Exchange Online mailbox and calendar typically as part of their Microsoft 365 license. In addition, meeting organizers must have a Scheduler license. The Scheduler license enables the Scheduler assistant to use the meeting organizer's mailbox and calendar to schedule meetings for them. <br/><br/> See Scheduler for Microsoft 365 for licensing and pricing information. <br/><br/> Note: Meeting attendees do not need a Scheduler or Microsoft 365 license. Meeting attendees can be internal or external to the tenant. Meeting attendees only need access to an email address.\| ## Setting up the Scheduler assistant mailbox Scheduler assistant mailbox is an Exchange equipment type mailbox that does not require an additional Microsoft 365 or Scheduler license. The display name and the primary SMTP address of the mailbox should contain Cortana since all the emails from the Scheduler assistant will be signed Cortana (i.e., `Cortana <cortana@yourdomain.com>` or `Cortana Scheduler <cortana.scheduler@yourdomain.com>`). After the Scheduler assistant mailbox has been created, you must designate the mailbox as the Scheduler assistant mailbox. After you designate the Scheduler assistant mailbox, Cortana will be available to schedule meetings on behalf of your users. - Use the Microsoft 365 admin center to create a user mailbox. A 30-day retention policy is recommended. -- Use the name Cortana in your mailboxΓÇÖs primary SMTP address. Names such as `Cortana@yourdomain.com`, `CortanaScheduler@contoso.com`, or `Cortana.Scheduler@yourdomain.com` are recommended. +- Use the name Cortana in your mailbox's primary SMTP address. Names such as `Cortana@yourdomain.com`, `CortanaScheduler@contoso.com`, or `Cortana.Scheduler@yourdomain.com` are recommended. ## Designate the mailbox as the Scheduler Assistant After a unique mailbox for Cortana Scheduler has been created, you must designate the mailbox to Microsoft 365 formally. After you designate the Cortana Scheduler mailbox, it will be available to schedule meetings on behalf of your users. -#### Connect to PowerShell +### Connect to PowerShell Use the Microsoft 365 admin center to create a user mailbox. A 30-day retention policy is recommended. -Use the name Cortana in your mailboxΓÇÖs primary SMTP address. Names such as `Cortana@yourdomain.com`, `CortanaScheduler@contoso.com`, or `Cortana.Scheduler@yourdomain.com` are recommended. +Use the name Cortana in your mailbox's primary SMTP address. Names such as `Cortana@yourdomain.com`, `CortanaScheduler@contoso.com`, or `Cortana.Scheduler@yourdomain.com` are recommended. ```PowerShell $domain="yourdomain.com" Import-Module ExchangeOnlineManagement Connect-ExchangeOnline -UserPrincipalName $tenantAdmin ``` -#### Create the Scheduler Assistant Mailbox +### Create the Scheduler Assistant Mailbox ```PowerShell New-Mailbox -Name Cortana -Organization $domain -DisplayName "Cortana Scheduler" -Equipment Set-CalendarProcessing Cortana@$domain -DeleteNonCalendarItems $false ``` - -#### Designate the Scheduler Assistant Mailbox + +### Designate the Scheduler Assistant Mailbox ```PowerShell Set-mailbox cortana@$domain -SchedulerAssistant:$true Set-mailbox cortana@$domain -SchedulerAssistant:$true After running this "set" command on the Cortana Scheduler assistant mailbox, a new "PersistedCapability" is set on the mailbox to note that this mailbox is the "SchedulerAssistant". -> [!Note] +> [!NOTE] > To learn how to connect your organization to PowerShell, see: [Connect to Microsoft 365 with PowerShell](/microsoft-365/enterprise/connect-to-microsoft-365-powershell) To verify the Scheduler assistant mailbox has been created Get-CalendarProcessing cortana@$domain \| fl DeleteNonCalendarItems ``` -The result should be ΓÇ£falseΓÇ¥. - -<br> +The result should be "false". ```PowerShell Get-Mailbox -Identity cortana@$domain \| fl type ``` The result should be+ - ResourceType: Equipment - Remote RecipientType: None - RecipientType: UserMailbox - RecipientTypeDetails: EquipmentMailbox -<br/> - ### To discover which mailbox is the Scheduler assistant mailbox ```PowerShell Get-Mailbox -ResultSize Unlimited \| where {$_.PersistedCapabilities -Match "SchedulerAssistant"} ``` -> [!Important] +> [!IMPORTANT] > It might take several hours for the Scheduler assistant mailbox to complete full provisioning to set the SchedulerAssistant capability. - ## Exchange Online mailbox A Scheduler license is an add-on to Microsoft 365, which enables the meeting organizer to delegate their meeting scheduling tasks to their Scheduler assistant. In addition to designating a mailbox as a Scheduler assistant mailbox, meeting organizers will also need a Scheduler license and Exchange Online mailbox and calendar, typically through Microsoft 365 license for Scheduler to work. Meeting attendees do not need a Scheduler license or a Microsoft 365 license. To purchase the Scheduler add-on, you require one of the following licenses: - Business Basic, Business, Business Standard, Business Premium - Office 365 E1, A1, E3, A3, E5, A5 - Business Essentials, Business Premium-- Exchange Online Plan 1 or Plan 2 license. +- Exchange Online Plan 1 or Plan 2 license. -> [!Note] +> [!NOTE] > Scheduler for Microsoft 365 is available in worldwide multi-tenant environments in English only. Scheduler for Microsoft 365 isn't available to users of: -> +> > - Microsoft 365 operated by 21Vianet in China > - Microsoft 365 with German cloud that uses the data trustee German Telekom > - Government cloud including GCC, Consumer, GCC High, or DoD -> +> > Scheduler does support users in Germany whose data location is not the German datacenter.
security	Microsoft 365 Security For Bdm	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/Microsoft-365-security-for-bdm.md	While Microsoft takes every possible measure to prevent against threats and atta \|Review and optimize your conditional access and related policies to align with your objectives for a zero trust network. Protecting against known threats includes implementing a set of [recommended policies](./office-365-security/microsoft-365-policies-configurations.md). Review your implementation of these policies to ensure you're protecting your apps and data against hackers who have gained access to your network. The recommended Intune app protection policy for Windows 10 enables Windows Information Protection (WIP). WIP protects against accidental leaks of your organization data through apps and services, like email, social media, and the public cloud. \| \|![green check mark.](../media/green-check-mark.png)\| \|Disable external email forwarding. Hackers who gain access to a user's mailbox can steal your mail by setting the mailbox to automatically forward email. This can happen even without the user's awareness. You can prevent this from happening by configuring a mail flow rule.\|![green check mark.](../media/green-check-mark.png) \|![green check mark.](../media/green-check-mark.png)\| \|Disable anonymous external calendar sharing. By default external anonymous calendar sharing is allowed. [Disable calendar sharing](/exchange/sharing/sharing-policies/modify-a-sharing-policy) to reduce potential leaks of sensitive information.\|![green check mark.](../media/green-check-mark.png) \|![green check mark.](../media/green-check-mark.png)\| -\|Configure data loss prevention policies for sensitive data. Create a Data Loss Prevention Policy in the Security & Compliance center to discover and protect sensitive data such as credit card numbers, Social Security numbers and bank account numbers. Microsoft 365 includes many predefined sensitive information types you can use in data loss prevention policies. You can also create your own sensitive information types for sensitive data that is custom to your environment. \|![green check mark.](../media/green-check-mark.png)\|![green check mark.](../media/green-check-mark.png)\| +\|Configure data loss prevention policies for sensitive data. Create a Microsoft Purview Data Loss Prevention Policy in the Security & Compliance center to discover and protect sensitive data such as credit card numbers, Social Security numbers and bank account numbers. Microsoft 365 includes many predefined sensitive information types you can use in data loss prevention policies. You can also create your own sensitive information types for sensitive data that is custom to your environment. \|![green check mark.](../media/green-check-mark.png)\|![green check mark.](../media/green-check-mark.png)\| \|Implement data classification and information protection policies. Implement sensitivity labels and use these to classify and apply protection to sensitive data. You can also use these labels in data loss prevention policies. If you are using Azure Information Protection labels, we recommend that you avoid creating new labels in other admin centers.\| \|![green check mark.](../media/green-check-mark.png)\| \|Protect data in third-party apps and services by using Defender for Cloud Apps. Configure Defender for Cloud Apps policies to protect sensitive information across third-party cloud apps, such as Salesforce, Box, or Dropbox. You can use sensitive information types and the sensitivity labels you created in Defender for Cloud Apps policies and apply these across your SaaS apps. <br><br>Microsoft Defender for Cloud Apps allows you to enforce a wide range of automated processes. Policies can be set to provide continuous compliance scans, legal eDiscovery tasks, DLP for sensitive content shared publicly, and more. Defender for Cloud Apps can monitor any file type based on more than 20 metadata filters (for example, access level, file type). \| \|![green check mark.](../media/green-check-mark.png)\| \|Use [Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview) to identify if users store sensitive information on their Windows devices. \| \|![green check mark.](../media/green-check-mark.png)\|
security	Microsoft 365 Zero Trust	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/Microsoft-365-zero-trust.md	Go to [_Evaluate and pilot Microsoft 365 Defender_](defender/eval-overview.m ## Step 5. Protect and govern sensitive data -Implement Microsoft Information Protection (MIP) to help you discover, classify, and protect sensitive information wherever it lives or travels. +Implement Microsoft Purview Information Protection to help you discover, classify, and protect sensitive information wherever it lives or travels. -MIP capabilities are included with Microsoft 365 Compliance and give you the tools to know your data, protect your data, and prevent data loss. +Microsoft Purview Information Protection capabilities are included with Microsoft Purview and give you the tools to know your data, protect your data, and prevent data loss. :::image type="content" source="../media/zero-trust/m365-zero-trust-architecture-info-protect.png" alt-text="The Information protection capabilities protecting data through policy enforcement" lightbox="../media/zero-trust/m365-zero-trust-architecture-info-protect.png"::: While this work is represented at the top of the deployment stack illustrated earlier in this article, you can begin this work anytime. -Microsoft Information Protection provides a framework, process, and capabilities you can use to accomplish your specific business objectives. +Microsoft Purview Information Protection provides a framework, process, and capabilities you can use to accomplish your specific business objectives. +![Microsoft Purview Information Protection](../media/zero-trust/mip-solution-overview.png) -For more information on how to plan and deploy information protection, see [_Deploy a Microsoft Information Protection solution_](../compliance/information-protection-solution.md). +For more information on how to plan and deploy information protection, see [_Deploy a Microsoft Purview Information Protection solution_](../compliance/information-protection-solution.md). If you're deploying information protection for data privacy regulations, this solution guide provides a recommended framework for the entire process: [_Deploy information protection for data privacy regulations with Microsoft 365_](../solutions/information-protection-deploy.md).
security	Advanced Features	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/advanced-features.md	After completing the integration steps on both portals, you'll be able to see re Block access to websites containing unwanted content and track web activity across all domains. To specify the web content categories you want to block, create a [web content filtering policy](https://security.microsoft.com/preferences2/web_content_filtering_policy). Ensure you've network protection in block mode when deploying the [Microsoft Defender for Endpoint security baseline](https://devicemanagement.microsoft.com/#blade/Microsoft_Intune_Workflows/SecurityBaselineSummaryMenu/overview/templateType/2). -## Share endpoint alerts with Microsoft Compliance Center +## Share endpoint alerts with Microsoft Purview compliance portal -Forwards endpoint security alerts and their triage status to Microsoft Compliance Center, allowing you to enhance insider risk management policies with alerts and remediate internal risks before they cause harm. Forwarded data is processed and stored in the same location as your Office 365 data. +Forwards endpoint security alerts and their triage status to Microsoft Purview compliance portal, allowing you to enhance insider risk management policies with alerts and remediate internal risks before they cause harm. Forwarded data is processed and stored in the same location as your Office 365 data. After configuring the [Security policy violation indicators](/microsoft-365/compliance/insider-risk-management-settings#indicators) in the insider risk management settings, Defender for Endpoint alerts will be shared with insider risk management for applicable users.
security	Configure Endpoints	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-endpoints.md	ms.technology: mde - [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)-- [Microsoft 365 Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about)-- [Microsoft 365 Insider risk management](/microsoft-365/compliance/insider-risk-management) +- [Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about) +- [Insider risk management](/microsoft-365/compliance/insider-risk-management) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-assignaccess-abovefoldlink)
security	Device Control Removable Storage Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection.md	Device control removable storage protection in Microsoft Defender for Endpoint p Capabilities - Audit, warn, or prevent a user from copying an item or information to removable media or USB device. -Description - For more information on Windows, see [Learn about Microsoft 365 Endpoint data loss prevention](../../compliance/endpoint-dlp-learn-about.md). +Description - For more information on Windows, see [Learn about Endpoint data loss prevention](../../compliance/endpoint-dlp-learn-about.md). Supported Platform - Windows 10, Windows 11
security	Mde Plan1 Getting Started	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mde-plan1-getting-started.md	The navigation bar on the left side of the screen enables you to move easily bet \| Health > Message center \| Navigates to the Message center in the Microsoft 365 admin center. The Message center provides information about planned changes. Each message describes what's coming, how it might affect users, and how to manage changes. \| \| Permissions & roles \| Enables you to grant permissions to use the Microsoft 365 Defender portal. Permissions are granted through roles in Azure Active Directory (Azure AD). Select a role, and a flyout pane appears. The flyout contains a link to Azure AD where you can add or remove members in a role group. <br/><br/> To learn more, see [Manage portal access using role-based access control](rbac.md). \| \| Settings \| Navigates to general settings for your Microsoft 365 Defender portal (listed as Security center) and Defender for Endpoint (listed as Endpoints). <br/><br/> To learn more, see [Settings](../defender/microsoft-365-defender.md#the-microsoft-365-defender-portal). \| -\| More resources \| Displays a list of more portals and centers, such as Azure Active Directory and the Microsoft 365 compliance center. <br/><br/> To learn more, see [Microsoft security portals and admin centers](../defender/portals.md). \| +\| More resources \| Displays a list of more portals and centers, such as Azure Active Directory and the Microsoft Purview compliance portal. <br/><br/> To learn more, see [Microsoft security portals and admin centers](../defender/portals.md). \| > [!TIP] > To learn more, see the [Microsoft 365 Defender portal overview](../defender/microsoft-365-security-center-mde.md).
security	Microsoft Defender Antivirus Compatibility	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility.md	ms.technology: mde Previously updated : 04/14/2022 Last updated : 04/19/2022 - M365-security-compliance - m365initiative-defender-endpoint The table in this section summarizes the features and capabilities that are acti (<a id="fn8">8</a>) When Microsoft Defender Antivirus is in passive mode, web content filtering only works with the Microsoft Edge browser. > [!NOTE] -> [Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about) protection continues to operate normally when Microsoft Defender Antivirus is in either active or passive mode. +> [Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about) protection continues to operate normally when Microsoft Defender Antivirus is in either active or passive mode. ## Important notes You can use one of several methods to confirm the state of Microsoft Defender An \| Task Manager \| 1. On a Windows device, open the Task Manager app.<br/>2. Select the Details tab.<br/>3. Look for MsMpEng.exe in the list. \| \| Windows PowerShell <br/> (To confirm that Microsoft Defender Antivirus is running) \| 1. On a Windows device, open Windows PowerShell. <br/>2. Run the following PowerShell cmdlet: `Get-Process`.<br/>3. Review the results. You should see MsMpEng.exe if Microsoft Defender Antivirus is enabled. \| \| Windows PowerShell <br/>(To confirm that antivirus protection is in place) \| You can use the [Get-MpComputerStatus PowerShell cmdlet](/powershell/module/defender/get-mpcomputerstatus).<br/>1. On a Windows device, open Windows PowerShell.<br/>2. Run following PowerShell cmdlet:<br/> Get-MpComputerStatus \\| select AMRunningMode <br/>3. Review the results. You should see either Normal, Passive, or EDR Block Mode if Microsoft Defender Antivirus is enabled on the endpoint. \| - \| Command Prompt \| 1. On a Windows device, open Command Prompt.<br/>2. Type `sc query windefend`, and then press Enter.<br/>3. Review the results to confirm that Microsoft Defender Antivirus is running in passive mode. \| ## More details about Microsoft Defender Antivirus states The table in this section describes various states you might see with Microsoft - [Microsoft Defender Antivirus on Windows clients](microsoft-defender-antivirus-in-windows-10.md) - [Microsoft Defender Antivirus on Windows Server](microsoft-defender-antivirus-on-windows-server.md) - [EDR in block mode](edr-in-block-mode.md)-- [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about) +- [Learn about Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about)
security	Incident Queue	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/incident-queue.md	This table lists the filter names that are available. \| Multiple categories \| Specify whether the filter is for more than one category. \| \| Categories \| Choose categories to focus on specific tactics, techniques, or attack components seen. \| \| Entities \| Specify the name of an asset such as a user, device, mailbox, or application name. \| -\| Data sensitivity \| Some attacks focus on targeting to exfiltrate sensitive or valuable data. By applying a filter for specific sensitivity labels, you can quickly determine if sensitive information has potentially been compromised and prioritize addressing those incidents. <br><br> This filter is only available if Microsoft Information Protection is turned on. \| +\| Data sensitivity \| Some attacks focus on targeting to exfiltrate sensitive or valuable data. By applying a filter for specific sensitivity labels, you can quickly determine if sensitive information has potentially been compromised and prioritize addressing those incidents. <br><br> This filter displays information only when you've applied [sensitivity labels from Microsoft Purview Information Protection](../../compliance/sensitivity-labels.md). \| \| Device groups \| Specify a [device group](/windows/security/threat-protection/microsoft-defender-atp/machine-groups) name. \| \| OS platform \| Specify device operating systems. \| \| Classification \| Specify the set of classifications of the related alerts. \|
security	Investigate Alerts	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/investigate-alerts.md	ms.technology: m365d - Microsoft 365 Defender >[!Note] ->This article describes security alerts in Microsoft 365 Defender. However, you can use activity alerts to send email notifications to yourself or other admins when users perform specific activities in Microsoft 365. For more information, see [Create activity alerts - Microsoft 365 Compliance \| Microsoft Docs](../../compliance/create-activity-alerts.md). +>This article describes security alerts in Microsoft 365 Defender. However, you can use activity alerts to send email notifications to yourself or other admins when users perform specific activities in Microsoft 365. For more information, see [Create activity alerts - Microsoft Purview \| Microsoft Docs](../../compliance/create-activity-alerts.md). Alerts are the basis of all incidents and indicate the occurrence of malicious or suspicious events in your environment. Alerts are typically part of a broader attack and provide clues about an incident.
security	M365d Configure Auto Investigation Response	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/m365d-configure-auto-investigation-response.md	Security settings in Office 365 help protect email and content. To view or chang 4. Make sure [Zero-hour auto purge (ZAP) in Exchange Online](../office-365-security/zero-hour-auto-purge.md) is in effect. -5. (This step is optional.) Review your [Office 365 alert policies](../../compliance/alert-policies.md) in the Microsoft 365 compliance center ([https://compliance.microsoft.com/compliancepolicies](https://compliance.microsoft.com/compliancepolicies)). Several default alert policies are in the Threat management category. Some of these alerts can trigger automated investigation and response. To learn more, see [Default alert policies](../../compliance/alert-policies.md#default-alert-policies). +5. (This step is optional.) Review your [Office 365 alert policies](../../compliance/alert-policies.md) in the Microsoft Purview compliance portal ([https://compliance.microsoft.com/compliancepolicies](https://compliance.microsoft.com/compliancepolicies)). Several default alert policies are in the Threat management category. Some of these alerts can trigger automated investigation and response. To learn more, see [Default alert policies](../../compliance/alert-policies.md#default-alert-policies). ## Make sure Microsoft 365 Defender is turned on
security	Microsoft 365 Defender	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-defender.md	Common controls and content either appear in the same place, or are condensed in :::image type="content" source="../../media/converged-roles-5.png" alt-text="The Endpoints roles & groups displayed on the Permissions & roles page" lightbox="../../media/converged-roles-5.png"::: -Access to Microsoft 365 Defender is configured with Azure AD global roles or by using custom roles. For Defender for Endpoint, see [Assign user access to the Microsoft 365 Defender portal](/microsoft-365/security/defender-endpoint/assign-portal-access). For Defender for Office 365, see [Permissions in the Microsoft 365 compliance center and Microsoft 365 Defender](../office-365-security/permissions-microsoft-365-compliance-security.md). +Access to Microsoft 365 Defender is configured with Azure AD global roles or by using custom roles. For Defender for Endpoint, see [Assign user access to the Microsoft 365 Defender portal](/microsoft-365/security/defender-endpoint/assign-portal-access). For Defender for Office 365, see [Permissions in the Microsoft Purview compliance portal and Microsoft 365 Defender](../office-365-security/permissions-microsoft-365-compliance-security.md). - Learn more about how to [manage access to Microsoft 365 Defender](m365d-permissions.md) - Learn more about how to [create custom roles](custom-roles.md) in Microsoft 365 Defender
security	Microsoft 365 Security Center Mdo	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-security-center-mdo.md	The table below lists the changes in navigation between the Security & Complianc **** -\|[Security & Compliance Center](https://protection.office.com)\|[Microsoft 365 Defender](https://security.microsoft.com)\|[Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|[Exchange admin center](https://admin.exchange.microsoft.com)\| +\|[Security & Compliance Center](https://protection.office.com)\|[Microsoft 365 Defender](https://security.microsoft.com)\|[Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|[Exchange admin center](https://admin.exchange.microsoft.com)\| \|\|\|\|\| \|Alerts\|<ul><li>[Alert Policies](https://security.microsoft.com/alertpolicies)</li><li>[Incidents & alerts](https://security.microsoft.com/alerts)</li></ul>\|[Alerts page](https://compliance.microsoft.com/homepage)\|\| -\|Classification\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| -\|Data loss prevention\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| -\|Records management\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| -\|Information governance\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| +\|Classification\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| +\|Data loss prevention\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| +\|Records management\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| +\|Information governance\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| \|Threat management\|[Email & Collaboration](https://security.microsoft.com/homepage)\|\|\| -\|Permissions\|[Permissions & roles](https://security.microsoft.com/emailandcollabpermissions)\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| +\|Permissions\|[Permissions & roles](https://security.microsoft.com/emailandcollabpermissions)\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| \|Mail flow\|\|\|See [Exchange admin center](https://admin.exchange.microsoft.com/#/)\| -\|Data privacy\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| +\|Data privacy\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| \|Search\|[Audit](https://security.microsoft.com/auditlogsearch?viewid=Async%20Search)\|Search (content search)\|\| \|Reports\|[Report](https://security.microsoft.com/emailandcollabreport)\|\|\| -\|Service assurance\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| -\|Supervision\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| -\|eDiscovery\|\|See [Microsoft 365 compliance center](https://compliance.microsoft.com/homepage)\|\| +\|Service assurance\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| +\|Supervision\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| +\|eDiscovery\|\|See [Microsoft Purview compliance portal](https://compliance.microsoft.com/homepage)\|\| \|\|\|\|\| [Microsoft 365 Defender](./microsoft-365-defender.md) at <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank"><https://security.microsoft.com></a> combines security capabilities from existing Microsoft security portals, including the Security & Compliance Center. This improved center helps security teams protect their organization from threats more effectively and efficiently. If you are familiar with the Security & Compliance Center (protection.office.com Learn more about the benefits: [Overview of Microsoft 365 Defender](microsoft-365-defender.md) -If you are looking for compliance-related items, visit the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>. +If you are looking for compliance-related items, visit the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. ## New and improved capabilities
security	Portals	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/portals.md	While these portals are not specifically for managing security, they support var \|\|\|\| \| Azure portal \| View and manage all your [Azure resources](/azure/azure-resource-manager/management/overview) \| [portal.azure.com](https://portal.azure.com/) \| \| Azure Active Directory portal \| View and manage [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-whatis) \| [aad.portal.azure.com](https://aad.portal.azure.com/) \| -\| Microsoft 365 compliance center \| Manage data handling policies and ensure [compliance with regulations](/compliance/regulatory/offering-home) \| [compliance.microsoft.com](https://compliance.microsoft.com/) \| +\| Microsoft Purview compliance portal \| Manage data handling policies and ensure [compliance with regulations](/compliance/regulatory/offering-home) \| [compliance.microsoft.com](https://compliance.microsoft.com/) \| \| Microsoft 365 admin center \| Configure Microsoft 365 services; manage roles, licenses, and track updates to your Microsoft 365 services \| [admin.microsoft.com](https://go.microsoft.com/fwlink/p/?linkid=2166757) \| \| Microsoft Endpoint Manager admin center \| Use [Microsoft Endpoint Manager](/mem/configmgr/) to manage and secure devices using combined Intune and Configuration Manager capabilities \| [devicemanagement.microsoft.com](https://devicemanagement.microsoft.com/) \| \| Microsoft Intune portal \| Use [Microsoft Intune](/intune/fundamentals/what-is-intune) to deploy device policies and monitor devices for compliance \| [endpoint.microsoft.com](https://endpoint.microsoft.com/#blade/Microsoft_Intune_DeviceSettings/DevicesMenu/overview)
security	Defender For Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/defender-for-office-365.md	To access Microsoft Defender for Office 365 features, you must be assigned an ap \|global administrator (Organization Management)\|You can assign this role in Azure Active Directory or in the Microsoft 365 Defender portal. For more information, see [Permissions in the Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md).\| \|Security Administrator\|You can assign this role in Azure Active Directory or in the Microsoft 365 Defender portal. For more information, see [Permissions in the Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md).\| \|Organization Management in Exchange Online\|[Permissions in Exchange Online](/exchange/permissions-exo/permissions-exo) <p> [Exchange Online PowerShell](/powershell/exchange/exchange-online-powershell)\| -\|Search and Purge\|This role is available only in the Microsoft 365 Defender portal or the Microsoft 365 compliance center. For more information, see [Permissions in the Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md) and [Permissions in the Microsoft 365 compliance center](../../compliance/microsoft-365-compliance-center-permissions.md).\| +\|Search and Purge\|This role is available only in the Microsoft 365 Defender portal or the Microsoft Purview compliance portal. For more information, see [Permissions in the Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md) and [Permissions in the Microsoft Purview compliance portal](../../compliance/microsoft-365-compliance-center-permissions.md).\| \|\|\| ## Get Microsoft Defender for Office 365
security	Enable The Report Message Add In	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/enable-the-report-message-add-in.md	If you're a global administrator or an Exchange Online administrator, and Exchan - Organizations that have a URL filtering or security solution (such as a proxy and/or firewall) in place, must have ipagave.azurewebsites.net and outlook.office.com endpoints allowed to be reached on HTTPS protocol. -### Turn off the built-in reporting experience - -We don't recommend the built-in reporting experience in Outlook because it can't use the [user submission policy](./user-submission.md). We recommend using the Report Message add-in or the Report Phishing add-in instead. - -You need to be assigned permissions before you can run this cmdlet. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](/powershell/exchange/find-exchange-cmdlet-permissions). - -Run the following PowerShell command to disable the built-in reporting experience: - -```powershell -Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -ReportJunkEmailEnabled $false -``` - ## Get the Report Message add-in ### Get the Report Message add-in for yourself
security	Exchange Online Protection Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/exchange-online-protection-overview.md	To understand how EOP works, it helps to see how it processes incoming email: 3. The message continues through policy filtering, where it's evaluated against any mail flow rules (also known as transport rules) that you've created. For example, a rule can send a notification to a manager when a message arrives from a specific sender. - In on-premises organization with Exchange Enterprise CAL with Services licenses, [Data loss prevention (DLP)](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention) checks in EOP also happen at this point. + In on-premises organization with Exchange Enterprise CAL with Services licenses, [Microsoft Purview data loss prevention (DLP)](/exchange/security-and-compliance/data-loss-prevention/data-loss-prevention) checks in EOP also happen at this point. 4. The message passes through content filtering (anti-spam and anti-spoofing) where harmful messages are identified as spam, high confidence spam, phishing, high confidence phishing, or bulk (anti-spam policies) or spoofing (spoof settings in anti-phishing policies). You can configure the action to take on the message based on the filtering verdict (quarantine, move to the Junk Email folder, etc.), and what users can do to the quarantined messages using [quarantine policies](quarantine-policies.md). For more information, see [Configure anti-spam policies](configure-your-spam-filter-policies.md) and [Configure anti-phishing policies in EOP](configure-anti-phishing-policies-eop.md).
