Updates from: 04/21/2022 01:18:02
Category Microsoft Docs article Related commit history on GitHub Change details
admin Microsoft Teams User Activity Preview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview.md
The Microsoft 365 Reports dashboard shows you the activity overview across the p
## How to get to the Microsoft Teams user activity report 1. In the admin center, go to the **Reports** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=2074756" target="_blank">Usage</a> page.+ 2. From the dashboard homepage, click on the **View more** button on the Microsoft Teams activity card. ## Interpret the Microsoft Teams user activity report
To ensure data quality, we perform daily data validation checks for the past thr
|User name <br/> |The email address of the user. You can display the actual email address or make this field anonymous. <br/> | |Tenant name <br/> |The name of an internal or external tenant where a user belongs. <br/> <br/> If a user belongs to an external tenant, corresponding data metrics (for example, post messages, reply messages, etc.) are calculated based on their interactions in shared channels of the adminΓÇÖs tenant. Interactions done by the user in their own tenant (outside of shared channels of the given tenant) are not considered for the admin usage report of given tenant. | |Shared channel tenant names <br/> |The names of internal or external tenants of shared channels where the user participated. <br/> |
-|Channel messages <br/> |The number of unique messages that the user posted in a team chat during the specified time period. <br/> |
+|Channel messages <br/> |The number of unique messages that the user posted in a team chat during the specified time period. <br/> |
|Posts <br/> |The number of post messages in all channels during the specified time period <br/> | |Replies <br/> |The number of replied messages in all channels during the specified time period. <br/> | |Urgent messages <br/> |The number of urgent messages during the specified time period. <br/> |
bookings Bookings Sms https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/bookings-sms.md
description: "Learn how to configure SMS text notifications for clients, custome
# Configure SMS text notifications and reminders in Microsoft Bookings
-> [!NOTE]
-> This article helps you to interact with the latest version of Microsoft Bookings. Previous versions will be retired in coming months.
- With Microsoft Bookings, you can set up SMS text notifications to be sent to the person booking an appointment. You can set up SMS notifications in Bookings in the Bookings web app or Bookings app in Teams. Attendees, customers or partners can also opt in or out of getting SMS notifications on the self-serve booking page. They can also opt out of receiving SMS notifications by replying **STOP** to the sender. The SMS notifications will include the Teams meeting link for virtual booking appointments.
+> [!Note]
+> We'll be providing unlimited SMS notifications through September 30 2022, for customers with Bookings licenses. As we get closer to the end of the promotion period, we'll provide additional details on licensing requirements. Contact your account team or support to receive pricing details after the promotion period.
+ ## Before you begin Attendees, customers or partners need a valid United States or Canada phone number before they can receive SMS notifications.
You can configure SMS notification in Bookings in a couple of ways:
> [!NOTE] > You need to be a Teams admin to see Teams and Bookings data on the Teams admin center.
-You can track key data on SMS notifications usage in your organization in the Teams admin center. Usage reports include data such as time and date sent, origin number, message type, event type and delivery status. You can use SMS notification telemetry during the promotional period to help forecast and budget for SMS notifications after May 1, 2022.
+You can track key data on SMS notifications usage in your organization in the Teams admin center. Usage reports include data such as time and date sent, origin number, message type, event type and delivery status. You can use SMS notification telemetry during the promotional period to help forecast and budget for SMS notifications after September 30, 2022.
1. On the Teams admin center, **Virtual Visits SMS notifications**.
bookings Comparison Chart https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/comparison-chart.md
Title: "Comparison chart: Bookings web app vs. Bookings Teams app"
+ Title: "Comparison: Bookings web app vs. Bookings Teams app"
bookings Define Service Offerings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/define-service-offerings.md
Title: "Define your service offerings in Bookings"
+ Title: "Define your Bookings service offerings"
bookings Employee Hours https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/employee-hours.md
Title: "Employee working hours in Microsoft Bookings"
+ Title: "Employee working hours - Microsoft Bookings"
bookings Enter Business Information https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/enter-business-information.md
Title: "Enter your business information"
+ Title: "Enter your Bookings business information"
bookings Get Access https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/get-access.md
Title: "Get Access to Microsoft Bookings"
+ Title: "Get access to Microsoft Bookings"
bookings Reporting Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/reporting-info.md
Title: "Reporting information for Microsoft Bookings"
+ Title: "View Bookings calendar information"
bookings Set Buffer Time https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/set-buffer-time.md
Title: "Set buffer time in Microsoft Bookings"
+ Title: "Set Bookings buffer time"
bookings Set Language Time Zones https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/set-language-time-zones.md
Title: "Set language and time zones in Microsoft Bookings"
+ Title: "Set Bookings language and time zones"
bookings Set Scheduling Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/set-scheduling-policies.md
Title: "Set your scheduling policies"
+ Title: "Set Bookings scheduling policies"
compliance Acknowledge Hold Notification https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/acknowledge-hold-notification.md
description: Learn how to use eDiscovery (Premium) to send and follow up on lega
# Acknowledge a hold notification + When responding to a regulatory request or investigation, you may be required to inform custodians of their obligation to preserve electronically stored information (ESI) and any material that may be relevant to an active or imminent legal matter. Once sent, legal teams must know that each custodian has received, read, understood, and agreed to follow the given instructions. To help reduce the time, cost, and effort of following up with your custodians, eDiscovery (Premium) allows you to send and follow up on legal hold notifications through email. In addition to email notices, each custodian will have access to an individualized Compliance Portal, allowing custodians to be kept informed of changes to their obligation status.
compliance Add Custodians To Case https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-custodians-to-case.md
# Add custodians to an eDiscovery (Premium) case + Use the built-in custodian management tool in Microsoft Purview eDiscovery (Premium) to coordinate your workflows around managing custodians and identifying relevant, custodial data sources associated with a case. When you add a custodian, the system can automatically identify and place a hold on their Exchange mailbox and OneDrive for Business account. During the discovery process of your investigation, you might also identify other data sources (such as mailboxes, sites, or Teams) that a custodian accessed or contributed to. In this situation, you can use the custodian management tool to associate those data sources will a specific custodian. After you add custodians to a case and associate other data source with them, you can quickly preserve data and search the custodial data. You can add and manage custodians in eDiscovery (Premium) cases in four steps:
compliance Add Data To Review Set From Another Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set-from-another-review-set.md
# Add data to a review set from another review set + In some cases, it may be necessary to select documents from one review set and work with them individually in another review set. This is especially useful if you've culled content in a review set and want to run analytics on the subset of data. Follow the workflow in this article to add content from one review set to another.
compliance Add Data To Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-data-to-review-set.md
description: Learn how to add search results or samples of those search results
# Add search results to a review set + When you're satisfied with the results of a search and you're ready to review and analyze those search results, you can add them to a review set in the case. Copying the original data to the review set also facilitates the review and analysis process by providing you with advanced analytics tools such as themes detection, near-duplicate detection, and email thread identification. You can also add data from non-Microsoft 365 data sources to a review set so that you can review that data in addition to the data you collect from Microsoft 365. When you add the results of a search to a review set (the review sets in a case are listed on the **Review sets** tab), the following things occur:
compliance Add Or Remove Members From A Case In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/add-or-remove-members-from-a-case-in-advanced-ediscovery.md
# Add or remove members from a case + You can add or remove members to manage who can access the case. However, before a member can access an eDiscovery (Premium) case (and perform tasks in the case), you must add the user to the eDiscovery Manager role group on the **Permissions** page in the Microsoft Purview compliance portal. For more information, see [Assign eDiscovery permissions](./assign-ediscovery-permissions.md). 1. On the **eDiscovery (Premium)** page, go to the case that you want to add a member to.
compliance Advanced Audit https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-audit.md
description: "Microsoft Purview Audit (Premium) provides new auditing capabiliti
# Microsoft Purview Audit (Premium)
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
++ The [Audit functionality](search-the-audit-log-in-security-and-compliance.md) in Microsoft Purview provides organizations with visibility into many types of audited activities across many different services in Microsoft 365. Microsoft Purview Audit (Premium) helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events (by using Audit log search in the Microsoft Purview compliance portal and the Office 365 Management Activity API) that help determine scope of compromise, and faster access to Office 365 Management Activity API. > [!NOTE]
compliance Advanced Ediscovery Cloud Attachments https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-cloud-attachments.md
description: "Use collections in Microsoft Purview eDiscovery (Premium) to colle
# Collect cloud attachments in Microsoft Purview eDiscovery (Premium) (preview) + Cloud attachments are links to documents that are typically stored in SharePoint site and OneDrive. So instead of attaching an actual copy of a document in an email message or a Teams chat conversation, you have the option of sharing a link to the file. Cloud attachments are an effective way to share documents and collaborate with other people in your organization. But cloud attachments present challenges during the eDiscovery workflow because only the cloud attachment link and not the actual content in the shared document are returned in an eDiscovery search. To address this challenge, eDiscovery (Premium) provides two solutions for collecting cloud attachments: - Collecting the live version of a document that is linked to in a cloud attachment.
compliance Advanced Ediscovery Communications Library https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-communications-library.md
description: "You can add custodian communications templates (such as a template
# Manage custodian communications templates in eDiscovery (Premium) + When you or other users create a hold notification or other types of custodian communications, you had to create the communication document from scratch by using the communications editor on the **Communications** tab in an eDiscovery (Premium) case. Now, we've released a new feature that lets you create communications templates that can be used to create communications in any case in your organization. After communication templates are created, they're available to be used in a case. This means that paralegals or other users who create custodian communications don't have to start from scratch to build a notification. Instead, they can select a template to build the notification that is sent to a custodian. This article explains how to create organization-wide communications templates and select them when creating a new custodian notification for a specific eDiscovery (Premium) case.
compliance Advanced Ediscovery Dashboard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-dashboard.md
description: "Use the Microsoft Purview eDiscovery (Premium) dashboard for revie
# eDiscovery (Premium) dashboard for review sets + For some cases in Microsoft Purview eDiscovery (Premium), you may have a large volume of documents and email messages that need to be reviewed. Before you start the review process, you may want to quickly analyze your corpus to identify trends or key statistics that will help you develop your review strategy. To do this, you can use the eDiscovery (Premium) dashboard for review sets to quickly analyze your corpus. ## Step 1: Create a widget on the review set dashboard
compliance Advanced Ediscovery Historical Versions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-historical-versions.md
description: "Use historical versions in eDiscovery (Premium) to collect content
# Set up historical versions in eDiscovery (Premium) (preview) + The historical versions feature in eDiscovery (Premium) lets eDiscovery managers in your organization search for and collect content from all versions of documents stored in SharePoint Online and OneDrive for Business. Then you can add that content to a review set for analysis and review. This helps you find and review content from a specific version of a document that may be relevant to a case or investigation, even if the latest version of the same document doesn't contain the relevant information. To support the historical versions capability in eDiscovery (Premium), SharePoint administrators must enable versioning for sites in their organization. Then, when users modify documents in SharePoint or OneDrive, implicit regular versions are created when document is saved (or autosaved). SharePoint versioning allows for tracking of the activity performed on SharePoint items (including documents, events, and tasks). This versioning capability leaves an audit trail that can provide evidence in legal investigations. These older versions of a document are available to the organization, who may be required to share such versions that have sensitive or relevant content during court discovery in a legal matter.
compliance Advanced Ediscovery Issuing Officers https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-issuing-officers.md
description: "You can add organization-wide issuing officers in eDiscovery (Prem
# Manage issuing officers in eDiscovery (Premium) + When you or others create a hold notification or other type of communication that is sent to a user who is a custodian in case, you have to specify an issuing officer. The notification is sent to the custodian on behalf of the specified issuing officer. For example, a paralegal in your organization might be responsible for creating and sending hold notifications to custodians in a case. In this scenario, the paralegal can specify an attorney in the organization as the issuing officer. Who can be specified as an issuing officer? There are two types of users who can be selected as an issuing officer for a custodian communication: - Any member of the specific case the communication is being sent in behalf of.
compliance Advanced Ediscovery New Case Format https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/advanced-ediscovery-new-case-format.md
description: "Use the new case format in eDiscovery (Premium) so you can add mor
# Use the new case format in eDiscovery (Premium) + More organizations are using the eDiscovery (Premium) solution in Microsoft Purview for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation. As usage of eDiscovery (Premium) increases, a common customer requirement is to expand the total amount of content that can be managed in a single eDiscovery (Premium) case. To help accommodate significant increases in case size, both for total data volume and the total number of items, you can now choose the new case format when you create an eDiscovery (Premium) case. ## Create a case
compliance Alert Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/alert-policies.md
description: "Create alert policies in the Microsoft Purview compliance portal o
# Alert policies in Microsoft 365 + You can use alert policies and the alert dashboard in the Microsoft Purview compliance portal or the Microsoft 365 Defender portal to create alert policies and then view the alerts generated when users perform activities that match the conditions of an alert policy. There are several default alert policies that help you monitor activities such as assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing. > [!TIP]
compliance Analyzing Data In Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/analyzing-data-in-review-set.md
# Analyze data in a review set in eDiscovery (Premium) + When the number of collected documents is large, it can be difficult to review them all. Microsoft Purview eDiscovery (Premium) provides a number of tools to analyze the documents to reduce the volume of documents to be reviewed without any loss in information, and to help you organize the documents in a coherent manner. To learn more about these capabilities, see: - [Near duplicate detection](near-duplicate-detection-in-advanced-ediscovery.md)
compliance Archive 17A 4 Blackberry Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-blackberry-data.md
description: "Learn how to set up and use a 17a-4 BlackBerry DataParser connecto
# Set up a connector to archive BlackBerry data + Use the [BlackBerry DataParser](https://www.17a-4.com/BlackBerry-dataparser/) from 17a-4 LLC to import and archive BlackBerry enterprise data to user mailboxes in your Microsoft 365 organization. The DataParser includes a BlackBerry connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The BlackBerry DataParser connector converts BlackBerry data to an email message format and then imports those items to user mailboxes in Microsoft 365. After BlackBerry data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a BlackBerry connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Bloomberg Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-bloomberg-data.md
description: "Learn how to set up and use a 17a-4 Bloomberg DataParser connector
# Set up a connector to archive Bloomberg data + Use the [Bloomberg DataParser](https://www.17a-4.com/Bloomberg-dataparser/) from 17a-4 LLC to import and archive data from Bloomberg to user mailboxes in your Microsoft 365 organization. The DataParser includes a Bloomberg connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Bloomberg DataParser connector converts Bloomberg data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Bloomberg data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Cisco Jabber Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-cisco-jabber-data.md
description: "Learn how to set up and use a 17a-4 Cisco Jabber DataParser connec
# Set up a connector to archive Cisco Jabber data + Use the [Cisco Jabber DataParser](https://www.17a-4.com/jabber-dataparser/) from 17a-4 LLC to import and archive data from Cisco Jabber to user mailboxes in your Microsoft 365 organization. The DataParser includes a Cisco Jabber connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Cisco Jabber DataParser connector converts Cisco Jabber data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Factset Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-factset-data.md
description: "Learn how to set up and use a 17a-4 FactSet DataParser connector t
# Set up a connector to archive FactSet data + Use the [FactSet DataParser](https://www.17a-4.com/factset-dataparser/) from 17a-4 LLC to import and archive data from the FactSet platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a FactSet connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The FactSet DataParser connector converts FactSet data to an email message format and then imports those items to user mailboxes in Microsoft 365. After FactSet data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FactSet connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Fuze Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fuze-data.md
description: "Learn how to set up and use a 17a-4 Fuze DataParser connector to i
# Set up a connector to archive Fuze data + Use the [Fuze DataParser](https://www.17a-4.com/fuze-dataparser/) from 17a-4 LLC to import and archive data from Fuze to user mailboxes in your Microsoft 365 organization. The DataParser includes a Fuze connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Fuze DataParser connector converts Fuze data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Fuze data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Fuze connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Fxconnect Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-fxconnect-data.md
description: "Learn how to set up and use a 17a-4 FX Connect DataParser connecto
# Set up a connector to archive data from FX Connect + Use the [FX Connect DataParser](https://www.17a-4.com/dataparser-roadmap/) from 17a-4 LLC to import and archive data from FX Connect to user mailboxes in your Microsoft 365 organization. The DataParser includes a FX Connect connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The FX Connect DataParser connector converts FX Connect data to an email message format and then imports those items to user mailboxes in Microsoft 365. After FX Connect data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Ice Im Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-ice-im-data.md
description: "Learn how to set up and use a 17a-4 ICE Connect Chat DataParser co
# Set up a connector to archive ICE Connect Chat data + Use the [ICE DataParser](https://www.17a-4.com/ice-dataparser/) from 17a-4 LLC to import and archive data from ICE Connect Chat to user mailboxes in your Microsoft 365 organization. The DataParser includes an ICE Chat connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The ICE DataParser connector converts ICE Connect Chat data to an email message format and then imports those items to user mailboxes in Microsoft 365. After ICE Connect Chat data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an ICE DataParser connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Investedge Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-investedge-data.md
description: "Learn how to set up and use a 17a-4 InvestEdge DataParser connecto
# Set up a connector to archive InvestEdge data + Use the [InvestEdge DataParser](https://www.17a-4.com/investedge-dataparser/) from 17a-4 LLC to import and archive data from InvestEdge to user mailboxes in your Microsoft 365 organization. The DataParser includes a InvestEdge connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The InvestEdge DataParser connector converts InvestEdge data to an email message format and then imports those items to user mailboxes in Microsoft 365. After InvestEdge data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a InvestEdge connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Liveperson Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-liveperson-data.md
description: "Learn how to set up and use a 17a-4 LivePerson Conversational Clou
# Set up a connector to archive LivePerson Conversational Cloud data + Use the [LivePerson Conversational Cloud DataParser](https://www.17a-4.com/liveperson-dataparser/) from 17a-4 LLC to import and archive data from LivePerson Conversational Cloud to user mailboxes in your Microsoft 365 organization. The DataParser includes a LivePerson Conversational Cloud connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The LivePerson Conversational Cloud DataParser connector converts data to an email message format and then imports those items to user mailboxes in Microsoft 365. After data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a LivePerson Conversational Cloud connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Quip Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-quip-data.md
description: "Learn how to set up and use a 17a-4 Quip DataParser connector to i
# Set up a connector to archive Quip data + Use the [Quip DataParser](https://www.17a-4.com/quip-dataparser/) from 17a-4 LLC to import and archive data from Quip to user mailboxes in your Microsoft 365 organization. The DataParser includes a Quip connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Quip DataParser connector converts Quip data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Quip data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Quip connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Refinitiv Messenger Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-refinitiv-messenger-data.md
description: "Learn how to set up and use a 17a-4 Refinitiv Eikon Messenger Data
# Set up a connector to archive Refinitiv Eikon Messenger data + Use the [Refinitiv Eikon Messenger DataParser](https://www.17a-4.com/refinitiv-messenger-dataparser/) from 17a-4 LLC to import and archive data from Refinitiv Eikon Messenger to user mailboxes in your Microsoft 365 organization. The DataParser includes a Refinitiv Eikon Messenger connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Refinitiv Eikon Messenger DataParser connector converts Refinitiv Eikon Messenger data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Refinitiv Eikon Messenger data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Refinitiv Eikon Messenger connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Servicenow Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-servicenow-data.md
description: "Learn how to set up and use a 17a-4 ServiceNow DataParser connecto
# Set up a connector to archive data from ServiceNow + Use the [ServiceNow DataParser](https://www.17a-4.com/dataparser/) from 17a-4 LLC to import and archive data from ServiceNow to user mailboxes in your Microsoft 365 organization. The DataParser includes a ServiceNow connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The ServiceNow DataParser connector converts ServiceNow data to an email message format and then imports those items to user mailboxes in Microsoft 365. After ServiceNow data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Skype For Business Server Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-skype-for-business-server-data.md
description: "Learn how to set up and use a 17a-4 Skype for Business Server Data
# Set up a connector to archive Skype for Business Server data + Use the [Skype Server DataParser](https://www.17a-4.com/skype-server-dataparser/) from 17a-4 LLC to import and archive data from a Skype for Business Server to user mailboxes in your Microsoft 365 organization. The DataParser includes a Skype for Business connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Skype for Business Server DataParser connector converts Skype for Business Server data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Skype for Business Server data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Skype for Business Server connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Slack Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-slack-data.md
description: "Learn how to set up and use a 17a-4 Slack DataParser connector to
# Set up a connector to archive Slack data + Use [DataParser from 17a-4 LLC](https://www.17a-4.com/slack-dataparser/) to import and archive data from the Slack platform to user mailboxes in your Microsoft 365 organization. DataParser includes a Slack connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Slack DataParser connector converts Slack data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Slack data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Sql Database Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-sql-database-data.md
description: "Learn how to set up and use a 17a-4 SQL DataParser connector to im
# Set up a connector to archive SQL data + Use the [SQL DataParser](https://www.17a-4.com/sql-dataparser/) from 17a-4 LLC to import and archive data from a SQL database to user mailboxes in your Microsoft 365 organization. The DataParser includes a SQL connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The SQL DataParser connector converts SQL data to an email message format and then imports those items to user mailboxes in Microsoft 365. After SQL data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a SQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Symphony Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-symphony-data.md
description: "Learn how to set up and use a 17a-4 Symphony DataParser connector
# Set up a connector to archive data from Symphony + Use the [Symphony DataParser](https://www.17a-4.com/Symphony-dataparser/) from 17a-4 LLC to import and archive Symphony communications data to user mailboxes in your Microsoft 365 organization. The DataParser includes a Symphony connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Symphony DataParser connector converts Symphony data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Symphony data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Webex Teams Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-webex-teams-data.md
description: "Learn how to set up and use a 17a-4 Cisco Webex DataParser connect
# Set up a connector to archive Cisco Webex data + Use the [Cisco Webex DataParser](https://www.17a-4.com/webex-dataparser/) from 17a-4 LLC to import and archive data from the Cisco Cisco Webex platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a Cisco Webex connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Cisco Webex DataParser connector converts Cisco Webex data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Cisco Webex data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Webex connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive 17A 4 Zoom Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-17a-4-zoom-data.md
description: "Learn how to set up and use a 17a-4 Zoom DataParser connector to i
# Set up a connector to archive Zoom data + Use the [Zoom DataParser](https://www.17a-4.com/dataparser/) from 17a-4 LLC to import and archive data from the Zoom platform to user mailboxes in your Microsoft 365 organization. The DataParser includes a Zoom connector that's configured to capture items from a third-party data source and import those items to Microsoft 365. The Zoom DataParser connector converts Zoom data to an email message format and then imports those items to user mailboxes in Microsoft 365. After Zoom data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Android Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-android-archiver-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive Android mobile data + Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS, MMS, voice calls, and call logs from Android mobile phones. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage Android Archiver to mailboxes in Microsoft 365. After data from Android mobile phones is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Android Archiver data. For example, you can search Android Archiver mobile communication using Content Search or associate the mailbox that contains the Android Archiver connector data with a custodian in an eDiscovery (Premium) case. Using an Android Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Att Network Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-att-network-archiver-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive AT&T SMS/MMS data + Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS and MMS data from AT&T Mobile Network. After you set up and configure a connector, it connects to your organization's AT&T Network once every day, and imports SMS and MMS data to mailboxes in Microsoft Purview. After SMS and MMS messages are stored in user mailboxes, you can apply Microsoft 365 Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to AT&T Network data. For example, you can search AT&T Network data using Content Search or associate the mailbox that contains the AT&T Network connector data with a custodian in an eDiscovery (Premium) case. Using a AT&T Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Bell Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bell-network-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive Bell Network data + Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages from the Bell Network. After you set up and configure a connector, it connects to your organization's Bell Network once every day, and imports SMS and MMS messages to mailboxes in Microsoft 365. After the SMS and MMS messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Bell Network data. For example, you can search Bell Network SMS/MMS using Content Search or associate the mailbox that contains the Bell Network connector data with a custodian in an eDiscovery (Premium) case. Using a Bell Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Bloomberg Message Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bloomberg-message-data.md
description: "Administrators can set up a data connector to import and archive d
# Set up a connector to archive Bloomberg Message data + Use a data connector in the Microsoft Purview compliance portal to import and archive financial services email data from the [Bloomberg Message](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP (SFTP) site once every day, and imports email items to mailboxes in Microsoft 365. After Bloomberg Message data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation hold, content search, In-place archiving, auditing, Communication compliance, and Microsoft 365 retention policies to Bloomberg Message data. For example, you can search Bloomberg Message emails using the content search tool or associate the mailbox that contains the Bloomberg Message data with a custodian in an eDiscovery (Premium) case. Using a Bloomberg Message connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Celltrust Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-celltrust-data.md
description: "Admins can set up a connector to import and archive CellTrust data
# Set up a connector to archive CellTrust data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the CellTrust platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [CellTrust](https://globanet.com/celltrust/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content of SMS messages from CellTrust accounts to an email message format and then imports those items to the user's mailbox in Microsoft 365. After CellTrust data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a CellTrust connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Ciscojabberonmssql Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonmssql-data.md
description: "Admins can set up a connector to import and archive Cisco Jabber o
# Set up a connector to archive Cisco Jabber on MS SQL data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Cisco Jabber](https://globanet.com/jabber/) connector that is configured to capture items from the Jabber's MS SQL Database, such as 1:1 chat messages and group chats and then import those items to Microsoft 365. The connector retrieves data from the Cisco Jabber's MS SQL Database, processes it, and the converts the content from a user's Cisco Jabber account to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Cisco Jabber data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Cisco Jabber connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Ciscojabberonoracle Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonoracle-data.md
description: "Learn how to set up and use a connector in the Microsoft Purview c
# Set up a connector to archive Cisco Jabber on Oracle data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber on Oracle platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on Oracle](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as files and file operations, comments, and shared content from Cisco Jabber on Oracle to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Cisco Jabber on Oracle data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on Oracle connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Ciscojabberonpostgresql Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ciscojabberonpostgresql-data.md
description: "Learn how to set up and use a connector in the Microsoft Purview c
