Recently Microsoft has been focusing a lot of effort on security and compliance when it comes to information management. In an effort to make a one-stop portal, they have create the Security & Compliance portal for Office 365.
It can be accessed multiple ways. It can be accessed through the icon from the Waffle menu in the upper left hand corner as pictured above. It can all so be accessed through the Admin Center:
Or you can go straight to the URL: https://protection.office.com/
From there you can take care of your security needs such as: set alerts, manage permissions, set you data loss prevention policies and many other things. You can visit https://support.office.com for complete details and I will be following up with for posts and detailing more of its features. The focus of this post is focusing on one particularly new feature I discovered that is now available, the ability to alert when someone is doing mass downloads and suspend the user.
While a lot of governance and compliance focuses on securing information and limiting access to data, a major problem is when seemingly good or trusted people turn into bad actors and download things that the company wouldn’t want them too, think Snowden and Wikileaks.
To enact this feature, you have to have an Office 365 E5 license because it is an Advanced Security Management feature. If you have this license, then you can go to the Security & Compliance Center –> Manage advanced alerts and click on the Go to Advanced Security Management button:
This will take you to the Policies screen:
Click on Create Policy –> Active policy:
From the Policy template choose Mass download by a single user and fill out the form. An example is if the person downloads 30 items in 5 minutes:
You can have the Policy send an alert email to you administrator and Suspend user until the admin has time to evaluate the situation and decide if the user has a legitimate business reason for downloading so many files.
After you hit create, you will see you Policy appear on the Policies screen:
This is a great new feature to help stop the loss of data from you organization and just one of many useful security options that Microsoft has released. It should be exciting to see future features and enhancements in the area of Security & Compliance.