security	Install App Guard	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/install-app-guard.md	When this heuristic is met, Office will pre-create an Application Guard containe * Selecting web links (`http` or `https`) doesn't open the browser. * The default setting for copy-paste protection policy is to enable clipboard access to text only. -* The default setting for unsupported file types protection policy is to block opening untrusted unsupported file types that are encrypted or have Information Rights Management (IRM) set. This includes files that have Microsoft Information Protection sensitivity labels using encryption (confidential or highly confidential). +* The default setting for unsupported file types protection policy is to block opening untrusted unsupported file types that are encrypted or have Information Rights Management (IRM) set. This includes files that are encrypted by using sensitivity labels from Microsoft Purview Information Protection. * CSV and HTML files are not supported at this time. * Application Guard for Office currently does not work with NTFS compressed volumes. If you are seeing an error "ERROR_VIRTUAL_DISK_LIMITATION" please try uncompressing the volume. * Updates to .NET might cause files to fail to open in Application Guard. As a workaround, users can restart their device when they come across this failure. Learn more about the issue at [Receiving an error message when attempting to open Windows Defender Application Guard or Windows Sandbox](https://support.microsoft.com/help/4575917/receiving-an-error-message-when-attempting-to-open-windows-defender-ap).
security	Mcas Saas Access Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mcas-saas-access-policies.md	ms.prod: m365-security Microsoft Defender for Cloud Apps builds on Azure AD conditional access policies to enable real-time monitoring and control of granular actions with SaaS apps, such as blocking downloads, uploads, copy and paste, and printing. This feature adds security to sessions that carry inherent risk, such as when corporate resources are accessed from unmanaged devices or by guest users. -Defender for Cloud Apps also integrates natively with Microsoft Information Protection, providing real-time content inspection to find sensitive data based on sensitive information types and sensitivity labels and to take appropriate action. +Defender for Cloud Apps also integrates natively with Microsoft Purview Information Protection, providing real-time content inspection to find sensitive data based on sensitive information types and sensitivity labels and to take appropriate action. This guidance includes recommendations for these scenarios: - Bring SaaS apps into IT management - Tune protection for specific SaaS apps-- Configure data loss prevention (DLP) to help comply with data protection regulations +- Configure Microsoft Purview data loss prevention (DLP) to help comply with data protection regulations ## Bring SaaS apps into IT management
security	Microsoft 365 Policies Configurations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/microsoft-365-policies-configurations.md	Watch this video for a quick overview of identity and device access configuratio ## Intended audience -These recommendations are intended for enterprise architects and IT professionals who are familiar with Microsoft 365 cloud productivity and security services, which includes Azure AD (identity), Microsoft Intune (device management), and Microsoft Information Protection (data protection). +These recommendations are intended for enterprise architects and IT professionals who are familiar with Microsoft 365 cloud productivity and security services, which includes Azure AD (identity), Microsoft Intune (device management), and Microsoft Purview Information Protection (data protection). ### Customer environment
security	Migrate To Defender For Office 365 Onboard	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-onboard.md	If your organization does not have a security response team or existing process Permissions in Defender for Office 365 is based on role-based access control (RBAC) and is explained in Permissions in the [Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md). These are the important points to keep in mind: - Azure AD roles give permissions to all workloads in Microsoft 365. For example, if you add a user to the Security Administrator in the Azure portal, they have Security Administrator permissions everywhere.-- Email & collaboration roles in the Microsoft 365 Defender portal give permissions to the Microsoft 365 Defender Portal, the Microsoft 365 compliance center, and the older Security & Compliance Center. For example, if you add a user to Security Administrator in the Microsoft 365 Defender portal, they have Security Administrator access only in the Microsoft 365 Defender Portal, the Microsoft 365 compliance center, and the Security & Compliance Center. +- Email & collaboration roles in the Microsoft 365 Defender portal give permissions to the Microsoft 365 Defender Portal, the Microsoft Purview compliance portal, and the older Security & Compliance Center. For example, if you add a user to Security Administrator in the Microsoft 365 Defender portal, they have Security Administrator access only in the Microsoft 365 Defender Portal, the Microsoft Purview compliance portal, and the Security & Compliance Center. - Many features in the Microsoft 365 Defender portal are based on Exchange Online PowerShell cmdlets and therefore require role group membership in the corresponding roles (technically, role groups) in Exchange Online (in particular, for access to the corresponding Exchange Online PowerShell cmdlets). - There are Email & collaboration roles in the Microsoft 365 Defender portal that have no equivalent to Azure AD roles, and are important for security operations (for example the Preview role and the Search and Purge role).
security	Monitor For Leaks Of Personal Data	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data.md	There are many tools that can be used to monitor the use and transport of person In the illustration: -- Start with Microsoft 365 data loss prevention reports for monitoring personal data in SharePoint Online, OneDrive for Business, and email in transit. These reports provide the greatest level of detail for monitoring personal data. However, these reports don't include all services in Office 365. +- Start with Microsoft Purview data loss prevention reports for monitoring personal data in SharePoint Online, OneDrive for Business, and email in transit. These reports provide the greatest level of detail for monitoring personal data. However, these reports don't include all services in Office 365. - Next, use alert policies and the audit log to monitor activity across services. Set up ongoing monitoring or search the audit log to investigate an incident. The audit log works across servicesΓÇöSway, Power BI, eDiscovery, Dynamics 365, Power Automate, Microsoft Teams, Admin activity, OneDrive for Business, SharePoint Online, mail in transit, and mailboxes at rest. Skype conversations are included in mailboxes at rest. You can use the DLP reports to: In addition, you can use the DLP reports to fine-tune your DLP policies as you run them in test mode. -DLP reports are in the Microsoft 365 compliance center. Go to Reports \> Organizational data section to find the DLP policy matches, DLP incidents, and DLP false positives and overrides reports. +DLP reports are in the Microsoft Purview compliance portal. Go to Reports \> Organizational data section to find the DLP policy matches, DLP incidents, and DLP false positives and overrides reports. For more information, see [View the reports for data loss prevention](../../compliance/view-the-dlp-reports.md). For more information, see [View the reports for data loss prevention](../../comp The audit log contains events from Exchange Online, SharePoint Online, OneDrive for Business, Azure Active Directory, Microsoft Teams, Power BI, Sway, and other services. -The Microsoft 365 Defender portal and the Microsoft 365 compliance center provide two ways to monitor and report against the audit log: +The Microsoft 365 Defender portal and the Microsoft Purview compliance portal provide two ways to monitor and report against the audit log: -- Set up alert policies, view alerts, and monitor trendsΓÇöUse the alert policy and alert dashboard tools in either the Microsoft 365 Defender portal or the Microsoft 365 compliance center. +- Set up alert policies, view alerts, and monitor trendsΓÇöUse the alert policy and alert dashboard tools in either the Microsoft 365 Defender portal or the Microsoft Purview compliance portal. - Search the audit log directly: Search for all events in a specified date rage. Or you can filter the results based on specific criteria, such as the user who performed the action, the action, or the target object. Information compliance and security teams can use these tools to proactively review activities performed by both end users and administrators across services. Automatic alerts can be configured to send email notifications when certain activities occur on specific site collections - for example when content is shared from sites known to contain GDPR-related information. This allows those teams to follow up with users to ensure that corporate security policies are followed, or to provide additional training.
security	Office 365 Air	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/office-365-air.md	Microsoft 365 provides many built-in alert policies that help identify Exchange \|A user is restricted from sending email\|High\|This alert is generated when someone in your organization is restricted from sending outbound mail. This alert typically results when an [email account is compromised](responding-to-a-compromised-email-account.md). <p> For more information about restricted users, see [Remove blocked users from the Restricted Users portal in Microsoft 365](removing-user-from-restricted-users-portal-after-spam.md).\| > [!TIP] -> To learn more about alert policies or edit the default settings, see [Alert policies in the Microsoft 365 compliance center](../../compliance/alert-policies.md). +> To learn more about alert policies or edit the default settings, see [Alert policies in the Microsoft Purview compliance portal](../../compliance/alert-policies.md). ## Required permissions to use AIR capabilities
security	Permissions In The Security And Compliance Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center.md	The following table lists the default role groups that are available in the Secu Managing permissions in the Security & Compliance Center only gives users access to the compliance features that are available within the Security & Compliance Center itself. If you want to grant permissions to other compliance features that aren't in the Security & Compliance Center, such as Exchange mail flow rules (also known as transport rules), you need to use the Exchange admin center (EAC). For more information, see [Permissions in Exchange Online](/exchange/permissions-exo/permissions-exo). -To see how to grant access to the Security & Compliance Center, check out [Give users access to Microsoft 365 Compliance admin center](grant-access-to-the-security-and-compliance-center.md). +To see how to grant access to the Security & Compliance Center, check out [Give users access to Microsoft Purview admin center](grant-access-to-the-security-and-compliance-center.md). > [!NOTE] > To view the Permissions tab in the Security & Compliance Center, you need to be an admin. Specifically, you need to be assigned the Role Management role, and that role is assigned only to the Organization Management role group in the Security & Compliance Center by default. Furthermore, the Role Management role allows users to view, create, and modify role groups. To see how to grant access to the Security & Compliance Center, check out [Give \|Content Explorer Content Viewer\|View the contents files in Content explorer.\|Data Classification Content Viewer\| \|Content Explorer List Viewer\|View all items in Content explorer in list format only.\|Data Classification List Viewer\| \|Data Investigator\|Perform searches on mailboxes, SharePoint Online sites, and OneDrive for Business locations.\|Communication <br/><br/> Compliance Search <br/><br/> Custodian <br/><br/> Data Investigation Management <br/><br/> Export <br/><br/> Preview <br/><br/> Review <br/><br/> RMS Decrypt <br/><br/> Search And Purge\| -\|eDiscovery Manager\|Members can perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. Members can also create and manage eDiscovery cases, add and remove members to a case, create and edit Content Searches associated with a case, and access case data in Advanced eDiscovery. <br/><br/> An eDiscovery Administrator is a member of the eDiscovery Manager role group who has been assigned additional permissions. In addition to the tasks that an eDiscovery Manager can perform, an eDiscovery Administrator can:<ul><li>View all eDiscovery cases in the organization.</li><li>Manage any eDiscovery case after they add themselves as a member of the case.</li></ul> <br/><br/> The primary difference between an eDiscovery Manager and an eDiscovery Administrator is that an eDiscovery Administrator can access all cases that are listed on the eDiscovery cases page in the Security & Compliance Center. An eDiscovery manager can only access the cases they created or cases they are a member of. For more information about making a user an eDiscovery Administrator, see [Assign eDiscovery permissions in the Security & Compliance Center](../../compliance/assign-ediscovery-permissions.md).\|Case Management <br/><br/> Communication <br/><br/> Compliance Search <br/><br/> Custodian <br/><br/> Export <br/><br/> Hold <br/><br/> Preview <br/><br/> Review <br/><br/> RMS Decrypt\| +\|eDiscovery Manager\|Members can perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. Members can also create and manage eDiscovery cases, add and remove members to a case, create and edit Content Searches associated with a case, and access case data in eDiscovery (Premium). <br/><br/> An eDiscovery Administrator is a member of the eDiscovery Manager role group who has been assigned additional permissions. In addition to the tasks that an eDiscovery Manager can perform, an eDiscovery Administrator can:<ul><li>View all eDiscovery cases in the organization.</li><li>Manage any eDiscovery case after they add themselves as a member of the case.</li></ul> <br/><br/> The primary difference between an eDiscovery Manager and an eDiscovery Administrator is that an eDiscovery Administrator can access all cases that are listed on the eDiscovery cases page in the Security & Compliance Center. An eDiscovery manager can only access the cases they created or cases they are a member of. For more information about making a user an eDiscovery Administrator, see [Assign eDiscovery permissions in the Security & Compliance Center](../../compliance/assign-ediscovery-permissions.md).\|Case Management <br/><br/> Communication <br/><br/> Compliance Search <br/><br/> Custodian <br/><br/> Export <br/><br/> Hold <br/><br/> Preview <br/><br/> Review <br/><br/> RMS Decrypt\| \|Global Reader\|Members have read-only access to reports, alerts, and can see all the configuration and settings. <br/><br/> The primary difference between Global Reader and Security Reader is that a Global Reader can access configuration and settings.\|Security Reader <br/><br/> Sensitivity Label Reader <br/><br/> Service Assurance View <br/><br/> View-Only Audit Logs <br/><br/> View-Only Device Management <br/><br/> View-Only DLP Compliance Management <br/><br/> View-Only IB Compliance Management <br/><br/> View-Only Manage Alerts <br/><br/> View-Only Recipients <br/><br/> View-Only Record Management <br/><br/> View-Only Retention Management\| \|Information Protection\|Full control over all information protection features, including sensitivity labels and their policies, DLP, all classifier types, activity and content explorers, and all related reports.\|Data Classification Content Viewer <br/><br/> Information Protection Admin <br/><br/> Information Protection Analyst <br/><br/> Information Protection Investigator <br/><br/> Information Protection Reader\| \|Information Protection Admins\|Create, edit, and delete DLP policies, sensitivity labels and their policies, and all classifier types. Manage endpoint DLP settings and simulation mode for auto-labeling policies.\|Information Protection Admin\| To see how to grant access to the Security & Compliance Center, check out [Give \|IRM Contributors\|This role group is visible, but is used by background services only.\|Insider Risk Management Permanent contribution <br/><br/> Insider Risk Management Temporary contribution\| \|Knowledge Administrators\|Configure knowledge, learning, assign trainings and other intelligent features.\|Knowledge Admin\| \|MailFlow Administrator\|Members can monitor and view mail flow insights and reports in the Security & Compliance Center. Global admins can add ordinary users to this group, but, if the user isn't a member of the Exchange Admin group, the user will not have access to Exchange admin-related tasks.\|View-Only Recipients\| -\|Organization Management<sup>1</sup>\|Members can control permissions for accessing features in the Security & Compliance Center, and also manage settings for device management, data loss prevention, reports, and preservation. <br/><br/> Users who are not global administrators must be Exchange administrators to see and take action on devices that are managed by Basic Mobility and Security for Microsoft 365 (formerly known as Mobile Device Management or MDM). <br/><br/> Global admins are automatically added as members of this role group, but you won't see them in the output of the [Get-RoleGroupMember](/powershell/module/exchange/get-rolegroupmember) cmdlet in [Security & Compliance Center PowerShell](/powershell/module/exchange/get-rolegroupmember).\|Audit Logs <br/><br/> Case Management <br/><br/> Communication Compliance Admin <br/><br/> Communication Compliance Case Management <br/><br/> Compliance Administrator <br/><br/> Compliance Search <br/><br/> Data Connector Admin <br/><br/> Device Management <br/><br/> DLP Compliance Management <br/><br/> Hold <br/><br/> IB Compliance Management <br/><br/> Insider Risk Management Admin <br/><br/> Manage Alerts <br/><br/> Organization Configuration <br/><br/> Quarantine <br/><br/> RecordManagement <br/><br/> Retention Management <br/><br/> Role Management <br/><br/> Search And Purge <br/><br/> Security Administrator <br/><br/> Security Reader <br/><br/> Sensitivity Label Administrator <br/><br/> Sensitivity Label Reader <br/><br/> Service Assurance View <br/><br/> Tag Contributor <br/><br/> Tag Manager <br/><br/> Tag Reader <br/><br/> View-Only Audit Logs <br/><br/> View-Only Device Management <br/><br/> View-Only DLP Compliance Management <br/><br/> View-Only IB Compliance Management <br/><br/> View-Only Case <br/><br/> View-Only Manage Alerts <br/><br/> View-Only Recipients <br/><br/> View-Only Record Management <br/><br/> View-Only Retention Management\| -\|Privacy Management\|Manage access control for Priva in the Microsoft 365 compliance center.\|Case Management <br/><br/> Data Classification Content Viewer <br/><br/> Data Classification List Viewer <br/><br/> Privacy Management Admin <br/><br/> Privacy Management Analysis <br/><br/> Privacy Management Investigation <br/><br/> Privacy Management Permanent contribution <br/><br/> Privacy Management Temporary contribution <br/><br/> Privacy Management Viewer <br/><br/> Subject Rights Request Admin <br/><br/> View-Only Case\| -\|Privacy Management Administrators\|Administrators of privacy management solution that can create/edit policies and define global settings.\|Case Management <br/><br/> Privacy Management Admin <br/><br/> View-Only Case\| -\|Privacy Management Analysts\|Analysts of privacy management solution that can investigate policy matches, view messages meta data, and take remediation actions.\|Case Management <br/><br/> Data Classification List Viewer <br/><br/> Privacy Management Analysis <br/><br/> View-Only Case\| -\|Privacy Management Contributors\|Manage contributor access for privacy management cases.\|Privacy Management Permanent contribution <br/><br/> Privacy Management Temporary contribution\| -\|Privacy Management Investigators\|Investigators of privacy management solution that can investigate policy matches, view message content, and take remediation actions.\|Case Management <br/><br/> Data Classification Content Viewer <br/><br/> Data Classification List Viewer <br/><br/> Privacy Management Investigation <br/><br/> View-Only Case\| -\|Privacy Management Viewers\|Viewer of privacy management solution that can access the available dashboards and widgets.\|Data Classification List Viewer <br/><br/> Privacy Management Viewer\| +\|Organization Management<sup>1</sup>\|Members can control permissions for accessing features in the Security & Compliance Center, and also manage settings for device management, data loss prevention, reports, and preservation. <p> Users who are not global administrators must be Exchange administrators to see and take action on devices that are managed by Basic Mobility and Security for Microsoft 365 (formerly known as Mobile Device Management or MDM). <p> Global admins are automatically added as members of this role group, but you won't see them in the output of the [Get-RoleGroupMember](/powershell/module/exchange/get-rolegroupmember) cmdlet in [Security & Compliance Center PowerShell](/powershell/module/exchange/get-rolegroupmember).\|Audit Logs <p><p> Case Management <p> Communication Compliance Admin <p> Communication Compliance Case Management <p> Compliance Administrator <p> Compliance Search <p> Data Connector Admin <p> Device Management <p> DLP Compliance Management <p> Hold <p> IB Compliance Management <p> Insider Risk Management Admin <p> Manage Alerts <p> Organization Configuration <p> Quarantine <p> RecordManagement <p> Retention Management <p> Role Management <p> Search And Purge <p> Security Administrator <p> Security Reader <p> Sensitivity Label Administrator <p> Sensitivity Label Reader <p> Service Assurance View <p> Tag Contributor <p> Tag Manager <p> Tag Reader <p> View-Only Audit Logs <p> View-Only Device Management <p> View-Only DLP Compliance Management <p> View-Only IB Compliance Management <p> View-Only Case <p> View-Only Manage Alerts <p> View-Only Recipients <p> View-Only Record Management <p> View-Only Retention Management\| +\|Privacy Management\|Manage access control for Priva in the Microsoft Purview compliance portal.\|Case Management <p><p> Data Classification Content Viewer <p> Data Classification List Viewer <p> Privacy Management Admin <p> Privacy Management Analysis <p> Privacy Management Investigation <p> Privacy Management Permanent contribution <p> Privacy Management Temporary contribution <p> Privacy Management Viewer <p> Subject Rights Request Admin <p> View-Only Case\| +\|Privacy Management Administrators\|Administrators of privacy management solution that can create/edit policies and define global settings.\|Case Management <p><p> Privacy Management Admin <p> View-Only Case\| +\|Privacy Management Analysts\|Analysts of privacy management solution that can investigate policy matches, view messages meta data, and take remediation actions.\|Case Management <p><p> Data Classification List Viewer <p> Privacy Management Analysis <p> View-Only Case\| +\|Privacy Management Contributors\|Manage contributor access for privacy management cases.\|Privacy Management Permanent contribution <p><p> Privacy Management Temporary contribution\| +\|Privacy Management Investigators\|Investigators of privacy management solution that can investigate policy matches, view message content, and take remediation actions.\|Case Management <p><p> Data Classification Content Viewer <p> Data Classification List Viewer <p> Privacy Management Investigation <p> View-Only Case\| +\|Privacy Management Viewers\|Viewer of privacy management solution that can access the available dashboards and widgets.\|Data Classification List Viewer <p><p> Privacy Management Viewer\| \|Quarantine Administrator\|Members can access all Quarantine actions. For more information, see [Manage quarantined messages and files as an admin in EOP](manage-quarantined-messages-and-files.md)\|Quarantine\| -\|Records Management\|Members can configure all aspects of records management, including retention labels and disposition reviews.\|Disposition Management <br/><br/> RecordManagement <br/><br/> Retention Management\| -\|Reviewer\|Members can access review sets in [Advanced eDiscovery](../../compliance/overview-ediscovery-20.md) cases. Members of this role group can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft 365 compliance center that they're members of. After the user accesses an Advanced eDiscovery case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Members of this role group can only access the data in a review set.\|Review\| -\|Security Administrator\|Members have access to a number of security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and Security & Compliance Center. <br/><br/> By default, this role group may not appear to have any members. However, the Security Administrator role from Azure Active Directory is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Administrator role from Azure Active Directory. <br/><br/> To manage permissions centrally, add and remove group members in the Azure Active Directory admin center. For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference). If you edit this role group in the Security & Compliance Center (membership or roles), those changes apply only to the Security & Compliance Center and not to any other services. <br/><br/> This role group includes all of the read-only permissions of the Security reader role, plus a number of additional administrative permissions for the same -\|Security Operator\|Members can manage security alerts, and also view reports and settings of security features.\|Compliance Search <br/><br/> Manage Alerts <br/><br/> Security Reader <br/><br/> Tag Contributor <br/><br/> Tag Reader <br/><br/> Tenant AllowBlockList Manager <br/><br/> View-Only Audit Logs <br/><br/> View-Only Device Management <br/><br/> View-Only DLP Compliance Management <br/><br/> View-Only IB Compliance Management <br/><br/> View-Only Manage Alerts\| -\|Security Reader\|Members have read-only access to a number of security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and Security & Compliance Center. <br/><br/> By default, this role group may not appear to have any members. However, the Security Reader role from Azure Active Directory is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Reader role from Azure Active Directory. <br/><br/> To manage permissions centrally, add and remove group members in the Azure Active Directory admin center. For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference). If you edit this role group in the Security & Compliance Center (membership or roles), those changes apply only to the Security & Compliance Center and not to any other services.\|Security Reader <br/><br/> Sensitivity Label Reader <br/><br/> Tag Reader <br/><br/> View-Only Device Management <br/><br/> View-Only DLP Compliance Management <br/><br/> View-Only IB Compliance Management <br/><br/> View-Only Manage Alerts\| +\|Records Management\|Members can configure all aspects of records management, including retention labels and disposition reviews.\|Disposition Management <p><p> RecordManagement <p> Retention Management\| +\|Reviewer\|Members can access review sets in [eDiscovery (Premium)](../../compliance/overview-ediscovery-20.md) cases. Members of this role group can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft Purview compliance portal that they're members of. After the user accesses an eDiscovery (Premium) case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Members of this role group can only access the data in a review set.\|Review\| +\|Security Administrator\|Members have access to a number of security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and Security & Compliance Center. <p> By default, this role group may not appear to have any members. However, the Security Administrator role from Azure Active Directory is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Administrator role from Azure Active Directory. <p> To manage permissions centrally, add and remove group members in the Azure Active Directory admin center. For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference). If you edit this role group in the Security & Compliance Center (membership or roles), those changes apply only to the Security & Compliance Center and not to any other services. <p> This role group includes all of the read-only permissions of the Security reader role, plus a number of additional administrative permissions for the same +\|Security Operator\|Members can manage security alerts, and also view reports and settings of security features.\|Compliance Search <p><p> Manage Alerts <p> Security Reader <p> Tag Contributor <p> Tag Reader <p> Tenant AllowBlockList Manager <p> View-Only Audit Logs <p> View-Only Device Management <p> View-Only DLP Compliance Management <p> View-Only IB Compliance Management <p> View-Only Manage Alerts\| +\|Security Reader\|Members have read-only access to a number of security features of Identity Protection Center, Privileged Identity Management, Monitor Microsoft 365 Service Health, and Security & Compliance Center. <p> By default, this role group may not appear to have any members. However, the Security Reader role from Azure Active Directory is assigned to this role group. Therefore, this role group inherits the capabilities and membership of the Security Reader role from Azure Active Directory. <p> To manage permissions centrally, add and remove group members in the Azure Active Directory admin center. For more information, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference). If you edit this role group in the Security & Compliance Center (membership or roles), those changes apply only to the Security & Compliance Center and not to any other services.\|Security Reader <p><p> Sensitivity Label Reader <p> Tag Reader <p> View-Only Device Management <p> View-Only DLP Compliance Management <p> View-Only IB Compliance Management <p> View-Only Manage Alerts\| \|Service Assurance User\|Members can access the Service assurance section in the Security & Compliance Center. Service assurance provides reports and documents that describe Microsoft's security practices for customer data that's stored in Microsoft 365. It also provides independent third-party audit reports on Microsoft 365. For more information, see [Service assurance in the Security & Compliance Center](../../compliance/service-assurance.md).\|Service Assurance View\| \|Subject Rights Request Administrators\|Create subject rights requests.\|Case Management <br/><br/> Subject Rights Request Admin <br/><br/> View-Only Case\| \|Supervisory Review\|Members can create and manage the policies that define which communications are subject to review in an organization. For more information, see [Configure communication compliance policies for your organization](../../compliance/communication-compliance-configure.md).\|Supervisory Review Administrator\| Note that the following roles aren't assigned to the Organization Management rol \|Attack Simulator Payload Author\|Don't use this role in the Security & Compliance Center. Use the corresponding role in Azure AD.\|Attack Simulator Payload Authors\| \|Audit Logs\|Turn on and configure auditing for the organization, view the organization's audit reports, and then export these reports to a file.\|Organization Management <br/><br/> Security Administrator\| \|Case Management\|Create, edit, delete, and control access to eDiscovery cases.\|Communication Compliance <br/><br/> Communication Compliance Investigators <br/><br/> Compliance Administrator <br/><br/> eDiscovery Manager <br/><br/> Insider Risk Management <br/><br/> Insider Risk Management Admins <br/><br/> Insider Risk Management Analysts <br/><br/> Insider Risk Management Investigators <br/><br/> Organization Management <br/><br/> Privacy Management <br/><br/> Privacy Management Administrators <br/><br/> Privacy Management Analysts <br/><br/> Privacy Management Investigators <br/><br/> Subject Rights Request Administrators\| -\|Communication\|Manage all communications with the custodians identified in an Advanced eDiscovery case. Create hold notifications, hold reminders, and escalations to management. Track custodian acknowledgment of hold notifications and manage access to the custodian portal that is used by each custodian in a case to track communications for the cases where they were identified as a custodian.\|Data Investigator <br/><br/> eDiscovery Manager\| +\|Communication\|Manage all communications with the custodians identified in an eDiscovery (Premium) case. Create hold notifications, hold reminders, and escalations to management. Track custodian acknowledgment of hold notifications and manage access to the custodian portal that is used by each custodian in a case to track communications for the cases where they were identified as a custodian.\|Data Investigator <br/><br/> eDiscovery Manager\| \|Communication Compliance Admin\|Used to manage policies in the Communication Compliance feature.\|Communication Compliance <br/><br/> Communication Compliance Administrators <br/><br/> Compliance Administrator <br/><br/> Organization Management\| \|Communication Compliance Analysis\|Used to perform investigation, remediation of the message violations in the Communication Compliance feature. Can only view message meta data.\|Communication Compliance <br/><br/> Communication Compliance Analysts <br/><br/> Communication Compliance Investigators\| \|Communication Compliance Case Management\|Used to access Communication Compliance cases.\|Communication Compliance <br/><br/> Communication Compliance Administrators <br/><br/> Communication Compliance Analysts <br/><br/> Communication Compliance Investigators <br/><br/> Communication Compliance Viewers <br/><br/> Compliance Administrator <br/><br/> Organization Management\| Note that the following roles aren't assigned to the Organization Management rol \|Compliance Manager Contribution\|Create assessments and perform work to implement improvement actions.