# Set up a connector to archive Cisco Jabber on PostgreSQL data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Cisco Jabber platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Cisco Jabber on PostgreSQL](https://www.veritas.com/insights/merge1/jabber) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages, chats, and shared content from Cisco Jabber on PostgreSQL to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Cisco Jabber on PostgreSQL data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Cisco Jabber on PostgreSQL connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Data From Celltrustsl2 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-data-from-celltrustsl2.md
description: "Learn how to set up and use a CellTrust SL2 data connector to impo
# Archive data from CellTrust SL2 to Microsoft 365 + CellTrust SL2 captures mobile communications data and integrates with the leading archiving technologies to meet the electronic discovery requirements for regulations such as FINRA, HIPAA, FOIA, and TCPA. The SL2 Data Connector imports mobile communication items to Microsoft 365. This article describes the process for integrating SL2 with Microsoft 365 by using the CellTrust SL2 Data Connector for archiving. Completing this process assumes that you have subscribed to CellTrust SL2 service and are familiar with the SL2 architecture. For information about CellTrust SL2, see <https://www.celltrust.com>. After data is imported to user mailboxes in Microsoft 365, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, Microsoft 365 retention policies, and communication compliance. Using the CellTrust SL2 Data Connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Eml Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-eml-data.md
description: "Admins can set up a connector to import and archive EML data from
# Set up a connector to archive EML data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive EML data to user mailboxes in your Microsoft 365 organization. EML is the file extension for an email message saved to a file. The connector converts the content of an item from the source format to an email message format and then imports the item to a user mailbox. After EML messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an EML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Enterprise Number Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-enterprise-number-data.md
description: "Admins can set up a connector to import and archive SMS and MMS da
# Set up a connector to archive Enterprise Number data + Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) messages, chat messages, voice call recordings, and voice call logs from the Enterprise Number Archiver. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day and imports the mobile communication data of employees using the TeleMessage Enterprise Number Archiver to mailboxes in Microsoft 365. After the TeleMessage Enterprise Number Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Enterprise Number Archiver data. For example, you can search the TeleMessage Enterprise Number Archiver SMS, MMS, and Voice Call using Content Search or associate the mailbox that contains the Enterprise Number Archiver connector data with a custodian in an eDiscovery (Premium) case. Using an Enterprise Number Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Facebook Data With Sample Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-facebook-data-with-sample-connector.md
description: "Learn how to set up & use a connector in the Microsoft Purview com
# Set up a connector to archive Facebook data (preview) + Use a connector in the Microsoft Purview compliance portal to import and archive data from Facebook Business pages to Microsoft 365. After you set up and configure the connector, it connects to the Facebook Business page (on a scheduled basis), converts the content of Facebook items to an email message format, and then imports those items to a mailbox in Microsoft 365. After the Facebook data is imported, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to the Facebook data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Facebook data is preserved. You can search third-party data using Content Search or associate the mailbox where the Facebook data is stored with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a connector to import and archive Facebook data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Fxconnect Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-fxconnect-data.md
description: "Admins can set up a connector to import and archive data from Veri
# Set up a connector to archive FX Connect data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the FX Connect collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides an [FX Connect](https://globanet.com/fx-connect/) connector that is configured to capture FX Connect items and import those items to Microsoft 365. The connector converts the content from FX Connect, such as trades, messages, and other details from your organization's FX Connect account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. After FX Connect data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an FX Connect connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Icechat Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-icechat-data.md
description: "Admins can set up a connector to import and archive data from the
# Set up a connector to archive ICE Chat data + Use a native connector in the Microsoft Purview compliance portal to import and archive financial services chat data from the ICE Chat collaboration tool. After you set up and configure a connector, it connects to your organization's ICE Chat secure FTP (SFTP) site once every day, converts the content of chat messages to an email message format, and then import those items to mailboxes in Microsoft 365. After ICE chat data is stored in user mailboxes, you can apply Microsoft Purview features such as litigation hold, eDiscovery, archiving, auditing, communication compliance, and Microsoft 365 retention policies to ICE Chat data. For example, you can search ICE Chat messages using content search or associate the mailbox that contains the ICE Chat data with a custodian in an eDiscovery (Premium) case. Using an ICE Chat connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Instant Bloomberg Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-instant-bloomberg-data.md
description: "Learn how administrators can set up and use a data connector to im
# Set up a connector to archive Instant Bloomberg data + Use a native connector in the Microsoft Purview compliance portal to import and archive financial services chat data from the [Instant Bloomberg](https://www.bloomberg.com/professional/product/collaboration/) collaboration tool. After you set up and configure a connector, it connects to your organization's Bloomberg secure FTP site (SFTP) once every day, converts the content of chat messages to an email message format, and then imports those items to mailboxes in Microsoft 365. After Instant Bloomberg data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to Instant Bloomberg data. For example, you can search Instant Bloomberg chat messages using Content Search or associate the mailbox that contains the Instant Bloomberg data with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using an Instant Bloomberg connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Jive Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-jive-data.md
description: "Admins can set up a connector to import and archive Jive data from
# Set up a connector to archive Jive data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the collaboration platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Jive](https://globanet.com/jive/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts content such as email messages, chats, and attachments from a user's Jive account to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Jive data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Jive connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Linkedin Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-linkedin-data.md
description: "Learn how administrators can setup & use a native connector to imp
# Set up a connector to archive LinkedIn data + Use a connector in the Microsoft Purview compliance portal to import and archive data from LinkedIn Company pages. After you set up and configure a connector, it connects to the account for the specific LinkedIn Company page once every 24 hours. The connector converts the messages posted to the Company page to an email message, and then imports those items to a mailbox in Microsoft 365. After the LinkedIn Company page data is stored in a mailbox, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to LinkedIn data. For example, you can search for these items using Content Search or associate the storage mailbox with a custodian in a Microsoft Purview eDiscovery (Premium) case. Creating a connector to import and archive LinkedIn data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Mssqldatabaseimporter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-mssqldatabaseimporter-data.md
description: "Admins can set up a connector to import and archive data from MS S
# Set up a connector to archive data from MS SQL Database + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from MS SQL Database to user mailboxes in your Microsoft 365 organization. Veritas provides you with an MS SQL Database Importer connector that's configured to capture items from a database using an XML configuration file and import those items to Microsoft 365. The connector converts content from MS SQL Database to an email message format and then imports those items to user mailboxes in Microsoft 365. After content from MS SQL Database stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using an MS SQL Database connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive O2 Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-o2-network-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive O2 Network data + Use a TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) messages and voice calls from the O2 mobile network. After you set up and configure a connector, it connects to your organization's O2 Network once every day, and imports SMS and voice calls to mailboxes in Microsoft 365. After SMS messages and voice calls are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to O2 Network data. For example, you can search O2 Network SMS messages and voice calls using Content Search or associate the mailbox that contains O2 Network data with a custodian in an eDiscovery (Premium) case. Using an O2 Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Pivot Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-pivot-data.md
description: "Admins can set up a connector to import and archive Pivot data fro
# Set up a connector to archive Pivot data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Pivot platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Pivot](https://globanet.com/pivot/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Pivot is an instant messaging platform that allows collaboration with financial market participants. The connector converts items such as chat messages, from a users' Pivot accounts to an email message format and then imports those items to the user mailboxes in Microsoft 365. After Pivot data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Pivot connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Redtailspeak Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-redtailspeak-data.md
description: "Admins can set up a connector to import and archive Red tail Speak
# Set up a connector to archive Redtail Speak data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Redtail Speak to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Redtail Speak](https://globanet.com/redtail/) connector that's configured to capture items from your organizationΓÇÖs SFTP server where the items are received from Redtail. The connector converts the content from Redtail Speak to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Redtail Speak data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Redtail Speak connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Reutersdealing Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersdealing-data.md
description: "Admins can set up a connector to import and archive Reuters Dealin
# Set up a connector to archive Reuters Dealing data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters Dealing platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters Dealing](https://globanet.com/reuters-dealing/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts Dealing communications from the Reuters Dealing account to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Reuters Dealing data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Dealing connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Reuterseikon Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reuterseikon-data.md
description: "Admins can set up a connector to import and archive Reuters Eikon
# Set up a connector to archive Reuters Eikon data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters Eikon platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Reuters Eikon](https://globanet.com/eikon/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as person-to-person messages, group chats, attachments, and disclaimers from a user's Reuters Eikon account to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Reuters Eikon data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters Eikon connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Reutersfx Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-reutersfx-data.md
description: "Admins can set up a connector to import and archive Reuters FX dat
# Set up a connector to archive Reuters FX data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Reuters FX platform to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Reuters FX](https://globanet.com/reuters-fx/) connector that is configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. The connector converts the currencies and FX rates from the Reuters FX account to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Reuters FX data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Reuters FX connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Ringcentral Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-ringcentral-data.md
description: "Admins can set up a connector to import and archive RingCentral da
# Set up a connector to archive RingCentral data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the RingCentral platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [RingCentral](https://www.veritas.com/insights/merge1/ringcentral) connector that is configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from RingCentral to an email message format and then imports those items to the user mailboxes in Microsoft 365. After RingCentral data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a RingCentral connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Rogers Network Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-rogers-network-archiver-data.md
description: "Admins can set up a TeleMessage connector to import and archive Ro
# Set up a connector to archive Rogers Network data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive SMS and MMS data from the Rogers mobile network. After you set up and configure a [Rogers Network Archiver connector](https://www.telemessage.com/mobile-archiver/network-archiver/rogers/), it connects to your organization's Rogers mobile network, and imports SMS and MMS data to mailboxes in Microsoft 365. After data from the Rogers mobile network is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to the data. For example, you can search for SMS and MMS messages from the Rogers mobile network using Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case. Using a Rogers Network Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies.
compliance Archive Salesforcechatter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-salesforcechatter-data.md
description: "Admins can set up a connector to import and archive Salesforce Cha
# Set up a connector to archive Salesforce Chatter data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Salesforce Chatter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Salesforce Chatter](http://globanet.com/chatter/) connector that captures items from the third-party data source and imports those items to Microsoft 365. The connector converts the content such as chats, attachments, and posts from Salesforce Chatter to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. After Salesforce Chatter data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Salesforce Chatter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Servicenow Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-servicenow-data.md
description: "Admins can set up a connector to import and archive ServiceNow dat
# Set up a connector to archive ServiceNow data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the ServiceNow platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [ServiceNow](https://globanet.com/servicenow/) connector that captures items from the third-party data source and import those items to Microsoft 365. The connector converts the content such as live messages, attachments, and posts from ServiceNow to an email message format and then imports those items to user mailboxes in Microsoft 365. After ServiceNow data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a ServiceNow connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Signal Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-signal-archiver-data.md
description: "Admins can set up a TeleMessage connector to import and archive Si
# Set up a connector to archive Signal communications data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Signal chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage Signal Archiver to mailboxes in Microsoft 365. After Signal Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Signal communications data. For example, you can search Signal communication using Content search or associate the mailbox that contains the Signal Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a Signal Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies.
compliance Archive Skypeforbusiness Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-skypeforbusiness-data.md
description: "Learn how to set up and use a connector in the Microsoft Purview c
# Set up a connector to archive Skype for Business data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Skype for Business platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Skype for Business](https://www.veritas.com/en/au/insights/merge1/skype-for-business) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as messages between users, persistent chats, and conference messages from Skype for Business to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. After Skype for Business data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Skype for Business connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Slack Data Microsoft https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data-microsoft.md
description: "Learn how to set up and use a Slack eDiscovery data connector prov
# Set up a connector to archive Slack eDiscovery data (preview) + The Slack eDiscovery data connector provided by Microsoft helps you to import and archive instant messaging data (such as messages, attachments, links, and revisions) from your organization's Slack workspaces to Microsoft 365. The data connector pulls data from the Slack API, converts it to an email message format, and then imports those items to user mailboxes in Microsoft 365. After the Slack data is imported, you can apply compliance solutions, such as Litigation hold, Microsoft Purview eDiscovery (Premium), Communication compliance, and retention settings to the Slack content. Using a Slack eDiscovery data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies. ## Overview of archiving Slack eDiscovery data
compliance Archive Slack Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-slack-data.md
description: "Admins can set up a connector to import and archive data from Veri
# Set up a connector to archive Slack eDiscovery data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive third-party data from social media, instant messaging, and document collaboration platforms to mailboxes in your Microsoft 365 organization. Veritas provides a [Slack](https://globanet.com/slack/) connector that's configured to capture items from the third-party data source (on a regular basis) and then import those items to Microsoft 365. Slack pulls messages and files from the Slack API and converts them to an email message format and then imports the item to user mailboxes. After Slack eDiscovery data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Slack connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Symphony Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-symphony-data.md
description: "Admins can set up a connector to import and archive data from Veri
# Set up a connector to archive Symphony data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive Symphony data to user mailboxes in your Microsoft 365 organization. Symphony is a messaging and collaboration platform used in the financial services industry. Veritas provides a [Symphony](https://globanet.com/symphony) data connector in the compliance portal that you can configure to capture items from the third-party data source (on a regular basis) and then import those items to user mailboxes. The connector converts the content of an item from the Symphony account to an email message format and then imports the item to a mailbox in Microsoft 365. After Symphony communications are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Symphony connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Telegram Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telegram-archiver-data.md
description: "Admins can set up a TeleMessage connector to import and archive Te
# Set up a connector to archive Telegram communications data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Telegram chats, attachments, files, and deleted messages and calls. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the Telegram Archiver to mailboxes in Microsoft 365. After Telegram Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to Telegram communication data. For example, you can search Telegram communication using Content Search or associate the mailbox that contains the Telegram Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a Telegram Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies.
compliance Archive Telus Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telus-network-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive TELUS Network data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) data from your organization's TELUS Network. After you set up and configure a connector, it connects to your organization's TELUS Network once every day, and imports SMS data to mailboxes in Microsoft 365. After SMS messages are stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to TELUS data. For example, you can search TELUS SMS messages using Content Search or associate the mailbox that contains the TELUS data with a custodian in an eDiscovery (Premium) case. Using a TELUS Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Text Delimited Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-text-delimited-data.md
description: "Admins can set up a connector to import and archive text-delimited
# Set up a connector to archive text-delimited data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive text-delimited data to user mailboxes in your Microsoft 365 organization. Veritas provides a [text-delimited connector](https://globanet.com/text-delimited) that's configured to capture items from a third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts content from the text-delimited data source to an email message format and then imports those items to the user's mailbox in Microsoft 365. After text-delimited data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a text-delimited data connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Twitter Data With Sample Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-twitter-data-with-sample-connector.md
description: "Learn how administrators can set up and use a native connector to
# Set up a Microsoft connector to archive Twitter data (preview) + Use a connector in the Microsoft Purview compliance portal to import and archive data from Twitter to Microsoft 365. After you set up and configure the connector, it connects to your organization's Twitter account (on a scheduled basis), converts the content of an item to an email message format, and then imports those items to a mailbox in Microsoft 365. After the Twitter data is imported, you can apply Microsoft Purview features such as Litigation Hold, Content Search, In-Place Archiving, Auditing, and Microsoft 365 retention policies to the Twitter data. For example, when a mailbox is placed on Litigation Hold or assigned to a retention policy, the Twitter data is preserved. You can search third-party data using Content Search or associate the mailbox where the Twitter data is stored with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a connector to import and archive Twitter data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Veritas Twitter Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-veritas-twitter-data.md
description: "Admins can set up a connector to import and archive Twitter data f
# Set up a connector to archive Twitter data (preview) + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Twitter platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [Twitter](https://www.veritas.com/insights/merge1/twitter) connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as tweets, retweets, and comments from Twitter to an email message format and then imports those items to the user mailboxes in Microsoft 365. After Twitter data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a Twitter connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Verizon Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-verizon-network-data.md
description: "Admins can set up a TeleMessage connector to import and archive SM
# Set up a connector to archive Verizon Network data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive Short Messaging Service (SMS) and Multimedia Messaging Service (MMS) data from Verizon Network. After you set up and configure a connector, it connects to your organization's Verizon Network once every day and imports SMS and MMS data to mailboxes in Microsoft 365. After Verizon Network connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content Search, and Microsoft 365 retention policies to Verizon data. For example, you can search Verizon SMS and MMS messages using Content Search or associate the mailbox that contains Verizon Network data with a custodian in a Microsoft Purview eDiscovery (Premium) case. Using a Verizon Network connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Webexteams Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webexteams-data.md
description: "Admins can set up a connector to import and archive data from Veri
# Set up a connector to archive Webex Teams data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Webex Teams to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webex Teams](https://globanet.com/webex-teams/) connector that is configured to capture Webex Teams communication items and import them to Microsoft 365. The connector converts content from Webex Teams, such as 1:1 chats, group conversations, channel conversations, and attachments from your organization's Webex Teams account, to an email message format and then imports those items to the user's mailbox in Microsoft 365. After Webex Teams data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Webex Teams connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Webpagecapture Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-webpagecapture-data.md
description: "Admins can set up a connector to import and archive Webpage Captur
# Set up a connector to archive webpage data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from webpages to user mailboxes in your Microsoft 365 organization. Veritas provides a [Webpage Capture](https://globanet.com/webpage-capture) connector that captures specific webpages (and any links on those pages) in a specific website or an entire domain. The connector converts the webpage content to a PDF, PNG, or custom file format and then attaches the converted files to an email message and then imports those email items to user mailboxes in Microsoft 365. After webpage content is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using a Webpage Capture connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Wechat Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-wechat-data.md
description: "Set up and use a connector in the Microsoft Purview compliance por
# Set up a connector to archive WeChat data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive WeChat and WeCom calls, chats, attachments, files, and recalled messages. After you set up and configure a connector, it connects to your organization's TeleMessage account, and imports the mobile communication of employees using the TeleMessage WeChat Archiver to mailboxes in Microsoft 365. After WeChat Archiver connector data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, Communication compliance, and Microsoft 365 retention policies to WeChat communication data. For example, you can search WeChat communication using Content Search or associate the mailbox that contains the WeChat Archiver connector data with a custodian in an eDiscovery (Premium) case. Using a WeChat Archiver connector to import and archive data in Microsoft 365 can help your organization stay compliant with corporate governance regulations and regulatory policies.
compliance Archive Whatsapp Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-whatsapp-data.md
description: "Admins can set up a TeleMessage connector to import and archive Wh
# Set up a connector to archive WhatsApp data + Use the TeleMessage connector in the Microsoft Purview compliance portal to import and archive WhatsApp calls, chats, attachments, files, and deleted messages. After you set up and configure a connector, it connects to your organization's TeleMessage account once every day, and imports the mobile communication of employees using the TeleMessage WhatsApp Phone Archiver or TeleMessage WhatsApp Cloud Archiver to mailboxes in Microsoft 365. After WhatsApp data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, Content search, and Microsoft 365 retention policies to WhatsApp data. For example, you can search WhatsApp messages using Content search or associate the mailbox that contains WhatsApp messages with a custodian in an eDiscovery (Premium) case. Using a WhatsApp connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Workplacefromfacebook Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-workplacefromfacebook-data.md
description: "Admins can set up a connector to import and archive data from Work
# Set up a connector to archive Workplace from Facebook data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Workplace from Facebook to user mailboxes in your Microsoft 365 organization. Veritas provides a [Workplace from Facebook](https://globanet.com/workplace/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content such as chats, attachments, posts, and videos from Workplace to an email message format and then imports those items to user mailboxes in Microsoft 365. After Workplace data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using Workplace from Facebook connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Xip Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xip-data.md
description: "Admins can set up a connector to import and archive XIP source dat
# Set up a connector to archive XIP source data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the XIP source platform to user mailboxes in your Microsoft 365 organization. Veritas provides a [XIP](https://globanet.com/xip/) connector that allows using an XIP file to import items to Microsoft 365. An XIP file is similar to a ZIP file, but allows for a digital signature to be used. The digital signature is verified by Veritas Merge 1 before the XIP source file is extracted. The connector converts the content from the XIP source file to an email message format and then imports those items to the user mailboxes in Microsoft 365. After XIP source data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using an XIP connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Xslt Xml Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-xslt-xml-data.md
description: "Admins can set up a connector to import and archive XSLT/XML data
# Set up a connector to archive XSLT/XML data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Web page source to user mailboxes in your Microsoft 365 organization. Veritas provides you with an [XSLT/XML connector](https://globanet.com/xslt-xml) that allows the rapid development of files created by using XSLT (Extensible Style sheet Language Transformations) to transform XML files into other file formats (such as HTML or text) that can be imported to Microsoft 365. The connector converts the content of an item from the XSLT/XML source to an email message format and then imports the converted item to Microsoft 365 mailboxes. After XSLT/XML data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, and retention policies and retention labels. Using an XSLT/XML connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Yieldbroker Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-yieldbroker-data.md
description: "Admins can set up a connector to import and archive Yieldbroker da
# Set up a connector to archive Yieldbroker data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from the Yieldbroker to user mailboxes in your Microsoft 365 organization. Veritas provides you with a [Yieldbroker](https://globanet.com/yieldbroker/) connector that's configured to capture items from the third-party data source and import those items to Microsoft 365. The connector converts the content from Yieldbroker to an email message format and then imports those items to the userΓÇÖs mailbox in Microsoft 365. After Yieldbroker is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies, and retention labels. Using a Yieldbroker connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Youtube Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-youtube-data.md
description: "Admins can set up a connector to import and archive YouTube data f
# Set up a connector to archive YouTube data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from YouTube to user mailboxes in your Microsoft 365 organization. Veritas provides a connector that is configured to capture items from a third-party data source and import those items to Microsoft 365. The connector converts content such as chats, attachments, tasks, notes, and posts from YouTube to an email message format and then imports those items to the user mailboxes in Microsoft 365. After YouTube data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels. Using a YouTube connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archive Zoommeetings Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-zoommeetings-data.md
description: "Admins can set up a connector to import and archive data from Veri
# Set up a connector to archive Zoom Meetings data + Use a Veritas connector in the Microsoft Purview compliance portal to import and archive data from Zoom Meetings to user mailboxes in your Microsoft 365 organization. Veritas provides a [Zoom Meetings](https://globanet.com/zoom/) connector that is configured to capture items from the third-party data source (on a regular basis) and import those items to Microsoft 365. The connector converts the content of the meetings (including chats, recorded files, and metadata) from the Zoom Meetings account to an email message format and then imports those items to user mailboxes in Microsoft 365. After Zoom Meetings data is stored in user mailboxes, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, retention policies and retention labels, and communication compliance. Using a Zoom Meetings connector to import and archive data in Microsoft 365 can help your organization stay compliant with government and regulatory policies.
