Updates from: 05/10/2022 01:16:33
Category Microsoft Docs article Related commit history on GitHub Change details
bookings Add Staff https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/add-staff.md
Although Bookings is a feature of Microsoft 365, not all of your staff members a
> [!NOTE] > Staff from outside your tenant will not be able to share free/busy information with Bookings.
-5. For each staff member, select a role: Administrator, Viewer, or Guest.
- - **Administrators** can edit all settings, add and remove staff, and create, edit, or delete bookings.
- - **Viewers** can see all the bookings on the calendar, but they canΓÇÖt modify or delete them. They have read-only access to settings.
- - **Guests** can be assigned to bookings, but they canΓÇÖt open the booking mailbox.
+5. For each staff member, select a role: Team member, Scheduler, Viewer, or Guest.
+ - **Team member** can manage bookings on their own calendar and their availability in the booking mailbox. When adding or editing a booking in their calendar, they'll be assigned as staff.
+ - **Scheduler** can manage bookings on the calendar and customer details. They have read-only access to settings, staff, and services.
+ - **Viewer** can see all the bookings on the calendar, but they canΓÇÖt modify or delete them. They have read-only access to settings.
+ - **Guest** can be assigned to bookings, but they canΓÇÖt open the booking mailbox.
6. Select **Notify all staff via email when a booking assigned to them is created or changed** to enable staff emails. The following is an example email:
business-premium M365bp Multifactor Authentication https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-multifactor-authentication.md
search.appverid:
description: "Set up multifactor authentication for mobile devices."
-# Set up multi-factor authentication with your mobile device
+# Set up multifactor authentication with your mobile device
-Multi-factor authentication provides more security because instead of only using a password, or a code through text, a separate app on your phone is used to verify access. This makes it difficult to hack. When MFA is required, members of the organization can use the Microsoft Authenticator app to securely sign in on their devices. <br/><br/>
+Multifactor authentication (MFA) provides more security because instead of only using a password, or a code through text, a separate app on your phone is used to verify access. This makes it difficult to hack. When MFA is required, members of the organization can use the Microsoft Authenticator app to securely sign in on their devices. <br/><br/>
> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE2MmQR]
compliance Apply Retention Labels Automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md
description: Create auto-labeling retention policies so you can automatically ap
# Automatically apply a retention label to retain or delete content - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!NOTE] > This scenario is not supported for [regulatory records](records-management.md#records) or default labels for an organizing structure such as a document set or library in SharePoint, or a folder in Exchange. These scenarios require a [published retention label policy](create-apply-retention-labels.md).
compliance Apply Sensitivity Label Automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-sensitivity-label-automatically.md
description: "When you create a sensitivity label, you can automatically assign
# Apply a sensitivity label to content automatically - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
-> [!NOTE]
-> For information about automatically applying a sensitivity label in Microsoft Purview Data Map, see [Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label).
+
+> [!TIP]
+> For information about automatically applying a sensitivity label in the data map, see [Labeling in Microsoft Purview Data Map](/azure/purview/create-sensitivity-label).
When you create a sensitivity label, you can automatically assign that label to files and emails when it matches conditions that you specify.
compliance Auto Apply Retention Labels Scenario https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/auto-apply-retention-labels-scenario.md
description: "How you can use retention labels to manage the lifecycle of docume
# Use retention labels to manage the lifecycle of documents stored in SharePoint - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + This article describes how you can manage the lifecycle of documents that are stored in SharePoint by using automatically applied retention labels and event-based retention. The auto-apply functionality uses SharePoint metadata for document classification. The example in this article is for product-related documents, but the same concepts can be used for other scenarios. For example, in the oil and gas industry, you could use it to manage the lifecycle of documents about physical assets such as oil platforms, well logs, or production licenses. In the financial services industry, you could manage bank account, mortgage, or insurance contract documents. In the public sector, you could manage construction permits or tax forms.
compliance Bulk Create Publish Labels Using Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/bulk-create-publish-labels-using-powershell.md
description: "Learn how to use PowerShell to create and publish retention labels
# Create and publish retention labels by using PowerShell - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + After you've decided to use [retention labels](retention.md) to help you keep or delete documents and emails in Microsoft 365, you might have realized that you have many and possibly hundreds of retention labels to create and publish. The recommended method to create retention labels at scale is by using [file plan](file-plan-manager.md) from the Microsoft Purview compliance portal. However, you can also use [PowerShell](retention.md#powershell-cmdlets-for-retention-policies-and-retention-labels). Use the information, template files and examples, and script in this article to help you bulk-create retention labels and publish them in retention label policies. Then, the retention labels can be [applied by administrators and users](create-apply-retention-labels.md#how-to-apply-published-retention-labels).
compliance Create Apply Retention Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-apply-retention-labels.md
description: Instructions to publish retention labels so you can then apply them
# Publish retention labels and apply them in apps - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!NOTE] > This scenario is supported for all retention label configurations, including [regulatory records](records-management.md#records).
compliance Create Retention Labels Data Lifecycle Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-labels-data-lifecycle-management.md
description: Instructions to create retention labels for exceptions to retention
# Create retention labels for exceptions to your retention policies - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + As part of your data governance strategy to retain what you need and delete what you don't, you might need to create a few retention labels for items that need exceptions to your retention policies. Whereas retention policies automatically apply to all items at the container level (such as SharePoint sites, user mailboxes, and so on), retention labels apply to individual items, such as a SharePoint document or an email message.
compliance Create Retention Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-retention-policies.md
description: "Use a retention policy to efficiently keep control of the content
# Create and configure retention policies - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Use a retention policy to manage the data for your organization by deciding proactively whether to retain content, delete content, or retain and then delete the content. A retention policy lets you do this very efficiently by assigning the same retention settings at the container level to be automatically inherited by content in that container. For example, all items in SharePoint sites, all email messages in users' Exchange mailboxes, all channel messages for teams that are used with Microsoft Teams. If you're not sure whether to use a retention policy at the container level or a retention label at the item level, see [Retention policies and retention labels](retention.md#retention-policies-and-retention-labels).
compliance Create Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-sensitivity-labels.md
description: "A requirement for all Microsoft Purview Information Protection sol
# Create and configure sensitivity labels and their policies - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + All Microsoft Purview Information Protection solutions are implemented by using [sensitivity labels](sensitivity-labels.md). To create and publish these labels, go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077149" target="_blank">Microsoft Purview compliance portal</a>. First, create and configure the sensitivity labels that you want to make available for apps and other services. For example, the labels you want users to see and apply from Office apps.
compliance Data Governance Solution https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-governance-solution.md
+
+ Title: "Deploy a data governance solution"
+f1.keywords:
+- NOCSH
+++
+audience: Admin
+++
+- m365solution-overview
+- m365solution-mig
+- m365initiative-compliance
+ms.localizationpriority: high
+search.appverid:
+- MOE150
+- MET150
+description: "Prescriptive guidance to deploy Microsoft Purview for your organization to govern your data for compliance or regulatory requirements."
++
+# Deploy a data governance solution with Microsoft Purview
+
+>*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
++
+Use **Microsoft Purview Data Lifecycle Management** (formerly Microsoft Information Governance) and **Microsoft Purview Records Management** to govern your Microsoft 365 data for compliance or regulatory requirements.
+
+![Overview of steps to deploy a data governance solution with Microsoft Purview](../media/data-governance-solution-overview.png)
+
+For data governance that maps and manages data across your data estate, including multi-cloud, and software-as-a-service (SaaS), use [Microsoft Purview Data Map, Microsoft Purview Data Catalog, and Microsoft Purview Data Estate Insights](/azure/purview/overview).
+
+For a data protection solution, see [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md).
+
+## Licensing
+
+To understand your licensing requirements and options, see the following sections from the [Microsoft 365 licensing documentation](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance):
+- [Microsoft Purview Data Lifecycle Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-data-lifecycle-management)
+- [Microsoft Purview Records Management](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-purview-records-management)
+
+Any additional licensing requirements will be included in the documentation instructions. For example, licensing specific to managing mailboxes might require licenses from Exchange Online.
+
+## Keep what you need and delete what you don't
+
+![Steps for data lifecycle management solution](../media/data-lifecycle-management-solution.png)
+
+Use **Microsoft Purview Data Lifecycle Management** (formerly Microsoft Information Governance) to keep what you need and delete what you don't.
+
+|Step|Description|More information|
+|:|:-|:|
+|1| Understand how retention and deletion works for Microsoft 365 services. <br /><br /> After you understand how you can use retention policies and retention labels, identify your workloads that need a retention policy and whether you need to create retention labels for exceptions. | [Learn about retention policies and retention labels](retention.md)|
+|2| Create retention policies and if needed, retention labels for exceptions. <br /><br /> The most commonly used retention policies are for Exchange, SharePoint, Teams, Microsoft 365 Groups, and Yammer. You can configure exceptions for documents and emails. | [Create retention policies](create-retention-policies.md) <p> [Create and apply retention labels for your exceptions](create-retention-labels-information-governance.md)|
+|3| Manage mailboxes. <br /><br /> Enable mailboxes for archiving and auto-expanding archiving, consider whether you need to customize when emails are moved to the archive mailbox, and make mailboxes inactive when users leave the organization.| [Enable archive mailboxes](enable-archive-mailboxes.md) <p> [Enable auto-expanding archiving](enable-autoexpanding-archiving.md) <p> [Create and manage inactive mailboxes](create-and-manage-inactive-mailboxes.md)|
+|4| Import PST files to online mailboxes. <br /><br /> If you have PST files that contain data you want to govern, you can import them by using network upload or drive shipping.| [Use network upload to import your organization's PST files](use-network-upload-to-import-pst-files.md) <p> [Use drive shipping to import your organization's PST files](use-drive-shipping-to-import-pst-files-to-office-365.md)|
+
+To learn more about the capabilities from this solution, see [Learn about data lifecycle management](information-governance.md).
+
+## Manage high-value items
+
+![Steps for records management solution](../media/records-management-solution.png)
+
+Use **Microsoft Purview Records Management** to manage your organization's high-value items for business, legal, or regulatory record-keeping requirements.
+
+|Step|Description|More information|
+|:|:-|:|
+|1| Understand the records management solution. <br /><br /> Use retention labels with more flexible configuration options and when required, declare items as records. | [Learn about records management](records-management.md)|
+|2| Use file plan to manage your retention schedules. <br /><br /> File plan lets you create retention labels interactively or import in bulk, and export for analysis. Labels that you create with file plan support additional administrative information to help you identify and track business or regulatory requirements. | [Use file plan to create and manage retention labels](file-plan-manager.md)|
+|3| Apply your retention labels. <br /><br /> Your retention labels can be published and applied manually or automatically in apps, or automatically applied based on sensitive information, keywords or searchable properties, trainable classifiers, or cloud attachments. |[Publish retention labels and apply them in apps](create-apply-retention-labels.md) <p> [Apply a retention label to content automatically](apply-retention-labels-automatically.md)|
+|4| Manage the permanent deletion of data. <br /><br /> Known as the disposition of data, you can require a manual review of content before it's permanently deleted, and provide proof of disposition for records. |[Manage content disposition](disposition.md)|
+
+> [!TIP]
+> Check the list of [common scenarios](get-started-with-records-management.md#common-scenarios) for additional configurations supported by records management.
+
+To learn more about the capabilities from this solution, see [Learn about records management](records-management.md).
+
+## Training resources
+
+Learning modules for consultants and admins:
+
+- [Introduction to information protection and governance in Microsoft 365](/learn/modules/m365-compliance-information-governance)
+- [Govern information in Microsoft 365](/learn/modules/m365-compliance-information-govern-information/)
+- [Manage records in Microsoft 365](/learn/modules/m365-compliance-information-manage-records/)
+
+For documentation to support users when these solutions are deployed, see the end user documentation sections for [data lifecycle management](get-started-with-information-governance.md#end-user-documentation) and [records management](get-started-with-records-management.md#end-user-documentation).
compliance Data Lifecycle Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-lifecycle-management.md
description: Learn how Microsoft Purview Data Lifecycle Management helps you kee
# Learn about data lifecycle management - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance) provides you with tools and capabilities to retain the content that you need to keep, and delete the content that you don't. Retaining and deleting content is often needed for compliance and regulatory requirement, but deleting content that no longer has business value also helps you manage risk and liability. For example, it reduces your attack surface. **Retention policies** are the cornerstone for data lifecycle management. Use these policies for Microsoft 365 workloads that include Exchange, SharePoint, OneDrive, Teams, and Yammer. Configure whether content for these services needs to be retained indefinitely, or for a specific period if users edit or delete it. Or you can configure the policy to automatically permanently delete the content after a specified period if it's not already deleted. You can also combine these two actions for retain and then delete, which is a very typical configuration. For example, retain email for three years and then delete it.
compliance Declare Records https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/declare-records.md
description: "Declare records by using retention labels."
# Declare records by using retention labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + To declare documents and emails as [records](records-management.md#records), you use [retention labels](retention.md#retention-labels) that mark the content as a **record** or a **regulatory record**. If you're not sure whether to use a record or a regulatory record, see [Compare restrictions for what actions are allowed or blocked](records-management.md#compare-restrictions-for-what-actions-are-allowed-or-blocked). If you need to use regulatory records, you must first run a PowerShell command, as described in the next section.
compliance Disposition https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/disposition.md
description: "Monitor and manage the disposal of content for when you use a disp
# Disposition of content - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Use the **Disposition** page from **Records Management** in the Microsoft Purview compliance portal to manage disposition reviews and view the metadata of [records](records-management.md#records) that have been automatically deleted at the end of their retention period. ## Prerequisites for viewing content dispositions
compliance Encryption Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-sensitivity-labels.md
# Restrict access to content by using sensitivity labels to apply encryption - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + When you create a sensitivity label, you can restrict access to content that the label will be applied to. For example, with the encryption settings for a sensitivity label, you can protect content so that: - Only users within your organization can open a confidential document or email.
compliance Event Driven Retention https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/event-driven-retention.md
description: Typically part of a records management solution, you can configure
# Start retention when an event occurs - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + When you retain content, the retention period is often based on the age of the content. For example, you might retain documents for seven years after they're created and then delete them. But when you configure [retention labels](retention.md#retention-labels), you can also base a retention period on when a specific type of event occurs. The event triggers the start of the retention period, and all content with a retention label applied for that type of event get the label's retention actions enforced on them. Examples for using event-based retention:
compliance File Plan Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/file-plan-manager.md
# Use file plan to create and manage retention labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Although you can create and manage retention labels from **Data lifecycle management** in the Microsoft Purview compliance portal, file plan from **Records management** has additional management capabilities: - You can bulk-create retention labels by importing the relevant information from a spreadsheet.
compliance Get Started With Data Lifecycle Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-data-lifecycle-management.md
description: Ready to start governing your organization's data, but not sure whe
# Get started with data lifecycle management - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Ready to start governing your organization's data by retaining the content that you need to keep, and deleting the content that you don't? To get started, use the following guidance for Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance): 1. **Understand how retention and deletion works** in Microsoft 365, and then identify the workloads that need a retention policy and whether you need to create retention labels for exceptions: [Learn about retention](retention.md)
compliance Get Started With Records Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-records-management.md
description: Need a records management solution for Microsoft 365 that manages h
# Get started with records management - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Ready to start managing your organization's high-value content for legal, business, or regulatory obligations by using a records management solution in Microsoft 365? Use the following guidance to get started: 1. **Understand how retention and deletion works** in Microsoft 365, and identify whether you need to use retention policies to supplement retention labels that manage documents and emails at the item level: [Learn about retention policies and retention labels](retention.md)
compliance Get Started With Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/get-started-with-sensitivity-labels.md
description: "Ready to deploy sensitivity labels to help protect your organizati
# Get started with sensitivity labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + For information about what sensitivity labels are and how they can help you protect your organization's data, see [Learn about sensitivity labels](sensitivity-labels.md). If you have [Azure Information Protection](/azure/information-protection/what-is-information-protection) and are still using Azure Information Protection labels that were managed from the Azure portal, you must migrate these labels to the [unified labeling platform](/azure/information-protection/faqs#how-can-i-determine-if-my-tenant-is-on-the-unified-labeling-platform). For Windows computers, you can then [choose which labeling client to use](/azure/information-protection/rms-client/use-client#choose-which-labeling-client-to-use-for-windows-computers) for your published sensitivity labels.
All scenarios require you to [Create and configure sensitivity labels and their
|Apply a retention label to retain or delete files or emails that have a specific sensitivity label|[Automatically apply a retention label to retain or delete content](apply-retention-labels-automatically.md) | |Discover, label, and protect files stored in data stores that are on premises |[Deploying the Azure Information Protection scanner to automatically classify and protect files](/azure/information-protection/deploy-aip-scanner)| |Discover, label, and protect files stored in data stores that are in the cloud|[Discover, classify, label, and protect regulated and sensitive data stored in the cloud](/cloud-app-security/best-practices#discover-classify-label-and-protect-regulated-and-sensitive-data-stored-in-the-cloud)|
+|Label SQL database columns by using the same sensitivity labels as those used for files and emails so that the organization has a unified labeling solution that can continue to protect this structured data when it's exported |[Data Discovery & Classification for Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics](/azure/azure-sql/database/data-discovery-and-classification-overview) <br /><br /> [SQL Data Discovery and Classification for SQL Server on-premises](/sql/relational-databases/security/sql-data-discovery-and-classification)|
|Apply and view labels in Power BI, and protect data when it's saved outside the service|[Sensitivity labels in Power BI](/power-bi/admin/service-security-sensitivity-label-overview)| |Monitor and understand how sensitivity labels are being used in my organization|[Learn about data classification](data-classification-overview.md)| |Extend sensitivity labels to third-party apps and services|[Microsoft Information Protection SDK](/information-protection/develop/overview#microsoft-information-protection-sdk)|
compliance Information Barriers https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-barriers.md
[!include[Purview banner](../includes/purview-rebrand-banner.md)]
-Microsoft cloud services include powerful communication and collaboration capabilities. But suppose that you want to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. Or, perhaps you want to restrict communication and collaboration between certain people inside your organization in order to safeguard internal information. Microsoft 365 enables communication and collaboration across groups and organizations, so is there a way to restrict communication and collaboration among specific groups of users when necessary? With Microsoft Purview Information Barriers, you can!