\|Compliance Manager Administrators <br/><br/> Compliance Manager Assessors <br/><br/> Compliance Manager Contributors\| \|Compliance Manager Reader\|View all Compliance Manager content except for administrator functions.\|Compliance Manager Administrators <br/><br/> Compliance Manager Assessors <br/><br/> Compliance Manager Contributors <br/><br/> Compliance Manager Readers\| \|Compliance Search\|Perform searches across mailboxes and get an estimate of the results.\|Compliance Administrator <br/><br/> Compliance Data Administrator <br/><br/> Data Investigator <br/><br/> eDiscovery Manager <br/><br/> Organization Management <br/><br/> Security Operator\| -\|Custodian\|Identify and manage custodians for Advanced eDiscovery cases and use the information from Azure Active Directory and other sources to find data sources associated with custodians. Associate other data sources such as mailboxes, SharePoint sites, and Teams with custodians in a case. Place a legal hold on the data sources associated with custodians to preserve content in the context of a case.\|Data Investigator <br/><br/> eDiscovery Manager\| +\|Custodian\|Identify and manage custodians for eDiscovery (Premium) cases and use the information from Azure Active Directory and other sources to find data sources associated with custodians. Associate other data sources such as mailboxes, SharePoint sites, and Teams with custodians in a case. Place a legal hold on the data sources associated with custodians to preserve content in the context of a case.\|Data Investigator <br/><br/> eDiscovery Manager\| \|Data Classification Content Viewer\|View in-place rendering of files in Content explorer.\|Content Explorer Content Viewer <br/><br/> Information Protection <br/><br/> Information Protection Investigators <br/><br/> Privacy Management <br/><br/> Privacy Management Investigators\| \|Data Classification Feedback Provider\|Allows providing feedback to classifiers in content explorer.\|Communication Compliance <br/><br/> Communication Compliance Investigators <br/><br/> Compliance Administrator\| \|Data Classification Feedback Reviewer\|Allows reviewing feedback from classifiers in feedback explorer.\|Compliance Administrator\| Note that the following roles aren't assigned to the Organization Management rol \|Insider Risk Management Sessions\|Allow managing group modification requests for session recording.\|Insider Risk Management <br/><br/> Insider Risk Management Session Approvers\| \|Insider Risk Management Temporary contribution\|This role group is visible, but is used by background services only.\|IRM Contributors\| \|Knowledge Admin\|Configure knowledge, learning, assign trainings and other intelligent features.\|Knowledge Administrators\| -\|Manage Alerts\|View and edit settings and reports for alerts.\|Compliance Administrator <br/><br/> Compliance Data Administrator <br/><br/> Organization Management <br/><br/> Security Administrator <br/><br/> Security Operator\| -\|Organization Configuration\|Run, view, and export audit reports and manage compliance policies for DLP, devices, and preservation.\|Compliance Administrator <br/><br/> Compliance Data Administrator <br/><br/> Organization Management\| -\|Preview\|View a list of items that are returned from content searches, and open each item from the list to view its contents.\|Data Investigator <br/><br/> eDiscovery Manager\| -\|Privacy Management Admin\|Manage policies in Privacy Management and has access to all functionality of the solution.\|Privacy Management <br/><br/> Privacy Management Administrators\| -\|Privacy Management Analysis\|Perform investigation and remediation of the message violations in Privacy Management. Can only view messages metadata.\|Privacy Management <br/><br/> Privacy Management Analysts\| -\|Privacy Management Investigation\|Perform investigation, remediation, and review message violations in Privacy Management. Can view message metadata and the full message.\|Privacy Management <br/><br/> Privacy Management Investigators\| -\|Privacy Management Permanent contribution\|Access Privacy Management cases as a permanent contributor.\|Privacy Management <br/><br/> Privacy Management Contributors\| -\|Privacy Management Temporary contribution\|Access Privacy Management cases as a temporary contributor.\|Privacy Management <br/><br/> Privacy Management Contributors\| -\|Privacy Management Viewer\|Access dashboards and widgets in Privacy Management.\|Privacy Management <br/><br/> Privacy Management Viewers\| -\|Quarantine\|Allows viewing and releasing quarantined email.\|Quarantine Administrator <br/><br/> Security Administrator <br/><br/> Organization Management\| -\|RecordManagement\|View and edit the configuration of the records management feature.\|Compliance Administrator <br/><br/> Compliance Data Administrator <br/><br/> Organization Management <br/><br/> Records Management\| -\|Retention Management\|Manage retention policies, retention labels, and retention label policies.\|Compliance Administrator <br/><br/> Compliance Data Administrator <br/><br/> Organization Management <br/><br/> Records Management\| -\|Review\|This role lets users access review sets in Advanced eDiscovery cases. Users who are assigned this role can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft 365 compliance center that they're members of. After the user accesses an Advanced eDiscovery case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Users with this role can only access the data in a review set.\|Data Investigator <br/><br/> eDiscovery Manager <br/><br/> Reviewer\| -\|RMS Decrypt\|Decrypt RMS-protected content when exporting search results.\|Data Investigator <br/><br/> eDiscovery Manager\| +\|Manage Alerts\|View and edit settings and reports for alerts.\|Compliance Administrator <p><p> Compliance Data Administrator <p> Organization Management <p> Security Administrator <p> Security Operator\| +\|Organization Configuration\|Run, view, and export audit reports and manage compliance policies for DLP, devices, and preservation.\|Compliance Administrator <p><p> Compliance Data Administrator <p> Organization Management\| +\|Preview\|View a list of items that are returned from content searches, and open each item from the list to view its contents.\|Data Investigator <p><p> eDiscovery Manager\| +\|Privacy Management Admin\|Manage policies in Privacy Management and has access to all functionality of the solution.\|Privacy Management <p><p> Privacy Management Administrators\| +\|Privacy Management Analysis\|Perform investigation and remediation of the message violations in Privacy Management. Can only view messages metadata.\|Privacy Management <p> Privacy Management Analysts\| +\|Privacy Management Investigation\|Perform investigation, remediation, and review message violations in Privacy Management. Can view message metadata and the full message.\|Privacy Management <p><p> Privacy Management Investigators\| +\|Privacy Management Permanent contribution\|Access Privacy Management cases as a permanent contributor.\|Privacy Management <p><p> Privacy Management Contributors\| +\|Privacy Management Temporary contribution\|Access Privacy Management cases as a temporary contributor.\|Privacy Management <p><p> Privacy Management Contributors\| +\|Privacy Management Viewer\|Access dashboards and widgets in Privacy Management.\|Privacy Management <p><p> Privacy Management Viewers\| +\|Quarantine\|Allows viewing and releasing quarantined email.\|Quarantine Administrator <p><p> Security Administrator <p> Organization Management\| +\|RecordManagement\|View and edit the configuration of the records management feature.\|Compliance Administrator <p><p> Compliance Data Administrator <p> Organization Management <p> Records Management\| +\|Retention Management\|Manage retention policies, retention labels, and retention label policies.\|Compliance Administrator <p><p> Compliance Data Administrator <p> Organization Management <p> Records Management\| +\|Review\|This role lets users access review sets in eDiscovery (Premium) cases. Users who are assigned this role can see and open the list of cases on the eDiscovery > Advanced page in the Microsoft Purview compliance portal that they're members of. After the user accesses an eDiscovery (Premium) case, they can select Review sets to access case data. This role doesn't allow the user to preview the results of a collection search that's associated with the case or do other search or case management tasks. Users with this role can only access the data in a review set.\|Data Investigator <p><p> eDiscovery Manager <p> Reviewer\| +\|RMS Decrypt\|Decrypt RMS-protected content when exporting search results.\|Data Investigator <p><p> eDiscovery Manager\| \|Role Management\|Manage role group membership and create or delete custom role groups.\|Organization Management\| \|Search And Purge\|Lets people bulk-remove data that matches the criteria of a content search.\|Data Investigator <br/><br/> Organization Management\| \|Security Administrator\|View and edit the configuration and reports for Security features.\|Organization Management <br/><br/> Security Administrator\|
security	Permissions Microsoft 365 Security Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/permissions-microsoft-365-security-center.md	The Microsoft 365 Defender portal at <https://security.microsoft.com> supports d To manage permissions in the Microsoft 365 Defender portal, go to Permissions & roles or <https://security.microsoft.com/securitypermissions>. You need to be a global administrator or a member of the Organization Management role group in the Microsoft 365 Defender portal. Specifically, the Role Management role allows users to view, create, and modify role groups in the Microsoft 365 Defender portal, and by default, that role is assigned only to the Organization Management role group. > [!NOTE] -> For information about permissions in the Microsoft 365 compliance center, see [Permissions in the Microsoft 365 compliance center](../../compliance/microsoft-365-compliance-center-permissions.md). +> For information about permissions in the Microsoft Purview compliance portal, see [Permissions in the Microsoft Purview compliance portal](../../compliance/microsoft-365-compliance-center-permissions.md). ## Relationship of members, roles, and role groups The following types of roles and role groups are available in on the Permissio - Azure AD roles: You can view the roles and assigned users, but you can't manage them directly in the Microsoft 365 Defender portal. Azure AD roles are central roles that assign permissions for all Microsoft 365 services. -- Email & collaboration roles: These are the same role groups that are available in the Security & Compliance Center, but you can manage them directly in the Microsoft 365 Defender portal. The permissions that you assign here are specific to the Microsoft 365 Defender portal, the Microsoft 365 compliance center, and the Security & Compliance Center, and don't cover all of the permissions that are needed in other Microsoft 365 workloads. +- Email & collaboration roles**: These are the same role groups that are available in the Security & Compliance Center, but you can manage them directly in the Microsoft 365 Defender portal. The permissions that you assign here are specific to the Microsoft 365 Defender portal, the Microsoft Purview compliance portal, and the Security & Compliance Center, and don't cover all of the permissions that are needed in other Microsoft 365 workloads. :::image type="content" source="../../media/m365-sc-permissions-and-roles-page.png" alt-text="The Permissions & roles page in the Microsoft 365 Defender portal" lightbox="../../media/m365-sc-permissions-and-roles-page.png":::
security	Protect Against Threats	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/protect-against-threats.md	To receive notification when a file in SharePoint Online or OneDrive for Busines 6. On the Review your settings page, review your settings, verify Yes, turn it on right away is selected, and then click Finish -To learn more about alert policies, see [Alert policies in the Microsoft 365 compliance center](../../compliance/alert-policies.md). +To learn more about alert policies, see [Alert policies in the Microsoft Purview compliance portal](../../compliance/alert-policies.md). > [!NOTE] > When you're finished configuring, use these links to start workload investigations:
security	Reports And Insights In Security And Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance.md	A wide variety of reports are available in the Security & Compliance Center. (Go \|Type of information\|How to get there\|Where to go to learn more\| \|\|\|\| -\|Security & Compliance Center reports (all up) <p> Top insights and recommendations, and links to Security & Compliance reports, including data loss prevention reports, labels, email security reports, Defender for Office 365 reports, and more\|In the Security & Compliance Center, go to Reports \> Dashboard\|[Reports in the Security & Compliance Center](../../compliance/reports-in-security-and-compliance.md)\| +\|Security & Compliance Center reports (all up) <p> Top insights and recommendations, and links to Security & Compliance reports, including Microsoft Purview Data Loss Prevention reports, labels, email security reports, Defender for Office 365 reports, and more\|In the Security & Compliance Center, go to Reports \> Dashboard\|[Reports in the Security & Compliance Center](../../compliance/reports-in-security-and-compliance.md)\| \|Data loss prevention <p> Data loss prevention policy matches, false positives and overrides, and links to create or edit policies\|In the Security & Compliance Center, go to Data loss prevention \> Policy\|[View the reports for data loss prevention](../../compliance/view-the-dlp-reports.md)\| \|Data governance <p> Information about how labels are applied, labels classified as records, label trends, and more\|In the Security & Compliance Center, go to Information governance \> Dashboard\|[View the data governance reports](../../compliance/view-the-data-governance-reports.md)\| \|Threat management dashboard (this is also referred to as the Security dashboard) <p> Threat detections, malware trends, top targeted users, details about sent and received email messages, and more\|In the Security & Compliance Center, go to Vulnerability Management \> Dashboard\|[View reports for Defender for Office 365](view-reports-for-mdo.md)\|
security	Secure Email Recommended Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/secure-email-recommended-policies.md	See the steps to configure this policy in [Manage messaging collaboration access ## Set up message encryption -With the new Office 365 Message Encryption (OME) capabilities, which leverage the protection features in Azure Information Protection, your organization can easily share protected email with anyone on any device. Users can send and receive protected messages with other Microsoft 365 organizations as well as non-customers using Outlook.com, Gmail, and other email services. +With Microsoft Purview Message Encryption, which leverages the protection features in Azure Information Protection, your organization can easily share protected email with anyone on any device. Users can send and receive protected messages with other Microsoft 365 organizations as well as non-customers using Outlook.com, Gmail, and other email services. For more information, see [Set up new Office 365 Message Encryption capabilities](../../compliance/set-up-new-message-encryption-capabilities.md).
security	Security Roadmap	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/security-roadmap.md	These tasks can be accomplished quickly and have low impact to users. \|Security management\|<ul><li>Check Secure Score and take note of your current score (<https://security.microsoft.com/securescore>).</li><li>Turn on audit logging for Office 365. See [Search the audit log](../../compliance/search-the-audit-log-in-security-and-compliance.md).</li><li>[Configure Microsoft 365 for increased security](tenant-wide-setup-for-increased-security.md).</li><li>Regularly review dashboards and reports in the Microsoft 365 Defender portal and Defender for Cloud Apps.</li></ul>\| \|Threat protection\|[Connect Microsoft 365 to Microsoft Defender for Cloud Apps](/cloud-app-security/connect-office-365-to-microsoft-cloud-app-security) to start monitoring using the default threat detection policies for anomalous behaviors. It takes seven days to build a baseline for anomaly detection. <p> Implement protection for admin accounts:<ul><li>Use dedicated admin accounts for admin activity.</li><li>Enforce multi-factor authentication (MFA) for admin accounts.</li><li>Use a [highly secure Windows device](/windows-hardware/design/device-experiences/oem-highly-secure) for admin activity.</li></ul>\| \|Identity and access management\|<ul><li>[Enable Azure Active Directory Identity Protection](/azure/active-directory/active-directory-identityprotection-enable).</li><li>For federated identity environments, enforce account security (password length, age, complexity, etc.).</li></ul>\| -\|Information protection\|Review example information protection recommendations. Information protection requires coordination across your organization. Get started with these resources:<ul><li>[Office 365 Information Protection for GDPR](/compliance/regulatory/gdpr)</li><li>[Configure Teams with three tiers of protection](../../solutions/configure-teams-three-tiers-protection.md) (includes sharing, classification, data loss prevention, and Azure Information Protection)</li></ul>\| +\|Information protection\|Review example information protection recommendations. Information protection requires coordination across your organization. Get started with these resources:<ul><li>[Office 365 Information Protection for GDPR](/compliance/regulatory/gdpr)</li><li>[Configure Teams with three tiers of protection](../../solutions/configure-teams-three-tiers-protection.md) (includes sharing, classification, Microsoft Purview data loss prevention, and Azure Information Protection)</li></ul>\| ## 90 days ΓÇö enhanced protections <a name="Ninetydays"> </a> These tasks take a bit more time to plan and implement but greatly increase your \|Security management\|<ul><li>Check Secure Score for recommended actions for your environment (<https://security.microsoft.com/securescore>).</li><li>Continue to regularly review dashboards and reports in the Microsoft 365 Defender portal, Defender for Cloud Apps, and SIEM tools.</li><li>Look for and implement software updates.</li><li>Conduct attack simulations for spear-phishing, password-spray, and brute-force password attacks using [Attack simulation training](attack-simulation-training.md) (included with [Office 365 Threat Intelligence](office-365-ti.md).</li><li>Look for sharing risk by reviewing the built-in reports in Defender for Cloud Apps (on the Investigate tab).</li><li>Check [Compliance Manager](../../compliance/compliance-manager.md) to review status for regulations that apply to your organization (such as GDPR, NIST 800-171).</li></ul>\| \|Threat protection\|Implement enhanced protections for admin accounts: <ul><li>Configure [Privileged Access Workstations](/security/compass/privileged-access-devices) (PAWs) for admin activity.</li><li>Configure [Azure AD Privileged Identity Management](/azure/active-directory/active-directory-privileged-identity-management-configure).</li><li>Configure a security information and event management (SIEM) tool to collect logging data from Office 365, Defender for Cloud Apps, and other services, including AD FS. The audit log stores data for only 90 days. Capturing this data in SIEM tool allows you to store data for a longer period.</li></ul>\| \|Identity and access management\|<ul><li>Enable and enforce MFA for all users.</li><li>Implement a set of [conditional access and related policies](microsoft-365-policies-configurations.md).</li></ul>\| -\|Information protection\| Adapt and implement information protection policies. These resources include examples: <ul><li>[Office 365 Information Protection for GDPR](/compliance/regulatory/gdpr)</li><li>[Configure Teams with three tiers of protection](../../solutions/configure-teams-three-tiers-protection.md)</li></ul> <p> Use data loss prevention policies and monitoring tools in Microsoft 365 for data stored in Microsoft 365 (instead of Defender for Cloud Apps). <p> Use Defender for Cloud Apps with Microsoft 365 for advanced alerting features (other than data loss prevention).\| +\|Information protection\| Adapt and implement information protection policies. These resources include examples: <ul><li>[Office 365 Information Protection for GDPR](/compliance/regulatory/gdpr)</li><li>[Configure Teams with three tiers of protection](../../solutions/configure-teams-three-tiers-protection.md)</li></ul> <p> Use data loss prevention policies and monitoring tools in Microsoft Purview for data stored in Microsoft 365 (instead of Defender for Cloud Apps). <p> Use Defender for Cloud Apps with Microsoft 365 for advanced alerting features (other than data loss prevention).\| ## Beyond <a name="Beyond"> </a>
security	Threat Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer.md	You'll be able to see both the GUID and the name of the transport rules that wer > [!IMPORTANT] > ETR search and name availability depend on the specific role that's assigned to you. You need to have one of the following roles/permissions to view the ETR names and search. If you don't have any of these roles assigned to you, you can't see the names of the transport rules or search for messages by using ETR names. However, you could see the ETR label and GUID information in the Email Details. Other record-viewing experiences in Email Grids, Email flyouts, Filters, and Export are not affected. > -> - EXO Only - Data Loss Prevention: All +> - EXO Only - data loss prevention: All > - EXO Only - O365SupportViewConfig: All > - Microsoft Azure Active Directory or EXO - Security Admin: All > - AAD or EXO - Security Reader: All
security	Threat Hunting In Threat Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-hunting-in-threat-explorer.md	Names and GUIDs of the transport rules applied to the message appear. Analysts w > [!IMPORTANT] > Exchange transport rule search and name availability depend on the specific role assigned to you. You need to have one of the following roles or permissions to view the transport rule names and search. However, even without the roles or permissions below, an analyst may see the transport rule label and GUID information in the Email Details. Other record-viewing experiences in Email Grids, Email flyouts, Filters, and Export are not affected. > -> - Exchange Online Only - Data Loss Prevention: All +> - Exchange Online Only - data loss prevention: All > - Exchange Online Only - O365SupportViewConfig: All > - Microsoft Azure Active Directory or Exchange Online - Security Admin: All > - Azure Active Directory or Exchange Online - Security Reader: All
security	User Submission	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/user-submission.md	After you've verified that your mailbox meets all applicable prerequisites, you - Quarantine report message button: Enable this feature if you want to let end users report messages from quarantine. - When you're finished, click Confirm. To clear these values, click Restore +3. When you're finished, click Confirm. To clear these values, click Restore. ## Third-party reporting tools You can configure third-party message reporting tools to send reported messages to the custom mailbox. You would do this by setting the Microsoft Outlook Report Message button setting to Off and setting the My organization's mailbox to an Office 365 mailbox of your choice. -The only requirement is that the original message is included as a .EML or .MSG attachment (not compressed) in the message that's sent to the custom mailbox (don't just forward the original message to the custom mailbox). +The only requirement is that the original message is included as a .EML or .MSG attachment (not compressed) in the message that's sent to the custom mailbox (don't just forward the original message to the custom mailbox). + + > [!NOTE] + > If multiple email attachments are present in the email, then the submission will be discarded. We only support emails with one email attachment. The message formatting requirements are described in the next section. The formatting is optional, but if it does not follow the prescribed format, the reports will always be submitted as phish. For example: - Both of these messages are being reported as Not Junk based on Subject. - The rest is ignored. - Messages that don't follow this format will not display properly in the Submissions portal.
solutions	Best Practices Anonymous Sharing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/best-practices-anonymous-sharing.md	To set the default file and folder sharing link for a specific site ## Prevent unauthenticated sharing of sensitive content -You can use [data loss prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself. +You can use [Microsoft Purview data loss prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself. To create a DLP rule -1. In the Microsoft 365 compliance admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention). +1. In the Microsoft Purview admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention). 2. Click Create policy. 3. Choose Custom and click Next. 4. Type a name for the policy and click Next. See [ATP for SharePoint, OneDrive, and Microsoft Teams](../security/office-365-s ## Add copyright information to your files -If you use sensitivity labels in the Microsoft 365 Compliance admin center, you can configure your labels to add a watermark or a header or footer automatically to your organization's Office documents. In this way, you can make sure that shared files contain copyright or other ownership information. +If you use sensitivity labels in the Microsoft Purview admin center, you can configure your labels to add a watermark or a header or footer automatically to your organization's Office documents. In this way, you can make sure that shared files contain copyright or other ownership information. To add a footer to a labeled file -1. Open the [Microsoft 365 compliance admin center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview admin center](https://compliance.microsoft.com). 2. In the left navigation, under Solutions, click Information protection. 3. Click the label that you want to have add a footer, and then click Edit label. 4. Click Next to reach the Content marking tab, and then turn On content marking.
solutions	Cloud Architecture Models	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/cloud-architecture-models.md	This illustration provides a deployment plan for building Zero Trust security wi \| Item \| Description \| \|:--\|:--\| -\|[![Illustration of the Microsoft 365 Zero Trust deployment plan.](../medi)</li></ul> +\|[![Illustration of the Microsoft 365 Zero Trust deployment plan.](../medi)</li></ul> <a name="attacks"></a> ### Common attacks and Microsoft capabilities that protect your organization
solutions	Collaboration Governance Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/collaboration-governance-overview.md	This set of illustrations uses one of the most regulated industries, financial s \| Item \| Description \| \|:--\|:--\| -\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020\|Includes: <ul><li> Microsoft information protection and data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| +\|[![Model poster: Microsoft Purview information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020\|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| ## Conference sessions See a behind-the-scenes example of how Microsoft 365 Groups, SharePoint, Teams, [Microsoft 365 security documentation](../security/index.yml) -[Microsoft 365 compliance documentation](../compliance/index.yml) +[Microsoft Purview documentation](../compliance/index.yml)
solutions	Configure Teams Highly Sensitive Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/configure-teams-highly-sensitive-protection.md	If you already have sensitivity labels deployed in your organization, consider h Once you have enabled sensitivity labels for Teams, the next step is to create the label. To create a sensitivity label -1. Open the [Microsoft 365 compliance center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Under Solutions, click Information protection. 3. Click Create a label. 4. Give the label a name. We suggest Highly sensitive, but you can choose a different name if that one is already in use. To create a sensitivity label 22. On the Auto-labeling for database columns page, click Next. 23. Click Create label, and then click Done. -Once you've created the label, you need to publish it to the users who will use it. For sensitive protection, we'll make the label available to all users. You publish the label in the Microsoft 365 compliance center, on the Label policies tab of the Information protection page. If you have an existing policy that applies to all users, add this label to that policy. If you need to create a new policy, see [Publish sensitivity labels by creating a label policy](../compliance/create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy). +Once you've created the label, you need to publish it to the users who will use it. For sensitive protection, we'll make the label available to all users. You publish the label in the Microsoft Purview compliance portal, on the Label policies tab of the Information protection page. If you have an existing policy that applies to all users, add this label to that policy. If you need to create a new policy, see [Publish sensitivity labels by creating a label policy](../compliance/create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy). ## Create a team
solutions	Configure Teams Sensitive Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/configure-teams-sensitive-protection.md	If you already have sensitivity labels deployed in your organization, consider h Once you have enabled sensitivity labels for Teams, the next step is to create the label. To create a sensitivity label -1. Open the [Microsoft 365 compliance center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview compliance portal](https://compliance.microsoft.com). 2. Under Solutions, click Information protection. 3. Click Create a label. 4. Give the label a name. We suggest Sensitive, but you can choose a different name if that one is already in use. To create a sensitivity label 17. On the Auto-labeling for database columns page, click Next. 18. Click Create label, and then click Done. -Once you've created the label, you need to publish it to the users who will use it. For sensitive protection, we'll make the label available to all users. You publish the label in the Microsoft 365 compliance center, on the Label policies tab of the Information protection page. If you have an existing policy that applies to all users, add this label to that policy. If you need to create a new policy, see [Publish sensitivity labels by creating a label policy](../compliance/create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy). +Once you've created the label, you need to publish it to the users who will use it. For sensitive protection, we'll make the label available to all users. You publish the label in the Microsoft Purview compliance portal, on the Label policies tab of the Information protection page. If you have an existing policy that applies to all users, add this label to that policy. If you need to create a new policy, see [Publish sensitivity labels by creating a label policy](../compliance/create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy). ## Create a team
solutions	Create Secure Guest Sharing Environment	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/create-secure-guest-sharing-environment.md	To configure a guest session timeout policy ## Create a sensitive information type for a highly sensitive project -Sensitive information types are predefined strings that can be used in policy workflows to enforce compliance requirements. The Microsoft 365 Compliance Center comes with over one hundred sensitive information types, including driver's license numbers, credit card numbers, bank account numbers, etc. +Sensitive information types are predefined strings that can be used in policy workflows to enforce compliance requirements. The Microsoft Purview compliance portal comes with over one hundred sensitive information types, including driver's license numbers, credit card numbers, bank account numbers, etc. You can create custom sensitive information types to help manage content specific to your organization. In this example, we'll create a custom sensitive information type for a highly sensitive project. We can then use this sensitive information type to automatically apply a sensitivity label. To create a sensitive information type -1. In the [Microsoft 365 Compliance Center](https://compliance.microsoft.com), in the left navigation, expand Classification, and then click Sensitive info types. +1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), in the left navigation, expand Classification, and then click Sensitive info types. 2. Click Create. 3. For Name and Description, type Project Saturn, and then click Next. 4. Click Add an element. If you are using sensitivity labels in your organization, you can automatically To create an auto-labeling policy -1. Open the [Microsoft 365 compliance admin center](https://compliance.microsoft.com). +1. Open the [Microsoft Purview admin center](https://compliance.microsoft.com). 2. In the left navigation, click Information protection. 3. On the Auto-labeling tab, click Create auto-labeling policy. 4. On the Choose info you want this label applied to page, choose Custom and click Next. With the policy in place, when a user types "Project Saturn" into a document, th ## Create a DLP policy to remove guest access to highly sensitive files -You can use [data loss prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unwanted guest sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label and remove guest access. +You can use [Microsoft Purview data loss prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unwanted guest sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label and remove guest access. To create a DLP rule -1. In the Microsoft 365 compliance admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention). +1. In the Microsoft Purview admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention). 2. Click Create policy. 3. Choose Custom and click Next. 4. Type a name for the policy and click Next.