compliance Archiving Third Party Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archiving-third-party-data.md
description: "Learn how to import and archive third-party data from social media
# Learn about connectors for third-party data + Microsoft 365 lets administrators use data connectors to import and archive non-Microsoft, third-party data from social media platforms, instant messaging platforms, and document collaboration platforms, to mailboxes in your Microsoft 365 organization. One primary benefit of using data connectors to import and archive third-party data in Microsoft 365 is that you can apply various Microsoft Purview solutions to the data after it's been imported. This helps you ensure that your organization's non-Microsoft data is in compliance with the regulations and standards that affect your organization. Watch this interactive guide that demonstrates how to create data connectors to import and archive third-party data and examples of applying compliance solutions to data after it's imported to Microsoft 365.
compliance Assessment In Relevance In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assessment-in-relevance-in-advanced-ediscovery.md
# Assessment in the Relevance module in eDiscovery (Premium)+ Microsoft Purview eDiscovery (Premium) enables early assessment, for example, for the defined issues and the data imported for a case. eDiscovery (Premium) lets the expert make decisions about an adopted approach and to apply these decisions to the document review project.
compliance Assign Ediscovery Permissions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/assign-ediscovery-permissions.md
# Assign eDiscovery permissions in the compliance portal + If you want people to use any of the [eDiscovery-related tools](ediscovery.md) in the Microsoft Purview compliance portal, you have to assign them the appropriate permissions. The easiest way to do this is to add the person the appropriate role group on the **Permissions** page in the compliance center. This topic describes the permissions required to perform eDiscovery tasks. The primary eDiscovery-related role group in compliance portal is called **eDiscovery Manager**. There are two subgroups within this role group.
compliance Attorney Privilege Detection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/attorney-privilege-detection.md
description: "Use the attorney-client privilege detection model to use the machi
# Set up attorney-client privilege detection in eDiscovery (Premium) + A major and costly aspect of the review phase of any eDiscovery process is reviewing documents for privileged content. Microsoft Purview eDiscovery (Premium) provides machine learning-based detection of privileged content to make this process more efficient. This feature is called *attorney-client privilege detection*. ## How does it work?
compliance Audit Log Retention Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-retention-policies.md
description: "Audit log retention policies are part of the new Microsoft Purview
# Manage audit log retention policies + You can create and manage audit log retention policies in the Microsoft Purview compliance portal. Audit log retention policies are part of the new Microsoft Purview Audit (Premium) capabilities. An audit log retention policy lets you specify how long to retain audit logs in your organization. You can retain audit logs for up to 10 years. You can create policies based on the following criteria: - All activities in one or more Microsoft 365 services
compliance Audit Log Search Script https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/audit-log-search-script.md
description: "Use a PowerShell script that runs the Search-UnifiedAuditLog cmdle
# Use a PowerShell script to search the audit log + Security, compliance, and auditing have become a top priority for IT administrators in todayΓÇÖs world. Microsoft 365 has several built-in capabilities to help organizations manage security, compliance, and auditing. In particular, unified audit logging can help you investigate security incidents and compliance issues. You can retrieve audit logs by using the following methods: - [The Office 365 Management Activity API](/office/office-365-management-api/office-365-management-activity-api-reference)
compliance Auditing Solutions Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-solutions-overview.md
# Auditing solutions in Microsoft Purview + Microsoft Purview auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization. ## Microsoft Purview auditing solutions
compliance Auditing Troubleshooting Scenarios https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auditing-troubleshooting-scenarios.md
description: "Learn how to use the Microsoft 365 audit log search tool to help t
# Search the audit log to investigate common support issues + This article describes how to use the audit log search tool to help you investigate common support issues. This includes using the audit log to: - Find the IP address of the computer used to access a compromised account
compliance Building Search Queries https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/building-search-queries.md
description: "Use keywords and conditions to narrow the scope of the search when
# Build search queries for collections in eDiscovery (Premium) + When configuring the search query when creating a [collection](collections-overview.md) in an eDiscovery (Premium) case, you can use keywords to find specific content and conditions to narrow the scope of the search to return items that are most relevant to your legal investigation. ![Use keywords and conditions to narrow the results of a search.](../media/SearchQueryBox.png)
compliance Bulk Add Custodians https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-add-custodians.md
description: "Use the bulk-import tool to quickly add multiple custodians and th
# Import custodians to an eDiscovery (Premium) case + For Microsoft Purview eDiscovery (Premium) cases that involve many custodians, you can import multiple custodians at once by using a CSV file that contains the information necessary to add them to a case. The import custodians tool will also validate the CSV file before the import job is created. This means you can fix any errors in the CSV file instead of having to wait until the import job is complete before learning there are errors that prevent a custodian from being added to the case. ## Before you import custodians
compliance Bulk Import External Contacts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-import-external-contacts.md
description: "Learn how admins can use Exchange Online PowerShell and a CSV file
# Bulk import external contacts to Exchange Online + **This article is for administrators. Are you trying to import contacts to your own mailbox? See [Import contacts to Outlook](https://support.office.com/article/bb796340-b58a-46c1-90c7-b549b8f3c5f8)** Does your company have lots of existing business contacts that you want to include in the shared address book (also called the global address list) in Exchange Online? Do you want to add external contacts as members of distribution groups, just like you can with users inside your company? If so, you can use Exchange Online PowerShell and a CSV (comma-separated value) file to bulk import external contacts into Exchange Online. It's a three-step process:
compliance Change The Size Of Pst Files When Exporting Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/change-the-size-of-pst-files-when-exporting-results.md
description: "You can change the default size of PST files that are downloaded t
# Change the size of PST files when exporting eDiscovery search results + When you use the eDiscovery Export tool to export the email results of an eDiscovery search from the different Microsoft eDiscovery tools, the default size of a PST file that can be exported is 10 GB. If you want to change this default size, you can edit the Windows Registry on the computer that you use to export the search results. One reason to do this is so a PST file can fit on removable media, such a DVD, a compact disc, or a USB drive. > [!NOTE]
compliance Check Your Content Search Query For Errors https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/check-your-content-search-query-for-errors.md
description: "Learn how to detect errors and typos in your keyword query for eDi
# Check your search query for errors+ Here's a list of the unsupported characters that we check for in search queries for Content search and Microsoft Purview eDiscovery (Standard). Unsupported characters are often hidden, and they typically cause a search error or return unintended results.
compliance Clone A Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/clone-a-content-search.md
description: "Use the PowerShell script in this article to quickly clone an exis
# Clone a Content Search + Creating a Content Search in the compliance center in Office 365 or Microsoft 365 that searches many mailboxes or SharePoint and OneDrive for Business sites can take a while. Specifying the sites to search can also be prone to errors if you mistype a URL. To avoid these issues, you can use the Windows PowerShell script in this article to quickly clone an existing Content Search. When you clone a search, a new search (with a different name) is created that contains the same properties (such as the content locations and the search query) as the original search. Then you can edit the new search by changing the keyword query or the date range, and run it. Why clone Content Searches?
compliance Close Or Delete Case https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-or-delete-case.md
# Close or delete an eDiscovery (Premium) case + When the legal case or investigation supported by a Microsoft Purview eDiscovery (Premium) case is completed, you can close or delete a case. You can also reopen a closed case. ## Close a case
compliance Close Reopen Delete Core Ediscovery Cases https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/close-reopen-delete-core-ediscovery-cases.md
description: "This article describes how to manage eDiscovery (Standard) cases.
# Close, reopen, and delete a eDiscovery (Standard) case + This article describes how to close, reopen, and delete Microsoft Purview eDiscovery (Standard) cases in Microsoft 365. ## Close a case
compliance Collection Statistics Reports https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collection-statistics-reports.md
description: "Learn how to access and use statistics and reports for draft colle
# Collection statistics and reports in Microsoft Purview eDiscovery (Premium) + After you create a draft collection, you can view statistics on the retrieved items, such as the content locations that contain the most items that matched the search criteria and the number of items returned by the search query. You can also preview a subset of the results. When you've identified the set of documents you want to further examine, you can add the search results to a review set to collect and process.
compliance Collections Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/collections-overview.md
description: "Use collections in eDiscovery (Premium) to search for and collect
# Learn about collections in eDiscovery (Premium) + When organizations are faced with gathering the communications and content that may be relevant to an investigation or potential litigation, they face a significant challenge under the best of circumstances. In todayΓÇÖs modern workplace, the volume, variety, and velocity of content is enabling innovation and remote work, while also expanding the requirements and process for managing collections for eDiscovery investigations. The collection workflow poses significant technical challenges around extracting content from native locations and sources. It's also a critical point in the assessment and strategy for common litigation or investigations scenarios. As organizations begin to assess an investigation, the first questions asked are who was involved? After identifying who was involved, these custodians can quickly be placed on hold to preserve relevant content. The next question is what took place? To answer this second fundamental question of any investigation, managers must turn to the data. To quickly assess the most relevant content to the question of what took place, managers start to refine the target of the question to ensure that the collection results are comprehensive without being too broad.
compliance Commit Draft Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/commit-draft-collection.md
description: "After you create and iterate on a draft collection, you can commit
# Commit a draft collection to a review set in eDiscovery (Premium) + When you're satisfied with the items you've collected in a draft collection and are ready to analyze, tag, and review them, you can add a collection to a review set in the case. When you commit a draft collection to a review set, collected items are copied from their original content location in Microsoft 365 to a review set. A review set is a secure, Microsoft-provided Azure Storage location in the Microsoft cloud. ## Commit a draft collection to a review set
compliance Communication Compliance Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-policies.md
Admins should immediately assign custom reviewers to this policy as appropriate
4. On the **Monitor for user-reported messages** pane, assign reviewers for the policy. Reviewers must have mailboxes hosted on Exchange Online. When reviewers are added to a policy, they automatically receive an email message that notifies them of the assignment to the policy and provides links to information about the review process. 5. Select **Save**.
-To disable users from reporting Teams messages with the *Report a concern option*, disable the **End user reporting** option in the [Teams Admin Center](/microsoftteams/manage-teams-in-modern-portal).
+To disable users from reporting Teams messages with the *Report a concern option*, disable the **End user reporting** option in the [Teams Admin Center](/microsoftteams/manage-teams-in-modern-portal).
+
+>[!IMPORTANT]
+>If you're using PowerShell to disable the **End user reporting** option in the Teams Admin Center, you must use [Microsoft Teams cmdlets module version 4.2.0](/MicrosoftTeams/teams-powershell-release-notes) or later.
## Storage limit notification (preview)
compliance Communication Compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance.md
search.appverid:
# Learn about communication compliance
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] Microsoft Purview Communication Compliance is an insider risk solution that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate actions to make sure they're compliant with your organization's message standards.
compliance Compliance Easy Trials https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials.md
Wondering what you can experience in your free trial? The Purview solutions tria
Microsoft Purview Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. Learn more about [Compliance Manager](compliance-manager.md) -- **eDiscovery**
+- **Data Loss Prevention**
- Take advantage of an end-to-end workflow for preserving, collecting, analyzing, and exporting content that's responsive to your organization's internal and external investigations. Legal teams can also manage the entire legal hold notification process by communicating with custodians involved in a case. Learn more about [eDiscovery](ediscovery.md)
+ Microsoft Purview Data Loss Prevention (DLP) helps you control sharing and use of sensitive info on devices, apps, and services. With trials, you can extend coverage of DLP policies to Teams and devices, protect even more sensitive content using trainable classifiers and exact data match (EDM), and get started quickly with our recommended DLP policies. [Learn more about Data Loss Prevention](dlp-learn-about-dlp.md)
+
+ When the trial ends:
+
+ - Your existing policies will stay turned on unless you turn them off.
+ - If you edit DLP policies that include either the Teams or Devices locations after the trial ends, those locations will be removed from the policy.
- **Data Lifecycle Management** Automate your retention coverage by using adaptive policy scopes. This feature allows you to dynamically target policies for retention to specific users, groups, or sites. These policies automatically update when changes occur in your organization. In addition, policies that use adaptive scopes are not subject to location limits. Learn more about [adaptive policy scopes](retention.md#adaptive-or-static-policy-scopes-for-retention).
+- **eDiscovery**
+
+ Take advantage of an end-to-end workflow for preserving, collecting, analyzing, and exporting content that's responsive to your organization's internal and external investigations. Legal teams can also manage the entire legal hold notification process by communicating with custodians involved in a case. Learn more about [eDiscovery](ediscovery.md)
+ - **Information Protection**
- Implement Microsoft Purview Information Protection with [sensitivity labels](sensitivity-labels.md) and [Microsoft Purview Data Loss Prevention policies](dlp-learn-about-dlp.md) to help you discover, classify, and protect your sensitive content wherever it lives or travels.
+ Implement Microsoft Purview Information Protection with [sensitivity labels](sensitivity-labels.md) to help you discover, classify, and protect your sensitive content wherever it lives or travels. With the trials, you can recommend users apply sensitivity labels to their emails and docs, discover and automatically label sensitive content, take advantage of machine learning based classifiers, and get started quickly with our recommended labels and policies.
The Information Protection trial provides you with default labels, auto-labeling for documents and emails, and data loss prevention to protect credit card numbers shared in Teams and by devices. The default policies we create for you get you up and running quickly, but you can fully customize them as you want.
- When the trial ends, you'll receive an email that informs you:
+ When the trial ends:
- All files and emails labeled during your trial stay labeled. You can manually remove the labels.
- - You'll be downgraded to your previous Microsoft E3 license package that doesn't support auto-labeling and data loss prevention. Your existing policies will stay turned on unless you turn them off.
+ - Your existing policies will stay turned on unless you turn them off.
- Any auto-labeling policies cannot be edited after the trial ends, but can be deleted.
- - If you edit DLP policies that include either the Teams or Devices locations after the trial ends, those locations will be removed from the policy.
-
+
For more information about each of these preconfigured features and how they will impact users, see Learn about the [free trial for Microsoft Purview Information Protection](mip-easy-trials.md). For more information about the full range of features for Microsoft Purview Information Protection, see [Microsoft Purview Information Protection](information-protection.md).
compliance Compliance Extensibility https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-extensibility.md
description: "Learn about extending Microsoft Purview solutions by using third-p
# Microsoft Purview and Microsoft Priva extensibility + Microsoft Purview solutions help organizations intelligently assess their compliance risks, govern and protect sensitive data, and effectively respond to regulatory requirements. Microsoft Purview is rich in extensibility scenarios and enables organizations to adapt, extend, integrate, accelerate, and support their compliance solutions. There are two key building blocks for compliance extensibility:
compliance Compliance Manager Assessments https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-assessments.md
Compliance Manager helps you create assessments that evaluate your compliance wi
All of your assessments are listed on the assessments tab of Compliance Manager. Learn more about [how to filter your view of your assessments and interpret status states](compliance-manager-setup.md#assessments-page). > [!IMPORTANT]
-> The templates available to your organization for building assessments depend on your licensing agreement. [Review licensing details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager).
+> The templates available to your organization for building assessments depend on your licensing agreement. [Review licensing details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-compliance-manager).
## Data Protection Baseline default assessment
compliance Compliance Manager Setup https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-setup.md
description: "Set Microsoft Purview Compliance Manager user permissions and role
## Who can access Compliance Manager
-Compliance Manager is available to organizations with Office 365 and Microsoft 365 licenses, and to US Government Community Cloud (GCC) Moderate, GCC High, and Department of Defense (DoD) customers. Assessment availability and management capabilities depend on your licensing agreement. [View service description details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager).
+Compliance Manager is available to organizations with Office 365 and Microsoft 365 licenses, and to US Government Community Cloud (GCC) Moderate, GCC High, and Department of Defense (DoD) customers. Assessment availability and management capabilities depend on your licensing agreement. [View service description details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-compliance-manager).
## Before you begin
compliance Compliance Manager Templates List https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates-list.md
description: "Microsoft Purview Compliance Manager provides templates for buildi
**In this article:** View the comprehensive list of **templates** available for creating assessments in Compliance Manager. > [!IMPORTANT]
-> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager).
+> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-compliance-manager).
## Overview
compliance Compliance Manager Templates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager-templates.md
description: "Understand how to use and manage templates for building assessment
**In this article:** Understand **how templates work** and **how to manage them** from your assessment templates page. Get instructions for **creating** new templates, **extending** and **modifying** existing templates, **formatting your template data with Excel**, and exporting template **reports**. > [!IMPORTANT]
-> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager).
+> The assessment templates that are available to your organization depend on your licensing agreement. [Review the details](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-compliance-manager).
## Templates overview
compliance Compliance Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-manager.md
description: "Microsoft Purview Compliance Manager helps organizations simplify
# Microsoft Purview Compliance Manager
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] **In this article:** Learn what Compliance Manager is, how it helps simplify compliance and reduce risk, and its key components.
compliance Compliance Score Calculation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-score-calculation.md
**In this article:** Learn how Compliance Manager calculates a compliance score for your organization. This article explains how to **interpret your score**, what the **Data Protection Baseline assessment** includes, **continuous monitoring**, and **how different types of actions are managed and scored**. > [!IMPORTANT]
-> Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance. It is up to you to evaluate and validate the effectiveness of customer controls per your regulatory environment. These services are subject to the terms and conditions in the [Product Terms](https://go.microsoft.com/fwlink/?linkid=2108910). See also [Microsoft 365 licensing guidance for security and compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance.md#microsoft-purview-compliance-manager).
+> Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance. It is up to you to evaluate and validate the effectiveness of customer controls per your regulatory environment. These services are subject to the terms and conditions in the [Product Terms](https://go.microsoft.com/fwlink/?linkid=2108910). See also [Microsoft 365 licensing guidance for security and compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-compliance-manager).
## How to read your compliance score
compliance Configure Edge To Export Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-edge-to-export-search-results.md
description: "You have to enable ClickOnce support to use the newest version of
# Use the eDiscovery Export Tool in Microsoft Edge + As a result of recent changes to the newest version of Microsoft Edge, ClickOnce support is no longer enabled by default. To continue using the eDiscovery Export Tool to download Content Search or eDiscovery search results, you either need to use [Microsoft Internet Explorer](https://support.microsoft.com/help/17621/internet-explorer-downloads) or enable ClickOnce support in the newest version of Microsoft Edge. ## Enable ClickOnce support in Microsoft Edge
compliance Configure Search And Analytics Settings In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/configure-search-and-analytics-settings-in-advanced-ediscovery.md
description: "Configure Microsoft Purview eDiscovery (Premium) settings that app
# Configure search and analytics settings in eDiscovery (Premium) + You can configure settings for each Microsoft Purview eDiscovery (Premium) case to control the following functionality. - Near duplicates and email threading
compliance Content Search Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search-reference.md
description: "This article contains reference information about the Content sear
# Feature reference for Content search + This article describes features and functionality of Content search. ## Content search limits
compliance Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/content-search.md
description: "Use the Content search eDiscovery tool in the compliance center to
# Create a content search + You can use the Content search eDiscovery tool in the Microsoft Purview compliance portal to search for in-place content such as email, documents, and instant messaging conversations in your organization. Use this tool to search for content in these cloud-based Microsoft 365 data sources: - Exchange Online mailboxes
compliance Conversation Review Sets https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/conversation-review-sets.md
# Conversation threading in eDiscovery (Premium) + Instant messaging is a convenient way to ask questions, share ideas, or quickly communicate across large audiences. As instant messaging platforms, like Microsoft Teams and Yammer groups, become core to enterprise collaboration, organizations must evaluate how their eDiscovery workflow addresses these new forms of communication and collaboration. The conversation reconstruction feature in Microsoft Purview eDiscovery (Premium) is designed to help you identify contextual content and produce distinct conversation views. This capability allows you to efficiently and rapidly review complete instant message conversations (also called *threaded conversations*) that are generated in platforms like Microsoft Teams.
compliance Create A Litigation Hold https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-litigation-hold.md
# Create a Litigation hold + You can place a mailbox on Litigation hold to retain all mailbox content, including deleted items and the original versions of modified items. When you place a user mailbox on Litigation hold, content in the user's archive mailbox (if it's enabled) is also retained. When you create a hold, you can specify a hold duration (also called a *time-based hold*) so that deleted and modified items are retained for a specified period and then permanently deleted from the mailbox. Or you can just retain content indefinitely (called an *infinite hold*) or until the Litigation hold is removed. If you do specify a hold duration period, it's calculated from the date a message is received or a mailbox item is created. Here's what happens when you create a Litigation hold.
compliance Create A Report On Holds In Ediscovery Cases https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-a-report-on-holds-in-ediscovery-cases.md
description: Learn how to generate a report that contains information about all
# Use a script to create a report on holds in eDiscovery cases + The script in this article lets eDiscovery administrators and eDiscovery managers generate a report that contains information about all holds that are associated with Core and eDiscovery (Premium) cases in the Microsoft Purview compliance portal. The report contains information such as the name of the case a hold is associated with, the content locations that are placed on hold, and whether the hold is query-based. If there are cases that don't have any holds, the script will create an additional report with a list of cases without holds. See the [More information](#more-information) section for a detailed description of the information included in the report.