+Microsoft cloud services include powerful communication and collaboration capabilities. But suppose that you want to restrict communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. Or, perhaps you want to restrict communication and collaboration between certain people inside your organization in order to safeguard internal information. Microsoft 365 enables communication and collaboration across groups and organizations, so is there a way to restrict communication and collaboration among specific groups of users when necessary? With Microsoft Purview Information Barriers (IB), you can!
Microsoft Teams, SharePoint Online, and OneDrive for Business support information barriers. Assuming your [subscription](#required-licenses-and-permissions) includes information barriers, a compliance administrator, or information barriers administrator can define policies to allow or prevent communications between groups of users in Microsoft Teams. Information barrier policies can be used for situations like these:
To learn more about the user experience with information barriers, see [informat
## Required licenses and permissions
-Before you get started with insider risk management, you should confirm your [Microsoft 365 subscription](https://www.microsoft.com/microsoft-365/compare-all-microsoft-365-plans) and any add-ons. To access and use information barriers, your organization must have one of the following subscriptions or add-ons:
+Before you get started with IB, you should confirm your [Microsoft 365 subscription](https://www.microsoft.com/microsoft-365/compare-all-microsoft-365-plans) and any add-ons. To access and use IB, your organization must have one of the following subscriptions or add-ons:
- Microsoft 365 E5/A5 subscription (paid or trial version) - Office 365 E5/A5/A3/A1 subscription (paid or trial version)
compliance Information Protection Solution https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection-solution.md
description: "Prescriptive guidance to deploy Microsoft Purview Information Prot
# Deploy an information protection solution with Microsoft Purview - >*[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance)* + Your information protection strategy is driven by your business needs. Many organizations must comply with regulations, laws, and business practices. Additionally, organizations need to protect proprietary information, such as data for specific projects. Microsoft Purview Information Protection (formerly Microsoft Information Protection) provides a framework, process, and capabilities you can use to accomplish your specific business objectives.
Use Microsoft Purview Information Protection to help you discover, classify, pro
Watch the following Ignite session to see how these capabilities support and build on each other: [Know your data, protect your data, and prevent data loss with Microsoft Information Protection](https://myignite.microsoft.com/archives/IG20-OD273).
-For information about governing your data, see [Govern your data with Microsoft Purview](manage-Information-governance.md).
+For data governance, see [Deploy a data governance solution with Microsoft Purview](data-governance-solution.md).
## Licensing
compliance Information Protection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/information-protection.md
description: "Implement Microsoft Purview Information Protection capabilities to
# Protect your sensitive data with Microsoft Purview
+>*[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance)*
+ > [!TIP] > *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md). [!include[Purview banner](../includes/purview-rebrand-banner.md)]
->*[Licensing for Microsoft 365 Security & Compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance)*
- Implement capabilities from **Microsoft Purview Information Protection** (formerly Microsoft Information Protection) to help you discover, classify, and protect sensitive information wherever it lives or travels. These information protection capabilities give you the tools to [know your data](#know-your-data), [protect your data](#protect-your-data), and [prevent data loss](#prevent-data-loss). ![Image of how Microsoft Purview Information Protection helps you discover, classify, and protect sensitive data.](../media/powered-by-intelligent-platform.png)
-For prescriptive guidance to deploy a Microsoft Purview Information Protection solution for your organization, see [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md).
+Use the following sections to learn more about the available capabilities and how to get started with each one. However, if you're looking for a guided deployment, see [Deploy an information protection solution with Microsoft Purview](information-protection-solution.md).
-For information about governing your data, see [Govern your data with Microsoft Purview](manage-Information-governance.md).
+For information about governing your data for compliance or regulatory requirements, see [Govern your data with Microsoft Purview](manage-data-governance.md).
## Know your data
To apply flexible protection actions that include encryption, access restriction
|Capability|What problems does it solve?|Get started| |:|:||
-|[Sensitivity labels](sensitivity-labels.md)| A single solution across apps, services, and devices to label and protect your data as it travels inside and outside your organization. <br /><br /> Example scenarios: <br />- [Manage sensitivity labels for Office apps](sensitivity-labels-office-apps.md) <br />- [Encrypt documents and emails](encryption-sensitivity-labels.md) <br />- [Apply and view labels in Power BI](/power-bi/admin/service-security-apply-data-sensitivity-labels) <br /><br /> For a comprehensive list of scenarios for sensitivity labels, see the Get started documentation.|[Get started with sensitivity labels](get-started-with-sensitivity-labels.md) |
+|[Sensitivity labels](sensitivity-labels.md)| A single labeling solution across apps, services, and devices to protect your data as it travels inside and outside your organization. <br /><br /> Example scenarios: <br />- [Manage sensitivity labels for Office apps](sensitivity-labels-office-apps.md) <br />- [Encrypt documents and emails](encryption-sensitivity-labels.md) <br />- [Apply and view labels in Power BI](/power-bi/admin/service-security-apply-data-sensitivity-labels) <br /><br /> For a comprehensive list of supported scenarios for sensitivity labels, see the Get started documentation.|[Get started with sensitivity labels](get-started-with-sensitivity-labels.md) |
|[Azure Information Protection unified labeling client](/azure/information-protection/rms-client/aip-clientv2)| For Windows computers, extends labeling to File Explorer and PowerShell, with additional features for Office apps if needed| [Azure Information Protection unified labeling client administrator guide](/azure/information-protection/rms-client/clientv2-admin-guide)| |[Double Key Encryption](double-key-encryption.md)| Under all circumstances, only your organization can ever decrypt protected content or for regulatory requirements, you must hold encryption keys within a geographical boundary. | [Deploy Double Key Encryption](double-key-encryption.md#deploy-dke)| |[Office 365 Message Encryption (OME)](ome.md)| Encrypts email messages and attached documents that are sent to any user on any device, so only authorized recipients can read emailed information. <br /><br /> Example scenario: [Revoke email encrypted by Advanced Message Encryption](revoke-ome-encrypted-mail.md) | [Set up new Message Encryption capabilities](set-up-new-message-encryption-capabilities.md)|
compliance Keyword Queries And Search Conditions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/keyword-queries-and-search-conditions.md
The following table lists email message properties that can be searched by using
|Property|Property description|Examples|Search results returned by the examples| ||||| |AttachmentNames|The names of files attached to an email message.|`attachmentnames:annualreport.ppt` <p> `attachmentnames:annual*` <br/> `attachmentnames:.pptx`|Messages that have an attached file named annualreport.ppt. In the second example, using the wildcard character ( * ) returns messages with the word "annual" in the file name of an attachment. The third example returns all attachments with the pptx file extension.|
-|Bcc|The Bcc field of an email message.<sup>1</sup>|`bcc:pilarp@contoso.com` <p> `bcc:pilarp` <p> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.|
+|Bcc|The Bcc field of an email message.<sup>1</sup>|`bcc:pilarp@contoso.com` <p> `bcc:pilarp` <p> `bcc:"Pilar Pinilla"`|All examples return messages with Pilar Pinilla included in the Bcc field.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Category|The categories to search. Categories can be defined by users by using Outlook or Outlook on the web (formerly known as Outlook Web App). The possible values are: <ul><li>blue<li>green<li>orange<li>purple<li>red<li>yellow</li></ul>|`category:"Red Category"`|Messages that have been assigned the red category in the source mailboxes.|
-|Cc|The Cc field of an email message.<sup>1</sup>|`cc:pilarp@contoso.com` <p> `cc:"Pilar Pinilla"`|In both examples, messages with Pilar Pinilla specified in the Cc field.|
+|Cc|The Cc field of an email message.<sup>1</sup>|`cc:pilarp@contoso.com` <p> `cc:"Pilar Pinilla"`|In both examples, messages with Pilar Pinilla specified in the Cc field.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Folderid|The folder ID (GUID) of a specific mailbox folder. If you use this property, be sure to search the mailbox that the specified folder is located in. Only the specified folder will be searched. Any subfolders in the folder won't be searched. To search subfolders, you need to use the Folderid property for the subfolder you want to search. <p> For more information about searching for the Folderid property and using a script to obtain the folder IDs for a specific mailbox, see [Use Content search for targeted collections](use-content-search-for-targeted-collections.md).|`folderid:4D6DD7F943C29041A65787E30F02AD1F00000000013A0000` <p> `folderid:2370FB455F82FC44BE31397F47B632A70000000001160000 AND participants:garthf@contoso.com`|The first example returns all items in the specified mailbox folder. The second example returns all items in the specified mailbox folder that were sent or received by garthf@contoso.com.|
-|From|The sender of an email message.<sup>1</sup>|`from:pilarp@contoso.com` <p> `from:contoso.com`|Messages sent by the specified user or sent from a specified domain.|
+|From|The sender of an email message.<sup>1</sup>|`from:pilarp@contoso.com` <p> `from:contoso.com`|Messages sent by the specified user or sent from a specified domain.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|HasAttachment|Indicates whether a message has an attachment. Use the values **true** or **false**.|`from:pilar@contoso.com AND hasattachment:true`|Messages sent by the specified user that have attachments.| |Importance|The importance of an email message, which a sender can specify when sending a message. By default, messages are sent with normal importance, unless the sender sets the importance as **high** or **low**.|`importance:high` <p> `importance:medium` <p> `importance:low`|Messages that are marked as high importance, medium importance, or low importance.| |IsRead|Indicates whether messages have been read. Use the values **true** or **false**.|`isread:true` <p> `isread:false`|The first example returns messages with the IsRead property set to **True**. The second example returns messages with the IsRead property set to **False**.| |ItemClass|Use this property to search specific third-party data types that your organization imported to Office 365. Use the following syntax for this property: `itemclass:ipm.externaldata.<third-party data type>*`|`itemclass:ipm.externaldata.Facebook* AND subject:contoso` <p> `itemclass:ipm.externaldata.Twitter* AND from:"Ann Beebe" AND "Northwind Traders"`|The first example returns Facebook items that contain the word "contoso" in the Subject property. The second example returns Twitter items that were posted by Ann Beebe and that contain the keyword phrase "Northwind Traders". <p> For a complete list of values to use for third-party data types for the ItemClass property, see [Use Content search to search third-party data that was imported to Office 365](use-content-search-to-search-third-party-data-that-was-imported.md).| |Kind|The type of email message to search for. Possible values: <p> contacts <p> docs <p> email <p> externaldata <p> faxes <p> im <p> journals <p> meetings <p> microsoftteams (returns items from chats, meetings, and calls in Microsoft Teams) <p> notes <p> posts <p> rssfeeds <p> tasks <p> voicemail|`kind:email` <p> `kind:email OR kind:im OR kind:voicemail` <p> `kind:externaldata`|The first example returns email messages that meet the search criteria. The second example returns email messages, instant messaging conversations (including Skype for Business conversations and chats in Microsoft Teams), and voice messages that meet the search criteria. The third example returns items that were imported to mailboxes in Microsoft 365 from third-party data sources, such as Twitter, Facebook, and Cisco Jabber, that meet the search criteria. For more information, see [Archiving third-party data in Office 365](https://www.microsoft.com/?ref=go).|
-|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.<sup>1</sup>|`participants:garthf@contoso.com` <p> `participants:contoso.com`|Messages sent by or sent to garthf@contoso.com. The second example returns all messages sent by or sent to a user in the contoso.com domain.|
+|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.<sup>1</sup>|`participants:garthf@contoso.com` <p> `participants:contoso.com`|Messages sent by or sent to garthf@contoso.com. The second example returns all messages sent by or sent to a user in the contoso.com domain.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Received|The date that an email message was received by a recipient.|`received:2021-04-15` <p> `received>=2021-01-01 AND received<=2021-03-31`|Messages that were received on April 15, 2021. The second example returns all messages received between January 1, 2021 and March 31, 2021.|
-|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.<sup>1</sup>|`recipients:garthf@contoso.com` <p> `recipients:contoso.com`|Messages sent to garthf@contoso.com. The second example returns messages sent to any recipient in the contoso.com domain.|
+|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.<sup>1</sup>|`recipients:garthf@contoso.com` <p> `recipients:contoso.com`|Messages sent to garthf@contoso.com. The second example returns messages sent to any recipient in the contoso.com domain.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Sent|The date that an email message was sent by the sender.|`sent:2021-07-01` <p> `sent>=2021-06-01 AND sent<=2021-07-01`|Messages that were sent on the specified date or sent within the specified date range.| |Size|The size of an item, in bytes.|`size>26214400` <p> `size:1..1048567`|Messages larger than 25 MB. The second example returns messages from 1 through 1,048,567 bytes (1 MB) in size.| |Subject|The text in the subject line of an email message. <p> **Note:** When you use the Subject property in a query, the search returns all messages in which the subject line contains the text you're searching for. In other words, the query doesn't return only those messages that have an exact match. For example, if you search for `subject:"Quarterly Financials"`, your results will include messages with the subject "Quarterly Financials 2018".|`subject:"Quarterly Financials"` <p> `subject:northwind`|Messages that contain the phrase "Quarterly Financials" anywhere in the text of the subject line. The second example returns all messages that contain the word northwind in the subject line.|
Create a condition using common properties when searching mailboxes and sites in
|Condition|Description| ||| |Date|For email, the date a message was received by a recipient or sent by the sender. For documents, the date a document was last modified.|
-|Sender/Author|For email, the person who sent a message. For documents, the person cited in the author field from Office documents. You can type more than one name, separated by commas. Two or more values are logically connected by the **OR** operator.|
+|Sender/Author|For email, the person who sent a message. For documents, the person cited in the author field from Office documents. You can type more than one name, separated by commas. Two or more values are logically connected by the **OR** operator.<br>([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Size (in bytes)|For both email and documents, the size of the item (in bytes).| |Subject/Title|For email, the text in the subject line of a message. For documents, the title of the document. As previously explained, the Title property is metadata specified in Microsoft Office documents. You can type the name of more than one subject/title values, separated by commas. Two or more values are logically connected by the **OR** operator. <p> **Note**: Don't include double quotation marks to the values for this condition because quotation marks are automatically added when using this search condition. If you add quotation marks to the value, two pairs of double quotations will be added to the condition value, and the search query will return an error.| |Retention label|For both email and documents, retention labels that can be automatically or manually applied to messages and documents. Retention labels can be used to declare records and help you manage the data lifecycle of content by enforcing retention and deletion rules specified by the label. You can type part of the retention label name and use a wildcard or type the complete label name. For more information about retention labels, see [Learn about retention policies and retention labels](retention.md).|
Create a condition using mail properties when searching mailboxes or public fold
|Condition|Description| ||| |Message kind|The message type to search. This is the same property as the Kind email property. Possible values: <ul><li>contacts</li><li>docs</li><li>email</li><li>externaldata</li><li>fax</li><li>im</li><li>journals</li><li>meetings</li><li>microsoftteams</li><li>notes</li><li>posts</li><li>rssfeeds</li><li>tasks</li><li>voicemail</li></ul>|
-|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc.|
+|Participants|All the people fields in an email message. These fields are From, To, Cc, and Bcc. ([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Type|The message class property for an email item. This is the same property as the ItemClass email property. It's also a multi-value condition. So to select multiple message classes, hold the **CTRL** key and then click two or more message classes in the drop-down list that you want to add to the condition. Each message class that you select in the list will be logically connected by the **OR** operator in the corresponding search query. <p> For a list of the message classes (and their corresponding message class ID) that are used by Exchange and that you can select in the **Message class** list, see [Item Types and Message Classes](/office/vba/outlook/Concepts/Forms/item-types-and-message-classes).| |Received|The date that an email message was received by a recipient. This is the same property as the Received email property.|
-|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc.|
+|Recipients|All recipient fields in an email message. These fields are To, Cc, and Bcc. ([See Recipient Expansion](https://docs.microsoft.com/en-us/microsoft-365/compliance/keyword-queries-and-search-conditions?view=o365-worldwide#recipient-expansionSee))|
|Sender|The sender of an email message.| |Sent|The date that an email message was sent by the sender. This is the same property as the Sent email property.| |Subject|The text in the subject line of an email message. <p> **Note**: Don't include double quotation marks to the values for this condition because quotation marks are automatically added when using this search condition. If you add quotation marks to the value, two pairs of double quotations will be added to the condition value, and the search query will return an error.|
compliance Limits Ediscovery20 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/limits-ediscovery20.md
The following table lists the indexing limits in eDiscovery (Premium).
|Maximum number of characters extracted from a single file.|10 million<sup>4</sup>| |Maximum size of a single file.|150 MB<sup>4</sup>| |Maximum depth of embedded items in a document.|25<sup>4</sup>|
-|Maximum size of files processed by Optical Character Recognition (OCR).|24 MB<sup>4</sup> <br/>
+|Maximum size of files processed by Optical Character Recognition (OCR).|24 MB<sup>4</sup> <br/> |
+|Maximum advanced indexing throughput | 2 GB per hour |
## Search limits
compliance Manage Data Governance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/manage-data-governance.md
description: "Implement capabilities from Microsoft Purview Data Lifecycle Manag
# Govern your data with Microsoft Purview - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Use the capabilities from **Microsoft Purview Data Lifecycle Management** (formerly Microsoft Information Governance) and **Microsoft Purview Records Management** to govern your data for compliance or regulatory requirements. > [!TIP]
Use the following graphic to help you identify the main configurable components
![Main components to configure and use to govern your data with Microsoft Purview.](../media/govern-your-data.png)
-Looking to protect your data? See [Protect your data with Microsoft Purview](information-protection.md).