solutions	Empower People To Work Remotely Security Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/empower-people-to-work-remotely-security-compliance.md	Comply with internal policies or regulatory requirements with these compliance f \|Data Loss Protection (DLP)\|Detect, warn, and block risky, inadvertent, or inappropriate sharing, such as sharing of data containing personal information, both internally and externally.\|Microsoft 365 E3 or E5\| \|Conditional Access App Control\|Prevent sensitive data from being downloaded to users' personal devices.\|Microsoft 365 E3 or E5\| \|Data retention labels and policies\|Implement information governance controls, such as how long to keep data and requirements on the storage of personal data on customers, to comply with your organization's policies or data regulations.\|Microsoft 365 E3 or E5\| -\|Office message encryption (OME)\|Send and receive encrypted email messages between people inside and outside your organization that contains regulated data, such as personal data on customers.\|Microsoft 365 E3 or E5\| +\|Microsoft Purview Message Encryption\|Send and receive encrypted email messages between people inside and outside your organization that contains regulated data, such as personal data on customers.\|Microsoft 365 E3 or E5\| \|Compliance Manager\|Manage regulatory compliance activities related to Microsoft cloud services with this workflow-based risk assessment tool in the Microsoft Service Trust Portal.\|Microsoft 365 E3 or E5\| -\|Compliance Manager\|See an overall score of your current compliance configuration and recommendations for improving it in the Microsoft 365 compliance center.\|Microsoft 365 E3 or E5\| +\|Compliance Manager\|See an overall score of your current compliance configuration and recommendations for improving it in the Microsoft Purview compliance portal.\|Microsoft 365 E3 or E5\| \|Communication Compliance\|Detect, capture, and take remediation actions for inappropriate messages in your organization.\|Microsoft 365 E5 or Microsoft 365 E3 with the Compliance or Insider Risk Management add-ons\| \|Insider Risk Management\|Detect, investigate, and act on malicious and inadvertent risks in your organization. Microsoft 365 can detect these kinds of risks even when a worker is using an unmanaged device.\|Microsoft 365 E5 or Microsoft 365 E3 with the Compliance or Insider Risk Management add-ons\| \|\|\|\| -See [Quick tasks for getting started with Microsoft 365 compliance](../compliance/compliance-quick-tasks.md) for more information. +See [Quick tasks for getting started with Microsoft Purview](../compliance/compliance-quick-tasks.md) for more information. ## Results of Step 3
solutions	End Life Cycle Groups Teams Sites Yammer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/end-life-cycle-groups-teams-sites-yammer.md	Teams-specific content is primarily in the form of conversations. Conversations in channels can't be copied or moved using native Microsoft Teams functionality. They can however be exported using the Graph API. -Additionally, if a retention policy is applied to Teams, the conversations are retained and available through eDiscovery searches. Using advanced eDiscovery you can [reconstruct a Teams chat conversation](/microsoft-365/compliance/conversation-review-sets). +Additionally, if a retention policy is applied to Teams, the conversations are retained and available through eDiscovery searches. Using eDiscovery (Premium) you can [reconstruct a Teams chat conversation](/microsoft-365/compliance/conversation-review-sets). ### Archiving a team
solutions	Energy Secure Collaboration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/energy-secure-collaboration.md	As mentioned, Microsoft Office 365 and Office 365 U.S. Government have each achi Microsoft provides a key tool to assist with monitoring compliance with regulations over time: -- Microsoft Compliance Manager helps the organization understand its current compliance posture and the actions it can take to help improve that posture. Compliance Manager calculates a risk-based score measuring progress in completing actions that help reduce risks around data protection and regulatory standards. Compliance Manager provides an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that include common industry regulations and standards. While this score is a good starting point, Compliance Manager becomes more powerful once an organization adds assessments that are more relevant to their industry. Compliance Manager supports a number of regulatory standards that are relevant for NERC CIP compliance obligations, including the [FedRAMP Moderate Control Set](https://www.fedramp.gov/documents/), [NIST 800-53 Rev. 4](https://go.microsoft.com/fwlink/?linkid=2109075), and [AICPA SOC 2](https://go.microsoft.com/fwlink/?linkid=2115184). Energy industry organizations may also create or import custom control sets if needed. +- Microsoft Purview Compliance Manager helps the organization understand its current compliance posture and the actions it can take to help improve that posture. Compliance Manager calculates a risk-based score measuring progress in completing actions that help reduce risks around data protection and regulatory standards. Compliance Manager provides an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that include common industry regulations and standards. While this score is a good starting point, Compliance Manager becomes more powerful once an organization adds assessments that are more relevant to their industry. Compliance Manager supports a number of regulatory standards that are relevant for NERC CIP compliance obligations, including the [FedRAMP Moderate Control Set](https://www.fedramp.gov/documents/), [NIST 800-53 Rev. 4](https://go.microsoft.com/fwlink/?linkid=2109075), and [AICPA SOC 2](https://go.microsoft.com/fwlink/?linkid=2115184). Energy industry organizations may also create or import custom control sets if needed. The workflow capabilities built into Compliance Manager allow energy organizations to transform and digitize their regulatory compliance processes. Traditionally, compliance teams in the energy industry face the following challenges: - Inconsistent reporting or tracking of progress on remediation actions The FedRAMP Moderate Control Set and NERC CIP standards also include information Microsoft 365 allows sensitive data to be identified and protected within the organization through a combination of powerful capabilities, including: -- Microsoft Information Protection (MIP) for both user-based classification and automated classification of sensitive data +- Microsoft Purview Information Protection for both user-based classification and automated classification of sensitive data -- Office 365 Data Loss Prevention (DLP) for automated identification of sensitive data using sensitive data types (i.e. regular expressions) and keywords, and policy enforcement +- Microsoft Purview Data Loss Prevention (DLP) for automated identification of sensitive data using sensitive data types (i.e. regular expressions) and keywords, and policy enforcement -Microsoft Information Protection (MIP) allows employees to classify documents and emails with sensitivity labels. Sensitivity labels can be applied manually by users to documents within the Microsoft Office apps and to emails within Microsoft Outlook. Sensitivity labels can automatically apply document markings, protection through encryption, and enforce rights management. Sensitivity labels can also be applied automatically by configuring policies which use keywords and sensitive data types (credit card numbers, social security numbers, identity numbers, etc.). +Microsoft Purview Information Protection allows employees to classify documents and emails with sensitivity labels. Sensitivity labels can be applied manually by users to documents within the Microsoft Office apps and to emails within Microsoft Outlook. Sensitivity labels can automatically apply document markings, protection through encryption, and enforce rights management. Sensitivity labels can also be applied automatically by configuring policies which use keywords and sensitive data types (credit card numbers, social security numbers, identity numbers, etc.). Microsoft also provides trainable classifiers. These use machine learning models to identify sensitive data based on what the content is, as opposed to simply through pattern matching or by the elements within the content. A classifier learns how to identify a type of content by looking at many examples of the content to be classified. Training a classifier begins by providing it with examples of content within a particular category. Once it processes the examples, the model is tested by providing it with a mix of both matching and non-matching examples. The classifier then predicts whether a given example falls into the category or not. A person then confirms the results, sorting the positives, negatives, false positives, and false negatives to help increase the accuracy of the classifier's predictions. When the trained classifier is published, it processes and automatically classifies content in SharePoint Online, Exchange Online, and OneDrive for Business. Applying sensitivity labels to documents and emails embeds metadata within the object which identifies the chosen sensitivity, thereby allowing the sensitivity to travel with the data. As a result, even if a labeled document is stored on a user's desktop or within an on-premise system, it is still protected. This enables other Microsoft 365 solutions, such as Microsoft Defender for Cloud Apps or network edge devices, to identify sensitive data and automatically enforce security controls. Sensitivity labels have the added benefit of educating employees about which data within an organization is considered sensitive and how to handle that data. -Office 365 Data Loss Prevention (DLP) automatically identifies documents, emails, and conversations that contain sensitive data. It does this by scanning these for sensitive data types and then enforcing policy on those objects. Policies are enforced on documents within SharePoint and OneDrive for Business. Policies are also enforced when users send email and in Microsoft Teams within chat and channel conversations. Policies may be configured to look for keywords, sensitive data types, retention labels, and whether data is shared within the organization or externally. Controls are provided to help organizations fine-tune DLP policies to better avoid false positives. When sensitive data is found, customizable policy tips can be displayed to users within Microsoft 365 applications. Policy tips inform users that their content contains sensitive data and can propose corrective actions. Policies can also prevent users from accessing documents, sharing documents, or sending emails that contain certain types of sensitive data. Microsoft 365 supports over 100 built-in sensitive data types. Organizations can configure custom sensitive data types to meet their policies. +Microsoft Purview Data Loss Prevention (DLP) automatically identifies documents, emails, and conversations that contain sensitive data. It does this by scanning these for sensitive data types and then enforcing policy on those objects. Policies are enforced on documents within SharePoint and OneDrive for Business. Policies are also enforced when users send email and in Microsoft Teams within chat and channel conversations. Policies may be configured to look for keywords, sensitive data types, retention labels, and whether data is shared within the organization or externally. Controls are provided to help organizations fine-tune DLP policies to better avoid false positives. When sensitive data is found, customizable policy tips can be displayed to users within Microsoft 365 applications. Policy tips inform users that their content contains sensitive data and can propose corrective actions. Policies can also prevent users from accessing documents, sharing documents, or sending emails that contain certain types of sensitive data. Microsoft 365 supports over 100 built-in sensitive data types. Organizations can configure custom sensitive data types to meet their policies. -Rolling out MIP and DLP policies to organizations requires careful planning. It also requires user education so employees understand the organization's data classification schema and which types of data are sensitive. Providing employees with tools and education programs that help them identify sensitive data and help them understand how to handle it makes them part of the solution for mitigating information security risks. +Rolling out Microsoft Purview Information Protection and DLP policies to organizations requires careful planning. It also requires user education so employees understand the organization's data classification schema and which types of data are sensitive. Providing employees with tools and education programs that help them identify sensitive data and help them understand how to handle it makes them part of the solution for mitigating information security risks. ## Govern Data by Effectively Managing Records Regulations require many organizations to manage the retention of key organizational documents according to a managed corporate retention schedule. Organizations face regulatory compliance risks if data is under-retained (deleted too early), or legal risks if data is over-retained (kept too long). Effective records management strategies help ensure that organization documents are retained according to predetermined retention periods which are designed to minimize risk to the organization. Retention periods are prescribed in a centrally managed organizational record retention schedule. Retention periods are based on the nature of each type of document, the regulatory compliance requirements for retaining specific types of data, and the defined policies of the organization. Retention labels are then published to SharePoint or OneDrive sites, Exchange ma The FedRAMP Moderate Control Set and NERC CIP standards also include Asset Reuse and Disposal as a key control requirement (CIP-011-2). These requirements once again specifically address BES (Bulk Electric System) Cyber System Information. However, other jurisdictional regulations will require energy industry organizations to manage and dispose of records effectively for many types of information. This information includes financial statements, capital project information, budgets, customer data, etc. In all cases, energy organizations are required to maintain robust records management programs and evidence related to the defensible disposition of corporate records. -With each retention label, Office 365 allows record managers to determine if a disposition review is required. Then when those record types come up for disposition, after their retention period has expired, a review must be conducted by the designated disposition reviewers before content is deleted. Once the disposition review is approved, content deletion will proceed. However, evidence of the deletion (the user that performed the deletion and date/time in which it occurred) is still retained for multiple years as a certificate of destruction. If organizations require longer or permanent retention of certificates of destruction, Microsoft Sentinel may be used for long-term cloud-based storage of log and audit data. Microsoft Sentinel gives organizations full control over the long-term storage and retention of activity data, log data, and retention/disposition data. +With each retention label, Microsoft 365 allows record managers to determine if a disposition review is required. Then when those record types come up for disposition, after their retention period has expired, a review must be conducted by the designated disposition reviewers before content is deleted. Once the disposition review is approved, content deletion will proceed. However, evidence of the deletion (the user that performed the deletion and date/time in which it occurred) is still retained for multiple years as a certificate of destruction. If organizations require longer or permanent retention of certificates of destruction, Microsoft Sentinel may be used for long-term cloud-based storage of log and audit data. Microsoft Sentinel gives organizations full control over the long-term storage and retention of activity data, log data, and retention/disposition data. ## Comply with FERC and FTC Regulations for Energy Markets The U.S. Federal Energy Regulatory Commission (FERC) oversees [regulations related to energy markets and trading for the electric energy and natural gas markets](https://www.ferc.gov). The U.S. Federal Trade Commission (FTC) oversees similar [regulations in the petroleum market](https://www.ftc.gov/sites/default/files/documents/rules/prohibition-energy-market-manipulation-rule/091113mmrguide.pdf). In both cases these regulatory bodies set out rules and guidance to prohibit the manipulation of energy markets. FERC, for example, recommends that energy organizations invest in technology resources to monitor trading, trader communications, and compliance with internal controls. Regulators also recommend that energy organizations evaluate, on a regular basis, the ongoing effectiveness of the organization's compliance program.
solutions	Financial Services Secure Collaboration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/financial-services-secure-collaboration.md	The following downloadable illustrations supplement this article. Woodgrove Bank \| Item \| Description \| \|:--\|:--\| -\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/>English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx)<br/> Updated November 2020\|Includes: <ul><li> Microsoft information protection and data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| +\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/>English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx)<br/> Updated November 2020\|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| ## Empower organizational and employee productivity by using Microsoft 365 and Teams Identity Protection helps organizations automatically protect against identity c ## Identify sensitive data and prevent data loss Microsoft 365 allows all organizations to identify sensitive data within the organization through a combination of powerful capabilities, including: -* Microsoft Information Protection (MIP) for both user-based classification and automated classification of sensitive data. -* Office 365 Data Loss Prevention (DLP) for automated identification of sensitive data using sensitive data types (in other words, regular expressions) and keywords and policy enforcement. +* Microsoft Purview Information Protection for both user-based classification and automated classification of sensitive data. +* Microsoft Purview Data Loss Prevention (DLP) for automated identification of sensitive data using sensitive data types (in other words, regular expressions) and keywords and policy enforcement. -[Microsoft Information Protection (MIP)](../compliance/information-protection.md) enables organizations to classify documents and emails intelligently by using sensitivity labels. Sensitivity labels can be applied manually by users to documents in Microsoft Office applications and to emails in Outlook. The labels can automatically apply document markings, protection through encryption, and rights-management enforcement. Sensitivity labels can also be applied automatically by configuring policies that use keywords and sensitive data types (such as credit card numbers, social insurance numbers, and identity numbers) to automatically find and classify sensitive data. +[Microsoft Purview Information Protection](../compliance/information-protection.md) enables organizations to classify documents and emails intelligently by using sensitivity labels. Sensitivity labels can be applied manually by users to documents in Microsoft Office applications and to emails in Outlook. The labels can automatically apply document markings, protection through encryption, and rights-management enforcement. Sensitivity labels can also be applied automatically by configuring policies that use keywords and sensitive data types (such as credit card numbers, social insurance numbers, and identity numbers) to automatically find and classify sensitive data. In addition, Microsoft provides "trainable classifiers" that use machine learning models to identify sensitive data based on the content, as opposed to simply through pattern matching or by the elements within the content. A classifier learns how to identify a type of content by looking at numerous examples of the content to be classified. Training a classifier begins by giving it examples of content in a particular category. After it learns from those examples, the model is tested by giving it a mix of matching and non-matching examples. The classifier predicts whether a given example falls into the category or not. A person then confirms the results, sorting the positives, negatives, false positives, and false negatives to help increase the accuracy of the classifier's predictions. When the trained classifier is published, it processes content in Microsoft SharePoint Online, Exchange Online, and OneDrive for Business and automatically classifies the content. Applying sensitivity labels to documents and emails embeds metadata that identifies the chosen sensitivity within the object. The sensitivity then travels with the data. So even if a labeled document is stored on a user's desktop or within an on-premises system, it's still protected. This functionality enables other Microsoft 365 solutions, such as Microsoft Defender for Cloud Apps or network edge devices, to identify sensitive data and automatically enforce security controls. Sensitivity labels have the added benefit of educating employees about which data within an organization is considered sensitive and how to handle that data when they receive it. -[Office 365 Data Loss Prevention (DLP)](../compliance/dlp-learn-about-dlp.md) automatically identifies documents, emails, and conversations that contain sensitive data by scanning them for sensitive data and then enforcing policy on those objects. Policies are enforced on documents in SharePoint and OneDrive for Business. They're also enforced when users send email, and in Teams chats and channel conversations. Policies can be configured to look for keywords, sensitive data types, retention labels, and whether data is shared within the organization or externally. Controls are provided to help organizations fine-tune DLP policies to reduce false positives. When sensitive data is found, customizable policy tips can be displayed to users within Microsoft 365 applications to inform them that their content contains sensitive data and then propose corrective actions. Policies can also prevent users from accessing documents, sharing documents, or sending emails that contain certain types of sensitive data. Microsoft 365 supports more than 100 built-in sensitive data types. Organizations can configure custom sensitive data types to meet their policies. +[Microsoft Purview Data Loss Prevention (DLP)](../compliance/dlp-learn-about-dlp.md) automatically identifies documents, emails, and conversations that contain sensitive data by scanning them for sensitive data and then enforcing policy on those objects. Policies are enforced on documents in SharePoint and OneDrive for Business. They're also enforced when users send email, and in Teams chats and channel conversations. Policies can be configured to look for keywords, sensitive data types, retention labels, and whether data is shared within the organization or externally. Controls are provided to help organizations fine-tune DLP policies to reduce false positives. When sensitive data is found, customizable policy tips can be displayed to users within Microsoft 365 applications to inform them that their content contains sensitive data and then propose corrective actions. Policies can also prevent users from accessing documents, sharing documents, or sending emails that contain certain types of sensitive data. Microsoft 365 supports more than 100 built-in sensitive data types. Organizations can configure custom sensitive data types to meet their policies. -Rolling out MIP and DLP policies to organizations requires careful planning and a user education program so that employees understand the organization's data classification schema and which types of data are considered sensitive. Providing employees with tools and educational programs that help them identify sensitive data and understand how to handle it makes them part of the solution for mitigating information security risks. +Rolling out Microsoft Purview Information Protection and DLP policies to organizations requires careful planning and a user education program so that employees understand the organization's data classification schema and which types of data are considered sensitive. Providing employees with tools and educational programs that help them identify sensitive data and understand how to handle it makes them part of the solution for mitigating information security risks. The signals generated by and fed to Identity Protection can also be fed into tools like Conditional Access to make access decisions or to a security information and event management (SIEM) tool for investigation based on an organization's enforced policies. To help financial institutions meet the requirements of SEC rule 17a-4, Microsof - Users can be added to the policy, but existing users configured in the policy can't be removed. - The retention policy can't be deleted by any administrator within the organization. - Preservation Lock helps ensure that no user, not even administrators with the highest levels of privileged access, can change the settings, modify, overwrite or delete the data that has been stored, bringing archiving in Office 365 in line with the guidance provided in the SEC 2003 Release. + Preservation Lock helps ensure that no user, not even administrators with the highest levels of privileged access, can change the settings, modify, overwrite or delete the data that has been stored, bringing archiving in Microsoft 365 in line with the guidance provided in the SEC 2003 Release. * Quality, accuracy, and verification of storage/serialization and indexing of data (Rule 17a-4(f)(2) (ii)(B) and (C)) ΓÇô Office 365 workloads each contain capabilities for automatically verifying the quality and accuracy of the process for recording data on storage media. In addition, data is stored by utilizing metadata and timestamps to ensure sufficient indexing to allow for effective searching and retrieval of data. To help financial institutions meet the requirements of SEC rule 17a-4, Microsof * Audit requirements (Rule 17a-4(f)(3)(v)) ΓÇô Office 365 provides audit logging for every administrative and user action that modifies data objects, configures or modifies retention policies, performs eDiscovery searches, or modifies access permissions. Office 365 maintains a comprehensive audit trail, including data about who performed an action, when it was performed, details about the action, and the commands that were performed. The audit log can then be output and included as part of formal audit processes as required. -Finally, Rule 17a-4 requires organizations to retain records for many types of transactions so that they're immediately accessible for two years. Records must be further retained for three to six years with non-immediate access. Duplicate records must also be kept for the same period at an off-site location. Office 365 records-management capabilities enable records to be retained such that they can't be modified or deleted but can be easily accessed for a time period that's controlled by the record manager. These periods can span days, months, or years, depending on the organization's regulatory-compliance obligations. +Finally, Rule 17a-4 requires organizations to retain records for many types of transactions so that they're immediately accessible for two years. Records must be further retained for three to six years with non-immediate access. Duplicate records must also be kept for the same period at an off-site location. Microsoft 365 records-management capabilities enable records to be retained such that they can't be modified or deleted but can be easily accessed for a time period that's controlled by the record manager. These periods can span days, months, or years, depending on the organization's regulatory-compliance obligations. Upon request, Microsoft will provide an attestation letter of compliance with SEC 17a-4 if required by an organization. Ultimately, these rules require organizations to establish policies and implemen [Information barriers](../compliance/information-barriers.md) provides the ability to establish ethical walls within your Office 365 environment, allowing compliance administrators or other authorized administrators to define policies that allow or prevent communications between groups of users in Teams. Information barriers perform checks on specific actions to prevent unauthorized communication. Information barriers can also restrict communication in scenarios where internal teams are working on mergers/acquisitions or sensitive deals, or working with sensitive internal information that must be heavily restricted. -Information barriers in Microsoft 365 support conversations and files in Teams. They can prevent the following types of communications-related actions to help comply with FINRA regulations: +Information barriers support conversations and files in Teams. They can prevent the following types of communications-related actions to help comply with FINRA regulations: * Search for a user * Add a member to a team, or continue to participate with another member in a team Financial institutions are typically required to establish and maintain a superv ### Communication compliance -Communication compliance in Microsoft 365 enables organizations to pre-configure policies to capture employee communications for monitoring and review by authorized supervisors. Policies in communication compliance can capture internal/external email and attachments, Teams chat and channel communications, and Skype for Business Online chat communications and attachments. In addition, communication compliance can ingest communications and data from third-party services (such as Bloomberg, Thomson Reuters, LinkedIn, Twitter, Facebook, Box, and Dropbox). +Communication compliance enables organizations to pre-configure policies to capture employee communications for monitoring and review by authorized supervisors. Policies in communication compliance can capture internal/external email and attachments, Teams chat and channel communications, and Skype for Business Online chat communications and attachments. In addition, communication compliance can ingest communications and data from third-party services (such as Bloomberg, Thomson Reuters, LinkedIn, Twitter, Facebook, Box, and Dropbox). The comprehensive nature of communications that can be captured and reviewed within an organization, and the extensive conditions with which policies may be configured, allow communication compliance policies to help financial institutions comply with FINRA Rule 3110. Policies may be configured to review communications for individuals or groups. Designated supervisors can be assigned at an individual or group level. Comprehensive conditions can be configured to capture communications based on inbound or outbound messages, domains, retention labels, keywords or phrases, keyword dictionaries, sensitive data types, attachments, message size, or attachment size. Reviewers get a dashboard in which they can review flagged communications, act on communications that potentially violate policies, and mark flagged items as resolved. They can also review the results of reviews and items that were previously resolved. -Communication compliance provides reports that enable policy review activities to be audited based on the policy and the reviewer. Reports are available to validate that policies are working as defined by an organization's written supervision policies. They can also be used to identify communications that require review and those that are not compliant with corporate policy. Finally, all activities related to configuring policies and reviewing communications are audited in the Office 365 unified audit log. As a result, communication compliance in Microsoft 365 also helps financial institutions to comply with FINRA Rule 3120. +Communication compliance provides reports that enable policy review activities to be audited based on the policy and the reviewer. Reports are available to validate that policies are working as defined by an organization's written supervision policies. They can also be used to identify communications that require review and those that are not compliant with corporate policy. Finally, all activities related to configuring policies and reviewing communications are audited in the Office 365 unified audit log. As a result, communication compliance also helps financial institutions to comply with FINRA Rule 3120. In addition to complying with FINRA rules, communication compliance allows organizations to monitor communications for compliance with other legal requirements, corporate policies, and ethical standards. Communication compliance provides built-in threat, harassment, and profanity classifiers that help reduce false positives when reviewing communications, saving reviewers time during the investigation and remediation process. It also allows organizations to reduce risk by monitoring communications when they undergo sensitive changes, such as mergers and acquisitions or leadership changes. Enabling employees with online collaboration tools that can be accessed anywhere Microsoft 365 recently launched an insider risk management solution that correlates signals across Microsoft 365 services and uses machine learning models to analyze user behavior for hidden patterns and signs of insider risk. This tool enables collaboration between security operations, internal investigators, and HR so that they can easily remediate cases based on predetermined workflows. -For example, insider risk management in Microsoft 365 can correlate signals from a user's Windows 10 desktop, such as copying files to a USB drive or emailing a personal email account, with activities from online services such as Office 365 email, SharePoint Online, Microsoft Teams, or OneDrive for Business, to identify data exfiltration patterns. It can also correlate these activities with employees leaving an organization, which is a common data exfiltration pattern. It can monitor multiple activities and behavior over time. When common patterns emerge, it can raise alerts and help investigators focus on key activities to verify a policy violation with a high degree of confidence. Insider risk management can pseudo-anonymize data from investigators to help meet data privacy regulations, while still surfacing key activities that help them perform investigations efficiently. It allows investigators to package and securely send key activity data to the HR and legal departments, following common escalation workflows for raising cases for remediation action. +For example, insider risk management can correlate signals from a user's Windows 10 desktop, such as copying files to a USB drive or emailing a personal email account, with activities from online services such as Office 365 email, SharePoint Online, Microsoft Teams, or OneDrive for Business, to identify data exfiltration patterns. It can also correlate these activities with employees leaving an organization, which is a common data exfiltration pattern. It can monitor multiple activities and behavior over time. When common patterns emerge, it can raise alerts and help investigators focus on key activities to verify a policy violation with a high degree of confidence. Insider risk management can pseudo-anonymize data from investigators to help meet data privacy regulations, while still surfacing key activities that help them perform investigations efficiently. It allows investigators to package and securely send key activity data to the HR and legal departments, following common escalation workflows for raising cases for remediation action. -Insider risk management in Microsoft 365 significantly increases capabilities of organizations to monitor and investigate insider risks while allowing organizations to still meet data privacy regulations and follow established escalation paths when cases require higher-level action. For more information about insider risk management in Microsoft 365, see [Modern risk pain points and Workflow in Insider risk management in Microsoft 365](../compliance/insider-risk-management.md). +Insider risk management significantly increases capabilities of organizations to monitor and investigate insider risks while allowing organizations to still meet data privacy regulations and follow established escalation paths when cases require higher-level action. For more information about insider risk management, see [Modern risk pain points and Workflow in Insider risk management](../compliance/insider-risk-management.md). ![A call center worker in in a cubicle types while viewing a screen.](../media/clo17-call-center-006.jpg) - + ### Tenant restrictions+ Organizations that deal with sensitive data and put a strict emphasis on security typically want to control the online resources that users can access. At the same time, they want to enable secure collaboration through online services such as Office 365. As a result, controlling the Office 365 environments that users can access becomes a challenge because noncorporate Office 365 environments can be used to exfiltrate data from corporate devices either maliciously or inadvertently. Traditionally, organizations restrict the domains or IP addresses that users can access from corporate devices. But this doesn't work in a cloud-first world, where users need to legitimately access Office 365 services. Microsoft 365 provides the tenant [restrictions](/azure/active-directory/manage-apps/tenant-restrictions) the capability to address this challenge. Tenant restrictions can be configured to restrict employee access to external Office 365 enterprise tenants using rogue identities (identities that aren't part of your corporate directory). Today, tenant restrictions apply across the tenant, allowing access to only those tenants that appear on the list that you configure. Microsoft is continuing to develop this solution to increase granularity of control and enhance the protections it provides. ![GRAPHIC.](../media/clo1717-corporate-office-001.jpg) - + ## Conclusion Microsoft 365 and Teams provide an integrated and comprehensive solution for financial services companies, enabling simple yet powerful cloud-based collaboration and communications capabilities across the enterprise. By using security and compliance technologies from Microsoft 365, institutions can operate in a more secure and compliant manner with robust security controls to protect data, identities, devices, and applications from various operational risks, including cybersecurity and insider risks. Microsoft 365 provides a fundamentally secure platform on which financial services organizations can achieve more while protecting their company, employees, and customers.