compliance Create Activity Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-activity-alerts.md
description: Add and manage activity alerts in the Microsoft Purview compliance
# Create activity alerts + You can create an activity alert that will send you an email notification when users perform specific activities in Office 365. Activity alerts are similar to searching for events in the audit log, except that you'll be sent an email message when an event for an activity that you've created an alert for happens. **Why use activity alerts instead of searching the audit log?** There might be certain kinds of activity or activity performed by specific users that you really want to know about. Instead of having to remember to search the audit log for those activities, you can use activity alerts to have Microsoft 365 send you an email message when users perform those activities. For example, you can create an activity alert to notify you when a user deletes files in SharePoint, or you can create an alert to notify you when a user permanently deletes messages from their mailbox. The email notification sent to you includes information about which activity was performed and the user who performed it.
compliance Create And Manage Advanced Ediscoveryv2 Case https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-and-manage-advanced-ediscoveryv2-case.md
description: "This article describes how to create and manage Microsoft Purview
# Create and manage an eDiscovery (Premium) case + After setting up Microsoft Purview eDiscovery (Premium) and [assigning permissions to eDiscovery managers](get-started-with-advanced-ediscovery.md#step-2-assign-ediscovery-permissions) in your organization that will manage cases, the next step is to create and manage a case. This article also provides a high-level overview of using cases to manage the eDiscovery (Premium) workflow for a legal case or other types of investigations.
compliance Create Draft Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-draft-collection.md
description: "A draft collection is an eDiscovery search of custodial and non-cu
# Create a draft collection in eDiscovery (Premium) + After you've identified custodians and any non-custodian data sources for the case, you're ready to identify and locate a set of documents that are relevant. You do this by using the Collections tool to search data sources for relevant content. You do this by creating a collection that searches specified data sources for content that matches your search criteria. You have the option to create a *draft collection*, which is an estimate of the items are found or you can create a collection that automatically adds the items to a review set. When you create a draft collection, you can views information about the estimated results that matched the search query, such as the total number and size of items found, the different data sources where they were found, and statistics about the search query. You can also preview a sample of items that were returned by the collection. Using these statistics, you can change the search query and rerun the draft collection to narrow your results. Once you're satisfied with the collection results, you can commit the collection to a review set. When you commit a draft collection, the items returned by the collection are added to a review set for review, analysis, and export. ## Before you create a draft collection
compliance Create Ediscovery Holds https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-ediscovery-holds.md
description: "You can create a hold that's associated with a eDiscovery (Standar
# Create an eDiscovery hold + You can use a Microsoft Purview eDiscovery (Standard) case to create holds to preserve content that might be relevant to the case. You can place a hold on the Exchange mailboxes and OneDrive for Business accounts of people you're investigating in the case. You can also place a hold on the mailboxes and sites that are associated with Microsoft Teams, Office 365 Groups, and Yammer Groups. When you place content locations on hold, content is preserved until you remove the content location from the hold or until you delete the hold. After you create an eDiscovery hold, it may take up to 24 hours for the hold to take effect.
compliance Create Hold Notification https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-hold-notification.md
# Create a legal hold notice + Using eDiscovery (Premium) custodian communications, organizations can manage their workflow around communicating with custodians. Through the Communications tool, legal teams can systematically send, collect, and track legal hold notifications. The flexible creation process also allows teams to customize the hold notification workflow and the content in the notices sent to custodians. ![Communications Page.](../media/CommunicationPage.PNG)
compliance Create Report On And Delete Multiple Content Searches https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-report-on-and-delete-multiple-content-searches.md
# Create, report on, and delete multiple Content Searches + Quickly creating and reporting discovery searches is often an important step in eDiscovery and investigations when you're trying to learn about the underlying data, and the richness and quality of your searches. To help you do this, Security & Compliance Center PowerShell offers a set of cmdlets to automate time-consuming Content Search tasks. These scripts provide a quick and easy way to create a number of searches, and then run reports of the estimated search results that can help you determine the quantity of data in question. You can also use the scripts to create different versions of searches to compare the results each one produces. These scripts can help you to quickly and efficiently identify and cull your data. ## Before you create a Content Search
compliance Data Spillage Scenariosearch And Purge https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-spillage-scenariosearch-and-purge.md
description: "Use eDiscovery and search tools to manage and respond to a data sp
# eDiscovery solution series: Data spillage scenario - Search and purge + **What is data spillage and why should you care?** Data spillage is when a confidential document is released into an untrusted environment. When a data spillage incident is detected, it's important to quickly assess the size and locations of the spillage, examine user activities around it, and then permanently purge the spilled data from the system. ## Data spillage scenario
compliance De Duplication In Ediscovery Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/de-duplication-in-ediscovery-search-results.md
description: Learn how to eliminate duplicate eDiscovery search results so that
# De-duplication in eDiscovery search results + This article describes how de-duplication of eDiscovery search results works and explains the limitations of the de-duplication algorithm. When using eDiscovery tools to export the results of an eDiscovery search, you have the option to de-duplicate the results that are exported. What does this mean? When you enable de-duplication (by default, de-duplication isn't enabled), only one copy of an email message is exported even though multiple instances of the same message might have been found in the mailboxes that were searched. De-duplication helps you save time by reducing the number of items that you have to review and analyze after the search results are exported. But it's important to understand how de-duplication works and be aware that there are limitations to the algorithm that might cause a unique item to be marked as a duplicate during the export process.
compliance Decision Based On The Results In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/decision-based-on-the-results-in-advanced-ediscovery.md
# Decisions based on Relevance results in eDiscovery (Premium)+ In the Relevance module in eDiscovery (Premium), the Decide tab provides additional information for viewing and using decision-support statistics for determining the size of the review set of case files.
compliance Delete Items In The Recoverable Items Folder Of Mailboxes On Hold https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/delete-items-in-the-recoverable-items-folder-of-mailboxes-on-hold.md
# Delete items in the Recoverable Items folder of cloud-based mailboxes on hold + The Recoverable Items folder for an Exchange Online mailbox exists to protect from accidental or malicious deletions. It's also used to store items that are retained and accessed by compliance features, such as holds and eDiscovery searches. However, in some situations organizations might have data that's been unintentionally retained in the Recoverable Items folder that they must delete. For example, a user might unknowingly send or forward an email message that contains sensitive information or information that may have serious business consequences. Even if the message is permanently deleted, it might be retained indefinitely because a legal hold has been placed on the mailbox. This scenario is known as *data spillage* because data has been unintentionally *spilled* into Office 365. In these situations, you can delete items in a user's Recoverable Items folder for an Exchange Online mailbox, even if that mailbox is placed on hold with one of the different hold features in Office 365. These types of holds include Litigation Holds, In-Place Holds, eDiscovery holds, and retention policies created in the security and compliance center in Office 365 or Microsoft 365. This article explains how admins can delete items from the Recoverable Items folder for cloud-based mailboxes that are on hold. This procedure involves disabling access to the mailbox and disabling single item recovery, disabling the Managed Folder Assistant from processing the mailbox, temporarily removing the hold, deleting items from the Recoverable Items folder, and then reverting the mailbox to its previous configuration. Here's the process:
compliance Deploy Facebook Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-facebook-connector.md
description: "Administrators can set up a native connector to import and archive
# Deploy a connector to archive Facebook Business pages data + This article contains the step-by-step process to deploy a connector that uses the Office 365 Import service to import data from Facebook Business pages to Microsoft 365. For a high-level overview of this process and a list of prerequisites required to deploy a Facebook connector, see [Set up a connector to archive Facebook data](archive-facebook-data-with-sample-connector.md). ## Step 1: Create an app in Azure Active Directory
compliance Deploy Twitter Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/deploy-twitter-connector.md
description: "Administrators can set up a native connector to import and archive
# Deploy a connector to archive Twitter data + This article contains the step-by-step process to deploy a connector that uses the Office 365 Import service to import data from your organization's Twitter account to Microsoft 365. For a high-level overview of this process and a list of prerequisites required to deploy a Twitter connector, see [Set up a connector to archive Twitter data ](archive-twitter-data-with-sample-connector.md). ## Step 1: Create an app in Azure Active Directory
compliance Detailed Properties In The Office 365 Audit Log https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/detailed-properties-in-the-office-365-audit-log.md
# Detailed properties in the audit log + When you export the results of an audit log search from the Microsoft Purview compliance portal, you have the option to download all the results that meet your search criteria. You do this by selecting **Export results** \> **Download all results** on the **Audit log search** page. For more information, see [Search the audit log](search-the-audit-log-in-security-and-compliance.md). When your export all results for an audit log search, the raw data from the unified audit log is copied to a comma-separated value (CSV) file that is downloaded to your local computer. This file contains additional information from each audit record in a column named **AuditData**. This column contains a multi-value property for multiple properties from the audit log record. Each of the **property: value** pairs in this multi-value property are separated by a comma.
compliance Device Onboarding Macos Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/device-onboarding-macos-overview.md
Your macOS devices must already be managed through Intune or JAMF Pro.
- To onboard into Intune, see [Deployment guide: Manage macOS devices in Microsoft Intune](/mem/intune/fundamentals/deployment-guide-platform-macos) and [Enroll your Mac with Intune Company Portal](/mem/intune/user-help/enroll-your-device-in-intune-macos-cp). - To onboard into JAMF Pro see, [JAMF Pro administrators guide](https://www.jamf.com/resources/product-documentation/jamf-pro-administrators-guide/) and [JAMF Pro Installation and Configuration Guide for Mac](https://www.jamf.com/resources/product-documentation/jamf-pro-installation-guide-for-mac/)-- Install the v95+ Edge browser on your macOS devices
+<! Install the v95+ Edge browser on your macOS devices-->
+
+### Supported browsers
+
+Endpoint DLP supports these browsers on macOS Catalina 10.15 or higher:
+
+- Microsoft Edge (latest version)
+- Safari (latest version, macOS only)
+- Chrome (latest version)
+- Firefox (latest version)
## Licensing guidance
compliance Differences Between Estimated And Actual Ediscovery Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/differences-between-estimated-and-actual-ediscovery-search-results.md
description: "Understand why estimated and actual search results may vary in sea
# Differences between estimated and actual eDiscovery search results + This article applies to searches that you can run using one of the following Microsoft 365 eDiscovery tools: - Content search
compliance Disable Reports When You Export Content Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disable-reports-when-you-export-content-search-results.md
description: Edit the Windows Registry on your local computer to disable reports
# Disable reports when you export Content Search results + When you use the eDiscovery Export tool to export the results of a Content Search in the Microsoft Purview compliance portal, the tool automatically creates and exports two reports that contain additional information about the exported content. These reports are the Results.csv file and the Manifest.xml file (see the [Frequently asked questions about disabling export reports](#frequently-asked-questions-about-disabling-export-reports) section in this topic for detailed descriptions of these reports). Because these files can be very large, you can speed up the download time and save disk space by preventing these files from being exported. You can do this by changing the Windows Registry on the computer that you use to export the search results. If you want to include the reports at a later time, you can edit the registry setting. ## Create registry settings to disable the export reports
compliance Document Metadata Fields In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/document-metadata-fields-in-Advanced-eDiscovery.md
description: "This article defines the metadata fields for documents in a review
# Document metadata fields in eDiscovery (Premium) + The following table lists the metadata fields for documents in a review set in a case in Microsoft Purview eDiscovery (Premium). The table provides the following information: - **Field name** and **Display field name:** The name of the metadata field and the name of the field that's displayed when viewing the file metadata of a selected document in a review set. Some metadata fields aren't included when viewing the file metadata of a document. These fields are highlighted with an asterisk (*).
compliance Download Documents From Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-documents-from-review-set.md
# Download selected documents from a review set + Download offers a simple way to download content from a review set in native format. The download tool in eDiscovery (Premium) uses the browser's data transfer features. A browser prompt will appear when a download is ready. Files downloaded using this method are zipped in a container file and will contain item-level files. It means that if you select to download an attachment, you will receive the email message with the attachment included. Similarly, if you export an Excel spreadsheet that is embedded in a Word document, the Word document and the embedded Excel spreadsheet are included in the download. When you downloaded items, the Last Modified Data property is preserved and can be viewed as a file property. To download content from a review set in an eDiscovery (Premium) case, start by selecting the files you want to download then select **Action items** > **Download**.
compliance Download Export Jobs https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/download-export-jobs.md
description: "Export documents in a review set to an Azure Storage account and t
# Export documents in a review set to an Azure Storage account + When you export documents from a review set in an eDiscovery (Premium) case, you have the option to export them to an Azure Storage account managed by your organization. If you use this option, the documents are uploaded to your Azure Storage location. After they are exported, you can access the documents (and download them to a local computer or other location) by using the Azure Storage Explorer. This article provides instructions for how to export documents to your Azure Storage account and the use the Azure Storage Explorer to connect to an Azure Storage location to download the exported documents. For more information about Azure Storage Explorer, see [Use Azure Storage Explorer](/azure/storage/blobs/storage-quickstart-blobs-storage-explorer). ## Before you export documents from a review set
compliance Ediscovery Cjk Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-cjk-support.md
description: "Learn how Microsoft Purview eDiscovery (Premium) in Microsoft 365
# CJK language support for eDiscovery (Premium) + Microsoft Purview eDiscovery (Premium) supports double-byte character set languages (these include Simplified Chinese, Traditional Chinese, Japanese, and Korean, which are collectively known as *CJK* languages) for the following advanced scenarios in a review set: - When you [query the data in a review set](review-set-search.md).
compliance Ediscovery Decryption https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-decryption.md
description: "Learn about how Microsoft 365 eDiscovery tools handle encrypted do
# Decryption in Microsoft 365 eDiscovery tools + Encryption is an important part of your file protection and information protection strategy. Organizations of all types use encryption technology to protect sensitive content within their organization and ensure that only the right people have access to that content. To execute common eDiscovery tasks on encrypted content, eDiscovery managers were required to decrypt email message content as it was exported from content searches, Microsoft Purview eDiscovery (Standard) cases, and Microsoft Purview eDiscovery (Premium) cases. Content encrypted with Microsoft encryption technologies wasn't available for review until after it was exported.
compliance Ediscovery Diagnostic Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-diagnostic-info.md
description: "Learn about how to collect eDiscovery diagnostic information for a
# Collect eDiscovery diagnostic information + Occasionally Microsoft Support engineers require specific information about your issue when you open a support case related to Microsoft Purview eDiscovery (Standard) or Microsoft Purview eDiscovery (Premium). This article provides guidance on how to collect diagnostic information to help support engineers investigate and resolve issues. Typically, you don't need to collect this information until asked to do so by a Microsoft Support engineer. > [!IMPORTANT]
compliance Ediscovery Kql Editor https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-kql-editor.md
description: "You can use the KQL editor to configure eDiscovery search queries
# Use the KQL editor to build search queries + The new KQL query experience in Microsoft 365 eDiscovery tools search provides feedback and guidance when you build search queries in Content search, Microsoft Purview eDiscovery (Standard), and eDiscovery (Premium). When you type queries in the editor, it provides autocompletion for supported searchable properties and conditions and provides lists of supported values for standard properties and conditions. For example, if you specify the `kind` email property in your query, the editor will present a list of supported values that you can select. The KQL editor also displays potential query errors in real time that you can fix before you run the search. Best of all, you can paste complex queries directly into the editor without having to manually build queries using the keywords and conditions cards in the standard condition builder. Here are the key benefits to using the KQL editor:
compliance Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery.md
description: "Microsoft Purview offers three eDiscovery tools that you can use t
# Microsoft Purview eDiscovery solutions
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
++ Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery tools in Microsoft Purview to search for content in Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer teams. You can search mailboxes and sites in the same eDiscovery search, and then export the search results. You can use Microsoft Purview eDiscovery (Standard) cases to identify, hold, and export content found in mailboxes and sites. If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can further manage custodians and analyze content by using the feature-rich Microsoft Purview eDiscovery (Premium) solution in Microsoft 365. ## eDiscovery solutions
compliance Email Threading In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/email-threading-in-advanced-ediscovery.md
# Email threading in eDiscovery (Premium) + Consider an email conversation that has been going on for a while. In most cases, the last message in the email thread will include the contents of all the preceding messages. Therefore, reviewing the last message will give a complete context of the conversation that happened in the thread. Email threading identifies such messages so that reviewers can review a fraction of collected documents without losing any context. ## What does email threading do?
compliance Endpoint Dlp Learn About https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/endpoint-dlp-learn-about.md
If you only want monitoring data from policy matches, you can turn off the **Alw
Endpoint DLP monitors activity-based on MIME type, so activities will be captured even if the file extension is changed.
-### File types (preview)
+### File types
File Types are a grouping of file formats which are utilized to protect specific workflows or areas of business. You can use one or more File types as conditions in your DLP policies.
File Types are a grouping of file formats which are utilized to protect specific
|archive |file archive and compression tools | .zip, .zipx, .rar, .7z, .tar, .gz | |email |Outlook |.pst, .ost, .msg |
-### File extensions (preview)
+### File extensions
If the File types don't cover the file extensions you need to list as a condition in a policy, you can use file extensions separated by comma instead.
compliance Error Remediation When Processing Data In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/error-remediation-when-processing-data-in-advanced-ediscovery.md
# Error remediation when processing data + Error remediation allows eDiscovery administrators the ability to rectify data issues that prevent Microsoft Purview eDiscovery (Premium) from properly processing the content. For example, files that are password protected can't be processed since the files are locked or encrypted. Using error remediation, eDiscovery administrators can download files with such errors, remove the password protection, and then upload the remediated files. Use the following workflow to remediate files with errors in eDiscovery (Premium) cases.
compliance Export A Content Search Report https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-a-content-search-report.md
# Export a Content search report + Instead of exporting the full set of search results from a Content search in the Microsoft Purview compliance portal (or from a search that's associated with a Microsoft Purview eDiscovery (Standard) case), you can export the same reports that are generated when you export the actual search results. When you export a report, the report files are downloaded to a folder on your local computer that has the same name as the Content Search, but that's appended with *_ReportsOnly*. For example, if the Content Search is named *ContosoCase0815*, then the report is downloaded to a folder named *ContosoCase0815_ReportsOnly*. For a list of documents that are included in the report, see [What's included in the report](#whats-included-in-the-report).
compliance Export Content In Core Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-content-in-core-ediscovery.md
description: "Describes how to export and download content from a eDiscovery (St
# Export content from a eDiscovery (Standard) case + After a search associated with a Microsoft Purview eDiscovery (Standard) case is successfully run, you can export the search results. When you export search results, mailbox items are downloaded in PST files or as individual messages. When you export content from SharePoint and OneDrive for Business sites, copies of native Office documents and other documents are exported. A Results.csv file that contains information about every item that's exported and a manifest file (in XML format) that contains information about every search result is also exported. ## Export search results
compliance Export Documents From Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-documents-from-review-set.md
# Export documents from a review set in eDiscovery (Premium) + Export allows users to customize the content that is included in the download package when you export document from a review set in eDiscovery (Premium). To export documents from a review set:
compliance Export Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-search-results.md
# Export Content search results + After a Content search is successfully run, you can export the search results to a local computer. When you export email results, they're downloaded to your computer as PST files. When you export content from SharePoint and OneDrive for Business sites, copies of native Office documents are exported. There are other documents and reports included with the exported search results. Exporting the results of a Content search involves preparing the results, and then downloading them to a local computer. These steps for exporting search results also apply to exporting the results of a search that's associated with Microsoft Purview eDiscovery (Standard) cases.
compliance Export View Audit Log Records https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/export-view-audit-log-records.md
description: "In this article, you will learn how to export, configure, and view
# Export, configure, and view audit log records + After you search the audit log and download the search results to a CSV file, the file contains a column named **AuditData**, which contains additional information about each event. The data in this column is formatted as a JSON object, which contains multiple properties that are configured as *property:value* pairs separated by commas. You can use the JSON transform feature in the Power Query Editor in Excel to split each property in the JSON object in the **AuditData** column into multiple columns so that each property has its own column. This lets you sort and filter on one or more of these properties, which can help you quickly locate the specific auditing data you're looking for. ## Step 1: Export audit log search results
compliance Exporting Data Ediscover20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/exporting-data-ediscover20.md
# Export case data in eDiscovery (Premium) + There are three ways to export data from a review set: **Download:** Download (by using a browser) a small set of native files. This is the quickest way to export a small set of data. This method preserves the native file names. For more information, see [Download documents from a review set](download-documents-from-review-set.md).
compliance Filter Data When Importing Pst Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/filter-data-when-importing-pst-files.md
description: "Learn how to filter data using the intelligent import feature in t
# Filter data when importing PST files + Use the new Intelligent Import feature in the Microsoft 365 Import service to filter the items in PST files that actually get imported to the target mailboxes. Here's how it works: - After you create and submit a PST import job, PST files are uploaded to an Azure storage area in the Microsoft cloud.
compliance Get Started Core Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-core-ediscovery.md
description: "Describes how to get started using eDiscovery (Standard) in Micros
# Get started with eDiscovery (Standard) in Microsoft Purview + Microsoft Purview eDiscovery (Standard) in Microsoft Purview provides a basic eDiscovery tool that organizations can use to search and export content in Microsoft 365 and Office 365. You can also use eDiscovery (Standard) to place an eDiscovery hold on content locations, such as Exchange mailboxes, SharePoint sites, OneDrive accounts, and Microsoft Teams. Nothing is needed to deploy eDiscovery (Standard), but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start using eDiscovery (Standard) to search, export, and preserve content. This article discusses the steps necessary to set up eDiscovery (Standard). This includes ensuring the proper licensing required to access eDiscovery (Standard) and place an eDiscovery hold on content locations, as well as assigning permissions to your IT, legal, and investigation team so they can access and manage cases. This article also provides a high-level overview of using cases to search for and export content.
compliance Get Started With Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-advanced-ediscovery.md
description: "This article describes how to set up eDiscovery (Premium) so you c
# Set up Microsoft Purview eDiscovery (Premium) + Microsoft Purview eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, review, analyze, and export data that's responsive to your organization's internal and external investigations. Nothing is needed to deploy eDiscovery (Premium), but there are some prerequisite tasks that an IT admin and eDiscovery manager have to complete before your organization can start to create and use eDiscovery (Premium) cases to manage your investigations. This article discusses the following steps necessary to set up eDiscovery (Premium).