+The following sections detail the main capabilities for each solution, with links to understand more. However, if you're looking for a guided deployment, see [Deploy a data governance solution with Microsoft Purview](data-governance-solution.md).
+
+Looking for complementary capabilities to protect your data? See [Protect your data with Microsoft Purview](information-protection.md).
## Microsoft Purview Data Lifecycle Management
compliance Mip Easy Trials https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/mip-easy-trials.md
description: Learn about the default labels and policies for Microsoft Purview I
# Default labels and policies to protect your data - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Eligible customers can activate default labels and policies for Microsoft Purview Information Protection: - Sensitivity labels and a sensitivity label policy
compliance Record Versioning https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/record-versioning.md
description: "Learn about records to help you implement a records management sol
# Use record versioning to update records stored in SharePoint or OneDrive - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!NOTE] > Because regulatory records block editing, record versioning is not available for regulatory records. >
compliance Records Management https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/records-management.md
description: Learn how Microsoft Purview Records Management supports high-value
# Learn about records management
+>*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
+ > [!TIP] > *Did you know you can try the premium versions of all nine Microsoft Purview solutions for free?* Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization meet its compliance needs. Microsoft 365 E3 and Office 365 E3 customers can start now at the [Microsoft Purview compliance portal trials hub](https://compliance.microsoft.com/trialHorizontalHub?sku=ComplianceE5&ref=DocsRef). Learn details about [who can sign up and trial terms](compliance-easy-trials.md). [!include[Purview banner](../includes/purview-rebrand-banner.md)]
->*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
- Organizations of all types require a records-management solution to manage regulatory, legal, and business-critical records across their corporate data. Records management for Microsoft Purview helps an organization manage their legal obligations, provides the ability to demonstrate compliance with regulations, and increases efficiency with regular disposition of items that are no longer required to be retained, no longer of value, or no longer required for business purposes. Use the following capabilities to support your records management solution for Microsoft 365 services and apps:
compliance Retention Flowchart https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-flowchart.md
description: "Use a flowchart to determine the outcome when an item has multiple
# Flowchart to determine when an item will be retained or permanently deleted - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Use the following flowchart to apply the [principles of retention](retention.md#the-principles-of-retention-or-what-takes-precedence) to an item to determine if the system will retain it or permanently delete it as a result of a retention label or retention policy. This logic flow is used for an item when either of the following conditions apply:
compliance Retention Limits https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-limits.md
description: "Understand the maximum number of policies and items per policy for
# Limits for retention policies and retention label policies - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + When you use [retention policies and retention label policies](retention.md#retention-policies-and-retention-labels) to automatically retain or delete data for your organization, there are some maximum numbers to be aware of. ## Maximum number of retention labels per tenant
compliance Retention Policies Exchange https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-exchange.md
description: "Learn how retention works for Exchange."
# Learn about retention for Exchange
+>*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).*
+ [!include[Purview banner](../includes/purview-rebrand-banner.md)] The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to Exchange. For other workloads, see:
compliance Retention Policies Sharepoint https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-sharepoint.md
description: "Learn how retention works for SharePoint and OneDrive."
# Learn about retention for SharePoint and OneDrive - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to SharePoint and OneDrive. For other workloads, see:
compliance Retention Policies Teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md
description: "Learn about retention policies that apply to Microsoft Teams."
# Learn about retention for Microsoft Teams - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!NOTE] > If you are seeing a message in Teams that your chats or messages have been deleted by a retention policy, see [Teams messages about retention policies](https://support.microsoft.com/office/teams-messages-about-retention-policies-c151fa2f-1558-4cf9-8e51-854e925b483b). >
compliance Retention Policies Yammer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-yammer.md
description: "Learn about retention policies that apply to Yammer."
# Learn about retention for Yammer - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + The information in this article supplements [Learn about retention](retention.md) because it has information that's specific to Yammer. For other workloads, see:
compliance Retention Preservation Lock https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-preservation-lock.md
description: "Use Preservation Lock with retention policies and retention label
# Use Preservation Lock to restrict changes to retention policies and retention label policies - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!IMPORTANT] > Currently, [adaptive policy scopes](retention.md#adaptive-or-static-policy-scopes-for-retention) don't support Preservation Lock.
compliance Retention Regulatory Requirements https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-regulatory-requirements.md
description: "Resources to help you meet regulatory requirements for data lifecy
# Regulatory requirements for data lifecycle management and records management - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Use the resources on this page to help you meet specific regulatory requirements for data lifecycle management and records management in Microsoft 365. Each section of this document focuses on one or more related regulations and includes any existing guidance or third-party assessment of how to configure Microsoft 365 to help with the requirements outlined. These resources are available to download from the [Data Protection Resources, FAQ, and White Papers](https://servicetrust.microsoft.com/ViewPage/TrustDocuments) page of the Service Trust Portal.
compliance Retention Settings https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-settings.md
description: "Understand the settings you can configure in a retention policy or
# Common settings for retention policies and retention label policies - >*[Microsoft 365 licensing guidance for security & compliance](https://aka.ms/ComplianceSD).* + Many settings for retention are common to both retention policies and retention label policies. Use the following information to help you configure these settings to proactively retain content, delete content, or bothΓÇöretain and then delete the content. For the scenarios that support these policies for retention, see:
compliance Retention https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention.md
description: Learn about retention policies and retention labels that help you t
# Learn about retention policies and retention labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* ++ > [!NOTE] > If you're seeing messages about retention policies in Teams or have questions about retention labels in your apps, contact your IT department for information about how they have been configured for you. In the meantime, you might find the following articles helpful: >
compliance Search And Delete Teams Chat Messages https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/search-and-delete-Teams-chat-messages.md
ms.assetid: 3526fd06-b45f-445b-aed4-5ebd37b3762a
description: "Use eDiscovery (Premium) and the Microsoft Graph Explorer to search for and purge chat messages in Microsoft Teams, and respond to data spillage incidents in Teams."
-# Search and purge chat messages in Teams
+# Search and purge chat messages in Teams (preview)
[!include[Purview banner](../includes/purview-rebrand-banner.md)]
For information about using Graph Explorer, see [Use Graph Explorer to try Micro
![Response for the purge request.](..\media\GraphResponseForPurge.png)
+ For more information on purgeData, see [sourceCollection: purgeData](/graph/api/ediscovery-sourcecollection-purgedata).
+ ## Step 6: Verify chat messages are purged After you run the POST request to purge chat messages, these messages are removed from the Teams client and replaced with an automatically generated stating that an admin has removed the message. For an example of this message, see the [End-user experience](#end-user-experience) section in this article.
compliance Sensitivity Labels Aip https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-aip.md
description: When you use the Azure Information Protection (AIP) unified labelin
# Why choose built-in labeling over the AIP add-in for Office apps - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + When you use [sensitivity labels](sensitivity-labels.md) in Microsoft 365 Apps on Windows computers, you have a choice of using labeling that's built into Office apps, or an add-in from the [Azure Information Protection (AIP) unified labeling client](/azure/information-protection/rms-client/aip-clientv2). Built-in labeling forms the cornerstone of a [Microsoft Purview information protection deployment](information-protection-solution.md) because this labeling technology extends across platforms (Windows, macOS, iOS, Android, and web), as well as across Microsoft apps and services, and beyond. Built-in labeling is also designed to work with other Microsoft Purview capabilities, such as data classification and Microsoft Purview data loss prevention (DLP).
compliance Sensitivity Labels Coauthoring https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-coauthoring.md
description: "Turn on a setting that enables co-authoring and AutoSave in deskto
# Enable co-authoring for files encrypted with sensitivity labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Enable the setting to support [co-authoring](https://support.office.com/article/ee1509b4-1f6e-401e-b04a-782d26f564a4) for Office desktop apps so that when documents are labeled and encrypted by [sensitivity labels](sensitivity-labels.md), multiple users can edit these documents at the same time. Without this setting enabled for your tenant, users must check out an encrypted document stored in SharePoint or OneDrive when they use Office desktop apps. As a result, they can't collaborate in real time. Or, they must use Office on the web when [sensitivity labels are enabled for Office files in SharePoint and OneDrive](sensitivity-labels-sharepoint-onedrive-files.md).
compliance Sensitivity Labels Default Sharing Link https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-default-sharing-link.md
description: "Use sensitivity labels to configure the default sharing link type
# Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + As an additional configuration to the settings you see in the Microsoft Purview compliance portal for [sensitivity labels](sensitivity-labels.md), you can use these labels to configure settings for the default sharing link type for a SharePoint site or OneDrive account, and for individual documents. These settings are automatically selected, but not highly visible to users when they select the **Share** button in their Office apps. As an example: ![Example default sharing link dialog box.](../media/default-sharing-link-example.png)
compliance Sensitivity Labels Office Apps https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md
# Manage sensitivity labels in Office apps - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + When you have [published](create-sensitivity-labels.md#publish-sensitivity-labels-by-creating-a-label-policy) sensitivity labels from the Microsoft Purview compliance portal, they start to appear in Office apps for users to classify and protect data as it's created or edited. Use the information in this article to help you successfully manage sensitivity labels in Office apps. For example, identify the minimum versions of apps you need to support features that are specific to built-in labeling, any additional configuration information for these features, and understand interactions with the Azure Information Protection unified labeling client and other apps and services.
compliance Sensitivity Labels Sharepoint Onedrive Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files.md
description: "Administrators can enable sensitivity label support for Word, Exce
# Enable sensitivity labels for Office files in SharePoint and OneDrive - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + Enable built-in labeling for [supported Office files](sensitivity-labels-office-apps.md#office-file-types-supported) in SharePoint and OneDrive so that users can apply your [sensitivity labels](sensitivity-labels.md) in Office for the web. When this feature is enabled, users will see the **Sensitivity** button on the ribbon so they can apply labels, and see any applied label name on the status bar. Enabling this feature also results in SharePoint and OneDrive being able to process the contents of Office files that have been encrypted by using a sensitivity label. The label can be applied in Office for the web, or in Office desktop apps and uploaded or saved in SharePoint and OneDrive. Until you enable this feature, these services can't process encrypted files, which means that coauthoring, eDiscovery, Microsoft Purview data loss prevention, search, and other collaborative features won't work for these files.
compliance Sensitivity Labels Teams Groups Sites https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-teams-groups-sites.md
description: "Use sensitivity labels to protect content in SharePoint and Micros
# Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + In addition to using [sensitivity labels](sensitivity-labels.md) to classify and protect documents and emails, you can also use sensitivity labels to protect content in the following containers: Microsoft Teams sites, Microsoft 365 groups ([formerly Office 365 groups](https://techcommunity.microsoft.com/t5/microsoft-365-blog/office-365-groups-will-become-microsoft-365-groups/ba-p/1303601)), and SharePoint sites. For this container-level classification and protection, use the following label settings: - Privacy (public or private) of teams sites and Microsoft 365 groups
compliance Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels.md
# Learn about sensitivity labels - >*[Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance).* + > [!NOTE] > If you're looking for information about sensitivity labels that you see in your Office apps, see [Apply sensitivity labels to your files and email in Office](https://support.microsoft.com/topic/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9). >
compliance Sit Get Started Exact Data Match Based Sits Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-get-started-exact-data-match-based-sits-overview.md
Familiarize yourself with the concepts and terminology in these articles:
- [Learn about sensitive information types](sensitive-information-type-learn-about.md#learn-about-sensitive-information-types) - [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md#learn-about-exact-data-match-based-sensitive-information-types)
+## Supported regions
+
+Exact data match is available in these regions:
+
+- Asia Pacific
+- Australia
+- Brazil
+- Canada
+- Europe
+- France
+- Germany
+- India
+- Japan
+- Korea
+- Norway
+- South Africa
+- Switzerland
+- United Arab Emirates
+- United Kingdom
+- United States
+- US DoD
+- US GCC
+- US GCCH
+
+You can find out what region your tenant is hosting data-at-rest in by following the procedures in [Where your Microsoft 365 customer data is stored](../enterprise/o365-data-locations.md) and referring to the data center city locations in the same article.
+ ## Required licenses and permissions You must be a global admin, compliance administrator, or Exchange Online administrator to perform the tasks described in this article. To learn more about DLP permissions, see [Permissions](data-loss-prevention-policies.md#permissions).
compliance Whats New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md
Whether it be adding new solutions to the [Microsoft Purview compliance portal](
## April 2022
+### Communication compliance
+
+- [Create and manage communication compliance policies](communication-compliance-policies.md) - updated with guidance added for new user-reported message policy feature for Microsoft Teams integration.
+- [Get started with communication compliance](communication-compliance-configure.md) - updated to add clarification for F5 subscription and licensing.
+
+### Compliance Manager
+
+- [Compliance Manager templates list](compliance-manager-templates-list.md) - added 6 new templates and navigation links on the page to more easily jump to template categories.
+- [Compliance Manager overview](compliance-manager.md) - updated product overview video.
+
+### Compliance offerings & service assurance
+
+- [Compliance offerings](/compliance/regulatory/offering-home) - updates for service coverage and audit reporting for VPATS, SOC, ISO, and FedRAMP offerings.
+
+### Data lifecycle management and records management
+
+- [Govern your data with Microsoft Purview](manage-data-governance.md) - data connectors are removed from this page and the records management solution is presented as a peer product.
+- [Common settings for retention policies and retention labels](retention-settings.md) - reflects new navigational and UI references for the newly designed retention label wizard.
+- [Declare records by using retention labels](declare-records.md) and [Use record versioning to update records stored in SharePoint or OneDrive](record-versioning.md) - new information about the new "Unlock this record by default" label setting that's currently rolling out in preview.
+- [Use file plan to create and manage retention labels](file-plan-manager.md#information-about-the-label-properties-for-import) - the import section now discloses the label settings that aren't currently supported for import (multi-stage disposition review and unlock this record by default).
+
+### Data Loss Prevention
+
+- Articles updated for macOS device onboarding GA:
+ - [Learn about endpoint DLP](endpoint-dlp-learn-about.md)
+ - [Configure endpoint data loss prevention settings](dlp-configure-endpoint-settings.md)
+ - [Plan for data loss prevention (DLP)](dlp-overview-plan-for-dlp.md)
+ - [Data Loss Prevention policy reference](dlp-policy-reference.md)
+ - [Get started with Endpoint data loss prevention](endpoint-dlp-getting-started.md)
+- [DLP policy conditions, exceptions, and actions](dlp-conditions-and-exceptions.md) - added guidance for Modify Subject action.
+- [Data Loss Prevention policy reference](dlp-policy-reference.md) - GA SPO/ODB predicates; updated with new guidance on rule processing on endpoints.
+
+### Device Onboarding
+
+- Articles updated for macOS device onboarding GA:
+ - [Onboard macOS devices in to Microsoft 365 overview](device-onboarding-macos-overview.md)
+ - [Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers](device-onboarding-offboarding-macos-intune-mde.md)
+ - [Onboard and offboard macOS devices into Microsoft Purview solutions using Intune](device-onboarding-offboarding-macos-intune.md)
+ - [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers](device-onboarding-offboarding-macos-jamfpro-mde.md)
+ - [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro](device-onboarding-offboarding-macos-jamfpro.md)
+
+### Information barriers
+
+- [Use information barriers with SharePoint](/sharepoint/information-barriers) - guidance added for new private channel support in SharePoint.
+- [Manage information barriers policies](information-barriers-edit-segments-policies.md) - guidance added for removing segments and policy/segments together.
+
+### Microsoft Priva
+
+- [Privacy Risk Management policies](/privacy/priva/risk-management) - new pages, significant updates, and restructuring of policies content; details below:
+ - [Privacy Risk Management policies](/privacy/priva/risk-management-policies) - added significant details about policy setup and management that apply to all policies; added links to new pages for each of the three policy types.
+ - [Data overexposure policies](/privacy/priva/risk-management-policy-data-overexposure) - articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
+ - [Data transfer policies](/privacy/priva/risk-management-policy-data-transfer) - highlights new condition for the policy to detect transfers outside of the org; articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
+ - [Data minimization policies](/privacy/priva/risk-management-policy-data-minimization) - articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
+ - [Investigate and remediate alerts](/privacy/priva/risk-management-alerts) - added clarifying details and formatting changes to improve readability.
+ - [User notifications](/privacy/priva/risk-management-notifications) - added info on the functionality for previewing and customizing email notification content.
+- [Create a subject rights request](/privacy/priva/subject-rights-requests-create) - added section on getting started with your first request with default settings to explore functionality.
+- [Review data for a subject rights request](/privacy/priva/subject-rights-requests-data-review) - added details explaining priority items to review and how to find them, and the need to set up data matching in order to get this insight.