solutions	Groups Teams Communication Governance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/groups-teams-communication-governance.md	The following table provides a quick reference for the communications controls a \|\|Manage what meeting participants can do.\|[Manage meeting policies in Teams](/microsoftteams/meeting-policies-in-teams)\| \|\|Allow or prevent anonymous users joining meetings.\|[Allow anonymous users to join meetings](/microsoftteams/meeting-settings-in-teams#allow-anonymous-users-to-join-meetings)\| \|Communication compliance\|\|\| -\|\|Surface and respond to careless and negligent communication\|[Communication compliance in Microsoft 365](../compliance/communication-compliance.md)\| +\|\|Surface and respond to careless and negligent communication\|[Communication compliance](../compliance/communication-compliance.md)\| ## Messaging You can control anonymous join for Teams meetings which allows anyone with a lin ## Communication compliance -Communication compliance in Microsoft 365 allows you to examine communications for offensive language, sensitive information, and information related to internal and regulatory standards. Chat communications, mailboxes, and Yammer messages can all be monitored, generating alerts. With administration tools, you can quickly identify and take action on messages with policy matches. +Communication compliance allows you to examine communications for offensive language, sensitive information, and information related to internal and regulatory standards. Chat communications, mailboxes, and Yammer messages can all be monitored, generating alerts. With administration tools, you can quickly identify and take action on messages with policy matches. -[Communication compliance in Microsoft 365](../compliance/communication-compliance.md) +[Learn about communication compliance](../compliance/communication-compliance.md) ## Related topics
solutions	Groups Teams Compliance Governance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/groups-teams-compliance-governance.md	The following table provides a quick reference for the compliance controls avail \|\|Automatically classify sensitive content\|[Apply a sensitivity label to content automatically](../compliance/apply-sensitivity-label-automatically.md)\| \|\|Encrypt sensitive content\|[Restrict access to content by using sensitivity labels to apply encryption](../compliance/encryption-sensitivity-labels.md)\| \|Information protection\|\|\| -\|\|Prevent the loss of sensitive information\|[Learn about data loss prevention](../compliance/dlp-learn-about-dlp.md)\| -\|\|Protect sensitive information in chat.\|[Data loss prevention and Microsoft Teams](../compliance/dlp-microsoft-teams.md)\| +\|\|Prevent the loss of sensitive information\|[Learn about Microsoft Purview Data Loss Prevention](../compliance/dlp-learn-about-dlp.md)\| +\|\|Protect sensitive information in chat.\|[Microsoft Purview Data loss prevention and Microsoft Teams](../compliance/dlp-microsoft-teams.md)\| \|\|Define your organization's sensitive information\|[Custom sensitive information types](../compliance/sensitive-information-type-learn-about.md)\| \|User segmentation\|\|\| \|\|Restrict communication between user segments\|[Information barriers](../compliance/information-barriers.md)\|
solutions	Identity Design Principles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/identity-design-principles.md	I'm a Principal Technical Architect at the New York [Microsoft Technology Center I typically work with 100+ customers each year. While every organization has unique characteristics, it's interesting to see trends and commonalities. For example, one trend is cross-industry interest for many customers. After all, a bank branch can also be a coffee shop and a community center. -In my role, I focus on helping customers arrive at the best technical solution to address their unique set of business goals. Officially, I focus on Identity, Security, Privacy, and Compliance. I love the fact that these touch everything we do. It gives me an opportunity to be involved with most projects. This keeps me quite busy and enjoying this role. +In my role, I focus on helping customers arrive at the best technical solution to address their unique set of business goals. Officially, I focus on Identity, Security, Privacy, and Compliance. I love the fact that these touch everything we do. It gives me an opportunity to be involved with most projects. This keeps me busy and enjoying this role. I live in New York City (the best!) and really enjoy the diversity of its culture, food, and people (not traffic). I love to travel when I can and hope to see most of the world in my lifetime. I'm currently researching a trip to Africa to learn about wildlife. I live in New York City (the best!) and really enjoy the diversity of its cultur - Simple is often better: You can do (almost) anything with technology, but it doesn't mean you should. Especially in the security space, many customers overengineer solutions. I like [this video](https://www.youtube.com/watch?v=SOQgABDSYZE) from GoogleΓÇÖs Stripe conference to underscore this point. - People, process, technology: [Design for people](https://en.wikipedia.org/wiki/Human-centered_design) to enhance process, not tech first. There are no "perfect" solutions. We need to balance various risk factors and decisions will be different for each business. Too many customers design an approach that their users later avoid. - Focus on 'why' first and 'how' later: Be the annoying 7-yr old kid with a million questions. We can't arrive at the right answer if we don't know the right questions to ask. Lots of customers make assumptions on how things need to work instead of defining the business problem. There are always multiple paths that can be taken.-- Long tail of past best practices: Recognize that best practices are changing at light speed. If you've looked at Azure AD more than three month ago, you are likely out of date. Everything here is subject to change after publication. ΓÇ£BestΓÇ¥ option today may not be the same six months from now. +- Long tail of past best practices: Recognize that best practices are changing at light speed. If you've looked at Azure AD more than three months ago, you're likely out of date. Everything here's subject to change after publication. ΓÇ£BestΓÇ¥ option today may not be the same six months from now. ## Baseline concepts -Don't skip this section. I often find that I must step-back to these topics, even for customers who have been using cloud services for years. -Alas, language isn't a precise tool. We quite often use the same word to mean different concepts or different words to mean the same concept. I often use this diagram below to establish some baseline terminology and "hierarchy model." +Don't skip this section. I often find that I must step-back to these articles, even for customers who have been using cloud services for years. +Alas, language isn't a precise tool. We often use the same word to mean different concepts or different words to mean the same concept. I often use this diagram below to establish some baseline terminology and "hierarchy model." <br><br> ![Illustration of tenant, subscription, service, and data.](../media/solutions-architecture-center/Identity-and-beyond-tenant-level.png) In the diagram: - Tenant = an instance of Azure AD. It is at the "top" of a hierarchy, or Level 1 in the diagram. We can consider this to be the "[boundary](/azure/active-directory/users-groups-roles/licensing-directory-independence)" where everything else occurs ([Azure AD B2B](/azure/active-directory/b2b/what-is-b2b) aside). All Microsoft enterprise cloud services are part of one of these tenants. Consumer services are separate. "Tenant" appears in documentation as Office 365 tenant, Azure tenant, WVD tenant, and so on. I often find these variations cause confusion for customers. - Services/subscriptions, Level 2 in the diagram, belong to one and only one tenant. Most SaaS services are 1:1 and can't move without migration. Azure is different, you can [move billing](/azure/cost-management-billing/manage/billing-subscription-transfer) and/or a [subscription](/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory) to another tenant. There are many customers that need to move Azure subscriptions. This has various implications. Objects that exist outside of the subscription do not move (for example, role-based access control, or Azure RBAC, and Azure AD objects including groups, apps, policies, and so on). Also, some services (such as Azure Key Vault, Data Bricks, and so on). Don't migrate services without a good business need. Some scripts that can be helpful for migration are [shared on GitHub](https://github.com/lwajswaj/azure-tenant-migration).-- A given service usually has some sort of "sublevel" boundary, or Level 3 (L3). This is useful to understand for segregation of security, policies, governance, and so on. Unfortunately, there is no uniform name that I know of. Some examples names for L3 are: Azure Subscription = [resource](/azure/azure-resource-manager/management/manage-resources-portal); Dynamics 365 CE = [instance](/dynamics365/admin/new-instance-management); Power BI = [workspace](/power-bi/service-create-the-new-workspaces); Power Apps = [environment](/power-platform/admin/environments-overview); and so on.-- Level 4 is where the actual data lives. This 'data plane' is a complex topic. Some services are using Azure AD for RBAC, others are not. I'll discuss it a bit when we get to delegation topics. +- A given service usually has some sort of "sublevel" boundary, or Level 3 (L3). This is useful to understand for segregation of security, policies, governance, and so on. Unfortunately, there's no uniform name that I know of. Some examples names for L3 are: Azure Subscription = [resource](/azure/azure-resource-manager/management/manage-resources-portal); Dynamics 365 CE = [instance](/dynamics365/admin/new-instance-management); Power BI = [workspace](/power-bi/service-create-the-new-workspaces); Power Apps = [environment](/power-platform/admin/environments-overview); and so on. +- Level 4 is where the actual data lives. This 'data plane' is a complex article. Some services are using Azure AD for RBAC, others aren't. I'll discuss it a bit when we get to delegation articles. Some additional concepts that I find many customers (and Microsoft employees) are confused about or have questions about include the following: -- Anyone can [create](/azure/active-directory/fundamentals/active-directory-access-create-new-tenant) many tenants at [no cost](https://azure.microsoft.com/pricing/details/active-directory/). You do not need a service provisioned within it. I have dozens. Each Tenant name is unique in Microsoft's worldwide cloud service (in other words, no two tenants can have the same name). They all are in the format of TenantName.onmicrosoft.com. There are also processes that create Tenants automatically ([unmanaged tenants](/azure/active-directory/users-groups-roles/directory-self-service-signup)). For example, this can occur when a user signs up for an enterprise service with an email domain that does not exist in any other tenant.-- In a managed tenant, many [DNS domains](/azure/active-directory/fundamentals/add-custom-domain) can be registered in it. This doesn't change the original tenant name. There is currently no easy way to rename a tenant (other than migration). Although the tenant name is technically not critical these days, some may find this to be limiting.-- You should reserve a tenant name for your organization even if you are not yet planning to deploy any services. Otherwise somebody can take it from you and there is no simple process to take it back (same problem as DNS names). I hear this way too often from customers. What your tenant name should be is a debate topic as well. +- Anyone can [create](/azure/active-directory/fundamentals/active-directory-access-create-new-tenant) many tenants at [no cost](https://azure.microsoft.com/pricing/details/active-directory/). You don't need a service provisioned within it. I have dozens. Each Tenant name is unique in Microsoft's worldwide cloud service (in other words, no two tenants can have the same name). They all are in the format of TenantName.onmicrosoft.com. There are also processes that create Tenants automatically ([unmanaged tenants](/azure/active-directory/users-groups-roles/directory-self-service-signup)). For example, this can occur when a user signs up for an enterprise service with an email domain that doesn't exist in any other tenant. +- In a managed tenant, many [DNS domains](/azure/active-directory/fundamentals/add-custom-domain) can be registered in it. This doesn't change the original tenant name. There's currently no easy way to rename a tenant (other than migration). Although the tenant name is technically not critical these days, some may find this to be limiting. +- You should reserve a tenant name for your organization even if you aren't yet planning to deploy any services. Otherwise somebody can take it from you and there's no simple process to take it back (same problem as DNS names). I hear this way too often from customers. What your tenant name should be is a debate article as well. - If you own DNS namespace(s), you should add all of these to your tenant(s). Otherwise one could create an [unmanaged tenant](/azure/active-directory/users-groups-roles/directory-self-service-signup) with this name, which then causes disruption to [make it managed](/azure/active-directory/users-groups-roles/domains-admin-takeover).-- DNS namespace (such as contoso.com) can belong to one and only one Tenant. This has implications for various scenarios (for example, sharing an email domain during a merger or acquisition, and so on). There is a way to register a DNS sub (such as div.contoso.com) in a different tenant, but that should be avoided. By registering a top-level domain name, all subdomains are assumed to belong to the same tenant. In multi-tenant scenarios (see below) I would normally recommend using another top-level domain name (such as contoso.ch or ch-contoso.com). +- DNS namespace (such as contoso.com) can belong to one and only one Tenant. This has implications for various scenarios (for example, sharing an email domain during a merger or acquisition, and so on). There's a way to register a DNS sub (such as div.contoso.com) in a different tenant, but that should be avoided. By registering a top-level domain name, all subdomains are assumed to belong to the same tenant. In multi-tenant scenarios (see below) I would normally recommend using another top-level domain name (such as contoso.ch or ch-contoso.com). - Who should "own" a tenant? I often see customers that do not know who currently owns their tenant. This is a big red flag. Call Microsoft support ASAP. Just as problematic is when a service owner (often an Exchange administrator) is designated to manage a tenant. The tenant will contain all services that you may want in the future. The tenant owner should be a group that can make decision for enablement of all cloud services in an organization. Another problem is when a tenant owner group is asked to manage all services. This doesn't scale for large organizations.-- There is no concept of a sub/super tenant. For some reason, this myth keeps repeating itself. This applies to [Azure AD B2C](/azure/active-directory-b2c/) tenants as well. I hear too many times, "My B2C environment is in my XYZ Tenant," or "How do I move my Azure tenant into my Office 365 tenant?" +- There's no concept of a sub/super tenant. For some reason, this myth keeps repeating itself. This applies to [Azure AD B2C](/azure/active-directory-b2c/) tenants as well. I hear too many times, "My B2C environment is in my XYZ Tenant," or "How do I move my Azure tenant into my Office 365 tenant?" - This document mostly focuses on the commercial worldwide cloud as this is what most customers are using. It sometimes useful to know about [sovereign clouds](/azure/active-directory/develop/authentication-national-cloud). Sovereign clouds have additional implications to discuss which are out of scope for this discussion. -## Baseline identity topics +## Baseline identity articles -There is much documentation about Microsoft's identity platform ΓÇô Azure Active Directory (Azure AD). For those who are just starting, it often feels overwhelming. Even after you learn about it, keeping up with constant innovation and change can be challenging. In my customer interactions I often find myself serving as "translator" between business goals and "Good, Better, Best" approaches to address these (and human "cliff notes" for these topics). There's rarely a perfect answer and the "right" decision is a balance of various risk factors. Below are some of the common questions and confusion areas I tend to discuss with customers. +There's much documentation about Microsoft's identity platform ΓÇô Azure Active Directory (Azure AD). For those who are just starting, it often feels overwhelming. Even after you learn about it, keeping up with constant innovation and change can be challenging. In my customer interactions I often find myself serving as "translator" between business goals and "Good, Better, Best" approaches to address these (and human "cliff notes" for these articles). There's rarely a perfect answer and the "right" decision is a balance of various risk factors. Below are some of the common questions and confusion areas I tend to discuss with customers. ### Provisioning -Azure AD does not solve for lack of governance in your identity world! [Identity governance](/azure/active-directory/governance/identity-governance-overview) should be a critical element independent of any cloud decisions. Governance requirements change over time, which is why it is a program and not a tool. +Azure AD doesn't solve for lack of governance in your identity world! [Identity governance](/azure/active-directory/governance/identity-governance-overview) should be a critical element independent of any cloud decisions. Governance requirements change over time, which is why it is a program and not a tool. [Azure AD Connect](/azure/active-directory/hybrid/whatis-azure-ad-connect) vs. [Microsoft Identity Manager](/microsoft-identity-manager/microsoft-identity-manager-2016) (MIM) vs. something else (third party or custom)? Save yourself a lot of headache now and in the future and go with Azure AD Connect. There are all kinds of smarts in this tool to address peculiar customer configurations and ongoing innovations. Some edge cases that may drive towards a more complex architecture: -- I have multiple AD forests without network connectivity between these. There is a new option called [Cloud Provisioning](/azure/active-directory/cloud-provisioning/what-is-cloud-provisioning). +- I have multiple AD forests without network connectivity between these. There's a new option called [Cloud Provisioning](/azure/active-directory/cloud-provisioning/what-is-cloud-provisioning). - I don't have Active Directory, nor do I want to install it. Azure AD Connect can be configures to [sync from LDAP](/azure/active-directory/hybrid/plan-hybrid-identity-design-considerations-tools-comparison) (partner may be required). - I need to provision the same objects to multiple tenants. This isn't technically supported but depends on definition of "same." XYZ SaaS supports Just-in-Time (JIT) provisioning, why are you requiring me to s [Password hash sync](/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization) (PHS) vs. [pass-through authentication](/azure/active-directory/hybrid/how-to-connect-pta-how-it-works) (PTA) vs. [federation](/azure/active-directory/hybrid/how-to-connect-fed-compatibility). -Usually there is a passionate [debate](/azure/active-directory/hybrid/choose-ad-authn) around federation. Simpler is usually better and therefore use PHS unless you have a good reason not to. It is also possible to configure different authentication methods for different DNS domains in the same tenant. +Usually there's a passionate [debate](/azure/active-directory/hybrid/choose-ad-authn) around federation. Simpler is usually better and therefore use PHS unless you have a good reason not to. It's also possible to configure different authentication methods for different DNS domains in the same tenant. Some customers enable federation + PHS mainly for: I often walk customers through client authentication flow to clarify some miscon This type of whiteboard drawing illustrates where security policies are applied within the flow of an authentication request. In this example, policies enforced through Active Directory Federation Service (AD FS) are applied to the first service request, but not subsequent service requests. This is at least one reason to move security controls to the cloud as much as possible. -We've been chasing the dream of [single sign-on](/azure/active-directory/manage-apps/what-is-single-sign-on) (SSO) for as long as I can remember. Some customers believe they can achieve this by choosing the "right" federation (STS) provider. Azure AD can help significantly to [enable SSO](/azure/active-directory/manage-apps/plan-sso-deployment) capabilities, but no STS is magical. There are too many "legacy" authentication methods that are still used for critical applications. Extending Azure AD with [partner solutions](/azure/active-directory/saas-apps/tutorial-list) can address many of these scenarios. SSO is a strategy and a journey. You can't get there without moving towards [standards for applications](/azure/active-directory/develop/v2-app-types). Related to this topic is a journey to [passwordless](/azure/active-directory/authentication/concept-authentication-passwordless) authentication, which also doesn't have a magical answer. +We've been chasing the dream of [single sign-on](/azure/active-directory/manage-apps/what-is-single-sign-on) (SSO) for as long as I can remember. Some customers believe they can achieve this by choosing the "right" federation (STS) provider. Azure AD can help significantly to [enable SSO](/azure/active-directory/manage-apps/plan-sso-deployment) capabilities, but no STS is magical. There are too many "legacy" authentication methods that are still used for critical applications. Extending Azure AD with [partner solutions](/azure/active-directory/saas-apps/tutorial-list) can address many of these scenarios. SSO is a strategy and a journey. You can't get there without moving towards [standards for applications](/azure/active-directory/develop/v2-app-types). Related to this article is a journey to [passwordless](/azure/active-directory/authentication/concept-authentication-passwordless) authentication, which also doesn't have a magical answer. [Multi-factor authentication](/azure/active-directory/authentication/concept-mfa-howitworks) (MFA) is essential today ([here](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/your-pa-word-doesn-t-matter/ba-p/731984) for more). Add to it [user behavior analytics](/azure/active-directory/authentication/tutorial-risk-based-sspr-mfa) and you have a solution that prevents most common cyber-attacks. Even consumer services are moving to require MFA. Yet, I still meet with many customers who don't want to move to [modern authentication](../enterprise/hybrid-modern-auth-overview.md) approaches. The biggest argument I hear is that it will impact users and legacy applications. Sometimes a good kick might help customers move along - Exchange Online [announced changes](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-auth-and-exchange-online-february-2020-update/ba-p/1191282). Lots of Azure AD [reports](/azure/active-directory/fundamentals/concept-fundamentals-block-legacy-authentication) are now available to help customers with this transition. If you agree with this expanded definition of authorization, then you need to im - [Microsoft Defender for Cloud Apps](/cloud-app-security/) (Defender for Cloud Apps) - [Microsoft 365 Defender](../security/defender/microsoft-365-defender.md) - [Microsoft Intune](/mem/intune/)-- [Microsoft Information Protection](../compliance/information-protection.md) (MIP) +- [Microsoft Purview Information Protection](../compliance/information-protection.md) - [Microsoft Sentinel](/azure/sentinel/) Of course, in addition to Azure AD, various services and applications have their own specific authorization models. Some of these are discussed later in the delegation section. Azure AD has detailed [audit and reporting](/azure/active-directory/reports-moni ## There's no Exchange -Don't Panic! This does not mean Exchange is being deprecated (or SharePoint, and so on). It is still a core service. What I mean is, for quite some time now, technology providers have been transitioning user experiences (UX) to encompass components of multiple services. In Microsoft 365, a simple example is "[modern attachments](https://support.office.com/article/Attach-files-or-insert-pictures-in-Outlook-email-messages-BDFAFEF5-792A-42B1-9A7B-84512D7DE7FC)" where attachments to email are stored in SharePoint Online or OneDrive for Business. +Don't Panic! This doesn't mean Exchange is being deprecated (or SharePoint, and so on). It's still a core service. What I mean is, for quite some time now, technology providers have been transitioning user experiences (UX) to encompass components of multiple services. In Microsoft 365, a simple example is "[modern attachments](https://support.office.com/article/Attach-files-or-insert-pictures-in-Outlook-email-messages-BDFAFEF5-792A-42B1-9A7B-84512D7DE7FC)" where attachments to email are stored in SharePoint Online or OneDrive for Business. ![Attaching a file to an email.](../media/solutions-architecture-center/modern-attachments.png) Many customers end-up with multiple production tenants after a merger and acquis Some customers choose to go with more than one tenant. This should be a very careful decision and almost always business reason driven! Some examples include the following: -- A holding type company structure where easy collaboration between different entities is not required and there is strong administrative and other isolation needs. +- A holding type company structure where easy collaboration between different entities is not required and there's strong administrative and other isolation needs. - After an acquisition, a business decision is made to keep two entities separate.-- Simulation of a customer's environment that does not change the customer's production environment. +- Simulation of a customer's environment that doesn't change the customer's production environment. - Development of software for customers. In these multi-tenant scenarios, customers often want to keep some configuration the same across tenants, or report on configuration changes and drifts. This often means moving from manual changes to configuration as code. Microsoft Premiere support offers a workshop for these types of requirements based on this public IP: <https://Microsoft365dsc.com>. In these multi-tenant scenarios, customers often want to keep some configuration To [Multi-Geo](../enterprise/microsoft-365-multi-geo.md) or not to Multi-Geo, that is the question. With Office 365 Multi-Geo, you can provision and store data at rest in the geo locations that you've chosen to meet [data residency](../enterprise/o365-data-locations.md) requirements. There are many misconceptions about this capability. Keep the following in mind: -- It does not to provide performance benefits. It could make performance worse if the [network design](https://aka.ms/office365networking) is not correct. Get devices "close" to the Microsoft network, not necessarily to your data.-- It is not a solution for [GDPR compliance](https://www.microsoft.com/trust-center/privacy/gdpr-overview). GDPR does not focus on data sovereignty or storage locations. There are other compliance frameworks for that.-- It does not solve delegation of administration (see below) or [information barriers](../compliance/information-barriers.md). +- It doesn't to provide performance benefits. It could make performance worse if the [network design](https://aka.ms/office365networking) is not correct. Get devices "close" to the Microsoft network, not necessarily to your data. +- It is not a solution for [GDPR compliance](https://www.microsoft.com/trust-center/privacy/gdpr-overview). GDPR doesn't focus on data sovereignty or storage locations. There are other compliance frameworks for that. +- It doesn't solve delegation of administration (see below) or [information barriers](../compliance/information-barriers.md). - It is not the same as multi-tenant and requires additional [user provisioning](https://github.com/MicrosoftDocs/azure-docs-pr/blob/master/articles/active-directory/hybrid/how-to-connect-sync-feature-preferreddatalocation.md) workflows.-- It does not [move your tenant](../enterprise/moving-data-to-new-datacenter-geos.md) (your Azure AD) to another geography. +- It doesn't [move your tenant](../enterprise/moving-data-to-new-datacenter-geos.md) (your Azure AD) to another geography. ## Delegation of administration There's a long and growing list of [built-in roles](/azure/active-directory/role - Global administrator: This "all powerful" role should be [highly protected](../enterprise/protect-your-global-administrator-accounts.md) just like you would in other systems. Typical recommendations include: no permanent assignment and use Azure AD Privileged Identity Management (PIM); strong authentication; and so on. Interestingly, this role doesn't give you access to everything by default. Typically, I see confusion about compliance access and Azure access, discussed later. However, this role can always assign access to other services in the tenant. - Specific service admins: Some services (Exchange, SharePoint, Power BI, and so on) consume high-level administration roles from Azure AD. This isn't consistent across all services and there are more service-specific roles discussed later.