compliance Identify A Hold On An Exchange Online Mailbox https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/identify-a-hold-on-an-exchange-online-mailbox.md
description: "Learn how to identify the different types of hold that can be plac
# How to identify the type of hold placed on an Exchange Online mailbox + This article explains how to identify holds placed on Exchange Online mailboxes in Microsoft 365. Microsoft 365 offers several ways that your organization can prevent mailbox content from being permanently deleted. This allows your organization to retain content to meet compliance regulations or during legal and other types of investigations. Here's a list of the retention features (also called *holds*) in Office 365:
compliance Import Epic Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-epic-data.md
description: "Administrators can set up a data connector to import electronic he
# Set up a connector to import Epic EHR audit data (preview) + You can set up a data connector in the Microsoft Purview compliance portal to import audit records for user activity in your organization's Epic Electronic Healthcare Records (EHR) system. Audit records from your Epic EHR system include records for events related to accessing a patient's health records. Epic EHR audit records can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. Setting up an Epic connector consists of the following tasks:
compliance Import Healthcare Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-healthcare-data.md
description: "Administrators can set up a data connector to import electronic he
# Set up a connector to import healthcare EHR audit data (preview) + You can set up a data connector in the Microsoft Purview compliance portal to import auditing data for user activity in your organization's Electronic Healthcare Records (EHR) system. Auditing data from your healthcare EHR system include data for events related to accessing a patient's health records. Healthcare EHR auditing data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from unauthorized access to patient information. Setting up a Healthcare connector consists of the following tasks:
compliance Import Hr Data US Government https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data-US-government.md
description: "Administrators in the US Government cloud can set up a data connec
# Set up a connector to import HR data in US Government + You can set up a data connector in the Microsoft Purview compliance portal to import human resources (HR) data to your US Government organization. HR-related data includes the date an employee submitted their resignation and date of the employee's last day. This HR data can then be used by Microsoft information protection solutions, such as the [insider risk management solution](insider-risk-management.md), to help protect your organization from malicious activity or data theft inside your organization. Setting up an HR connector consists of creating an app in Azure Active Directory that's used for authentication by connector, creating a CSV mapping files that contains your HR data, creating a data connector in the compliance center, and then running a script (on a scheduled basis) that ingests the HR data in the CSV file to the Microsoft cloud. Then the data connector is used by the insider risk management tool to access the HR data that was imported to your Microsoft 365 US Government organization. ## Before you begin
compliance Import Hr Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-hr-data.md
description: "Administrators can set up a data connector to import employee data
# Set up a connector to import HR data + You can set up a data connector in the Microsoft Purview compliance portal to import human resources (HR) data related to events such as a user's resignation or a change in a user's job level. The HR data can then be used by the [insider risk management solution](insider-risk-management.md) to generate risk indicators that can help you identity possible malicious activity or data theft by users inside your organization. Setting up a connector for HR data that insider risk management policies can use to generate risk indicators consists of creating a CSV file that contains that contains the HR data, creating an app in Azure Active Directory that's used for authentication, creating an HR data connector in the compliance portal, and then running a script (on a scheduled basis) that ingests the HR data in CSV files to the Microsoft cloud so it's available to the insider risk management solution.
compliance Import Physical Badging Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/import-physical-badging-data.md
description: "Administrators can set up a data connector to import data from the
# Set up a connector to import physical badging data (preview) + You can set up a data connector in the Microsoft Purview compliance portal to import physical badging data, such as employeeΓÇÖs raw physical access events or any physical access alarms generated by your organization's badging system. Examples of physical access points are an entry to a building or an entry to server room or data center. Physical badging data can be used by the Microsoft 365 [insider risk management solution](insider-risk-management.md) to help protect your organization from malicious activity or data theft inside your organization. Setting up a physical badging connector consists of the following tasks:
compliance Importing Pst Files To Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/importing-pst-files-to-office-365.md
description: Learn how to use the Import service in the Microsoft Purview compli
# Learn about importing your organization's PST files + > [!NOTE] > This article is for administrators. Are you trying to import PST files to your own mailbox? See [Import email, contacts, and calendar from an Outlook .pst file](https://go.microsoft.com/fwlink/p/?LinkID=785075).
compliance Increase The Recoverable Quota For Mailboxes On Hold https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/increase-the-recoverable-quota-for-mailboxes-on-hold.md
description: "Enable the archive mailbox and turn on auto-expanding archiving to
# Increase the Recoverable Items quota for mailboxes on hold + The default Exchange retention policyΓÇönamed *Default MRM Policy*ΓÇöthat is automatically applied to new mailboxes in Exchange Online contains a retention tag named Recoverable Items 14 days move to archive. This retention tag moves items from the Recoverable Items folder in the user's primary mailbox to the Recoverable Items folder in the user's archive mailbox after the 14-day retention period expires for an item. For this to happen, the user's archive mailbox must be enabled. If the archive mailbox isn't enabled, no action is taken, which means that items in the Recoverable Items folder for a mailbox on hold aren't moved to the archive mailbox after the 14-day retention period expires. Because nothing is deleted from a mailbox on hold, it's possible that the storage quota for the Recoverable Items folder might be exceeded, especially if the user's archive mailbox isn't enabled. To help reduce the chance of exceeding this limit, the storage quota for the Recoverable Items folder is automatically increased from 30 GB to 100 GB when a hold is placed on a mailbox in Exchange Online. If the archive mailbox is enabled, the storage quota for the Recoverable Items folder in the archive mailbox is also increased from 30 GB to 100 GB. If the auto-expanding archiving feature in Exchange Online is enabled, the total storage quota for the user's archive mailbox, including the Recoverable Items folder, is 1.5 TB.
compliance Indexing Custodian Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/indexing-custodian-data.md
description: "When a custodian is added to an eDiscovery (Premium) case, any con
# Advanced indexing of custodian data + When a custodian is added to an eDiscovery (Premium) case, any content that was deemed as partially indexed or had indexing errors is reindexed. This reindexing process is called *Advanced indexing*. There are many reasons that content is partially indexed or has indexing errors. This includes image files or the presence of images in a file, unsupported file types, or file sized indexing limits. For SharePoint files, Advanced indexing only runs on items are marked as partially indexed or that have indexing errors. In Exchange, email messages that have image attachments are not marked as partially indexed or with indexing errors. This means that those files will not be reindexed by the Advanced indexing process. To learn more about processing support and partially indexed items, see:
compliance Information Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection.md
description: "Implement Microsoft Purview Information Protection capabilities to
# Protect your sensitive data with Microsoft Purview
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] >*[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance)*
compliance Insider Risk Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/insider-risk-management.md
# Learn about insider risk management
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] Microsoft Purview Insider Risk Management is a compliance solution that helps minimize internal risks by enabling you to detect, investigate, and act on malicious and inadvertent activities in your organization. Insider risk policies allow you to define the types of risks to identify and detect in your organization, including acting on cases and escalating cases to Microsoft eDiscovery (Premium) if needed. Risk analysts in your organization can quickly take appropriate actions to make sure users are compliant with your organization's compliance standards.
compliance Investigating Partially Indexed Items In Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/investigating-partially-indexed-items-in-ediscovery.md
description: "Learn how to manage partially indexed items (also called unindexed
# Investigating partially indexed items in eDiscovery + An eDiscovery search that you run from the Microsoft Purview compliance portal automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. Most email messages and site documents are successfully indexed because they fall within the [Indexing limits for email messages](limits-for-content-search.md#indexing-limits-for-email-messages). However, some items may exceed these indexing limits, and will be partially indexed. Here are other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: - Email messages have an attached file that can't be opened, such as image files; this is the most common cause of partially indexed email items.
compliance Keyword Queries And Search Conditions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/keyword-queries-and-search-conditions.md
description: "Learn about email and document properties that you can search by u
# Keyword queries and search conditions for eDiscovery + This article describes the email and document properties that you can search for in email items and Microsoft Teams chat conversations in Exchange Online, and documents stored on SharePoint and OneDrive for Business sites using the eDiscovery search tools in the Microsoft Purview compliance portal. This includes Content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) (eDiscovery searches in eDiscovery (Premium) are called *collections*). You can also use the **\*-ComplianceSearch** cmdlets in Security & Compliance Center PowerShell to search for these properties. The article also describes: - Using Boolean search operators, search conditions, and other search query techniques to refine your search results.
compliance Legacy Ediscovery Retirement https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/legacy-ediscovery-retirement.md
description: "In-Place eDiscovery and In-Place Hold (and the corresponding Power
# Retirement of legacy eDiscovery tools + > [!IMPORTANT] > The functionality of the legacy eDiscovery tools described in this article has either been removed from the Microsoft 365 service or is still available, but no longer supported. Any functionality that's still available may be removed without notice. If you're still using any of these legacy tools, consider migrating to the eDiscovery tools in the Microsoft Purview compliance portal or one of the alternatives described in this article.
compliance Limits Core Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-core-ediscovery.md
description: "This article describes the limits in eDiscovery (Standard) case in
# Limits in eDiscovery (Standard) + The following table lists the limits for eDiscovery (Standard) cases and holds associated with a eDiscovery (Standard) case. For more information about Microsoft Purview eDiscovery (Standard), see [Overview of eDiscovery (Standard)](./get-started-core-ediscovery.md). | Description of limit | Limit |
compliance Limits Ediscovery20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-ediscovery20.md
description: "Learn about the case limits, indexing limits, and search limits in
# Limits in eDiscovery (Premium) + This article describes the limits in the Microsoft Purview eDiscovery (Premium) solution in Microsoft 365. ## Case and review set limits
compliance Limits For Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-for-content-search.md
description: "Learn about the limits in effect for the Content search and eDisco
# Limits for eDiscovery search + Various limits are applied to eDiscovery search tools in the Microsoft Purview compliance portal. This includes searches run on the **Content search** page and searches that are associated with an eDiscovery case on the **eDiscovery (Standard)** page. These limits help to maintain the health and quality of services provided to organizations. There are also limits related to the indexing of email messages in Exchange Online for search. You can't modify the limits for eDiscovery searches or email indexing, but you should be aware of them so that you can take these limits into consideration when planning, running, and troubleshooting eDiscovery searches. For limits related to the Microsoft Purview eDiscovery (Premium) tool, see [Limits in eDiscovery (Premium)](limits-ediscovery20.md)
compliance Load Non Office 365 Data Into A Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/load-non-Office-365-data-into-a-review-set.md
# Load non-Microsoft 365 data into a review set + Not all documents that you need to analyze in Microsoft Purview eDiscovery (Premium) are located in Microsoft 365. With the non-Microsoft 365 data import feature in eDiscovery (Premium), you can upload documents that aren't located in Microsoft 365 to a review set. This article shows you how to bring your non-Microsoft 365 documents into eDiscovery (Premium) for analysis. ## Requirements to upload non-Office 365 content
compliance Mailitemsaccessed Forensics Investigations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mailitemsaccessed-forensics-investigations.md
description: "Use the MailItemsAccessed mailbox auditing action to perform foren
# Use Microsoft Purview Audit (Premium) to investigate compromised accounts + A compromised user account (also called an *account takeover*) is a type of attack when an attacker gains access to a user account and operates as the user. These types of attacks sometimes cause more damage than the attacker may have intended. When investigating compromised email accounts, you have to assume that more mail data was compromised than may be indicated by tracing the attacker's actual presence. Depending on the type of data in email messages, you have to assume that sensitive information was compromised or face regulatory fines unless you can prove that sensitive information wasn't exposed. For example, HIPAA-regulated organizations face significant fines if there is evidence that patient health information (PHI) was exposed. In these cases, attackers are unlikely to be interested in PHI, but organizations still must report data breaches unless they can prove otherwise. To help you with investigating compromise email accounts, we're now auditing accesses of mail data by mail protocols and clients with the *MailItemsAccessed* mailbox-auditing action. This new audited action will help investigators better understand email data breaches and help you identify the scope of compromises to specific mail items that may been compromised. The goal of using this new auditing action is forensics defensibility to help assert that a specific piece of mail data was not compromised. If an attacker gained access to a specific piece of mail, Exchange Online audits the event even though there is no indication that the mail item was read.
compliance Manage Hold Notification https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-hold-notification.md
description: "Use the communications workflow in eDiscovery (Premium) to track t
# Manage hold notifications + After you have initiated your legal hold notification workflow, you can use the communications workflow in Microsoft Purview eDiscovery (Premium) to track the status of your communications. The Communications tab contains a list of all notifications within your eDiscovery (Premium) case. You can see details such as the number of custodians that have been assigned or have acknowledged the notice. ## Monitor acknowledgments
compliance Manage Legal Investigations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-legal-investigations.md
description: "Use eDiscovery cases in the Microsoft Purview compliance portal to
# Manage legal investigations in Microsoft 365 + Organizations have many reasons to respond to a legal case involving certain executives or other employees in your organization. This might involve quickly finding and retaining for further investigation-specific information in email, documents, instant messaging conversations, and other content locations used by people in their day-to-day work tasks. You can perform these and many other similar activities by using the eDiscovery case tools in the security and compliance center. **Want to know how Microsoft manages its eDiscovery investigations?** Here's a [technical white paper](https://go.microsoft.com/fwlink/?linkid=852161) you can download that explains how we use the same search and investigation tools to manage our internal eDiscovery workflow.
compliance Manage New Custodians https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-new-custodians.md
search.appverid:
- MOE150 - MET150 ms.assetid: - description: Learn how to view details, edit, and bulk edit the list of custodians in an eDiscovery (Premium) case. + # Manage custodians in an eDiscovery (Premium) case + The **Custodians** page on the **Data sources** tab in an Microsoft Purview eDiscovery (Premium) case contains a list of all custodians that have been added to the case. After you add custodians to a case, details about each custodian are automatically collected from Azure Active Directory and are viewable in eDiscovery (Premium). ## View custodian details
compliance Manage Relevance Setup In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-relevance-setup-in-advanced-ediscovery.md
description: "Read the recommendations for setting up Relevance training in eDis
# Manage Relevance setup in eDiscovery (Premium) (classic) + > [!NOTE] > Microsoft Purview eDiscovery (Premium) requires an Office 365 E3 with the Advanced Compliance add-on or an E5 subscription for your organization. If you don't have that plan and want to try eDiscovery (Premium), you can [sign up for a trial of Office 365 Enterprise E5](https://go.microsoft.com/fwlink/p/?LinkID=698279).
compliance Managing Custodian Communications https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodian-communications.md
description: "eDiscovery (Premium) makes it easy to manage the legal hold notifi
# Work with communications in eDiscovery (Premium) + Microsoft Purview eDiscovery (Premium) allows legal departments to simplify their processes around tracking and distributing legal hold notifications. The custodian communications tool enables legal departments to manage and automate the entire legal hold process, from initial notifications, to reminders, and to escalations, all in one location. ## What is a legal hold notification?
compliance Managing Custodians https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-custodians.md
description: Learn how to use the custodian management tool in eDiscovery (Premi
# Work with custodians and non-custodial data sources in eDiscovery (Premium) + When an organization responds to a legal investigation, the workflow around identifying, preserving, and collecting potentially relevant content is based on the people in the organization who are the custodians of relevant data. In eDiscovery, these individuals are called *data custodians* (or just *custodians*) and are defined as "persons having administrative control of a document or electronic file". For example, the custodian of an email message could be the owner of the mailbox that contains the relevant message. Additionally, there may be content located in mailboxes and sites that aren't associated with a custodian but that's relevant to the case. Content locations where case custodians don't have administrative control but may be owners of relevant data, are known as *non-custodial data sources*.
compliance Managing Holds https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-holds.md
# Manage holds in eDiscovery (Premium) + You can use an Microsoft Purview eDiscovery (Premium) case to create holds to preserve content that might be relevant to your case. Using the eDiscovery (Premium) hold capabilities, you can place holds on custodians and their data sources. Additionally, you can place a non-custodial hold on mailboxes and OneDrive for Business sites. You can also place a hold on the group mailbox, SharePoint site, and OneDrive for Business site for a Microsoft 365 Group. Similarly, you can place a hold on the mailbox and site that are associated with Microsoft Teams. When you place content locations on hold, content is held until you release the custodian, remove a specific data location, or delete the hold policy entirely. ## Manage custodian-based holds
compliance Managing Jobs Ediscovery20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-jobs-ediscovery20.md
description: "eDiscovery (Premium) jobs help you track the status of long-runnin
# Manage jobs in eDiscovery (Premium) + Here's a list of the jobs (which are typically long-running processes) that are tracked on the **Jobs** tab of a case in Microsoft Purview eDiscovery (Premium). These jobs are triggered by user actions when using and managing cases. | Job type | Description |
compliance Managing Review Sets https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/managing-review-sets.md
# Manage review sets in eDiscovery (Premium) + Review sets are a static set of documents where you can analyze, query, view, tag, and export data in a case. For more information about performing these tasks, see: - [Analyze data in a review set](analyzing-data-in-review-set.md)
compliance Migrate Legacy Ediscovery Searches And Holds https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/migrate-legacy-eDiscovery-searches-and-holds.md
description:
# Migrate legacy eDiscovery searches and holds to the compliance portal + The Microsoft Purview compliance portal provides an improved experience for eDiscovery usage, including: higher reliability, better performance, and many features tailored to eDiscovery workflows including cases to organize your content by matter, review sets to review content and analytics to help cull data for review such as near-duplicate grouping, email threading, themes analysis, and predictive coding. To help customers take advantage of the new and improved functionality, this article provides basic guidance on how to migrate In-Place eDiscovery searches and holds from the <a href="https://go.microsoft.com/fwlink/p/?linkid=2059104" target="_blank">Exchange admin center</a> to the compliance portal.
compliance Named Entities Use https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-use.md
To create or edit a DLP policy, use the procedures in [Create, test, and tune a
|SharePoint Online data-at-rest |Supported | |Teams data-at-rest |Supported | |Email messages data-at-rest |Supported for tenants with Privacy Service Plan |
-|Microsoft Defender for Cloud Apps |supported |
+<!--|Microsoft Defender for Cloud Apps |supported |-->
### Autolabeling
compliance Near Duplicate Detection In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/near-duplicate-detection-in-advanced-ediscovery.md
# Near duplicate detection in eDiscovery (Premium) + Consider a set of documents to be reviewed in which a subset is based on the same template and has mostly the same boilerplate language, with a few differences here and there. If a reviewer could identify this subset, review one of them thoroughly, and review the differences for the rest, they would not have missed any unique information while taking only a fraction of time that would have taken them to read all documents cover to cover. Near duplicate detection groups textually similar documents together to help you make your review process more efficient. ## How does it work?
compliance New Defender Alert Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/new-defender-alert-policies.md
description: "We're releasing new alert policies for Microsoft Defender for Offi
# New alert policies in Microsoft Defender for Office 365 + Microsoft Defender for Office 365 is introducing new and improved alert policies related to post-delivery detections. This includes enhancements to the Automated Investigation & Response (AIR) playbooks associated with them. In addition, we're modifying the severity classification for six default alert policies to better align the alerts generated by these policies with their impact on your organization. ## Post-delivery detections
compliance Non Custodial Data Sources https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/non-custodial-data-sources.md
description: "You can add non-custodial data sources to an eDiscovery (Premium)
# Add non-custodial data sources to an eDiscovery (Premium) case + In Microsoft Purview eDiscovery (Premium) cases, it doesn't always meet your needs to associate a Microsoft 365 data source with a custodian in the case. But you may still need to associate that data with a case so that you can search it, add it to a review set, and analyze and review it. The feature in eDiscovery (Premium) is called *non-custodial data sources* and lets you add data to a case without having to associate it to a custodian. It also applies the same eDiscovery (Premium) functionality to non-custodial data that's available for data associated with custodian. Two of the most useful things that you can apply to non-custodial data is placing it on hold and processing it using [Advanced indexing](indexing-custodian-data.md). ## Add a non-custodial data source
compliance Overview Ediscovery 20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/overview-ediscovery-20.md
# Overview of Microsoft Purview eDiscovery (Premium) + The Microsoft Purview eDiscovery (Premium) solution builds on the existing Microsoft eDiscovery and analytics capabilities. eDiscovery (Premium) provides an end-to-end workflow to preserve, collect, analyze, review, and export content that's responsive to your organization's internal and external investigations. It also lets legal teams manage the entire legal hold notification workflow to communicate with custodians involved in a case. ## eDiscovery (Premium) capabilities
compliance Partially Indexed Items In Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/partially-indexed-items-in-content-search.md
description: "Learn about unindexed items in Exchange and SharePoint that you ca
# Partially indexed items in eDiscovery + An Microsoft Purview eDiscovery search that you run from the Microsoft Purview compliance portal automatically includes partially indexed items in the estimated search results when you run a search. Partially indexed items are Exchange mailbox items and documents on SharePoint and OneDrive for Business sites that for some reason weren't completely indexed for search. In Exchange, a partially indexed item typically contains a file (of a file type that can't be indexed) that is attached to an email message. Here are some other reasons why items can't be indexed for search and are returned as partially indexed items when you run an eDiscovery search: - The file type is unrecognized or unsupported for indexing.
compliance Permissions Filtering For Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/permissions-filtering-for-content-search.md
# Configure permissions filtering for eDiscovery + You can use search permissions filtering to let an eDiscovery manager search only a subset of mailboxes and sites in your organization. You can also use permissions filtering to let that same eDiscovery manager search only for mailbox or site content that meets a specific search criteria. For example, you might let an eDiscovery manager search only the mailboxes of users in a specific location or department. You do this by creating a filter that uses a supported recipient filter to limit which mailboxes a specific user or group of users can search. You can also create a filter that specifies what mailbox content a user can search for. This is done by creating a filter that uses a searchable message property. Similarly, you can let an eDiscovery manager search only specific SharePoint sites in your organization. You do this by creating a filter that limits which site can be searched. You can also create a filter that specifies what site content can be searched. This is done by creating a filter that uses a searchable site property. Search permissions filters are applied when you search for content using Content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) in the Microsoft Purview compliance portal. When a search permissions filter is applied to a specific user, that user can perform the following search-related actions:
compliance Predictive Coding Apply Prediction Filter https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-apply-prediction-filter.md
description: "Use a prediction score filter to displays items that a predictive
# Apply a prediction score filter to a review set (preview) + After you create a predictive coding model in Microsoft Purview eDiscovery (Premium) and train it to the point where it's stable, you can apply the prediction score filter to display review set items that the model has determined are relevant (or not relevant). When you create a model, a corresponding prediction score filter is also created. You can use this filter to display items assigned a prediction score within a specified range. In general, prediction scores between **0** and **.5** are assigned to items that model has predicted are not relevant. Items assigned prediction scores between **.5** and **1.0** are items the model has predicted are relevant. Here are two ways you can use the prediction score filter:
compliance Predictive Coding Create Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-create-model.md
description: "Learn how to create a predictive coding model in eDiscovery (Premi
# Create a predictive coding model (preview) + The first step in using the machine learning capabilities of predictive coding in eDiscovery (Premium) is to create a predictive coding model. After you create a model, you can train it identify the relevant and non-relevant content in a review set. To review the predictive coding workflow, see [Learn about predictive coding in eDiscovery (Premium)](predictive-coding-overview.md#the-predictive-coding-workflow)
compliance Predictive Coding Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-overview.md
description: "The new predictive coding module in eDiscovery (Premium) uses mach
# Learn about predictive coding in eDiscovery (Premium) (preview) + The predictive coding module in eDiscovery (Premium) uses the intelligent, machine learning capabilities to help you reduce the amount of content to review. Predictive coding helps you reduce and cull large volumes of case content to a relevant set of items that you can prioritize for review. This is accomplished by creating and training your own predictive coding models that help you prioritize the review of the most relevant items in a review set. The predictive coding module is designed to streamline the complexity of managing a model within a review set and provide an iterative approach to training your model so you can get started faster with the machine learning capabilities in eDiscovery (Premium). To get started, you can create a model, label as few as 50 items as relevant or not relevant. The system uses this training to apply prediction scores to every item in the review set. This lets you filter items based on the prediction score, which allows you to review the most relevant (or non-relevant) items first. If you want to train models with higher accuracies and recall rates, you can continue labeling items in subsequent training rounds until the model stabilizes.
compliance Predictive Coding Quick Start https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-quick-start.md
description: "Learn how to get started using the predictive coding module in eDi
# Quick start: Predictive coding in eDiscovery (Premium) (preview) + This article presents a quick start for using predictive coding in Microsoft Purview eDiscovery (Premium). The predictive coding module uses intelligent, machine learning capabilities to help you cull large volumes of case content that's not relevant to your investigation. This is accomplished by creating and training your own predictive coding models that help you prioritize the most relevant items for review. Here's an a quick overview of the predictive coding process:
compliance Predictive Coding Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-reference.md
description: ""
# Predictive coding reference (preview) + This article describes the key concepts and metrics of the predictive coding tool in Microsoft Purview eDiscovery (Premium). The sections in the article are listed in alphabetical order. ## Confidence level
compliance Predictive Coding Train Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/predictive-coding-train-model.md
description: ""
# Train a predictive coding model (preview) + After you create a predictive coding model in Microsoft Purview eDiscovery (Premium), the next step is to performing the first training round to train the model on what is relevant and non-relevant content in your review set. After you complete the first round of training, you can perform subsequent training rounds to improve the model's ability to predict relevant and non-relevant content. To review the predictive coding workflow, see [Learn about predictive coding in eDiscovery (Premium)](predictive-coding-overview.md#the-predictive-coding-workflow)
compliance Preserve Bcc And Expanded Distribution Group Recipients For Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preserve-bcc-and-expanded-distribution-group-recipients-for-ediscovery.md
description: "In-Place Hold, Litigation Hold, and Microsoft 365 retention polici
# Preserve Bcc and expanded distribution group recipients for eDiscovery+ Litigation holds, eDiscovery holds, and [Microsoft 365 retention policies](./retention.md) (created in the Microsoft Purview compliance portal) allow you to preserve mailbox content to meet regulatory compliance and eDiscovery requirements. Information about recipients directly addressed in the To and Cc fields of a message is included in all messages by default. But your organization may require the ability to search for and reproduce details about all recipients of a message. This includes:
compliance Preview Ediscovery Search Results https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/preview-ediscovery-search-results.md
description: "Preview a sample of the results returned by a Content search or a
# Preview eDiscovery search results + After you run a Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case, you can preview a sample of the results returned by the search. Previewing items returned by the search query can help you determine if the search is returning the results you hope for or if you need to change the search query and rerun the search. To preview a sample of results returned by a search:
compliance Processing Data For Case https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/processing-data-for-case.md
description: "Overview about processing various forms of data in eDiscovery (Pre
# Work with processing errors in eDiscovery (Premium) + *Processing* is the process of file identification, expansion of embedded documents and attachments, text extraction, and Optical Character Recognition (OCR) of image files and the subsequent indexing of that content. When you add custodians and non-custodian data sources to a case on the **Sources** tab, all partially indexed items from Microsoft 365 are processed to make them fully searchable. Likewise, when content is added to a review set from both Microsoft 365 and non-Microsoft 365 data sources, this content is also processed.
compliance Records Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/records-management.md
description: Learn how Microsoft Purview Records Management supports high-value
# Learn about records management
+> [!TIP]
+> *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md).