+- [Find and visualize personal data](/privacy/priva/priva-data-profile) - clarified that users need to set up data matching in order to receive insights for "Items with the most data subject content" under "Key insights".
+- [Data matching for subject rights requests](/privacy/priva/subject-rights-requests-data-match) - clarified the step progression in this process and added the second step of creating sensitive info types.
+
+### Sensitive Information Types
+
+- [Use named entities in DLP policies](named-entities-use.md) - named entities GA.
+- [Learn about named entities](named-entities-learn.md) - named entities GA.
+- [Sensitive information types entity definitions](sensitive-information-type-entity-definitions.md) - named entities GA, and pattern updates.
+- [Learn about sensitive information types](sensitive-information-type-learn-about.md) - named entities GA.
+
+### Sensitivity labels
+
+- [Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites](sensitivity-labels-teams-groups-sites.md#configure-site-sharing-permissions-by-using-powershell-advanced-settings) - new configuration now in preview for site sharing permissions by using PowerShell advanced settings.
+- [Restrict access to content by using sensitivity labels to apply encryption](encryption-sensitivity-labels.md) - added the known issue for specifying a group that contains mail contacts, with a link to the published KB for details and workarounds.
+- [Apply a sensitivity label to content automatically](apply-sensitivity-label-automatically.md) - removed the known issue with deleted OneDrive sites incorrectly displayed in the simulation results for auto-labeling policies)
+- [Enable co-authoring for files encrypted with sensitivity labels](sensitivity-labels-coauthoring.md) - as a result of customer feedback, removed the callout in the Prerequisites section that this feature isn't yet supported by the Semi-Annual Enterprise Channel, and instead added Semi-Annual Enterprise Channel (Preview) with the minimum version 2202.
+- [Manage sensitivity labels in Office apps](sensitivity-labels-office-apps.md) - support details for applying a default label to existing documents are updated to correct that on Windows, this release is still rolling out in the Beta channel, and is now fully rolled out for the web.
+ ### Changes to product names To meet the challenges of today's decentralized, data-rich workplace, we're introducing [Microsoft Purview](https://aka.ms/microsoftpurview), a comprehensive set of solutions which helps you understand, govern, and protect your entire data estate. This new brand family combines the capabilities of the former Microsoft Purview Data Map and the Microsoft 365 compliance portfolio that customers already rely on, providing unified data governance and risk management for your organization.
Added the following new articles:
### Sensitivity labels - The scope name for [Microsoft Purview Data Map labels](/azure/purview/create-sensitivity-label) is now "Schematized data assets".-
-## October 2021
-
-### App governance
--- [App governance add-on for Defender for Cloud Apps has released to general availability](/cloud-app-security/app-governance-manage-app-governance). App governance documentation has moved to join the Defender for Cloud Apps documentation.-
-### Compliance & service assurance
--- [Service assurance](/compliance) - quarterly review content updates for certifications and statements of applicability)
-Datacenter asset management
- - Datacenter architecture and infrastructure
- - Datacenter business continuity and disaster recovery
- - Datacenter environmental safeguards
- - Datacenter physical access security
- - Microsoft 365 SDL compliance program
- - Microsoft 365 service engineer access control
- - Risk assessment guide for MS Cloud
-
-### Data Loss Prevention
--- [Learn about Microsoft Purview Data Loss Prevention](endpoint-dlp-learn-about.md) was updated for macOS support and advanced classification; updated for creating a custom DLP policy to audit activity for all supported file types.-- [Get started with Microsoft 365 Endpoint data loss prevention](endpoint-dlp-getting-started.md) was updated for macOS support and advanced classification.-- [Using Endpoint data loss prevention](endpoint-dlp-using.md) was updated for macOS support and advanced classification.-- [Data Loss Prevention policy tips reference](dlp-policy-tips-reference.md) was updated for macOS support and advanced classification.-- [Onboard macOS devices into Microsoft 365 (preview)](device-onboarding-macos-overview.md) was updated for macOS support and advanced classification.-- Added the following new pages for onboarding devices:
- - [Onboard and offboard macOS devices into Microsoft Purview solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md)
- - [Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md)
- - [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md)
- - [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md)
-
-### eDiscovery
--- [Collect cloud attachments in eDiscovery (Premium)](advanced-ediscovery-cloud-attachments.md) in addition to collecting the latest version of a cloud attachment, you can collect the version that was shared in an email message or Teams chat conversation; collecting the shared version is made possible by the new capability of automatically applying a retention label to cloud attachments.-- [Set up historical versions in eDiscovery (Premium)](advanced-ediscovery-historical-versions.md) new functionality that indexes all versions of documents stored on a SharePoint site for search; this means that document versions that contain content that match a collection query are returned in the search results.-
-### Encryption
--- [Use end-to-end encryption for one-to-one Microsoft Teams calls (Public preview)](/microsoftteams/teams-end-to-end-encryption) New content for the public preview.-
-### Data lifecycle management
--- [Set up a connector to import Epic EHR audit data](import-epic-data.md) new connector lets you import data from Epic electronic healthcare records system to support new general patient data misuse scenario for insider risk management.-- [Set up a connector to import healthcare EHR audit data](import-healthcare-data.md) new connector lets you import data from an electronic healthcare records system to support new general patient data misuse scenario for insider risk management.-
-### Retention and records management
-- [Adaptive policy scopes](retention.md#adaptive-or-static-policy-scopes-for-retention) are released in preview for retention policies and retention label policies.-- You can now [automatically apply a retention label based on a sensitivity label](apply-retention-labels-automatically.md#identify-files-and-emails-that-have-a-sensitivity-label).-- File Plan has a new [import process](file-plan-manager.md#import-retention-labels-into-your-file-plan).-- [Common settings for retention policies and retention label policies](retention-settings.md): New article for detailed information about configuring adaptive scopes and other settings in both retention policies and retention label policies.-
-### Sensitive Information Types
--- [Learn about named entities (preview)](named-entities-learn.md) new content for named entities.-- [Use named entities in your data loss prevention policies (preview)](named-entities-use.md) new content on using named entities.-
-### Sensitivity labels
--- [Default labels and default policies](mip-easy-trials.md) are rolling out to eligible customers.-
-## September 2021
-
-### App governance
--- [Streamlined app governance get started information](app-governance-get-started.md) has a changed workflow and added new links to public preview signup-- [New detection alerts definition](app-governance-anomaly-detection-alerts.md#app-made-high-volume-of-importance-mail-read-and-created-inbox-rule) added (updated; added new definition for collection alerts)-
-### Auditing
--- [Turn auditing on or off](turn-audit-log-search-on-or-off.md) added new section about how changes to the auditing status in an organization are themselves audited; this means that audit records are logged when auditing is turned on or turned off; you can search the Exchange admin audit log for these audit records-
-### Communication compliance
--- [Communication compliance with SIEM solutions](communication-compliance-siem.md) guidance for communication compliance integration with SIEM solutions)-
-### Compliance offerings
--- [Multi-Tier Cloud Security (MTCS)](/compliance/regulatory/offering-mtcs-singapore) Standard for Singapore updates for Dynamics 365 coverage-- [Payment Card Industry (PCI)](/compliance/regulatory/offering-pci-dss) Data Security Standard (DSS) updates for SharePoint Online coverage-- [U.S. Section 508](/compliance/regulatory/offering-section-508-vpats) new client software guidance-- [Web Content Accessibility Guidelines](/compliance/regulatory/offering-wcag-2-1) new client software guidance-
-### Compliance & service assurance
--- [Service assurance](/compliance/) quarterly review content updates for certifications and statements of applicability
- - Data-bearing device destruction
- - DDOS attacks
-
-### Data connectors
--- [Archiving third-party data in Microsoft 365](archiving-third-party-data.md#data-connectors-in-the-us-government-cloud) data connectors from CellTrust and 17a-4 LLC now available in GCC organizations in the US Government cloud-- [Set up a connector to archive YouTube data](archive-youtube-data.md) provides new guidance for this feature in public preview.-
-### eDiscovery
--- [Use the KQL editor to build search queries](ediscovery-kql-editor.md) public preview of a new way to create search queries in Content search, eDiscovery (Standard), and eDiscovery (Premium); the KQL editor provides autocompletion for supported searchable properties and conditions and displays lists of supported values for standard properties and conditions; the KQL editor also provides error detection and suggestions for fixes of potential errors in search queries-
-### Information barriers
--- [Get started with information barriers](information-barriers-policies.md#step-6-information-barriers-modes) new preview feature for information barriers modes-- [Information barriers with Microsoft Teams](/microsoftteams/information-barriers-in-teams) new preview feature for information barriers modes-- [Information barriers with OneDrive](/onedrive/information-barriers) new preview feature for information barriers modes-- [Information barriers with SharePoint Online](/sharepoint/information-barriers) new preview feature for information barriers modes-
-### Insider risk management
--- [Get started with insider risk management](insider-risk-management-configure.md#recommended-actions-preview) new preview feature for getting started recommended actions-- [Investigate insider risk activities](insider-risk-management-activities.md#get-help-managing-your-insider-risk-alert-queue) new 'Get help managing your insider risk alert queue' guidance section-- [Get started with insider risk management settings](insider-risk-management-settings.md#admin-notifications) new Admin notifications settings preview feature-
-### Retention and records management
-- [Multi-staged disposition review](disposition.md) is now generally available (GA), with new [auditing events](search-the-audit-log-in-security-and-compliance.md#disposition-review-activities). Multi-staged disposition review lets you specify up to five consecutive stages of disposition review for a retention label, and reviewers can add others users to their disposition review stage. You can also customize the email notifications and reminders.-- Private channels for [Teams retention policies](create-retention-policies.md#retention-policy-for-teams-locations) is now generally available (GA).-
-### Sensitivity labels
-- [Co-authoring and AutoSave](sensitivity-labels-coauthoring.md) is now generally available (GA) for Windows (minimum version of 2107 from Current Channel or Monthly Enterprise Channel) and macOS (minimum version of 16.51).-- Rolling out for Office apps that use built-in labels: The default label setting now supports existing documents as well as new documents. This change in behavior provides parity with the Azure Information Protection unified labeling client. For more information about the rollout per app and minimum versions, see the [capabilities table](sensitivity-labels-office-apps.md#sensitivity-label-capabilities-in-word-excel-and-powerpoint) for Word, Excel, and PowerPoint.-- Container labels now support [default sharing link settings by using PowerShell advanced settings](sensitivity-labels-teams-groups-sites.md#configure-settings-for-the-default-sharing-link-type-for-a-site-by-using-powershell-advanced-settings).-- The [capabilities tables](sensitivity-labels-office-apps.md#support-for-sensitivity-label-capabilities-in-apps) that list the minimum supported versions for built-in labeling now have versions for Current Channel, the Monthly Enterprise Channel, and the Semi-Annual Enterprise Channel.
includes Microsoft 365 Content Updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md
+## Week of May 02, 2022
++
+| Published On |Topic title | Change |
+|||--|
+| 5/2/2022 | [Microsoft Defender for Business trial playbook](/microsoft-365/security/defender-business/trial-playbook-defender-business?view=o365-21vianet) | added |
+| 5/2/2022 | [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) | modified |
+| 5/2/2022 | [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) | modified |
+| 5/2/2022 | [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-21vianet) | modified |
+| 5/2/2022 | [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) | modified |
+| 5/2/2022 | [Device groups in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-create-edit-device-groups?view=o365-21vianet) | modified |
+| 5/2/2022 | [Set up email notifications for your security team](/microsoft-365/security/defender-business/mdb-email-notifications?view=o365-21vianet) | modified |
+| 5/2/2022 | [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) | modified |
+| 5/2/2022 | [Get help and support for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-get-help?view=o365-21vianet) | modified |
+| 5/2/2022 | [Microsoft 365 Lighthouse and Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-lighthouse-integration?view=o365-21vianet) | modified |
+| 5/2/2022 | [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) | modified |
+| 5/2/2022 | [Offboard a device from Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-offboard-devices?view=o365-21vianet) | modified |
+| 5/2/2022 | [Onboard devices to Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-onboard-devices?view=o365-21vianet) | modified |
+| 5/2/2022 | [What is Microsoft Defender for Business?](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) | modified |
+| 5/2/2022 | [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) | modified |
+| 5/2/2022 | [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) | modified |
+| 5/2/2022 | [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) | modified |
+| 5/2/2022 | [Microsoft Defender for Business troubleshooting](/microsoft-365/security/defender-business/mdb-troubleshooting?view=o365-21vianet) | modified |
+| 5/2/2022 | [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) | modified |
+| 5/2/2022 | [Use setup wizard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) | modified |
+| 5/2/2022 | [Use network protection to help prevent connections to bad sites](/microsoft-365/security/defender-endpoint/network-protection?view=o365-21vianet) | modified |
+| 5/2/2022 | [SeenBy() function in advanced hunting for Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-seenby-function?view=o365-21vianet) | added |
+| 5/2/2022 | [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) | modified |
+| 5/2/2022 | [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) | modified |
+| 5/2/2022 | Microsoft Managed Desktop and ITIL | removed |
+| 5/2/2022 | Change history for Microsoft Managed Desktop documentation | removed |
+| 5/2/2022 | Address device name dependency | removed |
+| 5/2/2022 | Working with Microsoft Consulting Services | removed |
+| 5/2/2022 | Apps in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prepare on-premises resources access for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prepare certificates and network profiles for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prerequisites for guest accounts | removed |
+| 5/2/2022 | Get ready for enrollment in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prepare mapped drives for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Network configuration for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prerequisites for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Prepare printing resources for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Downloadable readiness assessment checker | removed |
+| 5/2/2022 | Fix issues found by the readiness assessment tool | removed |
+| 5/2/2022 | Readiness assessment tools | removed |
+| 5/2/2022 | Access the Admin portal | removed |
+| 5/2/2022 | Add and verify admin contacts in the Admin portal | removed |
+| 5/2/2022 | Assign licenses | removed |
+| 5/2/2022 | Install Intune Company Portal on devices | removed |
+| 5/2/2022 | Adjust settings after enrollment | removed |
+| 5/2/2022 | Deploy apps to devices | removed |
+| 5/2/2022 | Windows 10 location service | removed |
+| 5/2/2022 | Device registration methods in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Order devices in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Microsoft Edge | removed |
+| 5/2/2022 | Enable user support features | removed |
+| 5/2/2022 | Enable Enterprise State Roaming | removed |
+| 5/2/2022 | First-run experience with Autopilot and the Enrollment Status Page | removed |
+| 5/2/2022 | Get started with app control | removed |
+| 5/2/2022 | Get your users ready to use devices | removed |
+| 5/2/2022 | Get started with Microsoft Managed Desktop | removed |
+| 5/2/2022 | Localize the user experience | removed |
+| 5/2/2022 | Microsoft 365 Apps for enterprise | removed |
+| 5/2/2022 | Manual registration for existing devices | removed |
+| 5/2/2022 | Manual registration | removed |
+| 5/2/2022 | Microsoft OneDrive | removed |
+| 5/2/2022 | Partner registration | removed |
+| 5/2/2022 | Prepare devices for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Install Microsoft Project or Microsoft Visio on Microsoft Managed Desktop devices | removed |
+| 5/2/2022 | Microsoft Teams | removed |
+| 5/2/2022 | Validate new devices | removed |
+| 5/2/2022 | Microsoft Managed Desktop documentation # < 60 chars | removed |
+| 5/2/2022 | Compliance | removed |
+| 5/2/2022 | What is Microsoft Managed Desktop? | removed |
+| 5/2/2022 | Microsoft Managed Desktop roles and responsibilities | removed |
+| 5/2/2022 | Microsoft Managed Desktop technologies | removed |
+| 5/2/2022 | Microsoft Managed Desktop and Windows 11 | removed |
+| 5/2/2022 | App control | removed |
+| 5/2/2022 | Exceptions to the service plan | removed |
+| 5/2/2022 | Device deployment groups | removed |
+| 5/2/2022 | Device images | removed |
+| 5/2/2022 | Device names | removed |
+| 5/2/2022 | Device configuration | removed |
+| 5/2/2022 | Device requirements | removed |
+| 5/2/2022 | Microsoft Managed Desktop device services | removed |
+| 5/2/2022 | Diagnostic logs | removed |
+| 5/2/2022 | Microsoft Managed Desktop service description | removed |
+| 5/2/2022 | App requirements | removed |
+| 5/2/2022 | Microsoft Managed Desktop operations and monitoring | removed |
+| 5/2/2022 | Privacy and personal data | removed |