-- Functional: There is a long (and growing) list of roles focused on specific operations (guest inviter, and so on). Periodically, more of these are added based on customer needs. +- Functional: There's a long (and growing) list of roles focused on specific operations (guest inviter, and so on). Periodically, more of these are added based on customer needs. It is not possible to delegate everything (although the gap is decreasing), which means the Global admin role would need to be used sometimes. Configuration-as-code and automation should be considered instead of people membership of this role. Note: The Microsoft 365 admin center has a more user-friendly interface but has subset of capabilities compared to the Azure AD admin experience. Both portals use the same Azure AD roles, so changes are occurring in the same place. Tip: if you want an identity-management focused admin UI without all the Azure clutter, use <https://aad.portal.azure.com>. -What's in the name? Don't make assumptions from the name of the role. Language is not a very precise tool. The goal should be to define operations that need to be delegated before looking at what roles are needed. Adding somebody to the "Security Reader" role does not make them see security settings across everything. +What's in the name? Don't make assumptions from the name of the role. Language is not a very precise tool. The goal should be to define operations that need to be delegated before looking at what roles are needed. Adding somebody to the "Security Reader" role doesn't make them see security settings across everything. The ability to create [custom roles](/azure/active-directory/users-groups-roles/roles-custom-overview) is a common question. This is limited in Azure AD today (see below) but will grow in capabilities over time. I think of these as applicable to functions in Azure AD and may not span "down" the hierarchy model (discussed above). Whenever I deal with "custom," I tend to go back to my principal of "simple is better." Another common question is ability to scope roles to a subset of a directory. On Today, all these roles require direct membership (or dynamic assignment if you use [Azure AD PIM](/azure/active-directory/privileged-identity-management/)). This means customers must manage these directly in Azure AD and these cannot be based on a security group membership. I'm not a fan of creating scripts to manage these as it would need to run with elevated rights. I generally recommend API integration with process systems like ServiceNow or using partner governance tools like Saviynt. There's engineering work going on to address this over time. -I mentioned [Azure AD PIM](/azure/active-directory/privileged-identity-management/) a few times. There is a corresponding Microsoft Identity Manager (MIM) [Privileged Access Management](/microsoft-identity-manager/pam/privileged-identity-management-for-active-directory-domain-services) (PAM) solution for on-premises controls. You might also want to look at [Privileged Access Workstations](/windows-server/identity/securing-privileged-access/privileged-access-workstations) (PAWs) and [Azure AD Identity Governance](/azure/active-directory/governance/identity-governance-overview). There are various third-party tools as well, which can enable just-in-time, just-enough, and dynamic role elevation. This is usually part of a larger discussion for securing an environment. +I mentioned [Azure AD PIM](/azure/active-directory/privileged-identity-management/) a few times. There's a corresponding Microsoft Identity Manager (MIM) [Privileged Access Management](/microsoft-identity-manager/pam/privileged-identity-management-for-active-directory-domain-services) (PAM) solution for on-premises controls. You might also want to look at [Privileged Access Workstations](/windows-server/identity/securing-privileged-access/privileged-access-workstations) (PAWs) and [Azure AD Identity Governance](/azure/active-directory/governance/identity-governance-overview). There are various third-party tools as well, which can enable just-in-time, just-enough, and dynamic role elevation. This is usually part of a larger discussion for securing an environment. -Sometimes scenarios call for adding an external user to a role (see the multi-tenant section, above). This works just fine. [Azure AD B2B](/azure/active-directory/b2b/) is another large and fun topic to walk customers through, perhaps in another article. +Sometimes scenarios call for adding an external user to a role (see the multi-tenant section, above). This works just fine. [Azure AD B2B](/azure/active-directory/b2b/) is another large and fun article to walk customers through, perhaps in another article. ### Security and Compliance Center (SCC) In a sense, these are an evolution of the Exchange role groups model. However, E You can't create custom roles. Roles are defined by services created by Microsoft and will grow as new services are introduced. This is similar in concept to [roles defined by applications](/azure/active-directory/develop/howto-add-app-roles-in-azure-ad-apps) in Azure AD. When new services are enabled, often new role groups need to be created in order to grant or delegate access to these (for example, [insider risk management](../compliance/insider-risk-management-configure.md). -These role groups also require direct membership and cannot contain Azure AD groups. Unfortunately, today these role groups are not supported by Azure AD PIM. Like Azure AD roles, I tend to recommend management of these through APIs or a partner governance product like Saviynt, or others. +These role groups also require direct membership and cannot contain Azure AD groups. Unfortunately, today these role groups aren't supported by Azure AD PIM. Like Azure AD roles, I tend to recommend management of these through APIs or a partner governance product like Saviynt, or others. Security & Compliance Center roles span Microsoft 365 and you can't scope these role groups to a subset of the environment (like you can with administrative units in Azure AD). Many customers ask how they can subdelegate. For example, "create a DLP policy only for EU users." Today, if you have rights to a specific function in the Security & Compliance Center, you have rights to everything covered by this function in the tenant. However, many policies have capabilities to target a subset of the environment (for example, "make these [labels](../compliance/create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) available only to these users"). Proper governance and communication are a key component to avoid conflicts. Some customers choose to implement a "configuration as code" approach to address subdelegation in the Security & Compliance Center. Some specific services support subdelegation (see below). As stated earlier, many customers are looking to achieve a more granular delegat - eDiscovery - (../compliance/index.yml) - Permission Filtering - (../compliance/index.yml) - Compliance Boundaries - (../compliance/set-up-compliance-boundaries.md) - - Advanced eDiscovery - (../compliance/overview-ediscovery-20.md) + - eDiscovery (Premium) - (../compliance/overview-ediscovery-20.md) - Yammer - (/yammer/manage-yammer-users/manage-yammer-admins) - Multi-geo - (../enterprise/add-a-sharepoint-geo-admin.md) - Dynamics 365 ΓÇô (/dynamics365/) As stated earlier, many customers are looking to achieve a more granular delegat ### Activity Logs -Office 365 has a [unified audit log](../compliance/search-the-audit-log-in-security-and-compliance.md). ItΓÇÖs a very [detailed log](/office/office-365-management-api/office-365-management-activity-api-schema), but donΓÇÖt read too much into the name. It may not contain everything you want or need for your security and compliance needs. Also, some customers are really interested in [Advanced Audit](../compliance/advanced-audit.md). +Office 365 has a [unified audit log](../compliance/search-the-audit-log-in-security-and-compliance.md). ItΓÇÖs a very [detailed log](/office/office-365-management-api/office-365-management-activity-api-schema), but donΓÇÖt read too much into the name. It may not contain everything you want or need for your security and compliance needs. Also, some customers are really interested in [Audit (Premium)](../compliance/advanced-audit.md). Examples of Microsoft 365 logs that are accessed through other APIs include the following: - [Azure AD](/azure/azure-monitor/platform/diagnostic-settings) (activities not related to Office 365) - [Exchange Message Tracking](/powershell/module/exchange/get-messagetrace) - Threat/UEBA Systems discussed above (for example, Azure AD Identity Protection, Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, and so on)-- [Microsoft information protection](../compliance/data-classification-activity-explorer.md) +- [Microsoft Purview Information Protection](../compliance/data-classification-activity-explorer.md) - [Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/api-power-bi) - [Microsoft Graph](https://graph.microsoft.com) -It is important to first identify all log sources needed for a security and compliance program. Also note that different logs have different on-line retention limits. +It's important to first identify all log sources needed for a security and compliance program. Also note that different logs have different on-line retention limits. From the admin delegation perspective, most Microsoft 365 activity logs do not have a built-in RBAC model. If you have permission to see a log, then you can see everything in it. A common example of a customer requirement is: ΓÇ£I want to be able to query activity only for EU usersΓÇ¥ (or some other dimension). To achieve this requirement, we need to transfer logs to another service. In the Microsoft cloud, we recommend transferring it to either [Microsoft Sentinel](/azure/sentinel/overview) or [Log Analytics](/azure/azure-monitor/learn/quick-create-workspace). Combining all the logs into one storage location includes added benefit, such as Logs do not have to be directed to one place only. It might also be beneficial to integrate [Office 365 Logs with Microsoft Defender for Cloud Apps](/cloud-app-security/connect-office-365-to-microsoft-cloud-app-security) or a custom RBAC model in [Power BI](../admin/usage-analytics/usage-analytics.md). Different repositories have different benefits and audiences. -It's worth mentioning that there is a very rich built-in analytics system for security, threats, vulnerabilities, and so on in a service called [Microsoft 365 Defender](../security/defender/microsoft-365-defender.md). +It's worth mentioning that there's a very rich built-in analytics system for security, threats, vulnerabilities, and so on in a service called [Microsoft 365 Defender](../security/defender/microsoft-365-defender.md). Many large customers want to transfer this log data to a third-party system (for example, SIEM). There are different approaches for this, but in-general [Azure Event Hub](/azure/azure-monitor/platform/stream-monitoring-data-event-hubs) and [Graph](/graph/security-integration) are good starting points. ### Azure -I am often asked if there is a way to separate high-privilege roles between Azure AD, Azure, and SaaS (ex.: Global Administrator for Office 365 but not Azure). Not really. Multi-tenant architecture is needed if complete administrative separation is required, but that adds significant [complexity](https://aka.ms/multi-tenant-user) (see above). All these services are part of the same security/identity boundary (look at the hierarchy model above). +I am often asked if there's a way to separate high-privilege roles between Azure AD, Azure, and SaaS (ex.: Global Administrator for Office 365 but not Azure). Not really. Multi-tenant architecture is needed if complete administrative separation is required, but that adds significant [complexity](https://aka.ms/multi-tenant-user) (see above). All these services are part of the same security/identity boundary (look at the hierarchy model above). -It is important to understand relationships between various services in the same tenant. I am working with many customers that are building business solutions that span Azure, Office 365, and Power Platform (and often also on-premises and third-party cloud services). One common example: +It's important to understand relationships between various services in the same tenant. I am working with many customers that are building business solutions that span Azure, Office 365, and Power Platform (and often also on-premises and third-party cloud services). One common example: 1. I want to collaborate on a set of documents/images/etc (Office 365) 2. Send each one of them through an approval process (Power Platform) As you can see from above picture, many other services should be considered as p ## Conclusion -Started as a short summary, ended-up longer than I expected. I hope you are now ready to venture into a deep see of creating delegation model for your organization. This conversation is very common with customers. There is no one model that works for everyone. Waiting for a few planned improvements from Microsoft engineering before documenting common patterns we see across customers. In the meantime, you can work with your Microsoft account team to arrange a visit to the nearest [Microsoft Technology Center](https://www.microsoft.com/mtc). See you there! +Started as a short summary, ended-up longer than I expected. I hope you are now ready to venture into a deep see of creating delegation model for your organization. This conversation is very common with customers. There's no one model that works for everyone. Waiting for a few planned improvements from Microsoft engineering before documenting common patterns we see across customers. In the meantime, you can work with your Microsoft account team to arrange a visit to the nearest [Microsoft Technology Center](https://www.microsoft.com/mtc). See you there!
solutions	Information Protection Deploy Assess	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy-assess.md	GDPR assessment consists of these sections: This step involves identification of particular sensitive information types that are subject to specific regulatory controls, as well as the occurrence of them in your Microsoft 365 environment. -Finding content in your environment containing personal can be a formidable task, formerly involving a combination of using Compliance Search, eDiscovery, Advanced eDiscovery, DLP, and auditing. +Finding content in your environment containing personal can be a formidable task, formerly involving a combination of using Compliance Search, eDiscovery, eDiscovery (Premium), DLP, and auditing. -With the new Data Classification solution in the Microsoft Compliance admin center, this has become much easier with the [Content Explorer](../compliance/data-classification-content-explorer.md) capability, which works with either built-in or custom sensitive information types, including those related to personal data. +With the new Data Classification solution in the Microsoft Purview compliance portal, this has become much easier with the [Content Explorer](../compliance/data-classification-content-explorer.md) capability, which works with either built-in or custom sensitive information types, including those related to personal data. ### Sensitive information types -The Microsoft Compliance admin center comes pre-loaded with over 100 sensitive information types, most of them related to identifying and locating personal data. These built-in sensitive information types can help identify and protect credit card numbers, bank account numbers, passport numbers, and more, based on patterns that are defined by a regular expression (regex) or a function. To learn more, see [What the sensitive information types look for](../compliance/sensitive-information-type-entity-definitions.md). +The Microsoft Purview compliance portal comes pre-loaded with over 100 sensitive information types, most of them related to identifying and locating personal data. These built-in sensitive information types can help identify and protect credit card numbers, bank account numbers, passport numbers, and more, based on patterns that are defined by a regular expression (regex) or a function. To learn more, see [What the sensitive information types look for](../compliance/sensitive-information-type-entity-definitions.md). If you need to identify and protect an organization-specific or regional type of sensitive items, such as a custom format for employee IDs, or other personal information not already covered by a built-in sensitive information type, you can create a custom sensitive information type with these methods: See these articles for more information: ### Content Explorer -An important tool that for determining the occurrence of sensitive items in your environment is the new [Content Explorer](../compliance/data-classification-content-explorer.md) in the Microsoft 365 Compliance admin center. It's an automated tool for initial and ongoing scanning of your entire Microsoft 365 subscription for the occurrence of sensitive information types and display of the results. +An important tool that for determining the occurrence of sensitive items in your environment is the new [Content Explorer](../compliance/data-classification-content-explorer.md) in the Microsoft Purview admin center. It's an automated tool for initial and ongoing scanning of your entire Microsoft 365 subscription for the occurrence of sensitive information types and display of the results. The new Content Explorer tool allows you to quickly identify the locations of sensitive items in your environment, using either built-in sensitive information types or custom ones. This may involve establishing a process and assigned responsibility to regularly investigate the presence and location of sensitive items.
solutions	Information Protection Deploy Compliance	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy-compliance.md	description: Learn how to use Compliance Score and Compliance Manager to improve # Use Compliance Manager to manage improvement actions -Microsoft Compliance Manager can help you manage improvements related to data privacy regulations such as the European Union [General Data Protection Regulation (GDPR)](/compliance/regulatory/gdpr), [California Consumer Protection Act CCPA)](/compliance/regulatory/ccpa-faq), HIPAA-HITECH (US health care privacy act), and the Brazil Data Protection Act (LGPD). +Microsoft Purview Compliance Manager can help you manage improvements related to data privacy regulations such as the European Union [General Data Protection Regulation (GDPR)](/compliance/regulatory/gdpr), [California Consumer Protection Act CCPA)](/compliance/regulatory/ccpa-faq), HIPAA-HITECH (US health care privacy act), and the Brazil Data Protection Act (LGPD). This article provides guidance on the use of this tool for data privacy purposes. This article provides guidance on the use of this tool for data privacy purposes #### What is Compliance Manager -[Compliance Manager](../compliance/compliance-manager.md) is a workflow-based risk assessment tool in the Microsoft 365 compliance center for managing regulatory compliance activities related to Microsoft cloud services. As part of your Microsoft 365 or Azure Active Directory (Azure AD) subscription, Compliance Manager helps you manage regulatory compliance within the shared responsibility model for Microsoft cloud services. +[Compliance Manager](../compliance/compliance-manager.md) is a workflow-based risk assessment tool in the Microsoft Purview compliance portal for managing regulatory compliance activities related to Microsoft cloud services. As part of your Microsoft 365 or Azure Active Directory (Azure AD) subscription, Compliance Manager helps you manage regulatory compliance within the shared responsibility model for Microsoft cloud services. Ready to use assessments
solutions	Information Protection Deploy Govern	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy-govern.md	Regardless of the legal and business reasons for keeping personal information ar ## Managing information governance in Microsoft 365 -To begin, see [Manage information governance](../compliance/manage-information-governance.md) and [Data Retention, Deletion and Destruction in Microsoft 365](/office365/Enterprise/office-365-data-retention-deletion-and-destruction-overview). +To begin, see [Govern your data with Microsoft Purview](../compliance/manage-data-governance.md) and [Data Retention, Deletion and Destruction in Microsoft 365](/office365/Enterprise/office-365-data-retention-deletion-and-destruction-overview). ### Develop data retention schedules for containers, email, and content
solutions	Information Protection Deploy Monitor Respond	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy-monitor-respond.md	See these articles for setting up auditing, advanced auditing, and alert policie - [Unified auditing](../compliance/search-the-audit-log-in-security-and-compliance.md) - [Mailbox auditing](../compliance/enable-mailbox-auditing.md)-- [Advanced audit](../compliance/advanced-audit.md) +- [Audit (Premium)](../compliance/advanced-audit.md) - [Alert policies](../compliance/alert-policies.md) ## Data subject requests for the GDPR and CCPA For Microsoft Stream, when a user is deleted from Azure Active Directory (Azure ## Insider risk management as an investigative tool -[Insider risk management in Microsoft 365](../compliance/insider-risk-management.md) is a feature of the Microsoft Compliance admin center to help you minimize internal risk by enabling you to detect, investigate, and take action on risky activities in your organization. +[Insider risk management](../compliance/insider-risk-management.md) is a feature of the Microsoft Purview compliance portal to help you minimize internal risk by enabling you to detect, investigate, and take action on risky activities in your organization.
solutions	Information Protection Deploy Protect Information	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy-protect-information.md	A number of information protection controls can be employed in your subscription These controls are within following solution areas: - Sensitivity labels-- Data loss prevention (DLP)-- Office message encryption (OME) +- Microsoft Purview Data loss prevention (DLP) +- Microsoft Purview Message Encryption - Teams and sites access controls ![Key services to protect personal information subject to data privacy regulation.](../media/information-protection-deploy-protect-information/information-protection-deploy-protect-information-grid.png) > [!NOTE] -> This solution describes security and compliance features to protect information subject to data privacy regulations. For a complete list of security features in Microsoft 365, see [Microsoft 365 security documentation](../security/index.yml). For a complete list of compliance features in Microsoft 365, see [Microsoft 365 compliance documentation](../compliance/index.yml). +> This solution describes security and compliance features to protect information subject to data privacy regulations. For a complete list of security features in Microsoft 365, see [Microsoft 365 security documentation](../security/index.yml). For a complete list of compliance features in Microsoft 365, see [Microsoft Purview documentation](../compliance/index.yml). ## Data privacy regulations that impact information protection controls Microsoft [information protection solutions](../compliance/information-protectio - Client-side/content-level - Automated for data-at-rest in SharePoint and OneDrive - Data Loss Prevention (DLP)-- [Microsoft 365 Endpoint data loss prevention](../compliance/endpoint-dlp-learn-about.md) +- [Endpoint data loss prevention](../compliance/endpoint-dlp-learn-about.md) - [Office 365 Message Encryption new capabilities (OME)](../compliance/ome.md) and OME [Advanced Message Encryption](../compliance/ome-advanced-message-encryption.md) In addition, site and library level protection are important mechanisms to include in any protection scheme. For information on other information protection capabilities outside of Microsof ## Sensitivity labels -Sensitivity labels from the Microsoft Information Protection framework let you classify and protect your organization's data without hindering the productivity of users and their ability to collaborate. +Sensitivity labels from Microsoft Purview Information Protection let you classify and protect your organization's data without hindering the productivity of users and their ability to collaborate. > [!div class="mx-imgBorder"] > ![Sensitivity labels in Microsoft 365.](../media/information-protection-deploy-protect-information/information-protection-deploy-protect-information-labels.png) Complete these activities prior to implementing any of the sensitivity label-bas 1. Understand the following: - Business requirements. Establish the business reasons for applying sensitivity labels in your enterprise. For example, your data privacy requirements for information protection. - Sensitivity label capabilities. Sensitivity labeling can get complex, so make sure to read the [sensitivity labels documentation](../compliance/sensitivity-labels.md) before getting started. - - Key things to remember Sensitivity labels are managed in the Microsoft Compliance admin center but the targeting and application options vary significantly. + - Key things to remember Sensitivity labels are managed in the Microsoft Purview compliance portal but the targeting and application options vary significantly. - There are sensitivity labels for sites, groups, and Teams at the container level (the settings do not apply to content inside the container). These are published to users and groups who apply them when a site, group or Team is provisioned. - There are sensitivity labels for active content. These are also published to user or groups, who either manually apply them, or they get applied automatically when: - The file is opened/edited/saved, either to the userΓÇÖs desktop or a SharePoint site. Complete these activities prior to implementing any of the sensitivity label-bas If you are planning to use modern sensitivity labeling for email protection and existing email encryption methods like OME are in place, they can co-exist, but you should understand the scenarios in which either should be applied. See [Office 365 Message Encryption new capabilities (OME)](#office-365-message-encryption-ome-new-capabilities), which includes a table comparing modern sensitivity label-type protection with OME-based protection. -3. Plan for integration into a broader information protection scheme. On top of coexistence with OME, sensitivity labels can be used along-side capabilities like Microsoft 365 data loss prevention (DLP) and Microsoft Defender for Cloud Apps. See [Microsoft Information Protection in Microsoft 365](../compliance/information-protection.md) to achieve your data privacy-related information protection goals. +3. Plan for integration into a broader information protection scheme. On top of coexistence with OME, sensitivity labels can be used along-side capabilities like Microsoft Purview Data Loss Prevention (DLP) and Microsoft Defender for Cloud Apps. See [Protect your data with Microsoft Purview](../compliance/information-protection.md) to achieve your data privacy-related information protection goals. 4. Develop a sensitivity label classification and control scheme. See [Data Classification and Sensitivity Label Taxonomy](https://aka.ms/dataclassificationwhitepaper). Complete these activities prior to implementing any of the sensitivity label-bas ### Create and deploy sensitivity labels for sites, groups, and teams -When you create [sensitivity labels](../compliance/sensitivity-labels-teams-groups-sites.md) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, you can now apply them to these containers: +When you create [sensitivity labels](../compliance/sensitivity-labels-teams-groups-sites.md) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, you can now apply them to these containers: - Microsoft Teams sites - Microsoft 365 groups (formerly Office 365 groups) When you're ready to start protecting your organization's data with sensitivity 2. Define what each label can do. Configure the protection settings you want associated with each label. For example, you might want lower sensitivity content (such as a "General" label) to have just a header or footer applied, while higher sensitivity content (such as a "Confidential" label) should have a watermark and have encryption enabled. 3. Publish the labels. After your sensitivity labels are configured, publish them by using a label policy. Decide which users and groups should have the labels and what policy settings to use. A single label is reusable. You define it once and then you can include it in several label policies assigned to different users. -Once you publish sensitivity labels from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, they start to appear in [Office apps](../compliance/sensitivity-labels-office-apps.md) for users to classify and protect content as it's created or edited. +Once you publish sensitivity labels from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, they start to appear in [Office apps](../compliance/sensitivity-labels-office-apps.md) for users to classify and protect content as it's created or edited. ![Sensitivity label deployment flow in Microsoft 365.](../media/information-protection-deploy-protect-information/information-protection-deploy-protect-information-label-flow.png) DLP allows you to: ### Supported workloads for DLP -With a DLP policy in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, you can identify, monitor, and automatically protect sensitive items across many locations in Microsoft 365, such as Exchange Online, SharePoint, OneDrive, and Microsoft Teams. +With a DLP policy in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, you can identify, monitor, and automatically protect sensitive items across many locations in Microsoft 365, such as Exchange Online, SharePoint, OneDrive, and Microsoft Teams. For example, you can identify any document containing a credit card number that's stored in any OneDrive site, or you can monitor just the OneDrive sites of specific people. Although sensitivity labels canΓÇÖt be used in DLP policy conditions, certain pr ### DLP policies -DLP policies are configured in the Microsoft Compliance admin center and specify the level of protection, the sensitive information type the policy is looking for, and the target workloads. Their basic components consist of identifying the protection and the types of data. +DLP policies are configured in the Microsoft Purview compliance portal and specify the level of protection, the sensitive information type the policy is looking for, and the target workloads. Their basic components consist of identifying the protection and the types of data. > [!div class="mx-imgBorder"] > ![DLP policy configuration in Microsoft 365.](../media/information-protection-deploy-protect-information/information-protection-deploy-protect-information-dlp-config.png)
solutions	Information Protection Deploy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/information-protection-deploy.md	These Microsoft 365 capabilities and features help you meet the criteria for pro \| Capability or feature \| Description \| Licensing \| \|:-\|:--\|:-\| -\| Compliance Manager \| Manage regulatory compliance activities, get an overall score of your current compliance configuration, and find recommendations for improvement. This is a workflow-based risk assessment tool in the Microsoft 365 compliance center. \| Microsoft 365 E3 and E5 \| +\| Compliance Manager \| Manage regulatory compliance activities, get an overall score of your current compliance configuration, and find recommendations for improvement. This is a workflow-based risk assessment tool in the Microsoft Purview compliance portal. \| Microsoft 365 E3 and E5 \| \| Microsoft Defender for Office 365 \| Protect your Microsoft 365 apps and dataΓÇösuch as email messages, Office documents, and collaboration toolsΓÇöfrom attack. \| Microsoft 365 E3 and E5 \| \| Sensitivity labels \| Classify and protect your organization's data without hindering the productivity of users and their ability to collaborate. Place labels with various levels of protection on email, files, or sites. \| Microsoft 365 E3 and E5 \| \| Data Loss Protection (DLP) \| Detect, warn, and block risky, inadvertent, or inappropriate sharing of data containing personal information, both internally and externally. \| Microsoft 365 E3 and E5 \| For more information, see [Assess data privacy risks and identify sensitive item ## Track: Run risk assessments and check your compliance score -Compliance Manager, available in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft 365 compliance center</a>, provides you with a built-in ability to track and manage improvement actions overall as well as those related to multiple data privacy regulations that apply to you. +Compliance Manager, available in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>, provides you with a built-in ability to track and manage improvement actions overall as well as those related to multiple data privacy regulations that apply to you. You can use built in assessment templates specific to each regulation, where you can track action items for each assessment template selected, as well as view specific regulatory controls, and relate them to specific actions.
solutions	Manage Creation Of Groups	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/manage-creation-of-groups.md	When you limit who can create a group, it affects all services that rely on grou - Power BI (classic) - Project for the web / Roadmap -The steps in this article won't prevent members of certain roles from creating Groups. Office 365 Global admins can create Groups via the Microsoft 365 admin center, Planner, Exchange, and SharePoint Online. Other roles can create Groups via limited means, listed below. +The steps in this article won't prevent members of certain roles from creating Groups. Microsoft 365 global admins can create groups via the Microsoft 365 admin center, Planner, Exchange, and SharePoint, but not other locations such as Teams. Other roles can create Microsoft 365 Groups via limited means, listed below. - Exchange Administrator: Exchange admin center, Azure AD - Partner Tier 1 Support: Microsoft 365 admin center, Exchange admin center, Azure AD The following people don't need Azure AD Premium or Azure AD Basic EDU licenses ## Step 1: Create a group for users who need to create Microsoft 365 groups -Only one group in your organization can be used to control who is able to create Groups. But, you can nest other groups as members of this group. +Only one group in your organization can be used to control who is able to create Microsoft 365 Groups. But, you can nest other groups as members of this group. Admins in the roles listed above do not need to be members of this group: they retain their ability to create groups. Admins in the roles listed above do not need to be members of this group: they r 3. Choose the group type you want. Remember the name of the group! You'll need it later. -4. Finish setting up the group, adding people or other groups who you want to be able to create groups in your org. +4. Finish setting up the group, adding people or other groups who you want to be able to create groups as members (not owners). For detailed instructions, see [Create, edit, or delete a security group in the Microsoft 365 admin center](../admin/email/create-edit-or-delete-a-security-group.md).