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
compliance Retry Failed Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retry-failed-content-search.md
# Retry a Content Search to resolve a content location error + When you use Content Search in the security and compliance center to search a large number of mailboxes, you may get search errors that are similar to the error: ```text
compliance Review Set Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/review-set-search.md
# Query and filter content in a review set + In most cases, it will be useful to dig deeper into the content in a review set and organize it to facilitate a more efficient review. Using filters and queries in a review set helps you focus on a subset of documents that meet the criteria of your review. ## Default filters
compliance Search And Delete Teams Chat Messages https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-and-delete-Teams-chat-messages.md
description: "Use eDiscovery (Premium) and the Microsoft Graph Explorer to searc
# Search and purge chat messages in Teams + You can use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and delete chat messages in Microsoft Teams. This can help you find and remove sensitive information or inappropriate content. This search and purge workflow will also help you respond to a data spillage incident, when content containing confidential or malicious information is released through Teams chat messages.ΓÇï > [!NOTE]
compliance Search Cloud Based Mailboxes For On Premises Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-cloud-based-mailboxes-for-on-premises-users.md
# Search for Teams chat data for on-premises users + If your organization has an Exchange hybrid deployment (or your organization synchronizes an on-premises Exchange organization with Office 365) and has enabled Microsoft Teams, on-premises users can use the Teams chat application for instant messaging. For a cloud-based user, Teams chat data (also called *1x1 or 1xN chats*) is saved to their primary cloud-based mailbox. When an on-premises user uses the Teams chat application, their chat messages can't be stored in their primary mailbox, which is located on-premises. To get around this limitation, Microsoft has released a new feature where a cloud-based storage area is created so that you use eDiscovery tools to search for and export Teams chat data for on-premises users. Here are the requirements and limitations for enabling cloud-based storage for on-premises users:
compliance Search For And Delete Messages In Your Organization https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-and-delete-messages-in-your-organization.md
description: "Use the search and purge feature in the Microsoft Purview complian
# Search for and delete email messages + **This article is for administrators. Are you trying to find items in your mailbox that you want to delete? See [Find a message or item with Instant Search](https://support.office.com/article/69748862-5976-47b9-98e8-ed179f1b9e4d)**. You can use the Content search feature to search for and delete email messages from all mailboxes in your organization. This can help you find and remove potentially harmful or high-risk email, such as:
compliance Search For Content In Core Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content-in-core-ediscovery.md
description: "Search for content that may be relevant to a eDiscovery (Standard)
# Search for content in a eDiscovery (Standard) case + After a Microsoft Purview eDiscovery (Standard) case is created and people of interest in the case are placed on hold, you can create and run one or more searches for content relevant to the case. Searches associated with a eDiscovery (Standard) case aren't listed on the **Content search** page in the Microsoft Purview compliance portal. These searches are listed on the **Searches** page of the Core eDiscover case the searches are associated with. This also means that searches associated with a case can only be accessed by case members. To create a eDiscovery (Standard) search:
compliance Search For Content https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-content.md
description: "Use the Content search eDiscovery tool in the Microsoft Purview co
# Search for content using the Content search tool + Use the Content search tool in the Microsoft Purview compliance portal to quickly find email in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Skype for Business. You can use the content search tool to search for email, documents, and instant messaging conversations in collaboration tools such as Microsoft Teams and Microsoft 365 Groups. ## Search for content
compliance Search For Ediscovery Activities In The Audit Log https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-for-ediscovery-activities-in-the-audit-log.md
# Search for eDiscovery activities in the audit log + Content Search and eDiscovery-related activities (for Microsoft Purview eDiscovery (Standard) and Microsoft Purview eDiscovery (Premium)) that are performed in Microsoft Purview compliance portal or by running the corresponding PowerShell cmdlets are logged in the audit log. Events are logged when administrators or eDiscovery managers (or any user assigned eDiscovery permissions) perform the following Content Search and eDiscovery (Standard) tasks in the compliance portal: - Creating and managing Core and eDiscovery (Premium) cases
compliance Search The Audit Log In Security And Compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance.md
# Search the audit log in the compliance center + Need to find if a user viewed a specific document or purged an item from their mailbox? If so, you can use the audit log search tool in Microsoft Purview compliance portal to search the unified audit log to view user and administrator activity in your organization. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Users in your organization can use the audit log search tool to search for, view, and export (to a CSV file) the audit records for these operations. ## Microsoft 365 services that support auditing
compliance Search The Mailbox And Onedrive For Business For A List Of Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-the-mailbox-and-onedrive-for-business-for-a-list-of-users.md
# Use Content Search to search the mailbox and OneDrive for Business site for a list of users + Security & Compliance Center PowerShell provides a number of cmdlets that let you automate time-consuming eDiscovery-related tasks. Currently, creating a Content search in the Microsoft Purview compliance portal to search a large number of custodian content locations takes time and preparation. Before you create a search, you have to collect the URL for each OneDrive for Business site and then add each mailbox and OneDrive for Business site to the search. In future releases, this will be easier to do in the compliance portal. Until then, you can use the script in this article to automate this process. This script prompts you for the name of your organization's MySite domain (for example, **contoso** in the URL `https://contoso-my.sharepoint.com`), a list of user email addresses, the name of the new Content Search, and the search query to use. The script gets the OneDrive for Business URL for each user in the list, and then it creates and starts a Content Search that searches the mailbox and OneDrive for Business site for each user in the list, using the search query that you provide. ## Permissions and script information
compliance Service Assurance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/service-assurance.md
description: "Download third-party audits, find out how Microsoft keeps customer
# Service assurance in the Security & Compliance Center + Use Service assurance in the Security & Compliance Center to access documents that describe a variety of topics, including: - Microsoft security practices for customer data that is stored in Office 365.
compliance Set Up Advanced Audit https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-advanced-audit.md
description: "This article describes how to set up Audit (Premium) so you can pe
# Set up Microsoft Purview Audit (Premium) + If your organization has a subscription and end-user licensing that supports Audit (Premium), perform the following steps to set up and use the additional capabilities in Audit (Premium). ![Workflow to set up Audit (Premium).](../media/AdvancedAuditWorkflow.png)
compliance Set Up Basic Audit https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-basic-audit.md
description: "This article describes how to set up Audit (Standard) so you can s
# Set up Microsoft Purview Audit (Standard) + Microsoft Purview Audit (Standard) in Microsoft 365 lets you search for audit records for activities performed in the different Microsoft 365 services by users and admins. Because Audit (Standard) is enabled by default for most Microsoft 365 and Office 365 organizations, there's only a few things you need to do before you and others in your organization can search the audit log. This article discusses the following steps necessary to set up Audit (Standard).
compliance Set Up Compliance Boundaries https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/set-up-compliance-boundaries.md
# Set up compliance boundaries for eDiscovery investigations + The guidance in this article can be applied when using either Microsoft Purview eDiscovery (Standard) or Microsoft Purview eDiscovery (Premium) to manage investigations. Compliance boundaries create logical boundaries within an organization that control the user content locations (such as mailboxes, OneDrive accounts, and SharePoint sites) that eDiscovery managers can search. Also, compliance boundaries control who can access eDiscovery cases used to manage the legal, human resources, or other investigations within your organization. The need for compliance boundaries is often necessary for multi-national corporations that have to respect geographical boarders and regulations and for governments, which are often divided into different agencies. In Microsoft 365, compliance boundaries help you meet these requirements when performing content searches and managing investigations with eDiscovery cases.
compliance Single Item Error Remediation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/single-item-error-remediation.md
description: "You can fix a processing error in a document in a review set in eD
# Single item error remediation in eDiscovery (Premium) + Error remediation gives Microsoft Purview eDiscovery (Premium) users the ability to rectify data issues that prevent eDiscovery (Premium) from properly processing the content. For example, files that are password protected can't be processed because those files are locked or encrypted. Previously, you could only remediate errors in bulk by using [this workflow](error-remediation-when-processing-data-in-advanced-ediscovery.md). But sometimes, it doesn't make sense to remediate errors in multiple files when youΓÇÖre unsure if any of those files are responsive to the case youΓÇÖre investigating. It also might not make sense to remediate errors before youΓÇÖve had a chance to review the file metadata (such as file location or who had access) to help you make up-front decisions about responsiveness. A new feature called *single item error remediation* gives eDiscovery managers the ability to view the metadata of files with a processing error and if necessary remediate the error directly in the review set. The article discusses how to identify, ignore, and remediate files with processing errors in a review set. ## Identify documents with errors
compliance Smart Tags https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/smart-tags.md
description: "Smart tags let you apply the machine learning capabilities when re
# Set up smart tags in eDiscovery (Premium) + Machine learning (ML) capabilities in Microsoft Purview eDiscovery (Premium) can help you make the decision process more efficient when reviewing case documents in a review set. Smart tags are a way to bring the ML capabilities to where the decisions are recorded: when tagging documents during review. When you create a smart tag group, then the decisions that are the result of the ML model that you've associated with the smart tag group are displayed in-line with the tags in the tag group. This helps see the ML results information in-line when you're reviewing specific documents. ## How to set up a smart tag group
compliance Supported Filetypes Ediscovery20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/supported-filetypes-ediscovery20.md
# Supported file types in eDiscovery (Premium) + Microsoft Purview eDiscovery (Premium) supports many file types at many different levels. The support files types are described in the following tables in this article. This list isn't finalized, and we will add new file types as we continue our validation testing. These tables indicate if a file type is supported for text extraction (and Optical Character Recognition or OCR text extraction for image files), viewable in the native viewer and also support in the Annotate viewer in eDiscovery (Premium). ## Archive / Container
compliance Tagging And Relevance Training In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-and-relevance-training-in-advanced-ediscovery.md
description: "Learn the steps to tag and then work with a training sample of 40
# Tagging and Relevance training in eDiscovery (Premium)+ This article describes the procedure for working with the Relevance training module in Microsoft Purview eDiscovery (Premium).
compliance Tagging Documents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/tagging-documents.md
# Tag documents in a review set in eDiscovery (Premium) + Organizing content in a review set is important to complete various workflows in the eDiscovery process. This includes: - Culling unnecessary content
compliance Teams Workflow In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/teams-workflow-in-advanced-ediscovery.md
description: "Learn how to preserve, collect, review, and export content from Mi
# eDiscovery (Premium) workflow for content in Microsoft Teams + This article provides a comprehensive set of procedures, guidelines, and best practices for using Microsoft Purview eDiscovery (Premium) to preserve, collect, review, and export content from Microsoft Teams. The goal of this article is to help you optimize your eDiscovery workflow for Teams content. There are five categories of Teams content that you can collect and process using eDiscovery (Premium):
compliance Test Relevance Analysis In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/test-relevance-analysis-in-advanced-ediscovery.md
description: "Learn how to use the Test tab after Batch calculation in eDiscover
# Test Relevance analysis in eDiscovery (Premium)+ The Test tab in Microsoft Purview eDiscovery (Premium) enables you to test, compare, and validate the overall quality of processing. These tests are performed after Batch calculation. By tagging the files in the collection, an expert makes the final judgment about whether each tagged file is relevant to the case.
compliance Themes In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/themes-in-advanced-ediscovery.md
# Themes in eDiscovery (Premium) + How does a person write a document? They generally start with one or more ideas they want to convey in the document, and compose using words that align with the ideas. The more prevalent an idea is, the more frequent the words that are related to that idea tend to be. This informs how people consume documents as well. The important thing to understand from reading a document is the ideas that the document is trying to convey, which ideas appear where, and what the relationships between the ideas are. This can be extended to how a person wants to consume a set of documents. They want to see which ideas are present in the sets, and which documents are talking about those ideas. Also, if they find a particular document of interest, they want to be able to see documents that discuss similar ideas.
compliance Track Relevance Analysis In Advanced Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/track-relevance-analysis-in-advanced-ediscovery.md
description: "Learn how to view and interpret the Relevance training status and
# Track Relevance analysis in eDiscovery (Premium)+ In Microsoft Purview eDiscovery (Premium), the Relevance Track tab displays the calculated validity of the Relevance training performed in the Tag tab and indicates the next step to take in the iterative training process in Relevance.
compliance Troubleshooting Azcopy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/troubleshooting-azcopy.md
# Troubleshoot AzCopy in eDiscovery (Premium) + When loading non-Microsoft 365 data or documents for error remediation in Microsoft Purview eDiscovery (Premium), the user interface supplies an Azure AzCopy command that contains parameters with the location of where the files that you want to upload are stored and the Azure storage location that the files will be uploaded to. To upload your documents, you copy this command and then run it in a Command Prompt on your local computer. The follow screenshot shows an example of an AzCopy command: ![Upload non-Microsoft 365 files.](../media/46ba68f6-af11-4e70-bb91-5fc7973516e3.png)
compliance Turn Audit Log Search On Or Off https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/turn-audit-log-search-on-or-off.md
description: How to turn on or off the Audit log search feature in the Microsoft
# Turn auditing on or off + Audit logging will be turned on by default for Microsoft 365 and Office 365 enterprise organizations. However, when setting up a new Microsoft 365 or Office 365 organization, you should verify the auditing status for your organization. For instructions, see the [Verify the auditing status for your organization](#verify-the-auditing-status-for-your-organization) section in this article. When auditing in the Microsoft Purview compliance portal is turned on, user and admin activity from your organization is recorded in the audit log and retained for 90 days, and up to one year depending on the license assigned to users. However, your organization may have reasons for not wanting to record and retain audit log data. In those cases, a global admin may decide to turn off auditing in Microsoft 365.
compliance Use A Script To Add Users To A Hold In Ediscovery https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-a-script-to-add-users-to-a-hold-in-ediscovery.md
description: "Learn how to run a script to add mailboxes & OneDrive for Business
# Use a script to add users to a hold in a eDiscovery (Standard) case + Security & Compliance Center PowerShell provides cmdlets that let you automate time-consuming tasks related to creating and managing eDiscovery cases. Currently, using the Microsoft Purview eDiscovery (Standard) case in the Microsoft Purview compliance portal to place a large number of custodian content locations on hold takes time and preparation. For example, before you create a hold, you have to collect the URL for each OneDrive for Business site that you want to place on hold. Then for each user you want to place on hold, you have to add their mailbox and their OneDrive for Business site to the hold. You can use the script in this article to automate this process. The script prompts you for the name of your organization's My Site domain (for example, `contoso` in the URL https://contoso-my.sharepoint.com), the name of an existing eDiscovery case, the name of the new hold that associated with the case, a list of email addresses of the users you want to put on hold, and a search query to use if you want to create a query-based hold. The script then gets the URL for the OneDrive for Business site for each user in the list, creates the new hold, and then adds the mailbox and OneDrive for Business site for each user in the list to the hold. The script also generates log files that contain information about the new hold.
compliance Use Content Search For Targeted Collections https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-for-targeted-collections.md
description: "Use Content search in the Microsoft Purview compliance portal to p
# Use Content search for targeted collections + The Content search tool in the Microsoft Purview compliance portal doesn't provide a direct way in the UI to search specific folders in Exchange mailboxes or SharePoint and OneDrive for Business sites. However, it's possible to search specific folders (called a *targeted collection*) by specifying the folder ID property for email or path (DocumentLink) property for sites in the actual search query syntax. Using Content Search to perform a targeted collection is useful when you're confident that items responsive to a case or privileged items are located in a specific mailbox or site folder. You can use the script in this article to obtain the folder ID for mailbox folders or the path (DocumentLink) for folders on a SharePoint and OneDrive for Business site. Then you can use the folder ID or path in a search query to return items located in the folder. > [!NOTE]
compliance Use Content Search To Search Third Party Data That Was Imported https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-content-search-to-search-third-party-data-that-was-imported.md
# Use Content Search to search third-party data imported by a custom partner connector + You can use the [Content search eDiscovery tool](content-search.md) in the Microsoft Purview compliance portal to search for items imported to mailboxes in Microsoft 365 from a third-party data source. You can create a query to search all imported third-party data items or you can create a query to search specific third-party data items. Also, you can also create a query-based retention policy or a query-based eDiscovery hold to preserve third-party data. For more information about working with a partner to import third-party data and a list of the third-party data types that you can import to Microsoft 365, see [Work with a partner to archive third-party data in Office 365](work-with-partner-to-archive-third-party-data.md).
compliance Use Drive Shipping To Import Pst Files To Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-drive-shipping-to-import-pst-files-to-office-365.md
description: Admin can learn how to bulk-import PST files to Microsoft 365 mailb
# Use drive shipping to import your organization's PST files + **This article is for administrators. Are you trying to import PST files to your own mailbox? See [Import email, contacts, and calendar from an Outlook .pst file](https://go.microsoft.com/fwlink/p/?LinkID=785075)** Use the Office 365 Import service and drive shipping to bulk-import PST files to user mailboxes. Drive shipping means that you copy the PST files to a hard disk drive and then physically ship the drive to Microsoft. When Microsoft receives your hard drive, data center personnel copies the data from the hard drive to a storage area in the Microsoft cloud. Then you have the opportunity to trim the PST data that's imported to the target mailboxes by setting filters that control what data gets imported. After you start the import job, the Import service imports the PST data from the storage area to user mailboxes. Using drive shipping to import PST files to user mailboxes is one way to migrate your organization's email to Office 365.
compliance Use Network Upload To Import Pst Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-network-upload-to-import-pst-files.md
# Use network upload to import your organization's PST files to Microsoft 365 + > [!NOTE] > This article is for administrators. Are you trying to import PST files to your own mailbox? See [Import email, contacts, and calendar from an Outlook .pst file](https://go.microsoft.com/fwlink/p/?LinkID=785075)
compliance Use Sharing Auditing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-sharing-auditing.md
# Use sharing auditing in the audit log + Sharing is a key activity in SharePoint Online and OneDrive for Business, and it's widely used in organizations. Administrators can use sharing auditing in the audit log to determine how sharing is used in their organization. ## The SharePoint Sharing schema
compliance Use Your Free Azure Ad Subscription In Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/use-your-free-azure-ad-subscription-in-office-365.md
# Use your free Azure Active Directory subscription + If your organization has a paid subscription to Microsoft 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, you have a free subscription to Microsoft Azure Active Directory. You and other admins can use Azure AD to create and manage user and group accounts. To use Azure AD, just go to the Azure portal and sign in to your account. ## Open a private browsing session
compliance Using Communications Editor https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/using-communications-editor.md
# Use the communications editor + As you define the content of your portal content, legal hold notifications, and related reminders/escalations, you can use the Communications Editor to format and dynamically customize your content. ## Rich text editor
compliance View Custodian Activity https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-custodian-activity.md
search.appverid:
- MOE150 - MET150 ms.assetid: - description: Use the eDiscovery (Premium) Custodian Management tool to easily access and search the activity for custodians within your case. - seo-marvel-mar2020 - admindeeplinkEXCHANGE + # View custodian audit activity + Need to find if a user viewed a specific document or purged an item from their mailbox? Microsoft Purview eDiscovery (Premium) is now integrated with the existing audit log search tool in the Microsoft Purview compliance portal. Using this embedded experience, you can use the eDiscovery (Premium) Custodian Management tool to facilitate your investigation by easily accessing and searching the activity for custodians within your case. ## Get permissions
compliance View Documents In Review Set https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-documents-in-review-set.md
# View documents in a review set in eDiscovery (Premium) + eDiscovery (Premium) displays content via several viewers each with different purposes. The various viewers can be used by clicking on any document within a review set. The viewers currently provided are: - File metadata
compliance View Keyword Statistics For Content Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/view-keyword-statistics-for-content-search.md
# View statistics for eDiscovery search results + After you create and run a Content search or a search associated with a Microsoft Purview eDiscovery (Standard) case, you can view statistics about the estimated search results. This includes a summary of the search results (similar to the summary of the estimated search results displayed on the search flyout page), the query statistics such as the number of content locations with items that match the search query, and the identity of content locations that have the most matching items. Additionally, you can use the keywords list to configure a search to return statistics for each keyword in a search query. This lets you compare the number of results returned by each keyword in a query.
compliance What Is Stored In Exo Mailbox https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/what-is-stored-in-exo-mailbox.md
description: "Content produced by cloud-based apps in Microsoft 365 is stored or
# Content stored in Exchange Online mailboxes for eDiscovery + A mailbox in Exchange Online is primarily used to store email-related items such as messages, calendar items, tasks, and notes. But that's changing as more cloud-based apps also store their data in a user's mailbox. One advantage of storing data in a mailbox is that you can use the search tools in content search, Microsoft Purview eDiscovery (Standard), and Microsoft Purview eDiscovery (Premium) to find, view, and export the data from these cloud-based apps. The data from some of these apps is stored in hidden folders located in a non-interpersonal message (non-IPM) subtree in the mailbox. Data from other cloud-based apps might not be stored _in_ the mailbox, but it's _associated with_ the mailbox, and is returned in searches (if that data matches the search query). Regardless of whether cloud-based data is stored in or associated with a user mailbox, the data is typically not visible in an email client when a user opens their mailbox. The following table lists the apps that either stores or associates data with a cloud-based mailbox. The table also describes the type of content that each app produces.