+| 5/2/2022 | Understand device profiles | removed |
+| 5/2/2022 | Supported regions | removed |
+| 5/2/2022 | Security operations in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Security technologies in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Service changes and communication | removed |
+| 5/2/2022 | Shared devices | removed |
+| 5/2/2022 | Admin support | removed |
+| 5/2/2022 | How updates are handled in Microsoft Managed Desktop | removed |
+| 5/2/2022 | User support | removed |
+| 5/2/2022 | Admin support for Microsoft Managed Desktop | removed |
+| 5/2/2022 | App usage report | removed |
+| 5/2/2022 | Assign devices to a deployment group | removed |
+| 5/2/2022 | Reassign device profiles | removed |
+| 5/2/2022 | Deploy configurable settings in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Configurable settings for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Configurable settings reference for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Device inventory report | removed |
+| 5/2/2022 | Device status report | removed |
+| 5/2/2022 | Get user support for Microsoft Managed Desktop | removed |
+| 5/2/2022 | Working with Microsoft Managed Desktop | removed |
+| 5/2/2022 | Manage apps in Microsoft Managed Desktop | removed |
+| 5/2/2022 | Remove devices | removed |
+| 5/2/2022 | Work with reports | removed |
+| 5/2/2022 | Windows security updates report | removed |
+| 5/2/2022 | Service metrics report | removed |
+| 5/2/2022 | Preview and test Windows 11 with Microsoft Managed Desktop | removed |
+| 5/2/2022 | Work with app control | removed |
+| 5/2/2022 | [Host firewall reporting in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-21vianet) | modified |
+| 5/3/2022 | [Manage group attendees in Bookings](/microsoft-365/bookings/manage-attendees-bookings?view=o365-21vianet) | added |
+| 5/3/2022 | [Manage your blocks in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/manage-tenant-blocks?view=o365-21vianet) | modified |
+| 5/3/2022 | [Manage your allows and blocks in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list?view=o365-21vianet) | modified |
+| 5/3/2022 | [View your Azure Active Directory roles in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-view-your-roles?view=o365-21vianet) | added |
+| 5/3/2022 | Microsoft Purview trial terms and conditions | removed |
+| 5/3/2022 | [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) | modified |
+| 5/3/2022 | [What's new in Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/ios-whatsnew?view=o365-21vianet) | modified |
+| 5/3/2022 | [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-21vianet) | modified |
+| 5/4/2022 | [Insider risk management policies](/microsoft-365/compliance/insider-risk-management-policies?view=o365-21vianet) | modified |
+| 5/4/2022 | [Insider risk management settings](/microsoft-365/compliance/insider-risk-management-settings?view=o365-21vianet) | modified |
+| 5/4/2022 | [Office 365 US Government DOD endpoints](/microsoft-365/enterprise/microsoft-365-u-s-government-dod-endpoints?view=o365-21vianet) | modified |
+| 5/4/2022 | [Office 365 U.S. Government GCC High endpoints](/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints?view=o365-21vianet) | modified |
+| 5/4/2022 | [Bookings in Outlook](/microsoft-365/bookings/bookings-in-outlook?view=o365-21vianet) | added |
+| 5/4/2022 | [Onboard non-persistent virtual desktop infrastructure (VDI) devices](/microsoft-365/security/defender-endpoint/configure-endpoints-vdi?view=o365-21vianet) | modified |
+| 5/4/2022 | [Security Operations Guide for Defender for Office 365](/microsoft-365/security/office-365-security/mdo-sec-ops-guide?view=o365-21vianet) | modified |
+| 5/5/2022 | [Microsoft Purview Compliance Manager alerts and alert policies](/microsoft-365/compliance/compliance-manager-alert-policies?view=o365-21vianet) | modified |
+| 5/5/2022 | [Configure retention settings to automatically retain or delete content](/microsoft-365/compliance/retention-settings?view=o365-21vianet) | modified |
+| 5/5/2022 | [Search the audit log in the Microsoft Purview compliance portal](/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-21vianet) | modified |
+| 5/5/2022 | [Overview](/microsoft-365/test-base/overview?view=o365-21vianet) | modified |
+| 5/5/2022 | [Redirection of users from the Office 365 Security and Compliance Center to the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-redirection?view=o365-21vianet) | modified |
+| 5/5/2022 | [Microsoft Purview compliance documentation # < 60 chars](/microsoft-365/compliance/index?view=o365-21vianet) | modified |
+| 5/6/2022 | [Microsoft Purview compliance documentation # < 60 chars](/microsoft-365/compliance/index?view=o365-21vianet) | modified |
++ ## Week of April 25, 2022
| 4/22/2022 | [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-21vianet) | modified | | 4/22/2022 | [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training?view=o365-21vianet) | modified | | 4/22/2022 | [Upload your package](/microsoft-365/test-base/uploadapplication?view=o365-21vianet) | modified |--
-## Week of April 04, 2022
--
-| Published On |Topic title | Change |
-|||--|
-| 4/4/2022 | [Manage guest access in Microsoft 365 groups](/microsoft-365/admin/create-groups/manage-guest-access-in-groups?view=o365-21vianet) | modified |
-| 4/4/2022 | [Set up Microsoft 365 Business Standard with a new or existing domain](/microsoft-365/admin/setup/setup-business-standard?view=o365-21vianet) | modified |
-| 4/4/2022 | [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) | modified |
-| 4/4/2022 | [Create and edit AutoPilot profiles](/microsoft-365/business-premium/create-and-edit-autopilot-profiles?view=o365-21vianet) | renamed |
-| 4/4/2022 | [Publish retention labels and apply them in apps to retain or delete content](/microsoft-365/compliance/create-apply-retention-labels?view=o365-21vianet) | modified |
-| 4/4/2022 | [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-21vianet) | modified |
-| 4/4/2022 | [Insider risk solutions](/microsoft-365/compliance/insider-risk-solution-overview?view=o365-21vianet) | modified |
-| 4/4/2022 | [Manage sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-21vianet) | modified |
-| 4/4/2022 | [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) | modified |
-| 4/4/2022 | [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-21vianet) | modified |
-| 4/4/2022 | [Application Guard for Office for admins](/microsoft-365/security/office-365-security/install-app-guard?view=o365-21vianet) | modified |
-| 4/4/2022 | [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) | modified |
-| 4/4/2022 | [Overview of Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-overview?view=o365-21vianet) | modified |
-| 4/4/2022 | [Sign up for Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-sign-up?view=o365-21vianet) | modified |
-| 4/4/2022 | [Troubleshoot and resolve problems and error messages in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-troubleshoot?view=o365-21vianet) | modified |
-| 4/4/2022 | [Microsoft Defender Antivirus compatibility with other security products](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-21vianet) | modified |
-| 4/5/2022 | [Sign up for a Microsoft 365 Business Standard](/microsoft-365/admin/simplified-signup/signup-business-standard?view=o365-21vianet) | modified |
-| 4/5/2022 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-21vianet) | modified |
-| 4/5/2022 | [External Domain Name System records for Office 365](/microsoft-365/enterprise/external-domain-name-system-records?view=o365-21vianet) | modified |
-| 4/5/2022 | [Onboard devices and configure Microsoft Defender for Endpoint capabilities](/microsoft-365/security/defender-endpoint/onboard-configure?view=o365-21vianet) | modified |
-| 4/5/2022 | [Try Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 1. Implement App Protection Policies](/microsoft-365/solutions/manage-devices-with-intune-app-protection?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 3. Set up compliance policies for devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-compliance-policies?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) | modified |
-| 4/5/2022 | [Manage devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [Service encryption with Customer Key](/microsoft-365/compliance/customer-key-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [Set up Customer Key](/microsoft-365/compliance/customer-key-set-up?view=o365-21vianet) | modified |
-| 4/5/2022 | [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) | modified |
-| 4/5/2022 | [Microsoft 365 Zero Trust deployment plan](/microsoft-365/security/microsoft-365-zero-trust?view=o365-21vianet) | modified |
-| 4/5/2022 | [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) | modified |
-| 4/5/2022 | [Firewall in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-firewall?view=o365-21vianet) | modified |
-| 4/5/2022 | [Get started using the Microsoft 365 Defender portal](/microsoft-365/security/defender-business/mdb-get-started?view=o365-21vianet) | modified |
-| 4/5/2022 | [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) | modified |
-| 4/5/2022 | [Overview of Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [Understand policy order in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-policy-order?view=o365-21vianet) | modified |
-| 4/5/2022 | [The simplified configuration process in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-simplified-configuration?view=o365-21vianet) | modified |
-| 4/5/2022 | [Tutorials and simulations in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-tutorials?view=o365-21vianet) | modified |
-| 4/5/2022 | [View or edit policies in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-view-edit-create-policies?view=o365-21vianet) | modified |
-| 4/5/2022 | [Configure Microsoft Defender for Endpoint on Android features](/microsoft-365/security/defender-endpoint/android-configure?view=o365-21vianet) | modified |
-| 4/5/2022 | [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-21vianet) | modified |
-| 4/5/2022 | [What's new in Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-whatsnew?view=o365-21vianet) | modified |
-| 4/5/2022 | [Implement attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) | modified |
-| 4/5/2022 | [Plan ASR rules attack surface reduction deployment rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) | modified |
-| 4/5/2022 | [ASR rules deployment prerequisites](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) | modified |
-| 4/5/2022 | [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-21vianet) | modified |
-| 4/5/2022 | [Integrate your SIEM tools with Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-siem?view=o365-21vianet) | modified |
-| 4/5/2022 | [Enable Corelight integration in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/corelight-integration?view=o365-21vianet) | modified |
-| 4/5/2022 | [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint Device Control Removable Storage Access Control, removable storage media](/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint Device Control Removable Storage Protection](/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection?view=o365-21vianet) | modified |
-| 4/5/2022 | [Device discovery frequently asked questions](/microsoft-365/security/defender-endpoint/device-discovery-faq?view=o365-21vianet) | modified |
-| 4/5/2022 | [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-21vianet) | modified |
-| 4/5/2022 | [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-21vianet) | modified |
-| 4/5/2022 | [Exclude devices in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/exclude-devices?view=o365-21vianet) | modified |
-| 4/5/2022 | [Investigate Microsoft Defender for Endpoint alerts](/microsoft-365/security/defender-endpoint/investigate-alerts?view=o365-21vianet) | modified |
-| 4/5/2022 | [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-21vianet) | modified |
-| 4/5/2022 | [Deploy Microsoft Defender for Endpoint on Linux with Puppet](/microsoft-365/security/defender-endpoint/linux-install-with-puppet?view=o365-21vianet) | modified |
-| 4/5/2022 | [Set preferences for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-preferences?view=o365-21vianet) | modified |
-| 4/5/2022 | [How to schedule scans with Microsoft Defender for Endpoint (Linux)](/microsoft-365/security/defender-endpoint/linux-schedule-scan-mde?view=o365-21vianet) | modified |
-| 4/5/2022 | [Troubleshoot performance issues for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-support-perf?view=o365-21vianet) | modified |
-| 4/5/2022 | [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-21vianet) | modified |
-| 4/5/2022 | [What's new in Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-21vianet) | modified |
-| 4/5/2022 | [Device inventory](/microsoft-365/security/defender-endpoint/machines-view-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint Device Control Device Installation](/microsoft-365/security/defender-endpoint/mde-device-control-device-installation?view=o365-21vianet) | modified |
-| 4/5/2022 | [Manage Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-maintenance-operations?view=o365-21vianet) | modified |
-| 4/5/2022 | [Set up and configure Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration?view=o365-21vianet) | modified |
-| 4/5/2022 | [Get started with Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/mde-plan1-getting-started?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender Antivirus on Windows Server](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-on-windows-server?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-android?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint on iOS](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-ios?view=o365-21vianet) | modified |
-| 4/5/2022 | [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) | modified |
-| 4/5/2022 | [Take response actions on a file in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-file-alerts?view=o365-21vianet) | modified |
-| 4/5/2022 | [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](/microsoft-365/security/defender-endpoint/security-config-management?view=o365-21vianet) | modified |
-| 4/5/2022 | [Troubleshoot Microsoft Defender for Endpoint service issues](/microsoft-365/security/defender-endpoint/troubleshoot-mdatp?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender Antivirus event IDs and error codes](/microsoft-365/security/defender-endpoint/troubleshoot-microsoft-defender-antivirus?view=o365-21vianet) | modified |
-| 4/5/2022 | [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-21vianet) | modified |
-| 4/5/2022 | [Web protection](/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [What's new in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint?view=o365-21vianet) | modified |
-| 4/5/2022 | [CloudAppEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-cloudappevents-table?view=o365-21vianet) | modified |
-| 4/5/2022 | [EmailAttachmentInfo table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailattachmentinfo-table?view=o365-21vianet) | modified |
-| 4/5/2022 | [EmailEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-emailevents-table?view=o365-21vianet) | modified |
-| 4/5/2022 | [Get expert training on advanced hunting](/microsoft-365/security/defender/advanced-hunting-expert-training?view=o365-21vianet) | modified |
-| 4/5/2022 | [Migrate advanced hunting queries from Microsoft Defender for Endpoint](/microsoft-365/security/defender/advanced-hunting-migrate-from-mde?view=o365-21vianet) | modified |
-| 4/5/2022 | [Work with advanced hunting query results in Microsoft 365 Defender](/microsoft-365/security/defender/advanced-hunting-query-results?view=o365-21vianet) | modified |
-| 4/5/2022 | [Alert grading for suspicious email forwarding activity](/microsoft-365/security/defender/alert-grading-playbook-email-forwarding?view=o365-21vianet) | modified |
-| 4/5/2022 | [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-21vianet) | modified |
-| 4/5/2022 | [Alert grading for suspicious inbox manipulation rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-manipulation-rules?view=o365-21vianet) | modified |
-| 4/5/2022 | [Partner access through Microsoft 365 Defender APIs](/microsoft-365/security/defender/api-partner-access?view=o365-21vianet) | modified |
-| 4/5/2022 | [Configure and manage Microsoft Threat Experts capabilities through Microsoft 365 Defender](/microsoft-365/security/defender/configure-microsoft-threat-experts?view=o365-21vianet) | modified |
-| 4/5/2022 | [Deploy services supported by Microsoft 365 Defender](/microsoft-365/security/defender/deploy-supported-services?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 1. Triage and analyze your first incident](/microsoft-365/security/defender/first-incident-analyze?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 3. Perform a post-incident review of your first incident](/microsoft-365/security/defender/first-incident-post?view=o365-21vianet) | modified |
-| 4/5/2022 | [Prepare your security posture for your first incident](/microsoft-365/security/defender/first-incident-prepare?view=o365-21vianet) | modified |
-| 4/5/2022 | [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 1. Plan for Microsoft 365 Defender operations readiness](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-plan?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 4. Define Microsoft 365 Defender roles, responsibilities, and oversight](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-roles?view=o365-21vianet) | modified |
-| 4/5/2022 | [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-21vianet) | modified |
-| 4/5/2022 | [Investigate alerts in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-alerts?view=o365-21vianet) | modified |
-| 4/5/2022 | [Investigate incidents in Microsoft 365 Defender](/microsoft-365/security/defender/investigate-incidents?view=o365-21vianet) | modified |
-| 4/5/2022 | [View and manage actions in the Action center](/microsoft-365/security/defender/m365d-autoir-actions?view=o365-21vianet) | modified |
-| 4/5/2022 | [Frequently asked questions when turning on Microsoft 365 Defender](/microsoft-365/security/defender/m365d-enable-faq?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Defender for Endpoint in Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-security-center-mde?view=o365-21vianet) | modified |
-| 4/5/2022 | [Track your Microsoft Secure Score history and meet goals](/microsoft-365/security/defender/microsoft-secure-score-history-metrics-trends?view=o365-21vianet) | modified |
-| 4/5/2022 | [Set up your Microsoft 365 Defender trial lab or pilot environment](/microsoft-365/security/defender/setup-m365deval?view=o365-21vianet) | modified |
-| 4/5/2022 | [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) | modified |
-| 4/5/2022 | [Coin miners](/microsoft-365/security/intelligence/coinminer-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [How Microsoft identifies malware and potentially unwanted applications](/microsoft-365/security/intelligence/criteria?view=o365-21vianet) | modified |
-| 4/5/2022 | [Fileless threats](/microsoft-365/security/intelligence/fileless-threats?view=o365-21vianet) | modified |
-| 4/5/2022 | [Macro malware](/microsoft-365/security/intelligence/macro-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [Phishing trends and techniques](/microsoft-365/security/intelligence/phishing-trends?view=o365-21vianet) | modified |
-| 4/5/2022 | [How to protect against phishing attacks](/microsoft-365/security/intelligence/phishing?view=o365-21vianet) | modified |