solutions	Manage Devices With Intune Dlp Mip	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/manage-devices-with-intune-dlp-mip.md	description: Implement Endpoint DLP by working with your information protection # Step 7. Implement data loss prevention (DLP) with information protection capabilities -If your organization uses Microsoft 365 Information Protection and has put the time into understanding your data, developing a data sensitivity schema, and applying the schema, you might be ready to extend elements of this schema to endpoints by using data loss prevention (DLP) policies. +If your organization has already put the time into understanding your data, developing a data sensitivity schema, and applying the schema, you might be ready to extend elements of this schema to endpoints by using Microsoft Purview data loss prevention (DLP) policies. -Microsoft Endpoint data loss prevention (Endpoint DLP) currently applies to: +Endpoint data loss prevention (Endpoint DLP) currently applies to: - Windows 10, Windows 11 - macOS Use the following steps to work with your information protection team. \|Step \|Description \| \|\|\| -\|1 \| [Learn about Microsoft 365 Endpoint data loss prevention](../compliance/endpoint-dlp-learn-about.md). \| -\|2 \| Onboard devices for Endpoint DLP. If you onboarded devices to Microsoft Defender for Endpoint, your devices are already onboarded for Microsoft 365 Compliance, including Endpoint DLP. If your devices are not onboarded to Defender for Endpoint, see [Get started with Endpoint data loss prevention](../compliance/endpoint-dlp-getting-started.md) for instructions. For more information about how onboarding works, see [Enrolling devices vs. onboarding devices](manage-devices-with-intune-overview.md#enrolling-devices-vs-onboarding-devices)\| +\|1 \| [Learn about Endpoint data loss prevention](../compliance/endpoint-dlp-learn-about.md). \| +\|2 \| Enable devices for Endpoint DLP. If you onboarded devices to Microsoft Defender for Endpoint, your devices are already enabled for Endpoint DLP. If your devices are not onboarded to Defender for Endpoint, see [Get started with Endpoint data loss prevention](../compliance/endpoint-dlp-getting-started.md) for instructions.\| \|3 \| Work with your information protection and governance team to define, test, and tune policies. This includes monitoring the results. See these resources:<br>- [Using Endpoint data loss prevention](../compliance/endpoint-dlp-using.md)<br>- [View the reports for data loss prevention](../compliance/view-the-dlp-reports.md) \|
solutions	Manage Devices With Intune Monitor Risk	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/manage-devices-with-intune-monitor-risk.md	Deploying Microsoft Defender for Endpoint includes onboarding endpoints. If you In this illustration: - Microsoft Defender for Endpoint greatly increases the sophistication of threat protection for devices. - While Microsoft Intune allows you to set App Protection Policies and manage devices (including configuration changes), Defender for Endpoint continuously monitors your devices for threats and can take automated action to remediate attacks. -- You can connect Microsoft Intune to Defender for Endpoint to monitor device risk and compliance to security baselines. +- You can use Intune to onboard devices to Defender for Endpoint. When you do this, you are also enabling these devices to work with Microsoft Purview Endpoint data loss prevention (Endpoint DLP). This article includes these steps: - Monitor device risk
solutions	Manage Devices With Intune Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/manage-devices-with-intune-overview.md	This series of articles walks through a recommended process for managing devices ## Implementing the layers of protection on and for devices -Protecting the data and apps on devices and the devices themselves is a multi-layer process. There are some protections you can gain on unmanaged devices. After enrolling devices to Intune, you can implement more sophisticated controls. When threat protection is deployed across your endpoints, you gain even more insights and the ability to automatically remediate some attacks. Finally, if your organization has put the work into identifying sensitive data, applying classification and labels, and configuring data loss prevention policies, you can obtain even more granular protection for data on your endpoints. +Protecting the data and apps on devices and the devices themselves is a multi-layer process. There are some protections you can gain on unmanaged devices. After enrolling devices into management, you can implement more sophisticated controls. When threat protection is deployed across your endpoints, you gain even more insights and the ability to automatically remediate some attacks. Finally, if your organization has put the work into identifying sensitive data, applying classification and labels, and configuring Microsoft Purview data loss prevention policies, you can obtain even more granular protection for data on your endpoints. The following diagram illustrates building blocks to achieve a Zero Trust security posture for Microsoft 365 and other SaaS apps that you introduce to this environment. The elements related to devices are numbered 1 through 7. These are the layers of protection device admins will coordinate with other administrators to accomplish. In this illustration: If you follow this guidance, you will enroll devices into management using Intune and you will onboard devices for the following Microsoft 365 capabilities: - Microsoft Defender for Endpoint-- Microsoft 365 Compliance (for endpoint data loss prevention (DLP)) +- Microsoft Purview (for endpoint data loss prevention (DLP)) The following illustration details how this works using Intune. The following illustration details how this works using Intune. In the illustration: 1. Enroll devices into management with Intune. -2. Use Intune to onboard devices to Microsoft Defender for Endpoint. -3. Devices that are onboarded to Defender for Endpoint are also onboarded for Microsoft 365 compliance features, including endpoint DLP. +2. Use Intune to onboard devices to Defender for Endpoint. +3. Devices that are onboarded to Defender for Endpoint are also onboarded for Microsoft Purview features, including Endpoint DLP. + +Note that only Intune is managing devices. Onboarding refers to the ability for a device to share information with a specific service. The following table summarizes the differences between enrolling devices into management and onboarding devices for a specific service. ++ +\| \|Enroll \|Onboard \| +\|\|\|\| +\|Description \| Enrollment applies to managing devices. Devices are enrolled for management with Intune or Configuration Manager. \| Onboarding configures a device to work with a specific set of capabilities in Microsoft 365. Currently, onboarding applies to Microsoft Defender for Endpoint and Microsoft compliance capabilities. <br><br>On Windows devices, onboarding involves toggling a setting in Windows Defender that allows Defender to connect to the online service and accept policies that apply to the device. \| +\|Scope \| These device management tools manage the entire device, including configuring the device to meet specific objectives, like security. \|Onboarding only affects the services that apply. \| +\|Recommended method \| Azure Active Directory join automatically enrolls devices into Intune. \| Intune is the preferred method for onboarding devices to Windows Defender for Endpoint, and consequently Microsoft Purview capabilities.<br><br>Note that devices that are onboarded to Microsoft Purview capabilities using other methods are not automatically enrolled for Defender for Endpoint. \| +\|Other methods \| Other methods of enrollment depend on the platform of the device and whether it is BYOD or managed by your organization. \| Other methods for onboarding devices include, in recommended order:<br><li>Configuration Manager<li>Other mobile device management tool (if the device is managed by one)<li>Local script<li>VDI configuration package for onboarding non-persistent virtual desktop infrastructure (VDI) devices<li>Group Policy\| +\| \| \| \| Note that only Intune is managing devices. Onboarding refers to the ability for a device to share information with a specific service capability. The following table summarizes the differences between enrolling devices into management and onboarding devices for a specific capability. Note that only Intune is managing devices. Onboarding refers to the ability for \|\|\|\| \|Description\|Enrollment applies to managing devices. Devices are enrolled for management with Intune or Configuration Manager.\|Onboarding configures a device to work with a specific set of capabilities in Microsoft 365. Currently, onboarding applies to Microsoft Defender for Endpoint and Microsoft compliance capabilities. <br/><br/> On Windows devices, onboarding involves toggling a setting in Windows Defender that allows Defender to connect to the online service and accept policies that apply to the device.\| \|Scope\|These device management tools manage the entire device, including configuring the device to meet specific objectives, like security.\|Onboarding only affects the capabilities that apply.\| -\|Recommended method\|Azure Active Directory join automatically enrolls devices into Intune.\|Intune is the preferred method for onboarding devices to Windows Defender for Endpoint, and consequently Microsoft 365 compliance capabilities. <br/><br/> Note that devices that are onboarded to Microsoft 365 compliance capabilities using other methods are not automatically enrolled for Defender for Endpoint.\| +\|Recommended method\|Azure Active Directory join automatically enrolls devices into Intune.\|Intune is the preferred method for onboarding devices to Windows Defender for Endpoint, and consequently Microsoft Purview capabilities. <br/><br/> Note that devices that are onboarded to Microsoft Purview capabilities using other methods are not automatically enrolled for Defender for Endpoint.\| \|Other methods\|Other methods of enrollment depend on the platform of the device and whether it is BYOD or managed by your organization.\|Other methods for onboarding devices include, in recommended order: <ul><li>Configuration Manager</li><li>Other mobile device management tool (if the device is managed by one)</li><li>Local script</li><li>VDI configuration package for onboarding non-persistent virtual desktop infrastructure (VDI) devices</li><li>Group Policy</li></ul>\| ## Learning for administrators
solutions	Plan External Collaboration	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/plan-external-collaboration.md	audience: ITPro ms.prod: microsoft-365-enterprise-+ - M365-collaboration - m365solution-securecollab - m365solution-scenario - m365initiative-externalcollab-+ - seo-marvel-apr2020 - seo-marvel-jun2020 localization_priority: Normal This article covers the fourth option, group collaboration with channel conversa When collaborating in a team with people outside your organization, there are two options for how those people access the resources that you share with them. -Guest sharing +### Guest sharing Guest sharing uses Azure AD B2B collaboration to allow sharing and collaboration with people outside your organization by adding a guest account in Azure AD for each person. Guest accounts can be used for the following: Guest sharing uses Azure AD B2B collaboration to allow sharing and collaboration Guests in a team have similar capabilities to regular team members. -External participants in shared channels +### External participants in shared channels External participants access shared resources in your organization by using their own Azure AD or Microsoft 365 identity. This is enabled by Azure AD B2B direct connect through an organizational relationship configured by both organizations. Guest accounts are not used in this relationship. The following table describes the experiences available depending on the type of \|Use private channels\|Y\|Y\|N\| \|Account in your directory\|Y\|Y\|N\| \|Access reviews\|Y\|Y\|Y\| - + ## Planning considerations -Most organizations will use both guest sharing and shared channels with external participants. +Most organizations will use both guest sharing and shared channels with external participants. Guest sharing is enabled by default in Azure AD and in Microsoft 365 (Teams, Microsoft 365 Groups, and SharePoint). This allows users to invite guests to teams and sites and to share files with them without having to request assistance from IT. You must use guest sharing if:+ - You want to invite people from outside your organization to the team rather than individual channels - You want to share files or folders in a channel with people outside your organization who are not in the channel - You want to collaborate with people outside your organization who do not have a work or school account. If you plan to use shared channels with other organizations, you can choose betw ## Compliance in shared channels -Shared channels are integrated with Microsoft 365 compliance features. +Shared channels are integrated with Microsoft Purview features. -##### Communications compliance +### Communications compliance Admins can set policies to monitor content for all users in the channel. All messages content in channels, including shared channels, is covered by [communication compliance policies](/microsoft-365/compliance/communication-compliance). Shared channels inherit the policy of the host organization. -##### Conditional access +### Conditional access The host organization's [conditional access policies](/azure/active-directory/conditional-access/overview) are applied to external participants, including B2B direct connect users. The external organization's policies are not used. The following types of conditional access policies are supported with shared channels: - Policies that are scoped to all guests, external participants, and SharePoint Online cloud apps.-- Grant Access controls that require MFA, a compliant device, or a hybrid Azure AD joined device. +- Grant Access controls that require MFA, a compliant device, or a hybrid Azure AD joined device. IP-based policies are supported at the SharePoint file level. So an external participant could access shared channel from a restricted location, but be blocked when trying to open a file. -##### Data loss prevention (DLP) +### Data loss prevention (DLP) -Admins can apply [DLP policies](/microsoft-365/compliance/dlp-policy-design) to a team where all channels, including shared channels, inherit the policy. Shared channels inherit the policy of the host organization. +Admins can apply [Microsoft Purview DLP policies](/microsoft-365/compliance/dlp-policy-design) to a team where all channels, including shared channels, inherit the policy. Shared channels inherit the policy of the host organization. -##### Retention policy +### Retention policy Admins can apply a [retention policy](/microsoft-365/compliance/retention) on a team where all channels, including shared channels, inherit the retention policy. Shared channels inherit the policy of the parent team. -##### Sensitivity labels +### Sensitivity labels [Sensitivity labels](/microsoft-365/compliance/sensitivity-labels) available in the host organization are the only labels that can be applied to the documents in a shared channel site. A file that is encrypted by a sensitivity label cannot be opened by external participants. Automatic labeling is not used. Shared channels and their associated SharePoint sites inherit the label from the parent team. -##### Information barriers +### Information barriers Users who are not allowed to communicate per [information barrier](/microsoftteams/information-barriers-in-teams) policies can't be part of shared channel. Information barrier policies are only effective for users in the host organization. If users are external participants in another organization's shared channel, information barrier policies don't apply. -##### eDiscovery +### eDiscovery Admins can perform searches for all users in the channel. All channels, including the shared channel, are discoverable. All message data in the channel regardless of who added the data is discoverable by the compliance admin. -##### Legal hold +### Legal hold Admins can place channel-only members from the host organization who are not a part of the team on hold. They can also [place the entire team on hold](/MicrosoftTeams/legal-hold). Admins cannot place an external participant on hold. -##### Audit logs +### Audit logs All the actions performed for [existing audit events](/microsoft-365/compliance/detailed-properties-in-the-office-365-audit-log) are audited in shared channels. - ## Related topics [Intro to file collaboration in Microsoft 365](/sharepoint/intro-to-file-collaboration)
solutions	Productivity Illustrations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/productivity-illustrations.md	This set of illustrations uses one of the most regulated industries, financial s \| Item \| Description \| \|:--\|:--\| -\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020\|Includes: <ul><li> Microsoft information protection and data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| +\|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020\|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>\| ## Security and Information Protection for Multi-Region Organizations Recommended Zero Trust capabilities for protecting identities and devices that a --> <a name="BKMK_ediscovery"></a> -## Advanced eDiscovery architecture in Microsoft 365 +## eDiscovery (Premium) architecture in Microsoft 365 -Advanced eDiscovery end-to-end workflow and data flow, including within Microsoft 365 Multi-Geo environments. +eDiscovery (Premium) end-to-end workflow and data flow, including within Microsoft 365 Multi-Geo environments. \| Item \| Description \| \|:--\|:--\| -\|[![Model poster: Advanced eDiscovery Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) <br/> [View as an image](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) \\| [Download as a PDF](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.vsdx) <br/> Updated October 2020\|Includes: <ul><li> End-to-end workflow in a single environment</li><li>End-to-end workflow in a Microsoft 365 Multi-Geo environment </li><li>End-to-end data flow supporting the EDRM workflow</li> \| +\|[![Model poster: eDiscovery (Premium) Architecture in Microsoft 365.](../media/solutions-architecture-center/ediscovery-poster-thumb.png)](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) <br/> [View as an image](../media/solutions-architecture-center/m365-advanced-ediscovery-architecture.png) \\| [Download as a PDF](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.pdf) \\| [Download as a Visio](https://download.microsoft.com/download/d/1/c/d1ce536d-9bcf-4d31-b75b-fcf0dc560665/m365-advanced-ediscovery-architecture.vsdx) <br/> Updated October 2020\|Includes: <ul><li> End-to-end workflow in a single environment</li><li>End-to-end workflow in a Microsoft 365 Multi-Geo environment </li><li>End-to-end data flow supporting the EDRM workflow</li> \| ## Microsoft Telephony Solutions
solutions	Ransomware Protection Microsoft 365 Information	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/ransomware-protection-microsoft-365-information.md	- m365solution-ransomware keywords: ransomware, human-operated ransomware, human operated ransomware, HumOR, extortion attack, ransomware attack, encryption, cryptovirology, zero trust -description: Use controlled folder access, MIP, DLP, and Microsoft Defender for Cloud Apps to protect your Microsoft 365 sensitive data. +description: Use controlled folder access, Microsoft Purview Information Protection, DLP, and Microsoft Defender for Cloud Apps to protect your Microsoft 365 sensitive data. # Step 5. Protect information To protect your sensitive information in case a ransomware attacker obtains acce - Use [controlled folder access](/windows/security/threat-protection/microsoft-defender-atp/controlled-folders) to make it more difficult for unauthorized applications to modify the data in controlled folders. -- Use [Microsoft Information Protection](/microsoft-365/compliance/information-protection) and sensitivity labels and apply them to sensitive information. Sensitivity labels can be configured for additional encryption and permissions with defined user accounts and allowed actions. A file labeled with this type of sensitivity label that is exfiltrated from your tenant will only be useable to a user account defined in the label. +- Use [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and sensitivity labels and apply them to sensitive information. Sensitivity labels can be configured for additional encryption and permissions with defined user accounts and allowed actions. A file labeled with this type of sensitivity label that is exfiltrated from your tenant will only be useable to a user account defined in the label. -- Use Microsoft 365 [Data Loss Prevention (DLP)](/microsoft-365/compliance/dlp-learn-about-dlp) to detect, warn, and block risky, inadvertent, or inappropriate sharing of data containing personal or confidential information based on sensitivity labels, both internally and externally. +- Use Microsoft Purview [Data Loss Prevention (DLP)](/microsoft-365/compliance/dlp-learn-about-dlp) to detect, warn, and block risky, inadvertent, or inappropriate sharing of data containing personal or confidential information based on sensitivity labels, both internally and externally. - Use [Microsoft Defender for Cloud Apps](/cloud-app-security/what-is-cloud-app-security) to block downloads of sensitive information such as files. You can also use [Defender for Cloud Apps anomaly detection policies](/cloud-app-security/anomaly-detection-policy#ransomware-activity) to detect a high rate of file uploads or file deletion activities.
solutions	Ransomware Protection Microsoft 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/ransomware-protection-microsoft-365.md	For additional details, see [Dealing with data corruption in Microsoft 365](/com You can prevent a ransomware attacker from copying files outside your tenant with: -- [Data Loss Prevention (DLP)](/microsoft-365/compliance/dlp-learn-about-dlp) policies +- [Microsoft Purview Data Loss Prevention (DLP)](/microsoft-365/compliance/dlp-learn-about-dlp) policies Detect, warn, and block risky, inadvertent, or inappropriate sharing of data containing: For Windows 11 or 10 devices: \| Capability or feature \| Description \| Helps... \| Licensing \| \|:-\|:--\|:-\|:-\| \| Controlled folder access \| Protects your data by checking apps against a list of known, trusted apps. \| Prevent files from being altered or encrypted by ransomware. \| Microsoft 365 E3 or Microsoft 365 E5 \| -\| Microsoft Information Protection \| Enables sensitivity labels to be applied to information that is ransomable \| Prevent use of exfiltrated information. \| Microsoft 365 E3 or Microsoft 365 E5 \| +\| Microsoft Purview Information Protection \| Enables sensitivity labels to be applied to information that is ransomable \| Prevent use of exfiltrated information. \| Microsoft 365 E3 or Microsoft 365 E5 \| \| Data loss prevention (DLP) \| Protects sensitive data and reduces risk by preventing users from sharing it inappropriately. \| Prevent data exfiltration. \| Microsoft 365 E3 or Microsoft 365 E5 \| \| Defender for Cloud Apps \| A cloud access security broker for discovery, investigation, and governance. \| Detect lateral movement and prevent data exfiltration. \| Microsoft 365 E5 or Microsoft 365 E3 with the Microsoft 365 E5 Security add-on \| \|
solutions	Secure Teams Security Isolation	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/secure-teams-security-isolation.md	If you have an internal partner or stakeholder group who should be able to view To create a sensitivity label -1. Open the Microsoft 365 compliance center, and under Solutions, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>. +1. Open the Microsoft Purview compliance portal, and under Solutions, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>. 1. Click Create a label. 1. Give the label a name. We suggest naming it after the team that you'll be using it with. 1. Add a display name and description, and then click Next. Once you've created the label, you need to publish it to the users who will use To publish a sensitivity label: -1. In the Microsoft 365 compliance center, on the <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection page</a>, choose the Label policies tab. +1. In the Microsoft Purview compliance portal, on the <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection page</a>, choose the Label policies tab. 2. Click Publish labels. 3. On the Choose sensitivity labels to publish page, click Choose sensitivity labels to publish. 4. Select the label that you created, and then click Add.
solutions	Setup Secure Collaboration With Teams	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/setup-secure-collaboration-with-teams.md	To configure secure collaboration, you use these Microsoft 365 capabilities and \|Microsoft Defender for Office 365\|Safe Attachments for SPO, OneDrive and Teams; Safe Documents; Safe Links for Teams\|Microsoft 365 E1, E3 and E5\| \|SharePoint\|Site and file sharing policies, Site sharing permissions, Sharing links, Access requests, Site guest sharing settings\|Microsoft 365 E1, E3 and E5\| \|Microsoft Teams\|Guest access, private teams, private channels, shared channels\|Microsoft 365 E1, E3 and E5\| -\|Microsoft 365 Compliance\|Sensitivity labels\|Microsoft 365 E3 and E5\| +\|Microsoft Purview\|Sensitivity labels\|Microsoft 365 E3 and E5\| ## Collaboration governance framework for Teams and Microsoft 365 When you're ready to deploy this solution, continue with these steps: [Microsoft 365 security documentation](../security/index.yml) -[Microsoft 365 compliance documentation](../compliance/index.yml) +[Microsoft Purview documentation](../compliance/index.yml) [Welcome to Microsoft Teams](/MicrosoftTeams/Teams-overview)
solutions	Team Security Isolation Dev Test	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/team-security-isolation-dev-test.md	Next, you need to configure a sensitivity label with the following settings: Follow these steps: -1. Open the Microsoft 365 compliance center, under Solutions, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>. +1. Open the Microsoft Purview compliance portal, under Solutions, select <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>. 1. Click Create a label. 1. Type Company Strategy for the label name. 1. Type Senior leadership company strategy documents as the tool tip, and then click Next. Follow these steps: Next, publish the new label with these steps: -1. In the Microsoft 365 compliance center, on the <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>, choose the Label policies tab. +1. In the Microsoft Purview compliance portal, on the <a href="https://go.microsoft.com/fwlink/p/?linkid=2174015" target="_blank">Information protection</a>, choose the Label policies tab. 2. Click Publish labels. 3. On the Choose sensitivity labels to publish page, click Choose sensitivity labels to publish. 4. Select Company Strategy, and then click Add.
test-base	Buildpackage	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/buildpackage.md	Last updated 02/28/2022 ms.localizationpriority: medium -+ f1.keywords: NOCSH # Build a package -A package is a .zip file containing your application binary and test scripts, which is the prerequisite to use Test Base. This QuickStart will guide you to build your first package, with which you can perform Out-of-box testing on your application. - -* An Out-of-Box (OOB)* test performs an install, launch, close, and uninstall of your application. After the install, the launch-close routine is repeated 30 times before a single uninstall is run. The OOB test provides you with standardized telemetry on your package to compare across Windows builds.* - -Optionally, you can download our [sample package](https://aka.ms/testbase-sample-package) to reference and begin with. -## Create a folder structure +A package is a .zip file containing your application binary and test scripts, which is the prerequisite to use Test Base. This QuickStart will guide you to build your first package, with which you can perform Out-of-box testing on your application. + +- An Out-of-Box (OOB)* test performs an install, launch, close, and uninstall of your application. After the install, the launch-close routine is repeated 30 times before a single uninstall is run. The OOB test provides you with standardized telemetry on your package to compare across Windows builds.* + +Optionally, you can download our [sample package](https://aka.ms/testbase-sample-package) to reference and begin with. + +## Create a folder structure + +In your local computer, create a folder structure as follows: -In your local computer, create a folder structure as follows:<br> ![The folder structure used to create package](Media/buildpackage1.png) These folders are used: -* App\bin: save the application and dependency binaries.<br> -* App\scripts: save scripts to install, launch, close and uninstall your application.<br> -* App\logs: scripts should output logs to this folder, then you can download and analyze logs after test is finished.<br> + +- App\bin: save the application and dependency binaries. +- App\scripts: save scripts to install, launch, close and uninstall your application. +- App\logs: scripts should output logs to this folder, then you can download and analyze logs after test is finished. ## Copy binary file(s) -Copy your application installation files to App\bin. If your application has dependencies, they need to be installed first. Also, copy the dependency installation files to App\bin.<br> + +Copy your application installation files to App\bin. If your application has dependencies, they need to be installed first. Also, copy the dependency installation files to App\bin. + ![Location of application file(s) in the folder](Media/buildpackage2.png) ## Add PowerShell scripts+ To perform OOB test, you will need to add PowerShell scripts to install, launch, close, and uninstall your application. -> [!NOTE] + +> [!NOTE] > In OOB test, install, launch, and close scripts are required, while uninstall script is optional. - -The script should be added to the folder as follows: + +The script should be added to the folder as follows: + ![Location of powershell scripts files in the folder](Media/buildpackage3.png) -A script usually includes the following behaviors:<br> -- Run the commands to install/launch/close/uninstall the application. E.g., if your application is an MSI file, run [msiexec](/windows-server/administration/windows-commands/msiexec) to install it. <br> -- Check the result of install/launch/close/uninstall operation, return zero exit code if the result is expected. Test Base will mark a script run as failure if it returns a non-zero exit code.<br> -- Save enough logs, save proper logs for future use.<br> +A script usually includes the following behaviors: -Please refer to the following examples. You can simply copy them to your files and make changes accordingly. <br> +- Run the commands to install/launch/close/uninstall the application. E.g., if your application is an MSI file, run [msiexec](/windows-server/administration/windows-commands/msiexec) to install it. +- Check the result of install/launch/close/uninstall operation, return zero exit code if the result is expected. Test Base will mark a script run as failure if it returns a non-zero exit code. +- Save enough logs, save proper logs for future use. + +Please refer to the following examples. You can simply copy them to your files and make changes accordingly. + +Example of install script (App\scripts\install\job.ps1): -Example of install script (App\scripts\install\job.ps1) ```powershell push-location $PSScriptRoot $exit_code = 0 Please refer to the following examples. You can simply copy them to your files a $log_dir = "$PSScriptRoot\..\..\logs" $log_file = "$log_dir\$script_name.log" - if(-not (test-path -path $log_dir )) { new-item -itemtype directory -path $log_dir } Please refer to the following examples. You can simply copy them to your files a exit $exit_code ``` -Example of launch script (App\scripts\launch\job.ps1) +Example of launch script (App\scripts\launch\job.ps1): + ```powershell push-location $PSScriptRoot $exit_code = 0 Please refer to the following examples. You can simply copy them to your files a Start-Process -FilePath $exePath if (Get-Process -Name $PROCESS_NAME) { - log("Launch successfully $PROCESS_NAME...") + log("Launch successfully $PROCESS_NAME...") $exit_code = 0 } else { - log("Not launched $PROCESS_NAME...") + log("Not launched $PROCESS_NAME...") $exit_code = 1 } log("Launch script finished as $exit_code") pop-location - exit $exit_code + exit $exit_code ``` ## Compress to zip file -After scripts and binaries are prepared, you proceed to compress the folder to a zip file. Right click on the App folder, select Compress to ZIP file.<br> -![Compress to zip file](Media/buildpackage4.png) +After scripts and binaries are prepared, you proceed to compress the folder to a zip file. Right click on the App folder, select Compress to ZIP file. + +![Compress to zip file](Media/buildpackage4.png) ## Verify your package locally (optional) -After building the zip package, you can upload it to your Test Base account. <br> -However, it's best practice to run the test locally to ensure the scripts work properly before uploading. A local test can quickly identify issues and speed up your uploading process. To verify locally follow the steps below:<br> -1. Prepare a VM (Virtual Machine)<br> - We recommend using a virtual machine for this local test since a clean Windows environment is currently needed for each test. It's easy to create a Windows VM on Azure ([Quickstart: Windows virtual machine](/azure/virtual-machines/windows/quick-create-portal)), you can select a proper Windows version (image) for your test, e.g., Windows 10 Pro, version 21H2.<br> - -2. Copy your package to the VM<br> - There are many ways to copy your package file to the VM. If you're using an Azure VM, you can choose to: - - Copy file directly in your Remote Desktop connection. <br> - - Use Azure file share ([Quickstart: Create and manage Azure file](/azure/storage/files/storage-files-quick-create-use-windows)) - - You can create a specific folder for this test and copy the package file under this folder. e.g., C:\TestBase.<br> -3. Test the package<br> - Open Windows PowerShell, switch to the directory containing the package, e.g., cd C:\TestBase, and start to run your tests on the package:<br> - a. Extract the package file. - - Expand-Archive -LiteralPath C:\TestBase\App.zip -DestinationPath C:\TestBase<br> - - b. Run install script. - - C:\TestBase\App\scripts\install\job.ps1<br> - - c. Restart the VM if necessary.<br> - - d. Run launch script. - - C:\TestBase\App\scripts\install\job.ps1<br> - - e. Run close script. - - C:\TestBase\App\scripts\close\job.ps1<br> - - f. Run uninstall script (if you have one). - - C:\TestBase\App\scripts\uninstall\job.ps1<br> - - After each step, you can check if there are any issues in your script. If all scripts run as expected, your package is ready to be uploaded to your Test Base account. +After building the zip package, you can upload it to your Test Base account. + +However, it's best practice to run the test locally to ensure the scripts work properly before uploading. A local test can quickly identify issues and speed up your uploading process. To verify locally follow the steps below: + +1. Prepare a VM (Virtual Machine) + + We recommend using a virtual machine for this local test since a clean Windows environment is currently needed for each test. It's easy to create a Windows VM on Azure ([Quickstart: Windows virtual machine](/azure/virtual-machines/windows/quick-create-portal)), you can select a proper Windows version (image) for your test, e.g., Windows 10 Pro, version 21H2.<br> + +2. Copy your package to the VM + + There are many ways to copy your package file to the VM. If you're using an Azure VM, you can choose to: + + - Copy file directly in your Remote Desktop connection. + - Use Azure file share ([Quickstart: Create and manage Azure file](/azure/storage/files/storage-files-quick-create-use-windows)) + + You can create a specific folder for this test and copy the package file under this folder. e.g., C:\TestBase. + +3. Test the package + + Open Windows PowerShell, switch to the directory containing the package, e.g., `cd C:\TestBase`, and start to run your tests on the package: + + 1. Extract the package file. + + ```powershell + Expand-Archive -LiteralPath C:\TestBase\App.zip -DestinationPath C:\TestBase + ``` + + 2. Run install script. + + ```powershell + C:\TestBase\App\scripts\install\job.ps1 + ``` + + 3. Restart the VM if necessary. + + 4. Run launch script. + + ```powershell + C:\TestBase\App\scripts\install\job.ps1 + ``` + + 5. Run close script. + + ```powershell + C:\TestBase\App\scripts\close\job.ps1 + ``` + + 6. Run uninstall script (if you have one). + + ```powershell + C:\TestBase\App\scripts\uninstall\job.ps1 + ``` + +After each step, you can check if there are any issues in your script. If all scripts run as expected, your package is ready to be uploaded to your Test Base account. ## Next steps+ [Upload a package](uploadApplication.md) - -
test-base	Faq	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/faq.md	Last updated 07/06/2021 ms.localizationpriority: medium -+ f1.keywords: NOCSH f1.keywords: NOCSH A: Submit your packages directly to the Test Base environment using our self-serve portal. -To submit your application package, navigate to the [Azure Portal](https://www.aka.ms/testbaseportal "Test Base Homepage") and upload a zipped folder containing your application's binaries, dependencies, and test scripts via the self-serve Test Base portal dashboard. +To submit your application package, navigate to the [Azure Portal](https://www.aka.ms/testbaseportal "Test Base Homepage") and upload a zipped folder containing your application's binaries, dependencies, and test scripts via the self-serve Test Base portal dashboard. See the onboarding user guide for more information or contact our team at <testbasepreview@microsoft.com> for assistance and more information. Q: What are Out-of-box (OOB) tests? -A: Out-of-box (OOB) tests are standardized, default test runs where application packages are installed, launched and closed thirty (30) times, and then uninstalled. +A: Out-of-box (OOB) tests are standardized, default test runs where application packages are installed, launched and closed thirty (30) times, and then uninstalled. -The packages created for Test Base will have the following test scripts: install, launch, close, and optionally the uninstall script. +The packages created for Test Base will have the following test scripts: install, launch, close, and optionally the uninstall script. The Out-of-box (OOB) tests provide you with standardized telemetry on your application to compare across Windows builds. The Out-of-box (OOB) tests provide you with standardized telemetry on your appli A: Yes, customers can also upload application packages for functional tests via the self-serve portal dashboard. Functional tests are tests that enable customers to execute their scripts to run custom functionality on their application. - ## Testing Q: Do you support functional tests? -A: Yes, Test Base supports functional tests. Functional tests are tests that enable our customers to execute their scripts to run custom functionality on their application. +A: Yes, Test Base supports functional tests. Functional tests are tests that enable our customers to execute their scripts to run custom functionality on their application. -To submit your application package for functional testing, upload the zipped folder containing your application's binaries, dependencies, and test scripts via our self-serve portal dashboard. +To submit your application package for functional testing, upload the zipped folder containing your application's binaries, dependencies, and test scripts via our self-serve portal dashboard. See the onboarding user guide for more information or contact our team at <testbasepreview@microsoft.com> for assistance and more information. Q: How does Test Base handle our test data? -A: Test Base securely collects and manages your test data on the Azure environment. +A: Test Base securely collects and manages your test data on the Azure environment. Q: Can Test Base support our automated tests? See the onboarding user guide for more information or contact our team at <testb Q: What languages and frameworks of automated tests do you support? -A: We support all languages and frameworks. We invoke all scripts through PowerShell. +A: We support all languages and frameworks. We invoke all scripts through PowerShell. You will also need to provide (upload) the dependent binaries of the required framework. You will also need to provide (upload) the dependent binaries of the required fr Q: Can you reboot after installation? -A: Yes, our process supports rebooting after installation. Be sure to select this option from the ΓÇ£Optional settingsΓÇ¥ drop list when setting your Tasks on the onboarding portal. +A: Yes, our process supports rebooting after installation. Be sure to select this option from the "Optional settings" drop list when setting your Tasks on the onboarding portal. For Out-of-box (OOB) tests, you can specify whether a reboot is needed for the _Install script._ While for functional tests, you can specify whether a reboot is required for eac Q: Do we get access to the Virtual Machines (VMs) in case of failures? What does Test Base share? -A: For the service to be compliant and the pre-release updates be secure, only Microsoft has access to the VMs. However, customers can view test results and other test metrics on their portal dashboard, including crash and hang signals, reliability metrics, memory and CPU utilization etc. We also generate and provide logs of test runs on the dashboard for download and further analysis. +A: For the service to be compliant and the pre-release updates be secure, only Microsoft has access to the VMs. However, customers can view test results and other test metrics on their portal dashboard, including crash and hang signals, reliability metrics, memory and CPU utilization etc. We also generate and provide logs of test runs on the dashboard for download and further analysis. We can also provide memory dumps for crash debugging as needed. Q: If there are issues found during the testing, what are the next steps to resolve these issues? -A: The Test Base team will perform an initial triage process to determine the root cause of the error, and then depending on our findings, we will route to the customer or internal teams within Microsoft for debugging. +A: The Test Base team will perform an initial triage process to determine the root cause of the error, and then depending on our findings, we will route to the customer or internal teams within Microsoft for debugging. -We always work closely with our customers in joint remediation to resolve any issues. +We always work closely with our customers in joint remediation to resolve any issues. Q: Does Microsoft hold the release of the security patch until the issue is resolved? What alternate resolutions are available? We always work closely with our customers in joint remediation to resolve any is Q: What is the difference between Test Base and SUVP? -A: The biggest difference between Test Base and SUVP is that our partners onboard their applications onto the Test Base Azure environment for validation runs against pre-release updates instead of carrying out the tests themselves. +A: The biggest difference between Test Base and SUVP is that our partners onboard their applications onto the Test Base Azure environment for validation runs against pre-release updates instead of carrying out the tests themselves. In addition to pre-release security updates testing, we support pre-release feature updates testing on our platform. We have many other types of updates and OS testing on our roadmap. Q: Is there a cost associated with the service? -A: Effective 1 March 2022, youΓÇÖll be provided with 100 free hours (valued at $800) expiring in 6 months under your subscription for your validation needs. After the free hours get consumed (or expired before used), youΓÇÖll automatically be metered at $8 per hour against your usage.ΓÇ» +A: Effective 1 March 2022, you'll be provided with 100 free hours (valued at $800) expiring in 6 months under your subscription for your validation needs. After the free hours get consumed (or expired before used), you'll automatically be metered at $8 per hour against your usage. Q: How can I provide feedback about Test Base? -A: To share your feedback about Test Base, select the Feedback icon at the bottom left of the portal. Include a screenshot with your submission to help Microsoft better understand your feedback. +A: To share your feedback about Test Base, select the Feedback icon at the bottom left of the portal. Include a screenshot with your submission to help Microsoft better understand your feedback. You can also submit product suggestions and upvote other ideas at <testbasepreview@microsoft.com>.