compliance Work With Partner To Archive Third Party Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/work-with-partner-to-archive-third-party-data.md
description: Learn how to set up a custom connector to import third-party data f
# Work with a partner to archive third-party data + You can work with a Microsoft Partner to import and archive data from a third-party data source to Microsoft 365. A partner can provide you with a custom connector that is configured to extract items from the third-party data source (on a regular basis) and then import those items. The partner connector converts the content of an item from the data source to an email message format and then stores the items in mailboxes. After third-party data is imported, you can apply Microsoft Purview features such as Litigation Hold, eDiscovery, In-Place Archiving, Auditing, and Microsoft 365 retention policies to this data. > [!IMPORTANT]
security Mdb Requirements https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-requirements.md
audience: Admin Previously updated : 04/12/2022 Last updated : 04/20/2022 ms.prod: m365-security ms.technology: mdb ms.localizationpriority: medium
The following table lists the basic requirements to configure and use Microsoft
| User accounts | User accounts are created in the Microsoft 365 admin center ([https://admin.microsoft.com](https://admin.microsoft.com))<br/><br/>Microsoft Defender for Business licenses are assigned in the Microsoft 365 admin center<br/><br/>To get help with this task, see [Add users and assign licenses](mdb-add-users.md). | | Permissions | To sign up for Microsoft Defender for Business, you must be a Global Admin.<br/><br/>To access the Microsoft 365 Defender portal, users must have one of the following [roles in Azure AD](mdb-roles-permissions.md) assigned: <br/>- Security Reader<br/>- Security Admin<br/>- Global Admin<br/><br/>To learn more, see [Roles and permissions in Microsoft Defender for Business](mdb-roles-permissions.md). | | Browser requirements | Microsoft Edge or Google Chrome |
-| Operating system | To manage devices in Microsoft Defender for Business, your devices must be running one of the following operating systems: <br/>- Windows 10 Business or later <br/>- Windows 10 Professional or later <br/>- Windows 10 Enterprise or later <br/><br/>Make sure that [KB5006738](https://support.microsoft.com/topic/october-26-2021-kb5006738-os-builds-19041-1320-19042-1320-and-19043-1320-preview-ccbce6bf-ae00-4e66-9789-ce8e7ea35541) is installed. <br/><br/>If you're already managing devices in Microsoft Intune (or Microsoft Endpoint Manager), you can onboard those devices to Defender for Business.<br/><br/>The ability to onboard endpoints running Windows Server 2012 R2 and later is currently in preview. |
+| Operating system | To manage devices in Microsoft Defender for Business, your devices must be running one of the following operating systems: <br/>- Windows 10 Business or later <br/>- Windows 10 Professional or later <br/>- Windows 10 Enterprise or later <br/>- macOS (the three most current releases are supported)<br/><br/>Make sure that [KB5006738](https://support.microsoft.com/topic/october-26-2021-kb5006738-os-builds-19041-1320-19042-1320-and-19043-1320-preview-ccbce6bf-ae00-4e66-9789-ce8e7ea35541) is installed. <br/><br/>If you're already managing devices in Microsoft Intune (or Microsoft Endpoint Manager), you can onboard those devices to Defender for Business. |
> [!NOTE] > [Azure Active Directory (Azure AD)](/azure/active-directory/fundamentals/active-directory-whatis) is used to manage user permissions and device groups. Azure AD is included in your Defender for Business subscription.
security Address Compromised Users Quickly https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/address-compromised-users-quickly.md
audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150
ms.prod: m365-security
- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md) - [Microsoft Defender for Office 365 Plan 2](defender-for-office-365.md#microsoft-defender-for-office-365-plan-1-and-plan-2) includes powerful [automated investigation and response](office-365-air.md) (AIR) capabilities. Such capabilities can save your security operations team a lot of time and effort dealing with threats. Microsoft continues to improve security capabilities. Recently, AIR capabilities were enhanced to include a compromised user security playbook (currently in preview). Read this article to learn more about the compromised user security playbook. And see the blog post [Speed up time to detect and respond to user compromise and limit breach scope with Microsoft Defender for Office 365](https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Speed-up-time-to-detect-and-respond-to-user-compromise-and-limit/ba-p/977053) for additional details. ![Automated investigation for a compromised user.](/microsoft-365/media/office365atp-compduserinvestigation.jpg)
security Admin Submission https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/admin-submission.md
Title: Manage submissions
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150-+ - M365-security-compliance - m365initiative-defender-office365
ms.prod: m365-security
- [Exchange Online Protection](exchange-online-protection-overview.md) - [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - In Microsoft 365 organizations with Exchange Online mailboxes, admins can use the Submissions portal in the Microsoft 365 Defender portal to submit email messages, URLs, and attachments to Microsoft for scanning. When you submit an email message for analysis, you will get:
For other ways to submit email messages, URLs, and attachments to Microsoft, see
- To submit messages and files to Microsoft, you need to have one of following roles: - **Security Administrator** or **Security Reader** in the [Microsoft 365 Defender portal](permissions-microsoft-365-security-center.md).
-
+ Note that one of these roles is required to [View user submissions to the custom mailbox](#view-user-submissions-to-microsoft) as described later in this article. - Admins can submit messages as old as 30 days if it is still available in the mailbox and not purged by the user or another admin.
For other ways to submit email messages, URLs, and attachments to Microsoft, see
- Maximum submissions in any 15 minutes period: 150 submissions - Same submissions in a 24 hour period: 3 submissions - Same submissions in a 15 minute period: 1 submission
-
+ - For more information about how users can submit messages and files to Microsoft, see [Report messages and files to Microsoft](report-junk-email-messages-to-microsoft.md). ## Report suspicious content to Microsoft
If you've deployed the [Report Message add-in](enable-the-report-message-add-in.
- **Phish simulation** - **Converted to admin submission** - **Tags**
-
+ - To export the entries, click **Export**. In the dialog that appears, save the .csv file. > [!NOTE]
If you've deployed the [Report Message add-in](enable-the-report-message-add-in.
Once a user submits a suspicious email to the custom mailbox, the user and admin don't have an option to undo the submission. If the user would like to recover the email, it will be available for recovery in the Deleted Items or Junk Email folders.
-### Converting user reported messages from the custom mailbox into an admin submission
+### Converting user reported messages from the custom mailbox into an admin submission
If you've configured the custom mailbox to intercept user-reported messages without sending the messages to Microsoft, you can find and send specific messages to Microsoft for analysis.
security Automated Investigation Response Office https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/automated-investigation-response-office.md
Title: How automated investigation and response works in Microsoft Defender for Office 365
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150-+ - M365-security-compliance - m365initiative-defender-office365 keywords: automated incident response, investigation, remediation, threat protection Last updated 01/29/2021 description: See how automated investigation and response capabilities work in Microsoft Defender for Office 365-+ - air - seo-marvel-mar2020 ms.technology: mdo
For example, suppose that you are using the **Malware** view in Explorer. Using
:::image type="content" source="../../media/Explorer-Malware-Email-ActionsInvestigate.png" alt-text="The Explorer with selected messages" lightbox="../../media/Explorer-Malware-Email-ActionsInvestigate.png"::: - Using the **Actions** menu, you can select **Trigger investigation**. :::image type="content" source="../../media/explorer-malwareview-selectedemails-actions.jpg" alt-text="The Actions menu for selected messages" lightbox="../../media/explorer-malwareview-selectedemails-actions.jpg":::
security Configure The Connection Filter Policy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/configure-the-connection-filter-policy.md
ms.prod: m365-security
- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md) - If you're a Microsoft 365 customer with mailboxes in Exchange Online or a standalone Exchange Online Protection (EOP) customer without Exchange Online mailboxes, you use connection filtering in EOP (specifically, the default connection filter policy) to identify good or bad source email servers by their IP addresses. The key components of the default connection filter policy are: - **IP Allow List**: Skip spam filtering for all incoming messages from the source email servers that you specify by IP address or IP address range. For scenarios where spam filtering might still occur on messages from these sources, see the [Scenarios where messages from sources in the IP Allow List are still filtered](#scenarios-where-messages-from-sources-in-the-ip-allow-list-are-still-filtered) section later in this article. For more information about how the IP Allow List should fit into your overall safe senders strategy, see [Create safe sender lists in EOP](create-safe-sender-lists-in-office-365.md).
security Create Safe Sender Lists In Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365.md
Title: Create safe sender lists
+f1.keywords:
- NOCSH Previously updated : Last updated : audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150s ms.assetid: 9721b46d-cbea-4121-be51-542395e6fd21-+ - seo-marvel-apr2020 description: Admins can learn about the available and preferred options to allow inbound messages in Exchange Online Protection (EOP). ms.technology: mdo
The following example assumes you need email from contoso.com to skip spam filte
:::image type="content" source="../../media/1-AllowList-SkipFilteringFromContoso.png" alt-text="The Mail flow rule settings in the EAC for bypassing spam filtering" lightbox="../../media/1-AllowList-SkipFilteringFromContoso.png"::: - ## Use Outlook Safe Senders > [!CAUTION]
security Detect And Remediate Outlook Rules Forms Attack https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/detect-and-remediate-outlook-rules-forms-attack.md
Title: Detect and remediate the Outlook rules and custom forms injections attacks.
+f1.keywords:
- NOCSH
Last updated 04/23/2018 audience: ITPro -+ - o365_security_incident_response - M365-security-compliance ms.localizationpriority: medium
+search.appverid:
- MET150 description: Learn how to recognize and remediate the Outlook rules and custom forms injections attacks in Office 365
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - **Summary** Learn how to recognize and remediate the Outlook rules and custom Forms injections attacks in Office 365. ## What is the Outlook Rules and Custom Forms injection attack?
security Email Validation And Authentication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-validation-and-authentication.md
Title: Email authentication in Microsoft 365
+f1.keywords:
- NOCSH Previously updated : Last updated : audience: ITPro
+search.appverid:
- MET150-
+ms.assetid:
+ - M365-security-compliance - Strat_O365_IP
ms.prod: m365-security
- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md) - Email authentication (also known as email validation) is a group of standards that tries to stop spoofing (email messages from forged senders). In all Microsoft 365 organizations, EOP uses these standards to verify inbound email: - [SPF](set-up-spf-in-office-365-to-help-prevent-spoofing.md)
security Enable The Report Message Add In https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/enable-the-report-message-add-in.md
After the add-in is installed and enabled, you'll see the following icons:
> [!div class="mx-imgBorder"] > :::image type="content" source="../../media/microsoft-365-admin-center-integrated-apps.png" alt-text="The Microsoft 365 admin center Integrated apps" lightbox="../../media/microsoft-365-admin-center-integrated-apps.png"::: - 2. In the **Microsoft 365 Apps** page that appears, click in the **Search** box, enter **Report Message**, and then click **Search** ![Search icon.](../../media/search-icon.png). In the list of results, find and select **Report Message**. 3. The app details page opens. Select **Get It Now**.
security External Email Forwarding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/external-email-forwarding.md
Title: Configuring and controlling external email forwarding in Microsoft 365.
+f1.keywords:
- NOCSH
audience: ITPro
ms.localizationpriority: medium-
+ms.assetid:
+ - seo-marvel-apr2020 description: This article covers topics including external email forwarding, Automatic forwarding, 5.7.520 Access Denied messages, disabling external forwarding, 'Your administrator has disabled external forwarding' messages, as well as outbound anti-spam policy. ms.technology: mdo
The following types of automatic forwarding are available in Microsoft 365:
You can use outbound spam filter policies to control automatic forwarding to external recipients. Three settings are available: -- **Automatic - System-controlled**: This is the default setting. This setting is now the same as **Off**. When this setting was originally introduced, it was equivalent to **On**. Over time, thanks to the principles of [secure by default](secure-by-default.md), this setting was gradually changed to **Off** for all customers. For more information, see [this blog post](https://techcommunity.microsoft.com/t5/exchange-team-blog/all-you-need-to-know-about-automatic-email-forwarding-in/ba-p/2074888).
+- **Automatic - System-controlled**: This is the default setting. This setting is now the same as **Off**. When this setting was originally introduced, it was equivalent to **On**. Over time, thanks to the principles of [secure by default](secure-by-default.md), this setting was gradually changed to **Off** for all customers. For more information, see [this blog post](https://techcommunity.microsoft.com/t5/exchange-team-blog/all-you-need-to-know-about-automatic-email-forwarding-in/ba-p/2074888).
- **On**: Automatic external forwarding is allowed and not restricted. - **Off**: Automatic external forwarding is disabled and will result in a non-delivery report (also known as an NDR or bounce message) to the sender.
For instructions on how to configure these settings, see [Configure outbound spa
> [!NOTE] > > - Disabling automatic forwarding disables any Inbox rules (users) or mailbox forwarding (admins) that redirect messages to external addresses.
->
> - Automatic forwarding of messages between internal users isn't affected by the settings in outbound spam filter policies. - ## How the outbound spam filter policy settings work with other automatic email forwarding controls As an admin, you might have already configured other controls to allow or block automatic email forwarding. For example:
The following information is required to create the mail flow rule in the Exchan
:::image type="content" source="../../media/mail-flow-rule-for-forwarded-messages.png" alt-text="The Mail flow rule properties in the EAC for a rule to identify forwarded messages" lightbox="../../media/mail-flow-rule-for-forwarded-messages.png"::: - ## Blocked email forwarding messages When a message is detected as automatically forwarded, and the [outbound spam filter](configure-the-outbound-spam-policy.md) policy *blocks* that activity, the message is returned to the sender in an NDR that contains the following information:
security Identity Access Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/identity-access-policies.md
ms.prod: m365-security audience: Admin
+f1.keywords:
- NOCSH -+ - it-pro - goldenconfig-+ - M365-identity-device-management - M365-security-compliance - remotework
The following diagram illustrates the recommended set of policies. It shows whic
:::image type="content" source="../../media/microsoft-365-policies-configurations/identity-device-access-policies-byplan.png" alt-text="The common policies for configuring Zero Trust identity and device access." lightbox="../../media/microsoft-365-policies-configurations/identity-device-access-policies-byplan.png"::: - <!-- Here's a one-page PDF summary: [![Thumb image for the Zero Trust identity and device protection for Microsoft 365 handout.](../../media/microsoft-365-policies-configurations/zero-trust-id-device-protection-model-handout-thumbnail.png)](../../downloads/MSFT-cloud-architecture-identity-device-protection-handout.pdf) <br> [View as a PDF](../../downloads/MSFT-cloud-architecture-identity-device-protection-handout.pdf) \| [Download as a PDF](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/MSFT-cloud-architecture-identity-device-protection-handout.pdf) ->
+-->
The rest of this article describes how to configure these policies.
To require compliant PCs:
> [!NOTE] > Make sure that your device is compliant before enabling this policy. Otherwise, you could get locked out and will be unable to change this policy until your user account has been added to the Conditional Access exclusion group. >
+-->
## Require compliant PCs and mobile devices
security Install App Guard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/install-app-guard.md
Title: Application Guard for Office for admins keywords: application guard, protection, isolation, isolated container, hardware isolation
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150
Microsoft Defender Application Guard for Office (Application Guard for Office) h
### Minimum software requirements
-* **Windows**: Windows 10 Enterprise edition, Client Build version 2004 (20H1) build 19041 or later. All versions of Windows 11 are supported.
+* **Windows**: Windows 10 Enterprise edition, Client Build version 2004 (20H1) build 19041 or later. All versions of Windows 11 are supported.
* **Office**: Office Current Channel and Monthly Enterprise Channel, Build version 2011 16.0.13530.10000 or later. Office Semi-Annual Enterprise Channel, Build version 2108 or later. Both 32-bit and 64-bit versions of Office are supported. * **Update package**: Windows 10 cumulative monthly security update [KB4571756](https://support.microsoft.com/help/4571756/windows-10-update-KB4571756)
Upon being opened, the file should display a few visual indicators that the file
Office supports the following policies to enable you to configure the capabilities of Application Guard for Office. These policies can be configured through Group policies or through the [Office cloud policy service](/DeployOffice/overview-office-cloud-policy-service). - > [!NOTE] > Configuring these policies can disable some functionalities for files opened in Application Guard for Office.
You can also configure Microsoft Defender for Office 365 to work with Defender f
## Limitations and considerations
-* Application Guard for Office is a protected mode that isolates untrusted documents so that they cannot access trusted corporate resources, an intranet, the user's identity, and arbitrary files on the computer. As a result, if a user tries to access a feature that has a dependency on such access, such as inserting a picture from a local file on disk, the access fails and produces a prompt that resembles the following example. To enable an untrusted document to access trusted resources, users must remove Application Guard protection from the document.
+* Application Guard for Office is a protected mode that isolates untrusted documents so that they cannot access trusted corporate resources, an intranet, the user's identity, and arbitrary files on the computer. As a result, if a user tries to access a feature that has a dependency on such access, such as inserting a picture from a local file on disk, the access fails and produces a prompt that resembles the following example. To enable an untrusted document to access trusted resources, users must remove Application Guard protection from the document.
:::image type="content" source="../../media/ag09-confirm.png" alt-text="The Dialog box stating safety message and the feature status" lightbox="../../media/ag09-confirm.png":::
You can also configure Microsoft Defender for Office 365 to work with Defender f
> Advise users to only remove protection if they trust the file and its source or where it came from. * When an untrusted document is stored in a trusted location, the trust from the location is inherited by the document. Typically, an organization's cloud storage is identified as a trusted location.
-
+ * Active content in documents like macros and ActiveX controls are disabled in Application Guard for Office. Users need to remove Application Guard protection to enable active content. * Untrusted files from network shares or files shared from OneDrive, OneDrive for Business, or SharePoint Online from a different organization open as read-only in Application Guard. Users can save a local copy of such files to continue working in the container or remove protection to directly work with the original file.
When this heuristic is met, Office will pre-create an Application Guard containe
* CSV and HTML files are not supported at this time. * Application Guard for Office currently does not work with NTFS compressed volumes. If you are seeing an error "ERROR_VIRTUAL_DISK_LIMITATION" please try uncompressing the volume. * Updates to .NET might cause files to fail to open in Application Guard. As a workaround, users can restart their device when they come across this failure. Learn more about the issue at [Receiving an error message when attempting to open Windows Defender Application Guard or Windows Sandbox](https://support.microsoft.com/help/4575917/receiving-an-error-message-when-attempting-to-open-windows-defender-ap).
-* Please see [Frequently asked questions - Microsoft Defender Application Guard for additional information.](/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard)
+* Please see [Frequently asked questions - Microsoft Defender Application Guard for additional information.](/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard)
security Integrate Office 365 Ti With Mde https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde.md
search.appverid:
- M365-security-compliance description: Use Microsoft Defender for Office 365 together with Microsoft Defender for Endpoint to get more detailed information about threats against your devices and email content.-+ - seo-marvel-apr2020 ms.technology: mdo ms.prod: m365-security
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - [Microsoft Defender for Office 365](defender-for-office-365.md) can be configured to work with [Microsoft Defender for Endpoint](/windows/security/threat-protection). Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoint can help your security operations team monitor and take action quickly if users' devices are at risk. For example, once integration is enabled, your security operations team will be able to see the devices that are potentially affected by a detected email message, as well as how many recent alerts were generated for those devices in Microsoft Defender for Endpoint.
Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoi
1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.
-2. Go to **Email & collaboration** \> **Explorer**.
+2. Go to **Email & collaboration** \> **Explorer**.
3. On the **Explorer** page, in the upper right corner of the screen, select **MDE Settings**.
security Manage Tenant Allows https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/manage-tenant-allows.md
Title: Manage your allows in the Tenant Allow/Block List
+f1.keywords:
- NOCSH Previously updated : Last updated : audience: ITPro ms.localizationpriority: medium
- - MET150manage-tenant-allows.md
-
+search.appverid:
+ - MET150manage-tenant-allows.md
+ - M365-security-compliance description: Admins can learn how to configure allows in the Tenant Allow/Block List in the Security portal. ms.technology: mdo
Admins can't add allows directly to the Tenant Allow/Block List. Instead, you us
> [!IMPORTANT] > Since Microsoft manages the allows for you, sender, URL, or file allows that are not needed or considered to be bad will be removed. This is to protect your environment and prevent a misconfiguration of allows. In cases where you may disagree, a support cases may be needed to help determine why a message is still considered as bad.
-## Add sender allows using the Submissions portal
+## Add sender allows using the Submissions portal
-Allow senders (or domains) on the **Submissions** page in Microsoft 365 Defender.
+Allow senders (or domains) on the **Submissions** page in Microsoft 365 Defender.
1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Actions & submissions** \> **Submissions**. Or, to go directly to the **Submissions** page, use <https://security.microsoft.com/reportsubmission>. 2. On the **Submissions** page, verify that the **Emails** tab is selected, and then click ![Submit to Microsoft for analysis icon.](../../media/m365-cc-sc-create-icon.png) **Submit to Microsoft for analysis**.
-3. Use the **Submit to Microsoft for review** flyout to submit a message by adding the network message ID or uploading the email file.
+3. Use the **Submit to Microsoft for review** flyout to submit a message by adding the network message ID or uploading the email file.
-4. In the **Select a reason for submitting to Microsoft** section, select **Should not have been blocked (false positive)**.
+4. In the **Select a reason for submitting to Microsoft** section, select **Should not have been blocked (false positive)**.
-5. Turn on **Allow messages like this** option.
+5. Turn on **Allow messages like this** option.
6. From the **Remove after** drop-down list, specify how long you want the allow option to work. 7. When you're finished, click the **Submit** button. > ![Submit malware to Microsoft for analysis example.](../../media/admin-submission-allow-messages.png)+ ## Add URL allows using the Submissions portal Allow URLs on the **Submissions** page in Microsoft 365 Defender.
Allow URLs on the **Submissions** page in Microsoft 365 Defender.
> [!div class="mx-imgBorder"] > ![Submit URL for analysis.](../../media/submit-url-for-analysis.png)+ ## Add File allows using the Submissions portal Allow Files on the **Submissions** page in Microsoft 365 Defender.
-In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Actions & submissions** \> **Submissions**. Or, to go directly to the **Submissions** page, use <https://security.microsoft.com/reportsubmission>.
+1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Actions & submissions** \> **Submissions**. Or, to go directly to the **Submissions** page, use <https://security.microsoft.com/reportsubmission>.
2. On the **Submissions** page, select the **Email attachments** tab, and then click ![Submit to Microsoft for analysis icon.](../../media/m365-cc-sc-create-icon.png) **Submit to Microsoft for analysis**.
In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to
> [!div class="mx-imgBorder"] > ![Submit email for analysis.](../../media/submit-email-for-analysis.png) - ## Create spoofed sender allow entries using Microsoft 365 Defender > [!NOTE]
->
+>
> - Only the _combination_ of the spoofed user _and_ the sending infrastructure as defined in the domain pair is specifically allowed or blocked from spoofing. > - When you configure an allow or block entry for a domain pair, messages from that domain pair no longer appear in the spoof intelligence insight. > - Entries for spoofed senders never expire.
security Mdo Sec Ops Manage Incidents And Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-sec-ops-manage-incidents-and-alerts.md
Title: Manage incidents and alerts from Defender for Office 365 in Microsoft 365 Defender
+f1.keywords:
- NOCSH
Last updated
ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150-+ - M365-security-compliance
-description: SecOps personnel can learn how to use the Incidents queue in Microsoft 365 Defender to manage incidents in Microsoft Defender for Office 365.
+description: SecOps personnel can learn how to use the Incidents queue in Microsoft 365 Defender to manage incidents in Microsoft Defender for Office 365.
ms.technology: mdo ms.prod: m365-security - # Manage incidents and alerts from Microsoft Defender for Office 365 in Microsoft 365 Defender An [incident](/microsoft-365/security/defender/incidents-overview) in Microsoft 365 Defender is a collection of correlated alerts and associated data that define the complete story of an attack. Defender for Office 365 [alerts](/microsoft-365/compliance/alert-policies#default-alert-policies), [automated investigation and response (AIR)](office-365-air.md#the-overall-flow-of-air), and the outcome of the investigations are natively integrated and correlated on the **Incidents** page in Microsoft 365 Defender at <https://security.microsoft.com/incidents-queue>. We'll refer to this page as the _Incidents queue_.
security Mfi New Domains Being Forwarded Email https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mfi-new-domains-being-forwarded-email.md
Title: New domains being forwarded email insight
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: medium
+ms.assetid:
description: Admins can learn how to use the New domains being forwarded email insight in the Mail flow dashboard in the Security & Compliance Center to investigate when their users are forwarding messages to external domains that have never been forwarded to. ms.technology: mdo ms.prod: m365-security
This insight appears only when the issue is detected, and it appears on the [For
:::image type="content" source="../../media/mfi-new-domains-being-forwarded.png" alt-text="The New domains being forwarded email insight" lightbox="../../media/mfi-new-domains-being-forwarded.png"::: - When you click on the widget, a flyout appears where you can find more details about the forwarded messages, including a link back to the [Forwarding report](view-mail-flow-reports.md#forwarding-report). :::image type="content" source="../../media/mfi-new-domains-being-forwarded-details.png" alt-text="The Details flyout that appears after clicking on the New domains being forwarded email insight" lightbox="../../media/mfi-new-domains-being-forwarded-details.png":::
To prevent automatic message forwarding to external domains, configure a remote
## Related topics
-For information about other insights in the Mail flow dashboard, see [Mail flow insights in the Security & Compliance Center](mail-flow-insights-v2.md).
+For information about other insights in the Mail flow dashboard, see [Mail flow insights in the Security & Compliance Center](mail-flow-insights-v2.md).
security Mfi Non Delivery Report https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mfi-non-delivery-report.md
Title: Non-delivery report in the Mail flow dashboard
+f1.keywords:
- NOCSH
audience: ITPro
ms.localizationpriority: medium-
+ms.assetid:
+ - seo-marvel-apr2020 description: Admins can learn how to use the Non-delivery details report in the Mail flow dashboard in the Security & Compliance Center to monitor the most frequently encountered error codes in non-delivery reports (also known as NDRs or bounce messages) from senders in your organization. ms.technology: mdo
When you select a row in the table, a flyout appears with the following informat
- **Count** - **Sample messages**: You can click **View sample messages** to see the [message trace](message-trace-scc.md) results for a sample of the affected messages. - :::image type="content" source="../../media/mfi-non-delivery-report-details-flyout.png" alt-text="The Details flyout after selecting a row in Details table view in the Non-delivery report" lightbox="../../media/mfi-non-delivery-report-details-flyout.png"::: ## Related topics
security Mfi Queue Alerts And Queues https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mfi-queue-alerts-and-queues.md
Title: Queues insight in the Mail flow dashboard
+f1.keywords:
- NOCSH
If the queued email volume exceeds the pre-defined threshold (the default value
:::image type="content" source="../../media/mfi-queued-messages-alert.png" alt-text="The Recent alerts in the Alerts dashboard in the Security & Compliance Center" lightbox="../../media/mfi-queued-messages-alert.png"::: - - Admins will receive an email notification based on the configuration of the default alert policy named **Messages have been delayed**. To configure the notification settings for this alert, see the next section. For more information about alert policies, see [Alert policies in the Security & Compliance Center](../../compliance/alert-policies.md).
security Modify Remove Entries Tenant Allow Block https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/modify-remove-entries-tenant-allow-block.md
Title: Modify and remove entries in the Tenant Allow/Block List
+f1.keywords:
- NOCSH Previously updated : Last updated : audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150-+ - M365-security-compliance description: Admins can learn how to modify and remove entries in the Tenant Allow/Block List in the Security portal. ms.technology: mdo
You can use the Microsoft 365 Defender portal or PowerShell to modify and remove
- **URLs** - **Files** - 3. Select the entry that you want to modify, and then click ![Edit icon.](../../media/m365-cc-sc-edit-icon.png) **Edit**. The values that you are able to modify in the flyout that appears depend on the tab you selected in the previous step: - **Senders** - **Never expire** and/or expiration date.
You can use the Microsoft 365 Defender portal or PowerShell to modify and remove
- **Spoofing** - **URLs** - **Files**
-
+ 3. Select the entry that you want to remove, and then click ![Delete icon.](../../media/m365-cc-sc-delete-icon.png) **Delete**. 4. In the warning dialog that appears, click **Delete**.
Set-TenantAllowBlockListItems -Ids "RgAAAAAI8gSyI_NmQqzeh-HXJBywBwCqfQNJY8hBTbdl
For detailed syntax and parameter information, see [Set-TenantAllowBlockListSpoofItems](/powershell/module/exchange/set-tenantallowblocklistspoofitems). ### Remove allow or block spoofed sender entries from the Tenant Allow/Block List
-
+ To remove allow or block spoof sender entries from the Tenant Allow/Block List, use the following syntax: ```powershell
security Monitor For Leaks Of Personal Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/monitor-for-leaks-of-personal-data.md
Title: Monitor for leaks of personal data
+f1.keywords:
- NOCSH
Last updated 02/07/2018 audience: ITPro -+ - Strat_O365_Enterprise - Ent_O365 - GDPR - M365-security-compliance ms.localizationpriority: high
+search.appverid:
- MET150 description: Learn about three tools you can use to monitor for leaks of personal data. ms.technology: mdo
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - There are many tools that can be used to monitor the use and transport of personal data. This topic describes three tools that work well. :::image type="content" source="../../media/Monitor-for-leaks-of-personal-data-image1.png" alt-text="The tools to monitor the use and transport of personal data" lightbox="../../media/Monitor-for-leaks-of-personal-data-image1.png":::
security Office 365 Ti https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/office-365-ti.md
Title: Threat investigation & response capabilities - Microsoft Defender for Office 365 Plan 2
+f1.keywords:
- NOCSH
audience: Admin
ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150 ms.assetid: 32405da5-bee1-4a4b-82e5-8399df94c512-+ - M365-security-compliance - m365initiative-defender-office365-+ - seo-marvel-apr2020 description: Learn about threat investigation and response capabilities in Microsoft Defender for Office 365 Plan. ms.technology: mdo
ms.prod: m365-security
**Applies To** - [Microsoft Defender for Office 365 plan 2](defender-for-office-365.md) - Threat investigation and response capabilities in [Microsoft Defender for Office 365](defender-for-office-365.md) help security analysts and administrators protect their organization's Microsoft 365 for business users by: - Making it easy to identify, monitor, and understand cyberattacks.
security Old Index https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/old-index.md
Title: Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO
+ Title: Office 365 Security overview, Microsoft Defender for Office 365, EOP, MSDO
audience: Admin
ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150-+ - M365-security-compliance - m365initiative-defender-office365 description: Security in Office 365, from EOP to Defender for Office 365 Plans 1 and 2, Standard vs. Strict security configurations, and more. Understand what you have and learn how to secure your properties.
ms.prod: m365-security
# Office 365 security - **Applies to** - [Exchange Online Protection](exchange-online-protection-overview.md) - [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - This article will introduce you to your new security properties in the Cloud. Whether you're part of a Security Operations Center, you're a Security Administrator new to the space, or you want a refresher, let's get started. > [!CAUTION]
security Report False Positives And False Negatives https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/report-false-positives-and-false-negatives.md
Run the following PowerShell command to disable the built-in reporting experienc
Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -ReportJunkEmailEnabled $false ``` - ## Use the Report Message feature ### Report junk and phishing messages
security Security Dashboard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/security-dashboard.md
Title: Security dashboard overview
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150 ms.assetid: fe0b9b8f-faa9-44ff-8095-4d1b2f507b74-+ - M365-security-compliance-+ - seo-marvel-apr2020 description: Use the new Security Dashboard to review Office 365 Threat Protection Status, and view and act on security alerts. ms.technology: mdo
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - ## Basic functions and how to open Security dashboard The Security & Compliance Center at <https://protection.office.com> enables your organization to manage data protection and compliance. Assuming you have the necessary permissions, the Security Dashboard enables you to review your Threat Protection Status, as well as view and act on security alerts.
security Security Roadmap https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/security-roadmap.md
Title: Microsoft 365 security roadmap - Top priorities
+f1.keywords:
- NOCSH
Last updated 08/20/2021
audience: Admin ms.localizationpriority: medium-+ - Ent_O365 - Strat_O365_IP - M365-security-compliance
+search.appverid:
- MET150 ms.assetid: 28c86a1c-e4dd-4aad-a2a6-c768a21cb352 description: Top recommendations from Microsoft's cybersecurity team for implementing security capabilities to protect your Microsoft 365 environment.
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - This article includes top recommendations from Microsoft's cybersecurity team for implementing security capabilities to protect your Microsoft 365 environment. This article is adapted from a Microsoft Ignite session ΓÇö [Secure Microsoft 365 like a cybersecurity pro: Top priorities for the first 30 days, 90 days, and beyond](https://www.youtube.com/watch?v=luignzNyR-o). This session was developed and presented by Mark Simos and Matt Kemelhar, Enterprise Cybersecurity Architects. In this article:
security Services For Non Customers https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/services-for-non-customers.md
Title: Services for non-customers sending mail to Microsoft 365
+f1.keywords:
- NOCSH Previously updated : Last updated : audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 ms.assetid: 19fd3e0f-8dbf-4049-a810-2c8ee6cefd48-+ - M365-security-compliance description: To help maintain user trust in the use of email, Microsoft has put in place various policies and technologies to help protect our users. ms.technology: mdo
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - Email abuse, junk email, and fraudulent emails (phishing) continue to burden the entire email ecosystem. To help maintain user trust in the use of email, Microsoft has put various policies and technologies in place to help protect our users. However, Microsoft understands that legitimate email should not be negatively affected. Therefore, we have established a suite of services to help senders improve their ability to deliver email to Microsoft 365 users by proactively managing their sending reputation. This overview provides information about benefits we provide to your organization even if you aren't a customer.
security Sharepoint File Access Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/sharepoint-file-access-policies.md
ms.prod: m365-security audience: Admin
+f1.keywords:
- NOCSH -+ - it-pro - goldenconfig-+ - M365-identity-device-management - M365-security-compliance - m365solution-identitydevice
James has starting point Conditional Access policies assigned, but he can be giv
:::image type="content" source="../../media/microsoft-365-policies-configurations/identity-device-access-steps-next-step-4.png" alt-text="The Step 4 - Policies for Microsoft 365 cloud apps" lightbox="../../media/microsoft-365-policies-configurations/identity-device-access-steps-next-step-4.png"::: - Configure Conditional Access policies for: - [Microsoft Teams](teams-access-policies.md)
security Siem Integration With Office 365 Ti https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/siem-integration-with-office-365-ti.md
Title: SIEM integration with Microsoft Defender for Office 365
+f1.keywords:
- NOCSH
audience: ITPro ms.localizationpriority: null
+search.appverid:
- MET150 - MOE150 ms.assetid: eb56b69b-3170-4086-82cf-ba40a530fa1b Last updated 08/21/2020-+ - M365-security-compliance description: Integrate your organization's SIEM server with Microsoft Defender for Office 365 and related threat events in the Office 365 Activity Management API.
ms.prod: m365-security
[!INCLUDE [Microsoft 365 Defender rebranding](../includes/microsoft-defender-for-office.md)] - If your organization is using a security information and event management (SIEM) server, you can integrate Microsoft Defender for Office 365 with your SIEM server. You can set up this integration by using the [Office 365 Activity Management API](/office/office-365-management-api/office-365-management-activity-api-reference). SIEM integration enables you to view information, such as malware or phish detected by Microsoft Defender for Office 365, in your SIEM server reports.
security Threat Explorer Views https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer-views.md
Title: Views in Threat Explorer and real-time detections
+f1.keywords:
- NOCSH
audience: ITPro
ms.localizationpriority: medium-
+search.appverid:
+ - M365-security-compliance - m365initiative-defender-office365 description: Learn about how to use Threat Explorer and the real-time detections report to investigate and respond to threats in the Microsoft 365 Defender portal.
ms.prod: m365-security
- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md) - :::image type="content" source="../../media/explorer.png" alt-text="The Threat Explorer page" lightbox="../../media/explorer.png"::: [Threat Explorer](threat-explorer.md) (and the real-time detections report) is a powerful, near real-time tool to help Security Operations teams investigate and respond to threats in the Microsoft 365 Defender portal. Explorer (and the real-time detections report) displays information about suspected malware and phish in email and files in Office 365, as well as other security threats and risks to your organization.
security Threat Explorer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer.md
- M365-security-compliance - m365initiative-defender-office365 description: Use Explorer and Real-time detections in the Microsoft 365 Defender portal to investigate and respond to threats efficiently.-+ - seo-marvel-apr2020 ms.technology: mdo ms.prod: m365-security
With this report, you can:
## Improvements to Threat Hunting Experience - ### Introduction of Alert ID for Defender for Office 365 alerts within Explorer/Real-time detections Today, if you navigate from an alert to Threat Explorer, it opens a filtered view within the Explorer, with the view filtered by Alert policy ID (policy ID being a unique identifier for an Alert policy).
security Threat Hunting In Threat Explorer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-hunting-in-threat-explorer.md
- M365-security-compliance - m365initiative-defender-office365 description: Use Threat Explorer or Real-time detections in the Microsoft 365 Defender portal to investigate and respond to threats efficiently.-+ - seo-marvel-apr2020 ms.technology: mdo ms.prod: m365-security
In this article:
> [!NOTE] > This is part of a **3-article series** on **Threat Explorer (Explorer)**, **email security**, and **Explorer and Real-time detections** (such as differences between the tools, and permissions needed to operate them). The other two articles in this series are [Email security with Threat Explorer](email-security-in-microsoft-defender.md) and [Threat Explorer and Real-time detections](real-time-detections.md). - **Applies to** - [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md) - [Microsoft 365 Defender](../defender/microsoft-365-defender.md)
Once a security operations (Sec Ops) person selects the data they want to see, w
> [!div class="mx-imgBorder"] > :::image type="content" source="../../media/sender-drop-down.png" alt-text="The Sender button in Threat Explorer" lightbox="../../media/sender-drop-down.png"::: - Refining focus in Explorer or Real-time detection can be thought of in layers. The first is **View**. The second can be thought of as a *filtered focus*. For example, you can retrace the steps you took in finding a threat by recording your decisions like this: To find the issue in Explorer, **I chose the Malware View with a Recipient filter focus**. This makes retracing your steps easier. > [!TIP]
security Use Dmarc To Validate Email https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-dmarc-to-validate-email.md
Title: Use DMARC to validate email, setup steps
+f1.keywords:
- NOCSH
audience: ITPro
Last updated 05/10/2021 ms.localizationpriority: high
+search.appverid:
- MET150 ms.assetid: 4a05898c-b8e4-4eab-bd70-ee912e349737-+ - M365-security-compliance - m365initiative-defender-office365 description: Learn how to configure Domain-based Message Authentication, Reporting, and Conformance (DMARC) to validate messages sent from your organization.
In this example DMARC TXT record: `dmarc.microsoft.com. 3600 IN TXT
> [!TIP] > Visit the [MISA catalog](https://www.microsoft.com/misapartnercatalog) to view more third-party vendors offering DMARC reporting for Microsoft 365. See [IETF.org's 'Domain-based Message Authentication, Reporting, and Conformance (DMARC)'](https://datatracker.ietf.org/doc/html/rfc7489) for more information on DMARC 'rua' addresses. - ## Best practices for implementing DMARC in Microsoft 365 You can implement DMARC gradually without impacting the rest of your mail flow. Create and implement a roll-out plan that follows these steps. Do each of these steps first with a sub-domain, then other sub-domains, and finally with the top-level domain in your organization before moving on to the next step.
security Use The Delist Portal To Remove Yourself From The Office 365 Blocked Senders Lis https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis.md
There are good reasons for senders to wind up on the blocked senders list, but m
:::image type="content" source="../../media/bf13e4f7-f68c-4e46-baa7-b6ab4cfc13f3.png" alt-text="The email received when you submit a request through the delist portal" lightbox="../../media/bf13e4f7-f68c-4e46-baa7-b6ab4cfc13f3.png"::: - 4. Click the confirmation link in the email sent to you by the delisting portal. This brings you back to the delist portal.
security View Email Security Reports https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/view-email-security-reports.md
On the **Exchange transport rule report** page, the available charts and data ar
> [!NOTE] > The **Exchange transport rule report** is now available in the EAC. For more information, see [Exchange transport rule report in the new EAC](/exchange/monitoring/mail-flow-reports/mfr-exchange-transport-rule-report). - ### Chart breakdown by Direction :::image type="content" source="../../media/transport-rule-report-etr-direction-view.png" alt-text="The Direction view for Exchange Transport rules in the Exchange transport rule report" lightbox="../../media/transport-rule-report-etr-direction-view.png":::
security View Reports For Mdo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/view-reports-for-mdo.md
Title: View Defender for Office 365 reports
+f1.keywords:
- CSH Previously updated : Last updated : audience: ITPro ms.localizationpriority: medium
+search.appverid:
- MET150 - MOE150 ms.assetid: e47e838c-d99e-4c0b-b9aa-e66c4fae902f-+ - M365-security-compliance - m365initiative-defender-office365 description: Admins can learn how to find and use the Defender for Office 365 reports that are available in the Microsoft 365 Defender portal.-+ - seo-marvel-apr2020 ms.technology: mdo ms.prod: m365-security
Microsoft Defender for Office 365 organizations (for example, Microsoft 365 E5 s
1. In the Microsoft 365 Defender portal at <https://security.microsoft.com>, go to **Reports** \> **Email & collaboration** \> **Email & collaboration reports**. To go directly to the **Email & collaboration reports** page, use <https://security.microsoft.com/emailandcollabreport>.
-1. Choose the report you want to view, and then select **View details**.
+1. Choose the report you want to view, and then select **View details**.
### Download reports
To view the report, open the Microsoft 365 Defender portal at <https://security.
On the **Email & collaboration reports** page, find **Mail latency report** and then click **View details**. To go directly to the report, use <https://security.microsoft.com/mailLatencyReport>. - :::image type="content" source="../../media/mail-latency-report-widget.png" alt-text="The Mail latency report widget on the Email & collaboration reports page" lightbox="../../media/mail-latency-report-widget.png"::: On the **Mail latency report** page, the following tabs are available on the **Mail latency report** page:
security Whats New In Defender For Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/whats-new-in-defender-for-office-365.md
For more information on what's new with other Microsoft Defender security produc
- [Streamlined the submission experience in Microsoft Defender for Office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/streamlining-the-submissions-experience-in-microsoft-defender/ba-p/3152080): Introducing the new unified and streamlined submission process to make your experience simpler. - ## January 2022 - [Updated Hunting and Investigation Experiences for Microsoft Defender for Office 365](https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/updated-hunting-and-investigation-experiences-for-microsoft/ba-p/3002015): Introducing the email summary panel for experiences in Defender for Office 365, along with experience updates for Threat Explorer and Real-time detections. - ## October 2021 - [Advanced Delivery DKIM enhancement](configure-advanced-delivery.md): Added support for DKIM domain entry as part of third-party phishing simulation configuration.
For more information on what's new with other Microsoft Defender security produc
- Extending the Explorer (and Real-time detections) data retention and search limit for trial tenants from 7 (previous limit) to 30 days in [hunting experiences](threat-explorer.md) - New hunting pivots called **Impersonated domain** and **Impersonated user** within the Explorer (and Real-time detections) to search for impersonation attacks against protected users or domains. For more information, see [details](threat-explorer.md#view-phishing-emails-sent-to-impersonated-users-and-domains). (Microsoft Defender for Office 365 Plan 1 or Plan 2) - ## Microsoft Defender for Office 365 Plan 1 and Plan 2 Did you know that Microsoft Defender for Office 365 is available in two plans? [Learn more about what each plan includes](defender-for-office-365.md#microsoft-defender-for-office-365-plan-1-and-plan-2).
solutions Best Practices Anonymous Sharing https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/best-practices-anonymous-sharing.md
To set an expiration date for Anyone links across the organization
![Screenshot of SharePoint organization-level Anyone link expiration settings.](../media/sharepoint-organization-anyone-link-expiration.png) 1. Type a number of days in the box, and then click **Save**.
+If you change the expiration time, existing links will keep their current expiration time if the new setting is longer, or be updated to the new setting if the new setting is shorter.
+ To set an expiration date for Anyone links on a specific site 1. Open the SharePoint admin center, expand **Sites**, and then select <a href="https://go.microsoft.com/fwlink/?linkid=2185220" target="_blank">**Active sites**</a>.
To set the default file and folder sharing link for a specific site
## Prevent unauthenticated sharing of sensitive content
-You can use [Microsoft Purview data loss prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself.
+You can use [Microsoft Purview Data Loss Prevention (DLP)](../compliance/dlp-learn-about-dlp.md) to prevent unauthenticated sharing of sensitive content. Data loss prevention can take action based on a file's sensitivity label, retention label, or sensitive information in the file itself.
To create a DLP rule 1. In the Microsoft Purview admin center, go to the [Data loss prevention page](https://compliance.microsoft.com/datalossprevention).
test-base Testapplication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/testapplication.md
Title: 'Test Binaries package on Test Base'
-description: How to test Binaries package on Test Base
+ Title: 'Test your Binary Files on Test Base'
+description: How to test your Binaries Files on Test Base
search.appverid: MET150
f1.keywords: NOCSH
-# Test Binaries package on Test Base
+# Test your Binary Files on Test Base
> [!NOTE] > This guide will guide you to create a new Test Base package from scratch. If you already have a Test Base package (.zip) in hand, you can switch to use our legacy upload experience [Upload your Test Base package (Zip)](uploadApplication.md).
test-base Uploadapplication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/uploadApplication.md
f1.keywords: NOCSH
# Upload your Test Base package (Zip)
-On the Test Base portal page, navigate to the **Upload new package** option on the left navigation bar as shown below:
+On the Test Base portal page, navigate to the **New package** option on the left navigation bar an then click **Legacy upload experience** to enable the Zip upload experience as shown below:
+ Once there, follow the steps below to upload a new package.