-| 4/5/2022 | [Troubleshoot MSI portal errors caused by admin block](/microsoft-365/security/intelligence/portal-submission-troubleshooting?view=o365-21vianet) | modified |
-| 4/5/2022 | [Prevent malware infection](/microsoft-365/security/intelligence/prevent-malware-infection?view=o365-21vianet) | modified |
-| 4/5/2022 | [Rootkits](/microsoft-365/security/intelligence/rootkits-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [Submit files for analysis by Microsoft](/microsoft-365/security/intelligence/submission-guide?view=o365-21vianet) | modified |
-| 4/5/2022 | [Supply chain attacks](/microsoft-365/security/intelligence/supply-chain-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [Tech Support Scams](/microsoft-365/security/intelligence/support-scams?view=o365-21vianet) | modified |
-| 4/5/2022 | [Trojan malware](/microsoft-365/security/intelligence/trojans-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [Unwanted software](/microsoft-365/security/intelligence/unwanted-software?view=o365-21vianet) | modified |
-| 4/5/2022 | [Virus Information Alliance](/microsoft-365/security/intelligence/virus-information-alliance-criteria?view=o365-21vianet) | modified |
-| 4/5/2022 | [Microsoft Virus Initiative](/microsoft-365/security/intelligence/virus-initiative-criteria?view=o365-21vianet) | modified |
-| 4/5/2022 | [Worms](/microsoft-365/security/intelligence/worms-malware?view=o365-21vianet) | modified |
-| 4/5/2022 | [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-21vianet) | modified |
-| 4/5/2022 | [Threat Trackers - New and Noteworthy](/microsoft-365/security/office-365-security/threat-trackers?view=o365-21vianet) | modified |
-| 4/5/2022 | [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) | modified |
-| 4/5/2022 | [Use named entities in your data loss prevention policies (preview)](/microsoft-365/compliance/named-entities-use?view=o365-21vianet) | modified |
-| 4/6/2022 | [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) | added |
-| 4/6/2022 | [Enable co-authoring for documents encrypted by sensitivity labels in Microsoft 365](/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-21vianet) | modified |
-| 4/6/2022 | [Shared devices](/microsoft-365/managed-desktop/service-description/shared-devices?view=o365-21vianet) | modified |
-| 4/6/2022 | [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-21vianet) | modified |
-| 4/6/2022 | [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) | modified |
-| 4/6/2022 | [Microsoft 365 guest sharing settings reference](/microsoft-365/solutions/microsoft-365-guest-settings?view=o365-21vianet) | modified |
-| 4/6/2022 | [Add DNS records to connect your domain](/microsoft-365/admin/get-help-with-domains/create-dns-records-at-any-dns-hosting-provider?view=o365-21vianet) | modified |
-| 4/6/2022 | [Add and replace your onmicrosoft.com fallback domain in Microsoft 365](/microsoft-365/admin/setup/add-or-replace-your-onmicrosoftcom-domain?view=o365-21vianet) | modified |
-| 4/6/2022 | [Communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-21vianet) | modified |
-| 4/6/2022 | [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) | modified |
-| 4/6/2022 | [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) | modified |
-| 4/6/2022 | [Microsoft 365 network connectivity test tool](/microsoft-365/enterprise/office-365-network-mac-perf-onboarding-tool?view=o365-21vianet) | modified |
-| 4/6/2022 | [Change history for Microsoft Managed Desktop documentation](/microsoft-365/managed-desktop/change-history-managed-desktop?view=o365-21vianet) | modified |
-| 4/6/2022 | [Enable attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-21vianet) | modified |
-| 4/6/2022 | [Operationalize attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-operationalize?view=o365-21vianet) | modified |
-| 4/6/2022 | [Plan attack surface reduction (ASR) rules deployment](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-plan?view=o365-21vianet) | modified |
-| 4/6/2022 | [Test attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test?view=o365-21vianet) | modified |
-| 4/6/2022 | [Attack surface reduction (ASR) rules deployment overview](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment?view=o365-21vianet) | modified |
-| 4/6/2022 | [Understand and use attack surface reduction (ASR)](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction?view=o365-21vianet) | modified |
-| 4/6/2022 | [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-21vianet) | modified |
-| 4/6/2022 | [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) | modified |
-| 4/6/2022 | [User reported message settings](/microsoft-365/security/office-365-security/user-submission?view=o365-21vianet) | modified |
-| 4/6/2022 | [Restrict access to content using sensitivity labels to apply encryption](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) | modified |
-| 4/6/2022 | [Step 7. Implement data loss prevention (DLP) with information protection capabilities](/microsoft-365/solutions/manage-devices-with-intune-dlp-mip?view=o365-21vianet) | modified |
-| 4/6/2022 | [Step 2. Enroll devices into management with Intune](/microsoft-365/solutions/manage-devices-with-intune-enroll?view=o365-21vianet) | modified |
-| 4/6/2022 | [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) | modified |
-| 4/7/2022 | [Choose between Basic Mobility and Security and Intune](/microsoft-365/admin/basic-mobility-security/choose-between-basic-mobility-and-security-and-intune?view=o365-21vianet) | modified |
-| 4/7/2022 | [Manage multiple tenants](/microsoft-365/admin/multi-tenant/manage?view=o365-21vianet) | modified |
-| 4/7/2022 | [Add custom and required questions to the booking page](/microsoft-365/bookings/add-questions?view=o365-21vianet) | modified |
-| 4/7/2022 | [Add staff to Bookings](/microsoft-365/bookings/add-staff?view=o365-21vianet) | modified |
-| 4/7/2022 | [Microsoft Bookings](/microsoft-365/bookings/bookings-overview?view=o365-21vianet) | modified |
-| 4/7/2022 | [Configure SMS text notifications and reminders in Microsoft Bookings](/microsoft-365/bookings/bookings-sms?view=o365-21vianet) | modified |
-| 4/7/2022 | [Comparison chart: Bookings web app vs. Bookings Teams app](/microsoft-365/bookings/comparison-chart?view=o365-21vianet) | modified |
-| 4/7/2022 | [Create a manual booking](/microsoft-365/bookings/create-a-manual-booking?view=o365-21vianet) | modified |
-| 4/7/2022 | [Customize and publish your booking page](/microsoft-365/bookings/customize-booking-page?view=o365-21vianet) | modified |
-| 4/7/2022 | [Define your service offerings in Bookings](/microsoft-365/bookings/define-service-offerings?view=o365-21vianet) | modified |
-| 4/7/2022 | [Delete a booking calendar](/microsoft-365/bookings/delete-calendar?view=o365-21vianet) | modified |
-| 4/7/2022 | [Employee working hours in Microsoft Bookings](/microsoft-365/bookings/employee-hours?view=o365-21vianet) | modified |
-| 4/7/2022 | [Enter your business information](/microsoft-365/bookings/enter-business-information?view=o365-21vianet) | modified |
-| 4/7/2022 | [Get Access to Microsoft Bookings](/microsoft-365/bookings/get-access?view=o365-21vianet) | modified |
-| 4/7/2022 | [Get the Microsoft Bookings app for iOS and Android](/microsoft-365/bookings/get-bookings-app?view=o365-21vianet) | modified |
-| 4/7/2022 | [Metrics and activity tracking in Microsoft Bookings](/microsoft-365/bookings/metrics-and-activity-tracking?view=o365-21vianet) | modified |
-| 4/7/2022 | [Reporting information for Microsoft Bookings](/microsoft-365/bookings/reporting-info?view=o365-21vianet) | modified |
-| 4/7/2022 | [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) | modified |
-| 4/7/2022 | [Set buffer time in Microsoft Bookings](/microsoft-365/bookings/set-buffer-time?view=o365-21vianet) | modified |
-| 4/7/2022 | [Set language and time zones in Microsoft Bookings](/microsoft-365/bookings/set-language-time-zones?view=o365-21vianet) | modified |
-| 4/7/2022 | [Set your scheduling policies](/microsoft-365/bookings/set-scheduling-policies?view=o365-21vianet) | modified |
-| 4/7/2022 | [Turn Microsoft Bookings on or off](/microsoft-365/bookings/turn-bookings-on-or-off?view=o365-21vianet) | modified |
-| 4/7/2022 | [About registration numbers and under-review notifications](/microsoft-365/commerce/about-registration-numbers?view=o365-21vianet) | modified |
-| 4/7/2022 | [Add licenses to a VLSC subscription](/microsoft-365/commerce/licenses/add-licenses-bought-through-vlsc?view=o365-21vianet) | modified |
-| 4/7/2022 | [Add licenses using a product key](/microsoft-365/commerce/licenses/add-licenses-using-product-key?view=o365-21vianet) | modified |
-| 4/7/2022 | [Manage ISV app licenses](/microsoft-365/commerce/licenses/manage-third-party-app-licenses?view=o365-21vianet) | modified |
-| 4/7/2022 | [Manage SAAS apps for your organization](/microsoft-365/commerce/manage-saas-apps?view=o365-21vianet) | modified |
-| 4/7/2022 | [Enter your Microsoft Open product key](/microsoft-365/commerce/purchases-from-microsoft-open?view=o365-21vianet) | modified |
-| 4/7/2022 | [Verify eligibility for Microsoft 365 Education subscriptions](/microsoft-365/commerce/subscriptions/verify-academic-eligibility?view=o365-21vianet) | modified |
-| 4/7/2022 | [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-21vianet) | modified |
-| 4/7/2022 | [Manage mailbox auditing](/microsoft-365/compliance/enable-mailbox-auditing?view=o365-21vianet) | modified |
-| 4/7/2022 | [Learn about Microsoft 365 Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-21vianet) | modified |
-| 4/7/2022 | [Get started with information barriers](/microsoft-365/compliance/information-barriers-policies?view=o365-21vianet) | modified |
-| 4/7/2022 | [Connect to Microsoft 365 with PowerShell](/microsoft-365/enterprise/connect-to-microsoft-365-powershell?view=o365-21vianet) | modified |
-| 4/7/2022 | [Securing Teams media traffic for VPN split tunneling](/microsoft-365/enterprise/microsoft-365-vpn-securing-teams?view=o365-21vianet) | modified |
-| 4/7/2022 | [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) | modified |
-| 4/7/2022 | [Understand next-generation protection configuration settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-gen-configuration-settings?view=o365-21vianet) | modified |
-| 4/7/2022 | [Schedule Microsoft Defender Antivirus protection updates](/microsoft-365/security/defender-endpoint/manage-protection-update-schedule-microsoft-defender-antivirus?view=o365-21vianet) | modified |
-| 4/7/2022 | [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) | modified |
-| 4/7/2022 | [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](/microsoft-365/security/office-365-security/configure-advanced-delivery?view=o365-21vianet) | modified |
-| 4/7/2022 | [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-21vianet) | modified |
-| 4/7/2022 | [Add more SharePoint storage to your subscription](/microsoft-365/commerce/add-storage-space?view=o365-21vianet) | modified |
-| 4/7/2022 | [Tax Information](/microsoft-365/commerce/billing-and-payments/tax-information?view=o365-21vianet) | modified |
-| 4/7/2022 | [Understand billing accounts](/microsoft-365/commerce/manage-billing-accounts?view=o365-21vianet) | modified |
-| 4/7/2022 | [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) | added |
-| 4/7/2022 | [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-21vianet) | modified |
-| 4/7/2022 | [DeviceLogonEvents table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-devicelogonevents-table?view=o365-21vianet) | modified |
-| 4/7/2022 | [Overview - Advanced hunting](/microsoft-365/security/defender/advanced-hunting-overview?view=o365-21vianet) | modified |
-| 4/7/2022 | [Incident response with Microsoft 365 Defender](/microsoft-365/security/defender/incidents-overview?view=o365-21vianet) | modified |
-| 4/7/2022 | [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-21vianet) | modified |
-| 4/7/2022 | [Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-defender?view=o365-21vianet) | modified |
-| 4/7/2022 | [Understand the analyst report section in threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics-analyst-reports?view=o365-21vianet) | modified |
-| 4/7/2022 | [Threat analytics in Microsoft 365 Defender](/microsoft-365/security/defender/threat-analytics?view=o365-21vianet) | modified |
-| 4/7/2022 | [Top scoring in industry tests - Microsoft 365 Defender](/microsoft-365/security/defender/top-scoring-industry-tests?view=o365-21vianet) | modified |
-| 4/7/2022 | [What's new in Microsoft 365 Defender](/microsoft-365/security/defender/whats-new?view=o365-21vianet) | modified |
-| 4/7/2022 | Evaluate Microsoft Defender for Office 365 | removed |
-| 4/7/2022 | [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) | modified |
-| 4/7/2022 | [Step 5. Deploy device profiles in Microsoft Intune](/microsoft-365/solutions/manage-devices-with-intune-configuration-profiles?view=o365-21vianet) | modified |
-| 4/7/2022 | [Step 6. Monitor device risk and compliance to security baselines](/microsoft-365/solutions/manage-devices-with-intune-monitor-risk?view=o365-21vianet) | modified |
-| 4/7/2022 | [Submit suspicious files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) | added |
-| 4/7/2022 | [Manage Microsoft Defender Antivirus updates and apply baselines](/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus?view=o365-21vianet) | modified |
-| 4/7/2022 | [Configure and review priority accounts in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/configure-review-priority-account?view=o365-21vianet) | added |
-| 4/7/2022 | [User tags in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/user-tags?view=o365-21vianet) | modified |
-| 4/7/2022 | [Resources to help you upgrade from Office 2013 clients and servers](/microsoft-365/enterprise/upgrade-office-2013-clients-servers?view=o365-21vianet) | modified |
-| 4/8/2022 | [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-21vianet) | modified |
-| 4/8/2022 | [Microsoft 365 admin center browser usage reports](/microsoft-365/admin/activity-reports/browser-usage-report?view=o365-21vianet) | modified |
-| 4/8/2022 | [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-device-usage-preview?view=o365-21vianet) | modified |
-| 4/8/2022 | [Microsoft 365 admin center Teams user activity reports](/microsoft-365/admin/activity-reports/microsoft-teams-user-activity-preview?view=o365-21vianet) | modified |
-| 4/8/2022 | [Enable archive mailboxes for Microsoft 365 Compliance](/microsoft-365/compliance/enable-archive-mailboxes?view=o365-21vianet) | modified |
-| 4/8/2022 | [Apply a document understanding model in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/apply-a-model) | modified |
-| 4/8/2022 | [Create an extractor Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-an-extractor) | modified |
-| 4/8/2022 | [Differences between document understanding and form processing models](/microsoft-365/contentunderstanding/difference-between-document-understanding-and-form-processing-model) | modified |
-| 4/8/2022 | [Use a prebuilt model to extract info from invoices or receipts in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/prebuilt-models) | modified |
-| 4/8/2022 | [Use shared queries in Microsoft 365 Defender advanced hunting](/microsoft-365/security/defender/advanced-hunting-shared-queries?view=o365-21vianet) | modified |
-| 4/8/2022 | [Microsoft 365 group expiration policy](/microsoft-365/solutions/microsoft-365-groups-expiration-policy?view=o365-21vianet) | modified |
-| 4/8/2022 | [Sensitive information type entity definitions](/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-21vianet) | modified |
-| 4/8/2022 | [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-21vianet) | modified |
-| 4/8/2022 | [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) | modified |
-| 4/8/2022 | [View and edit your security settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-21vianet) | modified |
-| 4/8/2022 | [Requirements for Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-requirements?view=o365-21vianet) | modified |
-| 4/8/2022 | [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-21vianet) | modified |
-| 4/8/2022 | [Use setup wizard in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-use-wizard?view=o365-21vianet) | modified |
-| 4/8/2022 | [Try and evaluate Defender for Office 365](/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365?view=o365-21vianet) | modified |
-| 4/8/2022 | [Schedule business closures, time off, and vacation time](/microsoft-365/bookings/schedule-closures-time-off-vacation?view=o365-21vianet) | modified |
-| 4/8/2022 | [An overview of Microsoft LTI apps](/microsoft-365/lti/index?view=o365-21vianet) | modified |
-| 4/8/2022 | [Submit files in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/admin-submissions-mde?view=o365-21vianet) | modified |
lti Browser Cookies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/browser-cookies.md
+
+ Title: Allow cookies for LMS URLs in your browser
++++
+audience: admin
++
+f1.keywords:
+- CSH
+
+ms.localizationpriority: medium
+description: Learn how to allow cookies for LMS URLs in Edge, Chrome, and Firefox, and Safari browsers.
++
+# Allow cookies for LMS URLs in your browser
+
+Third-party browser cookies are needed to complete the LTI 1.3 handshake according to IMS Global standards. Therefore, when launching the LTI tool from a Learning Management System (LMS), the browser setting must allow third-party cookies for the LMS URL.
+
+Here are the steps to allow the cookies in your browser.
+
+# [Microsoft Edge](#tab/edge)
+
+## Allow cookies for LMS URLS in Microsoft Edge
+
+1. In the Edge **Settings** window, select **Cookies and site permissions** > **Cookies and data stored** > **Manage and delete cookies and site data**.
+2. Turn on **Allow sites to save and read cookie data (recommended)**, and make sure that **Block third-party cookies** is turned off.
+
+If you must keep third-party cookies blocked:
+
+1. In the Edge **Settings** window, select **Cookies and site permissions** > **Cookies and data stored** > **Manage and delete cookies and site data**.
+2. Under **Allow**, select **Add** to add the domain URL of the LMS platform.
+ 1. For example, if the LMS platform is hosted at `https://contoso.com`, then that URL must be added under **Allow**.
+
+![Screenshot of Microsoft Edge cookie settings page](media/edge-cookies.png)
+
+# [Google Chrome](#tab/chrome)
+
+## Allow cookies for LMS URLS in Google Chrome
+
+1. In the Chrome **Settings** window, on the **Privacy and security** tab, select **Cookies and other site data**.
+
+2. Under **Sites that can always use cookies**, select **Add**, and then select the **Including third-party cookies on this site** checkbox.
+
+3. Add the domain URL of the LMS platform.
+ 1. For instance, if the LMS platform is hosted at `https://contoso.com`, then that URL must be used.
+
+![Screenshot of Google Chrome cookie settings page](media/chrome-cookies.png)
+
+# [Mozilla Firefox](#tab/firefox)
+
+## Allow cookies for LMS URLS in Mozilla Firefox
+
+1. In the Firefox **Settings** window, select the **Privacy & Security** tab.
+
+2. UnderΓÇ»**Cookies and Site Data**, selectΓÇ»**Manage Exceptions**.
+
+3. In the **Address of website** text box, enter the URL of the LMS platform.
+ 1. For instance, if the LMS platform is hosted at `https://contoso.com`, then that URL must be used.
+
+4. Select **Allow** to allow cookies for the entered website.
+
+5. SelectΓÇ»**Save Changes**.
+
+![Screenshot of Mozilla Firefox cookie settings page](media/firefox-cookies.png)
+
+# [Safari](#tab/safari)
+
+## Allow cookies for LMS URLS in Safari
+
+1. SelectΓÇ»**Preferences**ΓÇ»>ΓÇ»**Privacy**.
+
+2. Clear the **Prevent cross-site tracking** checkbox.
+++
+> [!NOTE]
+> In you can't change the settings yourself (your browser is managed by your organization), reach out to your IT department.
lti Manage Microsoft One Lti https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/manage-microsoft-one-lti.md
If so, here are some common issues and how to resolve them.
- **Cookies can't be found** - Third-party cookies need to be allowed for the **LMS URL** in the browser settings. - These cookies are needed to complete the LTI 1.3 handshake per the IMS specifications.
+ - To learn how to update your browser's cookie settings, see [Allow cookies for LMS URLs in your browser](browser-cookies.md).
- **Registration details not found** - This issue happens when registration of the LTI tool wasn't completed or if the registration was deleted in the OneLTI admin portal.
lti Onedrive Lti https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lti/onedrive-lti.md
description: Create and grade assignments, build and curate course content, and
# Integrate Microsoft OneDrive LTI with Canvas
-Integrating Microsoft OneDrive LTI with Canvas is a two step process. The first step enables Microsoft OneDrive in Canvas, and the second step makes the Microsoft OneDrive LTI available within Canvas courses.
+This article is for education IT admins who need to set up the Microsoft OneDrive LTI for Canvas.
+
+For instructions for educators on how to use the OneDrive LTI in Canvas, see [Use Microsoft OneDrive with your LMS](https://support.microsoft.com/topic/use-microsoft-onedrive-with-your-lms-c2ddeb48-f695-4267-94f2-14f7ff1b7bdd).
+
+Integrating Microsoft OneDrive LTI with Canvas is a two-step process. The first step enables Microsoft OneDrive in Canvas, and the second step makes the Microsoft OneDrive LTI available within Canvas courses.
## Recommended browser settings
Integrating Microsoft OneDrive LTI with Canvas is a two step process. The first
:::image type="content" source="media/OneDrive-LTI-20.png" alt-text="The LTI tenant registration page, which shows the JSON text and the text box the key should be copied into."::: 9. Review and save your changes. A message will be displayed on successful registration.+ 10. Your registration details can also be reviewed by selecting the **View LTI Tenants** button on the home page.
+Future releases may require additional admin consent. In those cases, you'll need to repeat only steps 1 and 2.
+ ## Enable Microsoft OneDrive LTI in Canvas Courses A Canvas administrator can enable Microsoft OneDrive LTI for all courses. If Microsoft OneDrive LTI is needed in a specific course (and not all courses), the course educator needs to follow the same steps within the course settings.
security Attack Surface Reduction Rules Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference.md
Last updated 02/04/2022
- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Microsoft Defender Antivirus
-**Platforms**
+**Platforms:**
+ - Windows This article provides information about attack reduction rules:
The following table lists the supported operating systems for rules that are cur
> > Attack surface reduction rules in Windows&nbsp;Server&nbsp;2012&nbsp;R2 and Windows&nbsp;Server&nbsp;2016 are available for devices onboarded using the modern unified solution package. For more information, see [New functionality in the modern unified solution for Windows Server 2012 R2 and 2016 Preview](/microsoft-365/security/defender-endpoint/configure-server-endpoints#new-functionality-in-the-modern-unified-solution-for-windows-server-2012-r2-and-2016-preview).
-| Rule name|Windows 10 | Windows Server 2019 | Windows&nbsp;Server | Windows Server 2016 <sup>[[1, 2](#fn1)]<sup></sup> | Windows Server 2012&nbsp;R2 <sup>[[1, 2](#fn1)]<sup></sup> |
+| Rule name| Windows&nbsp;11 <br>and<br> Windows&nbsp;10 | Windows&nbsp;Server <br> 2022 <br>and<br> Windows&nbsp;Server <br> 2019 | Windows Server | Windows&nbsp;Server <br> 2016 <br> <sup>[[1, 2](#fn1)]<sup></sup> | Windows&nbsp;Server <br> 2012&nbsp;R2 <br> <sup>[[1, 2](#fn1)]<sup></sup> |
|:|::|::|::|::|::| | [Block abuse of exploited vulnerable signed drivers](#block-abuse-of-exploited-vulnerable-signed-drivers) | Y | Y | Y <br> version 1803 (Semi-Annual Channel) or later | Y | Y | | [Block Adobe Reader from creating child processes](#block-adobe-reader-from-creating-child-processes) | Y version 1809 or later | Y | Y | Y | Y |
Links to information about configuration management system versions referenced i
|[Block untrusted and unsigned processes that run from USB](#block-untrusted-and-unsigned-processes-that-run-from-usb) | Y | |Y <br><br> CB 1802 | Y | Y | |[Block Win32 API calls from Office macros](#block-win32-api-calls-from-office-macros) | Y | | Y <br><br> CB 1710 | Y | Y | |[Use advanced protection against ransomware](#use-advanced-protection-against-ransomware) | Y | | Y <br><br> CB 1802 | Y | Y |
-| | | | | | |
(<a id="fn1">1</a>) You can configure attack surface reduction rules on a per-rule basis by using any rule's GUID.
For rules with the "Rule State" specified:
|[Block untrusted and unsigned processes that run from USB](#block-untrusted-and-unsigned-processes-that-run-from-usb) | Audit&nbsp;\|&nbsp;Block | Y \| Y <br> Requires device at high-cloud block level | N \| Y <br> Requires device at high-cloud block level | |[Block Win32 API calls from Office macros](#block-win32-api-calls-from-office-macros) | | N | Y | |[Use advanced protection against ransomware](#use-advanced-protection-against-ransomware) | Audit&nbsp;\|&nbsp;Block | Y \| Y <br> Requires device at high-cloud block level | N \| Y <br> Requires device at high-cloud block level |
-| | | | |
## ASR rules and GUIDs matrix
security Device Control Removable Storage Access Control https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control.md
ms.technology: mde Previously updated : 04/11/2022 Last updated : 05/09/2022 # Microsoft Defender for Endpoint Device Control Removable Storage Access Control
Microsoft Endpoint Manager admin center (<https://endpoint.microsoft.com/>) \> *
5. Set the location for a copy of the file: if you want to have a copy of the file when Write access happens, you have to set the location where the system can save the copy.
- - OMA-URI: `./Vendor/MSFT/Defender/Configuration/DataDuplicationRemoteLocation;**username**;**password**`
+ - OMA-URI: `./Vendor/MSFT/Defender/Configuration/DataDuplicationRemoteLocation
- Data Type: String
security Defenderexpertsforhuntingprev https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/defenderexpertsforhuntingprev.md
+
+ Title: Microsoft Defender Experts for Hunting preview
+
+description: Microsoft Defender Experts for Hunting provides an additional layer of expertise to Microsoft Defender for Endpoint.
+keywords: managed threat hunting service, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts, MTE-TAN, targeted attack notification, Targeted Attack Notification, Microsoft Defender Experts for hunting
+search.product: Windows 10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
++
+ms.localizationpriority: medium
+
+audience: ITPro
+
+ - m365-security-compliance
+ - m365initiative-defender-endpoint
+
+ms.technology: mde
++
+# Microsoft Defender Experts for Hunting preview
+
+> [!IMPORTANT]
+> Some information relates to pre-released products which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+++
+**Applies to:**
+
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+Microsoft Defender Experts for Hunting (Defender Experts for Hunting) is a managed threat hunting service that can help your Security Operation Centers (SOCs) with expert level monitoring, analysis, and support to identify and respond to critical threats in your unique environment.
+
+[Watch this short video](https://youtu.be/4t1JgE0X0jc) to learn more about how Microsoft Defender Experts for Hunting can help you track the latest advanced threats in your environment.
+
+Defender Experts for Hunting provides targeted attack notifications directly through the Microsoft 365 Defender portal. These notifications will help you protect your organization's endpoints, email, cloud apps and identities. You will also receive access to Experts on Demand, that lets you click a button in the Microsoft 365 Defender portal to get expert advice about threats your organization is facing. You can consult experts and seek help with the threats your organization faces. In this preview, you can try the service for free and enjoy the following capabilities:
+
+- **Threat hunting and analysis** ΓÇô Defender Experts for Hunting look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.
+- **Targeted attack notification** ΓÇô Notifications show up as incidents in Microsoft 365 Defender, helping to improve your security operations' incident response with specific information about the scope, method of entry, and remediation instructions.
+- **Experts on Demand** ΓÇô Consult a threat expert about a specific incident, nation-state actor, or attack vector.
+- **Hunter-trained AI** ΓÇô Our Defender Experts for Hunting share their learning back into the automated tools they use to improve threat discovery and prioritization.
+- **Reports** ΓÇô An interactive report summarizing what we hunted, what we found, and what we recommended
+
+## Apply for Microsoft Defender Experts for Hunting service preview
+
+>[!IMPORTANT]
+>Before you apply, make sure to discuss the eligibility requirements for Defender Experts for Hunting with your Microsoft Technical Service provider and account team. The preview is filling up fast and availability is very limited. If we can't get you in, we'll reach out to you soon as Microsoft Defender Experts for Hunting service is ready for generally availability.
+
+If you havenΓÇÖt done so yet, you can apply for Defender Experts for Hunting:
+
+1. Click [**Apply**](https://aka.ms/expandedMTEprev). Only the global administrators can register and complete the application process. If youΓÇÖre not a global administrator, contact your global administrator to fill out the application form.
+2. Enter your **company email ID**.
+3. Select **Submit**. You will get a confirmation message that your application has been received.
+4. Upon approval, you will receive an email to register.
+
+## Register to Microsoft Defender Experts for Hunting service preview
+
+You need to follow these steps to join the preview:
+
+1. In the application acceptance email that youΓÇÖve received, click **Register**. This opens the sign-in dialog box to your Microsoft 365 account.
+2. Ask your global administrator to register your company (the link will be provided in the email youΓÇÖll get). Sign in. The **Settings** page opens.
+3. Go to **Settings > Microsoft Defender Experts**.
+4. Read the **Microsoft Defender Experts for Hunting preview terms and conditions**. If you have any questions or concerns, contact the Microsoft Defender Experts Team at defenderexpertshelp@microsoft.com.
+5. Click **Accept**, to accept the terms and conditions.
+6. Get your free preview in [Microsoft 365 admin center](https://www.microsoft.com/en-us/microsoft-365/business/office-365-administration).
+You can only place the order after you've accepted the terms and conditions. Select **Get license** to initiate provisioning in the admin center. This will take you to the checkout page to verify the order details. The service might become commercially available less than 6 months after you begin your free preview. Microsoft reserves the right to end your preview at that time.
+7. In the **Checkout** page, select **Place order**.
+
+## Start using your Microsoft Defender Experts for Hunting service preview
+
+Around six hours after you place your order and get confirmation, you will receive a welcome email that says your Microsoft Defender Experts preview is set up and ready to use. Our experts will immediately start hunting for advanced threats inside your environment.
+
+## Receive targeted attack notification
+
+The targeted attack notification capability includes:
+
+- Threat monitoring and analysis, reducing dwell time and the risk to your business.
+- Hunter-trained artificial intelligence to discover and target both known attacks and emerging threats.
+- Identification of the most pertinent risks, helping SOCs maximize their effectiveness.
+- Help scoping compromises and providing as much context as can be quickly delivered to enable a swift SOC response.
+
+See the screenshot of a sample below:
+
+![Annotated screenshot of a sample Defender Experts for Hunting targetted attack notification](../../media/sample-hunting-experts-tan.png)
+
+## Collaborate with experts on demand
+
+You can consult with Defender Experts for Hunting directly inside the Microsoft 365 security portal, for a swift and accurate threat response. Experts can provide insight to better understand the complex threats your organization may face. Consult an expert to:
+
+- Gather additional information on alerts and incidents, including root causes and scope
+- Gain clarity into suspicious devices, alerts, or incidents and get next steps if faced with an advanced attacker
+- Determine risks and available protections related to threat actors, campaigns, or emerging attacker techniques
+
+The option to **Consult a threat expert** is available in several places throughout the portal:
+
+### Device page actions menu
+
+![The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the Device page action menu in the Microsoft 365 Defender portal](../../media/mte/device-actions-mte-highlighted.png)
+
+### Device inventory page flyout menu
+
+![The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the Device inventory page menu in the Microsoft 365 Defender portaldevice page inventory flyout menu](../../media/mte/device-inventory-mte-highlighted.png)
+
+### Alerts page flyout menu
+
+![The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the Alerts page in the Microsoft 365 Defender portal](../../media/mte/alerts-actions-mte-highlighted.png)
+
+### Incidents page actions menu
+The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the Device page action menu in the Microsoft 365 Defender portal
+![The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the Incidents page in the Microsoft 365 Defender portal](../../media/mte/incidents-action-mte-highlighted.png)
+
+### Incidents inventory page
+
+![The Microsoft Defender Experts for Hunting - Experts on Demand menu option in the incidents inventory page in the Microsoft 365 Defender portal](../../media/mte/alerts-actions-mte-highlighted.png)
+
+>[!NOTE]
+> If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Customer Success Account Manager. Watch this **[video](https://www.microsoft.com/videoplayer/embed/RE4pk9f)** for a quick overview of the Microsoft Services Hub.
+
+## Opt out of preview
+
+In case you change your mind and donΓÇÖt want to continue with the Defender Experts for Hunting preview, you can follow the steps to [cancel a self-service subscription](../../commerce/subscriptions/manage-self-service-purchases-admins.md#cancel-a-self-service-purchase-subscription).
+
+### Related topics
+
+- [Microsoft Threat Experts overview](microsoft-threat-experts.md)
+- [Configure and manage Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
security Whats New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new.md
For more information on what's new with other Microsoft Defender security produc
You can also get product updates and important notifications through the [message center](https://admin.microsoft.com/Adminportal/Home#/MessageCenter).
+## May 2022
+- (Preview) In line with the recently announced expansion into a new service category called [Microsoft Security Experts](https://aka.ms/MicrosoftSecurityExperts), we're introducing the availability of [Microsoft Defender Experts for Hunting](defenderexpertsforhuntingprev.md) (Defender Experts for Hunting) for public preview. Defender Experts for Hunting is for customers who have a robust security operations center but want Microsoft to help them proactively hunt for threats across Microsoft Defender data, including endpoints, Office 365, cloud applications, and identity.
## April 2022 - (Preview) [Actions](advanced-hunting-take-action.md) can now be taken on email messages straight from hunting query results. Emails can be moved to other folders or deleted permanently.
security Migrate To Defender For Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365.md
ms.prod: m365-security
If you already have an existing third-party protection service or device that sits in front of Microsoft 365, you can use this guide to migrate your protection to Microsoft Defender for Office 365 to get the benefits of a consolidated management experience, potentially reduced cost (using products that you already pay for), and a mature product with integrated security protection. For more information, see [Microsoft Defender for Office 365](https://www.microsoft.com/security/business/threat-protection/office-365-defender).
+Watch this short video to learn more about migrating to Defender for Office 365.
+> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RWRwfH]
+ This guide provides specific and actionable steps for your migration, and assumes the following facts: - You already have Microsoft 365 mailboxes, but you're currently using a third-party service or device for email protection. Mail from the internet flows through the protection service before delivery into your Microsoft 365 organization, and Microsoft 365 protection is as low as possible (it's never completely off; for example, malware protection is always enforced).
security Quarantine Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-policies.md
For new organizations or older organizations that never had end-user spam notifi
## Step 1: Create quarantine policies in the Microsoft 365 Defender portal
-1. In the [Microsoft 365 Defender portal](https://security.microsoft.com), go to **Email & collaboration** \> **Policies & Rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section.
+1. In the [Microsoft 365 Defender portal](https://security.microsoft.com), go to **Email & collaboration** \> **Policies & Rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section. Or, to go directly to the **Quarantine policies** page, use <https://security.microsoft.com/quarantinePolicies>.
-2. On the **Quarantine policy** page, click ![Add custom policy icon.](../../media/m365-cc-sc-create-icon.png) **Add custom policy**.
+2. On the **Quarantine policies** page, click ![Add custom policy icon.](../../media/m365-cc-sc-create-icon.png) **Add custom policy**.
3. The **New policy** wizard opens. On the **Policy name** page, enter a brief but unique name in the **Policy name** box. You'll need to identify and select the quarantine policy by name in upcoming steps. When you're finished, click **Next**.
For detailed syntax and parameter information, see [Set-MalwareFilterPolicy](/po
The global settings for quarantine policies allow you to customize the quarantine notifications that are sent to recipients of quarantined messages if quarantine notifications are turned on in the quarantine policy. For more information about these notifications, see [Quarantine notifications](use-spam-notifications-to-release-and-report-quarantined-messages.md).
-1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section.
+1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section. Or, to go directly to the **Quarantine policies** page, use <https://security.microsoft.com/quarantinePolicies>.
-2. On the **Quarantine policy** page, select **Global settings**.
+2. On the **Quarantine policies** page, select **Global settings**.
-3. In the **Quarantine notification settings** flyout that opens, configure some or all of the following settings:
+3. In the **Quarantine notification settings** flyout that opens, configure the following settings:
- - **Display name**: Customize the sender's display name that's used in quarantine notifications.
+ - Customize quarantine notifications based on the recipient's language:
- For each language that you've added, select the language in the second language box (don't click on the X) and enter the text value you want in the **Display name** box.
+ - The **Display name** of the sender that's used in quarantine notifications as shown in the following screenshot.
- The following screenshot shows the customized display name in a quarantine notification:
+ :::image type="content" source="../../media/quarantine-tags-esn-customization-display-name.png" alt-text="A customized sender display name in a quarantine notification." lightbox="../../media/quarantine-tags-esn-customization-display-name.png":::
- :::image type="content" source="../../media/quarantine-tags-esn-customization-display-name.png" alt-text="A customized sender display name in a quarantine notification" lightbox="../../media/quarantine-tags-esn-customization-display-name.png":::
+ - The **Disclaimer** text that's added to the bottom of quarantine notifications. The localized text, **A disclaimer from your organization:** is always included first, followed by the text you specify as show in the following screenshot:
- - **Disclaimer**: Add a custom disclaimer to the bottom of quarantine notifications. The localized text, **A disclaimer from your organization:** is always included first, followed by the text you specify.
+ :::image type="content" source="../../media/quarantine-tags-esn-customization-disclaimer.png" alt-text="A custom disclaimer at the bottom of a quarantine notification." lightbox="../../media/quarantine-tags-esn-customization-disclaimer.png":::
- For each language that you've added, select the language in the second language box (don't click the X) and enter the text value you want in the **Disclaimer** box.
+ - The language identifier for the the **Display name** and **Disclaimer** values. Quarantine notifications are already localized based on the recipient's language settings. The **Display name** and **Disclaimer** values are used in quarantine notifications that apply to the recipient's language.
- The following screenshot shows the customized disclaimer in a quarantine notification:
+ Select the language in the **Choose language** box _before_ you enter values in the **Display name** and **Disclaimer** boxes. When you change the value in the **Choose language** box, the values in the **Display name** and **Disclaimer** boxes are emptied.
- :::image type="content" source="../../media/quarantine-tags-esn-customization-disclaimer.png" alt-text="A custom disclaimer at the bottom of a quarantine notification" lightbox="../../media/quarantine-tags-esn-customization-disclaimer.png":::
+ Follow these steps to customize quarantine notifications based on the recipient's language:
- - **Choose language**: Quarantine notifications are already localized based on the recipient's language settings. You can specify customized text in different languages for the **Display name** and **Disclaimer** values.
+ 1. Select the language from the **Choose language** box. The default value is **Default**, which means English.
+ 2. Enter values for **Display name** and **Disclaimer**. The values must be unique for each language. If you try to reuse a **Display name** or **Disclaimer** value for multiple languages, you'll get an error when you click **Save**.
+ 3. Click the **Add** button.
+ 4. Repeat the previous steps to create a maximum of three customized quarantine notifications based on the recipient's language. An unlabeled box shows the languages that you've configured:
- Select at least one language from the first language box and then click **Add**. You can select multiple languages by clicking **Add** after each one. A section language box shows all of the languages that you've selected:
+ :::image type="content" source="../../media/quarantine-tags-esn-customization-selected-languages.png" alt-text="The selected languages in the global quarantine notification settings of quarantine policies." lightbox="../../media/quarantine-tags-esn-customization-selected-languages.png":::
- :::image type="content" source="../../media/quarantine-tags-esn-customization-selected-languages.png" alt-text="The selected languages in the second language box in the global quarantine notification settings of quarantine policies" lightbox="../../media/quarantine-tags-esn-customization-selected-languages.png":::
-
- - **Use my company logo**: Select this option to replace the default Microsoft logo that's used at the top of quarantine notifications. Before you do this, you need to follow the instructions in [Customize the Microsoft 365 theme for your organization](../../admin/setup/customize-your-organization-theme.md) to upload your custom logo.
+ - **Use my company logo**: Select this option to replace the default Microsoft logo that's used at the top of quarantine notifications. Before you do this step, you need to follow the instructions in [Customize the Microsoft 365 theme for your organization](../../admin/setup/customize-your-organization-theme.md) to upload your custom logo.
The following screenshot shows a custom logo in a quarantine notification: :::image type="content" source="../../media/quarantine-tags-esn-customization-logo.png" alt-text="A custom logo in a quarantine notification" lightbox="../../media/quarantine-tags-esn-customization-logo.png":::
- - **Send end-user spam notification every (days)**: Select the frequency for quarantine notifications.
+ - **Send end-user spam notification every (days)**: Select the frequency for quarantine notifications. The default value is 3 days, but you can select 1 to 15 days.
+
+4. When you're finished, click **Save**.
## View quarantine policies in the Microsoft 365 Defender portal
-1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section.
+1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section. Or, to go directly to the **Quarantine policies** page, use <https://security.microsoft.com/quarantinePolicies>.
-2. The **Quarantine policy** page shows the list of policies by **Name** and **Last updated** date.
+2. The **Quarantine policies** page shows the list of policies by **Name** and **Last updated** date.
3. To view the settings of built-in or custom quarantine policies, select the quarantine policy from the list by clicking on the name.
For detailed syntax and parameter information, see [Get-HostedContentFilterPolic
You can't modify the built-in quarantine policies named AdminOnlyAccessPolicy or DefaultFullAccessPolicy. You can modify the built-in policy named NotificationEnabledPolicy ([if you have it](#full-access-permissions-and-quarantine-notifications)) and custom quarantine policies.
-1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section.
+1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section. Or, to go directly to the **Quarantine policies** page, use <https://security.microsoft.com/quarantinePolicies>.
2. On the **Quarantine policies** page, select the policy by clicking on the name.
For detailed syntax and parameter information, see [Set-QuarantinePolicy](/power
If the quarantine policy is being used, [replace the assigned quarantine policy](#step-2-assign-a-quarantine-policy-to-supported-features) before you remove it.
-1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section.
+1. In the Microsoft 365 Defender portal, go to **Email & collaboration** \> **Policies & rules** \> **Threat policies** \> **Quarantine policies** in the **Rules** section. Or, to go directly to the **Quarantine policies** page, use <https://security.microsoft.com/quarantinePolicies>.
-2. On the **Quarantine policy** page, select the custom quarantine policy that you want to remove by clicking on the name.
+2. On the **Quarantine policies** page, select the custom quarantine policy that you want to remove by clicking on the name.
3. After you select the policy, click the ![Delete policy icon.](../../media/m365-cc-sc-delete-icon.png) **Delete policy** icon that appears.
security Respond Compromised Connector https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/respond-compromised-connector.md
ms.prod: m365-security
Connectors are used for enabling mail flow between Microsoft 365 or Office 365 and email servers that you have in your on-premises environment. For more information, see [Configure mail flow using connectors in Exchange Online](/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/use-connectors-to-configure-mail-flow).
-A compromised inbound connector is defined as when an unauthorized individual either applies change(s) to an existing inbound connector or creates a new inbound connector in a Microsoft 365 tenant, with the intention of sending spam or phish emails.
+A compromised inbound connector is defined as when an unauthorized individual either applies change(s) to an existing inbound connector or creates a new inbound connector in a Microsoft 365 tenant, with the intention of sending spam or phish emails. Note that this is applicable only to inbound connectors of type OnPremises.
## Detect a compromised connector
security View Email Security Reports https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/view-email-security-reports.md
When you hover over a wedge in the pie chart, you can see the message count for
The details table below the graph shows the senders or recipients and message counts based on the view you selected.
-You can filter both the chart and the details table by clicking **Filter** and selecting **Start date** and **End date**. Users can also filter by user tags
+You can filter both the chart and the details table by clicking **Filter** and selecting **Start date** and **End date**. Users can also filter by user tags.
When you're finished configuring the filters, click **Apply**, **Cancel**, or **Clear filters**.
solutions Collaboration Governance Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/collaboration-governance-overview.md
Because groups and teams can be created in several ways, we recommend training y
- If your organization does most of its communication using email, instruct your users to create groups in Outlook. - If your organization heavily uses SharePoint or is migrating from SharePoint on-premises, instruct your users to create SharePoint team sites for collaboration.-- If your organization has deployed Teams, instruct your users to create a team when they need need a collaboration space.
+- If your organization has deployed Teams, instruct your users to create a team when they need a collaboration space.
This helps avoid confusion if users are unfamiliar with how groups relate to their related services. For more information about how to talk to your users about groups, see [Explaining Microsoft 365 Groups to your users](../admin/create-groups/explain-groups-knowledge-worker.md).
These training modules from Microsoft Learn can help you learn the governance fe
|Training:|Protect enterprise information with Microsoft 365| |:|:|
-|![Teams training icon.](../media/protect-enterprise-information-microsoft-365.svg)|Protecting and securing your organization's information is more challenging than ever. The Protect enterprise information with Microsoft 365 learning path discusses how to protect your sensitive information from accidental oversharing or misuse, how to discover and classify data, how to protect it with sensitivity labels, and how to both monitor and analyze your sensitive information to protect against its loss. This learning path can help you prepare for the Microsoft 365 Certified: Security Administrator Associate and Microsoft 365 Certified: Enterprise Administration Expert certifications..<br><br>1 hr - Learning Path - 5 Modules|
+|![Teams training icon.](../media/protect-enterprise-information-microsoft-365.svg)|Protecting and securing your organization's information is more challenging than ever. The Protect enterprise information with Microsoft 365 learning path discusses how to protect your sensitive information from accidental oversharing or misuse, how to discover and classify data, how to protect it with sensitivity labels, and how to both monitor and analyze your sensitive information to protect against its loss. This learning path can help you prepare for the Microsoft 365 Certified: Security Administrator Associate and Microsoft 365 Certified: Enterprise Administration Expert certifications.<br><br>1 hr - Learning Path - 5 Modules|
> [!div class="nextstepaction"] > [Start >](/learn/modules/m365-security-info-overview/introduction/)
What IT architects need to know about groups in Microsoft 365
|**Item**|**Description**| |:--|:--|
-|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) <br/> [PDF](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) \| [Visio](https://github.com/MicrosoftDocs/OfficeDocs-Enterprise/raw/live/Enterprise/downloads/msft-m365-groups.vsdx) <br> Updated June 2019|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.|
+|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) <br/> [PDF](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) \| [Visio](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.vsdx) <br> Updated May 2022|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.|
### Microsoft Teams and related productivity services in Microsoft 365 for IT architects The logical architecture of productivity services in Microsoft 365, leading with Microsoft Teams.
This set of illustrations uses one of the most regulated industries, financial s
| Item | Description | |:--|:--|
-|[![Model poster: Microsoft Purview information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>|
+|[![Model poster: Microsoft Purview information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview Data Loss Prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>|
## Conference sessions
Learn the fundamentals and new innovations in Microsoft 365 Groups, including ma
Learn how to set up your groups expiry lifecycle, naming policies, classification labels, collaboration with external guests, and manage group creation permissions. -- [Transform collaboration and fight shadow IT with Office 365 groups](https://www.youtube.com/watch?v=Bhf_bKx3lAg)
+- [Transform collaboration and fight shadow IT with Office 365 Groups](https://www.youtube.com/watch?v=Bhf_bKx3lAg)
**Customer example** See a behind-the-scenes example of how Microsoft 365 Groups, SharePoint, Teams, and Yammer work together to provide a global collaboration platform. -- [Finding your collaboration sweet spot with Office 365 Groups, SharePoint, Teams, and Yammer](https://www.youtube.com/watch?v=Rx9eVwqXeQk)
+- [Finding your collaboration sweet spot with Microsoft 365 Groups, SharePoint, Teams, and Yammer](https://www.youtube.com/watch?v=Rx9eVwqXeQk)
## See also [Microsoft 365 security documentation](../security/index.yml)
-[Microsoft Purview documentation](../compliance/index.yml)
+[Microsoft Purview documentation](../compliance/index.yml)
solutions Groups Services Interactions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/groups-services-interactions.md
The experience of group creation restriction varies between apps and
See the Groups in Microsoft 365 poster for information about different types of groups, how these are created and managed, and a few governance recommendations.
-[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf)
+[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf)
-[PDF](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) \| [Visio](https://github.com/MicrosoftDocs/OfficeDocs-Enterprise/raw/live/Enterprise/downloads/msft-m365-groups.vsdx)
+[PDF](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) \| [Visio](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.vsdx)
The following table provides an overview of Microsoft 365 Groups interactions with various
solutions Per Group Guest Access https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/per-group-guest-access.md
description: "Learn how to prevent guests from being added to a specific group"
# Prevent guests from being added to a specific Microsoft 365 group or Microsoft Teams team
-If you want to allow guest access to most groups and teams, but have some where you want to prevent guest access, you can block guest access for individual groups and teams. (Blocking guest access to a team is done by blocking guest access to the associated group.) This prevents new guests from being added but does not remove guests that are already in the group or team.
+If you want to allow guest access to most groups and teams, but have somewhere you want to prevent guest access, you can block guest access for individual groups and teams. (Blocking guest access to a team is done by blocking guest access to the associated group.) This prevents new guests from being added but does not remove guests that are already in the group or team.
If you use sensitivity labels in your organization, we recommend using them to control guest access on a per-group basis. For information about how to do this, [Use sensitivity labels to protect content in Microsoft Teams, Microsoft 365 groups, and SharePoint sites](../compliance/sensitivity-labels-teams-groups-sites.md). This is the recommended approach.
By default, guests aren't visible in the Exchange Global Address List. Use the s
Find the guest's ObjectID by running: ```PowerShell
-Get-AzureADUser -Filter "userType eq 'Guest'"
+get-AzureADUser -all $true | ?{$_.CreationType -eq "Invitation"}
``` Then run the following using the appropriate values for ObjectID, GivenName, Surname, DisplayName, and TelephoneNumber.
solutions Productivity Illustrations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/productivity-illustrations.md
Knowing which method (or combinations of methods) to use and when to use them de
| Item | Description | |:--|:--|
-|[![Contoso corporate communications scenario poster.](../media/solutions-architecture-center/contoso-corporate-communication-thumb.png)](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.pdf) <br/> [PDF](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.pdf) \| [Visio](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.vsdx) <br>Updated January 2022 |This poster illustrates how Contoso keeps employees informed and engaged across popular communication scenarios. Contoso uses a variety of M365 apps, including a new offering, Viva Connections.<br/><br/>**Related solution guides** <br/> <ul><li>[Organizational communications: Guidance, methods, and products](/sharepoint/corporate-communications-overview)|
+|[![Contoso corporate communications scenario poster.](../media/solutions-architecture-center/contoso-corporate-communication-thumb.png)](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.pdf) <br/> [PDF](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.pdf) \| [Visio](https://download.microsoft.com/download/0/3/4/034fbee5-ecf4-4559-86d3-815e898f21ea/contoso-corporate-communication-poster.vsdx) <br>Updated January 2022 |This poster illustrates how Contoso keeps employees informed and engaged across popular communication scenarios. Contoso uses a variety of Microsoft 365 apps, including a new offering, Viva Connections.<br/><br/>**Related solution guides** <br/> <ul><li>[Organizational communications: Guidance, methods, and products](/sharepoint/corporate-communications-overview)|
## Groups in Microsoft 365 for IT Architects This illustration includes information for IT architects about Microsoft 365 Groups. To learn about configuring and administering Microsoft 365 Groups and teams for collaboration in your organization, see [Set up secure collaboration with Microsoft 365](/microsoft-365/solutions/setup-secure-collaboration-with-teams) and [What is collaboration governance?](/microsoft-365/solutions/collaboration-governance-overview). | Item | Description | |:--|:--|
-|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) <br/> [PDF](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) \| [Visio](https://github.com/MicrosoftDocs/OfficeDocs-Enterprise/raw/live/Enterprise/downloads/msft-m365-groups.vsdx) <br> Updated May 2020|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.
+|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) <br/> [PDF](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) \| [Visio](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.vsdx) <br> Updated May 2022|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.
## Migrate to Microsoft 365
This set of illustrations uses one of the most regulated industries, financial s
| Item | Description | |:--|:--|
-|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview data loss prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>|
+|[![Model poster: Microsoft 365 information protection and compliance capabilities.](../media/solutions-architecture-center/m365-compliance-illustrations-thumb.png)](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) <br/> English: [Download as a PDF](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/3/a/6/3a6ab1a3-feb0-4ee2-8e77-62415a772e53/m365-compliance-illustrations.vsdx) <br/> Japanese: [Download as a PDF](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.pdf) \| [Download as a Visio](https://download.microsoft.com/download/6/f/1/6f1a7d0e-dd8e-442e-b073-8e94327ae4f8/m365-compliance-illustrations.vsdx) <br/> Updated November 2020|Includes: <ul><li> Microsoft Purview Information Protection and Microsoft Purview Data Loss Prevention</li><li>Retention policies and retention labels </li><li>Information barriers</li><li>Communication compliance</li><li>Insider risk</li><li>Third-party data ingestion</li>|
## Security and Information Protection for Multi-Region Organizations
solutions Setup Secure Collaboration With Teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/setup-secure-collaboration-with-teams.md
What IT architects need to know about groups in Microsoft 365
|**Item**|**Description**| |||
-|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) <br/> [PDF](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/msft-m365-groups.pdf) \|[Visio](https://github.com/MicrosoftDocs/OfficeDocs-Enterprise/raw/live/Enterprise/downloads/msft-m365-groups.vsdx) <br> Updated June 2019|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.|
+|[![Thumb image for groups infographic.](../downloads/msft-m365-groups-architecture-thumb.png)](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) <br/> [PDF](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.pdf) \|[Visio](https://download.microsoft.com/download/6/3/0/6309218f-a169-4f2d-af4c-2fe49e30ba17/msft-m365-groups.vsdx) <br> Updated May 2022|These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.|
### Microsoft Teams and related productivity services in Microsoft 365 for IT architects