test-base	Sdkapi	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/sdkapi.md	Last updated 07/06/2021 ms.localizationpriority: medium -+ f1.keywords: NOCSH # Manage your resource with SDK & APIs -Automation is a key aspect of DevOps and agile development. Are you looking to manage Test Base for Microsoft 365 resources, get test results programmatically, and integrate them with our CI tools? Test Base APIs/SDK can help you achieve all these and more! -These APIs/SDK enable IT professionals and app developers to: -- Manage Test Base accounts, including create, update, and offboard. -- Manage application packages, including create, update, delete, and download package. -- Get the test summary, detailed test results, and analysis results. The analysis result includes CPU regression analysis, CPU utilization analysis, memory regression analysis, and memory utilization analysis. -- Download test results and test execution video recording. +Automation is a key aspect of DevOps and agile development. Are you looking to manage Test Base for Microsoft 365 resources, get test results programmatically, and integrate them with our CI tools? Test Base APIs/SDK can help you achieve all these and more! -Check out the step-by-step outline below to find out how to access this new capability in Test Base for Microsoft 365 service. - -## A step-by-step example of Test Base account creation by using Python SDK - -1. Pre-requisites: +These APIs/SDK enable IT professionals and app developers to: -- Install below required components: +- Manage Test Base accounts, including create, update, and offboard. +- Manage application packages, including create, update, delete, and download package. +- Get the test summary, detailed test results, and analysis results. The analysis result includes CPU regression analysis, CPU utilization analysis, memory regression analysis, and memory utilization analysis. +- Download test results and test execution video recording. - [Azure account with an active subscription](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=python-dev-center&mktingSource=environment-setup) if you donΓÇÖt have a subscription<br> - [Python 2.7+ or 3.6+](https://www.python.org/downloads)<br> - [Azure Command-Line Interface (CLI)](/cli/azure/install-azure-cli) <br> --- Install library packages by using pip install from console - -``` -pipΓÇ»installΓÇ»azure-identity -pipΓÇ»installΓÇ»azure-mgmt-testbase -``` +Check out the step-by-step outline below to find out how to access this new capability in Test Base for Microsoft 365 service. -- Authenticating in dev environment +## A step-by-step example of Test Base account creation by using Python SDK -When debugging and executing code locally it is typical for developers to use their own accounts for authenticating calls to Azure services. The azure-identity package supports authenticating through Azure CLI to simplify local development. To sign in to Azure CLI, run ```azΓÇ»login ```. On a system with a default web browser, the Azure CLI will launch the browser to authenticate a user. +1. Pre-requisites: -Check [How to authenticate Python applications with Azure services\| Microsoft Docs](/azure/developer/python/azure-sdk-authenticate) and [https://pypi.org/project/azure-identity/](https://pypi.org/project/azure-identity/) for other supported authentication methods. + - Install below required components: + - [Azure account with an active subscription](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=python-dev-center&mktingSource=environment-setup) if you don't have a subscription + - [Python 2.7+ or 3.6+](https://www.python.org/downloads) + - [Azure Command-Line Interface (CLI)](/cli/azure/install-azure-cli) -2. Below code snippet covers flow to create a Test Base Account including + - Install library packages by using pip install from console -- Request credential via Azure CLI for interaction with Azure -- Initialize Test Base SDK client with the credential and subscription ID for later operations -- Invoke begin_create from test_base_accounts model to create Test Base Account + ```console + pip install azure-identity + pip install azure-mgmt-testbase + ``` -Copy the code to your Python development environment, and replace "subscription-id" with your Azure subscription ID and "resource-group-name" with your Resource Group you created above. + - Authenticating in dev environment - -```python + When debugging and executing code locally it is typical for developers to use their own accounts for authenticating calls to Azure services. The azure-identity package supports authenticating through Azure CLI to simplify local development. To sign in to Azure CLI, run `az login`. On a system with a default web browser, the Azure CLI will launch the browser to authenticate a user. -from azure.identity import AzureCliCredential -from azure.mgmt.testbase import TestBase -from azure.mgmt.testbase.models import TestBaseAccountResource -from azure.mgmt.testbase.models import TestBaseAccountSKU + Check [How to authenticate Python applications with Azure services\| Microsoft Docs](/azure/developer/python/azure-sdk-authenticate) and <https://pypi.org/project/azure-identity/> for other supported authentication methods. -# requesting token from Azure CLI for request -# For other authentication approaches, please see: https://pypi.org/project/azure-identity/ -credential = AzureCliCredential() -subscription_id = "<subscription-id>" -resource_group = "<resource-group-name>" -testBaseAccount_name = "contoso-testbaseAccount" -testBaseAccount_location = "global" -sku_name = "S0" -sku_tier = "Standard" -sku_locations = {"global"} + - Create a Resource Group with your desired name which will be used in following steps. -# Create client -testBase_client = TestBase(credential, subscription_id) +2. Below code snippet covers flow to create a Test Base Account including -# Create sku for test base account -sku = TestBaseAccountSKU(name=sku_name, tier=sku_tier, locations=sku_locations) + - Request credential via Azure CLI for interaction with Azure + - Initialize Test Base SDK client with the credential and subscription ID for later operations + - Invoke begin_create from test_base_accounts model to create Test Base Account -# Create test base account -parameters = TestBaseAccountResource(location=testBaseAccount_location, sku=sku) -testBaseAccount = testBase_client.test_base_accounts.begin_create(resource_group, testBaseAccount_name, parameters).result() -print("Create test base account:\n{}".format(testBaseAccount)) + Copy the code to your Python development environment, and replace "subscription-id" with your Azure subscription ID and "resource-group-name" with your Resource Group you created above. -``` + ```python + from azure.identity import AzureCliCredential + from azure.mgmt.testbase import TestBase + from azure.mgmt.testbase.models import TestBaseAccountResource + from azure.mgmt.testbase.models import TestBaseAccountSKU + # requesting token from Azure CLI for request + # For other authentication approaches, please see: https://pypi.org/project/azure-identity/ + credential = AzureCliCredential() + subscription_id = "<subscription-id>" + resource_group = "<resource-group-name>" + testBaseAccount_name = "contoso-testbaseAccount" + testBaseAccount_location = "global" + sku_name = "S0" + sku_tier = "Standard" + sku_locations = {"global"} + + # Create client + testBase_client = TestBase(credential, subscription_id) + + # Create sku for test base account + sku = TestBaseAccountSKU(name=sku_name, tier=sku_tier, locations=sku_locations) + + # Create test base account + parameters = TestBaseAccountResource(location=testBaseAccount_location, sku=sku) + testBaseAccount = testBase_client.test_base_accounts.begin_create(resource_group, testBaseAccount_name, parameters).result() + print("Create test base account:\n{}".format(testBaseAccount)) + ``` -## Learn more +## Learn more -Check below links to learn more details about the SDK & API. +Check below links to learn more details about the SDK & API. -Azure Subscription +Azure Subscription: - [Azure account with an active subscription](https://azure.microsoft.com/free/?utm_source=campaign&utm_campaign=python-dev-center&mktingSource=environment-setup) -Python SDK +Python SDK: - [Test Base Python SDK Documentation](/python/api/overview/azure/mgmt-testbase-readme) - [Test Base Python SDK Sample](https://aka.ms/testbase-sample-py) - [Azure General Usage Pattern of Python SDK](/azure/developer/python/azure-sdk-overview#provision-and-manage-azure-resources-with-management-libraries) -REST API +REST API: -- [REST API Documentation](https://aka.ms/testbase-api) +- [REST API Documentation](https://aka.ms/testbase-api)
test-base	Testapplication	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testapplication.md	+ + Title: 'Test Binaries package on Test Base' +description: How to test Binaries package on Test Base +search.appverid: MET150 +++ +audience: Software-Vendor + Last updated : 04/08/2022+ +ms.localizationpriority: medium +++ +f1.keywords: NOCSH ++ +# Test Binaries package on Test Base + +> [!NOTE] +> This guide will guide you to create a new Test Base package from scratch. If you already have a Test Base package (.zip) in hand, you can switch to use our legacy upload experience [Upload your Test Base package (Zip)](uploadApplication.md). + +## Prerequisites + +A Test Base account. If you don't have one, [create a Test Base account](createAccount.md). + +## Create a new package + +In the [Azure portal](https://portal.azure.com/), go to the Test Base account in which you want to upload your package. In the left menu under Package catalog, select the New package. Then click the first card ΓÇÿCreate new package' to build your package within 5 steps! + +> [!div class="mx-imgBorder"] +> ![Create a new Package wizard](Media/testapplication01.png) + +### Step 1. Define content + +1. In the Package source section, choose your package source. If you have an Intunewin app, select Intunewin, for others, e.g. exe or msi, select Binaries. + + > [!div class="mx-imgBorder"] + > ![Choose your package source](Media/testapplication02.png) + +2. Then upload your app file by clicking ΓÇÿSelect file' button or checking the box to use the Test Base sample template as a starting point if you don't have your file ready yet. + + > [!div class="mx-imgBorder"] + > ![Select file](Media/testapplication03.png) + +3. Type in your package's name and version in the Basic information section. + + > [!NOTE] + > The combination of package name and version must be unique within your Test Base account. + + > [!div class="mx-imgBorder"] + > ![Enter basic information](Media/testapplication04.png) + +4. Once all required info is filled out, you can move to step 2 by clicking the Next button at the bottom. + + > [!div class="mx-imgBorder"] + > ![Next step](Media/testapplication05.png) + +### Step 2. Configure test + +1. Select the Type of test. There're two test types supported: + - An Out of Box (OOB) test performs an install, launch, close, and uninstall of your package. After the install, the launch-close routine is repeated 30 times before a single uninstall is run. The OOB test provides you with standardized telemetry on your package to compare across Windows builds. + - A Functional test would execute your uploaded test script(s) on your package. The scripts are run in the sequence you specified and a failure in a particular script will stop subsequent scripts from executing. + + > [!div class="mx-imgBorder"] + > ![Out of Box test is optional](Media/testapplication07.png) + +2. Once all required info is filled out, you can move to step 3 by clicking the Next button at the bottom. A notification will pop up when the test scripts are generated successfully. + + > [!div class="mx-imgBorder"] + > ![Generate script prompts](Media/testapplication08.png) + +### Step 3. Edit package + +1. In the Edit package tab, you can + - Check your package folder and file structure in Package Preview. + - Edit your scripts online with the PowerShell code editor. + + > [!div class="mx-imgBorder"] + > ![edit scripts online](Media/testapplication09.png) + +2. In the Package Preview, per your need, you can + - Create a new folder. + - Create a new script. + - Upload a new file. + + > [!div class="mx-imgBorder"] + > ![Create resources](Media/testapplication10.png) + +3. Under scripts folder, sample scripts and script tags have been created for you. All script tags are editable, you can reassign them to reference your script paths. + - If the Out of Box test is selected in step 2, you can see the outofbox folder under the scripts folder. You also have the option to add ΓÇÿReboot after install' tag for the Install script. + + > [!div class="mx-imgBorder"] + > ![Resources in outofbox folder](Media/testapplication11.png) + + > [!NOTE] + > Install, Launch and Close script tags are mandatory for the OOB test type. + + - If the Functional test is selected in step 2, you can see the functional folder under the scripts folder. Additional functional test scripts can be added using the 'Add to functional test list' button. You need a minimum of one (1) script and can add up to eight (8) functional test scripts. + + > [!div class="mx-imgBorder"] + > ![Add to functional test list](Media/testapplication12.png) + + > [!NOTE] + > At least 1 functional script tag is mandatory for the functional test type. + + By clicking the 'Add to functional test list', the action panel will pop up, you can: + - Reorder the script paths by dragging with the left ellipse buttons. The functional scripts run in the sequence they are listed. A failure in a particular script stops subsequent scripts from executing. + - Set ΓÇÿRestart after execution' for multiple scripts. + - Apply update before on specific script path. This is for users who wish to perform functional tests to indicate when the Windows Update patch should be applied in the sequence of executing their functional test scripts. + + > [!div class="mx-imgBorder"] + > ![functional test](Media/testapplication13.png) + +4. Once all required info is filled out, you can move to step 4 by clicking the Next button at the bottom. + +### Step 4. Test matrix + +1. In the Test matrix tab, select the OS update type. There're two OS update types supported. + - The Security updates enable your package to be tested against incremental churns of Windows pre-release monthly security updates. + - The Feature updates enable your package to be tested against Windows pre-release bi-annual feature updates builds from the Windows Insider Program. + +2. Select the OS version(s) for Security update tests. + + If Security updates is selected in OS update type, you need to select the OS version(s) of Windows your package will be tested on. + + > [!NOTE] + > If you select to test your package against both Server and Client OSes, please make sure that the package is compatible and can run on both OSes. + +3. Select options for Feature update tests. + - If Feature updates is selected in OS update type, you need to finish the following options. + - For Insider Channel, select the Windows Insider Program Channel as the build that your packages should be tested against. We currently use builds flighted in the Insider Beta Channel. + - For OS baseline for Insight, select the Windows OS version to be used as a baseline in comparing your test results. + + > [!div class="mx-imgBorder"] + > ![Select the Windows OS version](Media/testapplication14.png) + +4. Once all the required info is filled out, you can move to step 5 (the last step) by clicking the Next button at the bottom. + +### Step 5. Review + publish + +1. Can review all the information of your draft package and you're able to back to early steps to make changes if needed. + + > [!div class="mx-imgBorder"] + > ![Review package](Media/testapplication15.png) + +2. You can also check the notification box to receive the email notification of your package for the validation run completion notice. + + > [!div class="mx-imgBorder"] + > ![Notification](Media/testapplication16.png) + +3. Once you make sure all info is correct, you can proceed to upload your package to Test Base by clicking the ΓÇÿPublish' button. A notification will pop up when the package has been published successfully. + + > [!div class="mx-imgBorder"] + > ![Package publish prompts](Media/testapplication17.png) + +4. You'll be redirected to the Manage Packages page to check the progress of your newly uploaded package. + + > [!div class="mx-imgBorder"] + > ![Manage packages](Media/testapplication18.png) + +### Continue package creation + +On the New package page, you can see a list of all your previously saved draft packages. You can continue your edit directly to the step you paused last time by clicking the 'edit' icon. + +> [!NOTE] +> The dashboard only shows the working in progress package. For the published package, you can check the Manage Package page. + +> [!div class="mx-imgBorder"] +> ![Manage packages page](Media/testapplication19.png) + +### Zip Upload (Legacy upload experience) + +If you have a Zip file already, you can switch back to the legacy package upload experience (zip upload). Learn more about the Zip upload [Upload your package \| Microsoft Docs](uploadApplication.md). + +> [!div class="mx-imgBorder"] +> ![Upload package](Media/testapplication01.png) + +> [!div class="mx-imgBorder"] +> ![Legacy upload experience](Media/testapplication21.png) + +### Intunewin Upload Flow + +As part of commercial roadmap, Test Base started to support intunewin format for IT Pros who manages apps for their apps within Intune as the standard onboarding package format. The intunewin upload flow provides the experience for IT Pros to reuse their intunewin format packages, which contain the apps they deployed to their end devices via MEM/Intune to onboarding their apps and test configurations quickly to Test Base. + +[Test your Intune app on Test Base.](testintuneapplication.md)
test-base	Testintuneapplication	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testintuneapplication.md	+ + Title: 'Test your Intune application on Test Base' +description: How to test your intune application +search.appverid: MET150 +++ +audience: Software-Vendor + Last updated : 04/11/2022+ +ms.localizationpriority: medium +++ +f1.keywords: NOCSH ++ +# Test your Intune application on Test Base + > [!Note] + > This guide will guide you to upload your intunewin format package to Test Base. For general Test +Base package upload instruction, please refer to this [doc](https://microsoft.sharepoint.com/:w:/t/AzureSUVPCoreTeam/EeHQIT3qA0FKqBDWI5TzmzgBiH2Syz39o5VbY2kdugMn4A?e=Rk1KD9). + +## Intunewin Upload Flow +As an effort to further enable commercial utilization, Test Base started to support intunewin format for IT Pros who manages apps for their apps within Intune as the standard onboarding package format. The intunewin upload flow provides the experience for IT Pros to reuse their intunewin format packages, which contain the apps they deployed to their end devices via MEM/Intune to onboarding their apps and test configurations quickly to Test Base. + +Prerequisites + - Currently Test Base support synchronizing via the same subscription between Intune account and Test Base account (you donΓÇÖt have to have an Intune account to upload your intunewin package however if youΓÇÖd like to synchronize the Intune configuration for the intunewin fileΓÇÖs corresponding apps from Intune, you'll need to make sure your Intune account is created under the same subscription as your Test Base account). + - Intunewin packages to be uploaded. + +Intunwin file Upload Flow (synchronized with Intune account) <br/> +As an Intune customer who has an Intune package, which has been already onboarded to Intune portal. Customer can onboard the intunewin package (containing an app with/without dependencies of pre-install apps managed in Intune) to Test Base service. (via Intune account, which has proper permission to sync the Intune app info). + +Prep Step +1. Login with your Test Base account. +2. Prepare your intunewin package. +3. Start uploading by click on the "Create package with Intune App" link as below. + + > [!div class="mx-imgBorder"] + > ![Start to build a package with Intune app](Media/testintuneapplication01.png) ++ +Step 1: Define Content +1. Upload the intunewin package you choose. +2. Grant token by clicking on below link "Grant token and select app". +3. After automatic sync with your Intune account, you'll be listed with app your applications under your Intune account. Choose the app corresponding to your uploaded intunewin package then click "Select". + + > [!div class="mx-imgBorder"] + > ![Upload the intune package](Media/testintuneapplication02.png) ++ +5. On the Step 1 page, you'll see dependencies listed under the Dependency section, you can either choose to upload the dependencyΓÇÖs install file or remove it from this step (if you plan to manage the dependency in Step 3 by self provide the related binaries). Selected dependencies in this section will be pre-installed the same way as it will be installed via Intune. + + > [!div class="mx-imgBorder"] + > ![Upload dependency package](Media/testintuneapplication03.png) ++ +Step 2: Configure Test +1. Select powershell. +2. Select Out of Box. ++ +Step 3: Edit Package +1. Check the scripts auto-generated are tagged correctly. +2. If you synchronized the configuration from Intune successfully, you should be able to see the install/uninstall commands of the test app have been added in the install/uninstall scripts, the commands of the dependency which has been uploaded should also be inserted in the package explorer tree for review. +3. Check the test app binaries are moved under bin folder. +4. Check the dependency binaries which has been uploaded put under the guid folder. +5. You can edit the scripts as needed and save. + > [!Note] + > If the dependency package has not been uploaded, Test Base will not generate install/uninstall commands for it. ++ +Step 4: Test Matrix +1. Check the default selections present in the OS list for the corresponding test types. + - Test base supports selecting multiple Windows cumulative update from Windows 10 1909 except Windows 10 2004, however Intune Win app would be assigned with a version from versions equal to or higher than Windows 10 1607. + - OS list will be default to include all OSes supported by Test base, which is higher than the minimum OS specified for the Intune Win app. +2. Users are allowed to modify the OS selection as need. ++ +Step 5: Review + Publish <br/> +Review the configuration after which the package could be published.<br/><br/> ++ +Intunwin file Upload Flow (unable to synchronize with Intune account) <br/> +As a Test Base customer who has a standalone intunewin package. Customer can onboard the intunewin package (containing an app with/without dependencies of pre-install apps managed in Intune) without needing to get permission granted against Intune account to finish the onboarding process. + +Prep Step +1. Login with your Test Base account. +2. Prepare your intunewin package. +3. Start uploading by click on the "Create package with Intune App" link as below. + + > [!div class="mx-imgBorder"] + > ![Create package with Intune App](Media/testintuneapplication04.png) ++ +Step 1: Define Content +1. Upload the intunewin package. +2. Specify all information as per your preference. ++ +Step 2: Configure Test +1. Select powershell. +2. Select Out of Box. ++ +Step 3: Edit Package +1. Check the scripts are tagged correctly. +2. As no install/uninstall commands are synchronized from corresponding Intune account, you'll need to provide all the scripts (install/uninstall/launch/close) by yourself. +3. Check the test app binaries are moved under bin folder. +4. You can edit the scripts as needed and save. ++ +Step 4: Test Matrix +1. No default OS version will be pre-selected. +2. Users are allowed to make their own selection on the OSes to be scheduled. ++ +Step 5: Review + Publish <br/> +Review the configuration after which the package could be published. ++++
test-base	Testoverview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testoverview.md	+ + Title: 'Test your application on Test Base' +description: How to test your application +search.appverid: MET150 +++ +audience: Software-Vendor + Last updated : 04/13/2022+ +ms.localizationpriority: medium +++ +f1.keywords: NOCSH ++ +# Test your application on Test Base + +This is a comprehensive guide for you to create a new package and test it on Test Base with various application types. Please refer to the specific documentation for your own app: + +## Test Binaries package on Test Base + +See [Test Binaries package](testapplication.md) to create a Test Base package with Binaries file (i.e., .exe or .msi). + +## Test your Intune app on Test Base + +See [Test your Intune app](testintuneapplication.md) to create a Test Base package with an Intunewin app. + +## Upload your Test Base package (Zip) + +To learn more, see [Zip upload](uploadApplication.md) if you already have a Test Base package. +
test-base	Uploadapplication	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/uploadApplication.md	f1.keywords: NOCSH -# Step 2: Uploading a Package +# Upload your Test Base package (Zip) On the Test Base portal page, navigate to the Upload new package option on the left navigation bar as shown below: