Managing Security and Compliance

Managing Security and Compliance

Security and compliance admin center:

Security compliance is a legal concern for organizations in many industries today. In demonstrating security compliance, enterprises can better define and achieve specific IT security goals and mitigate the threat of network attacks through processes like vulnerability management. To go to the Microsoft security and compliance admin center, you need to type protection.office.com on your browser's address bar.

Sensitivity labels:

Sensitivity labels are used to classify email messages, documents, sites, and more. When tags are applied (automatically or by the user), the content or site is protected based on your chosen settings. For example, you can create labels that encrypt files, add content marking, and control user access to specific sites.

How to create sensitivity labels

1. Click on ‘classification’ then sensitivity labels. It will prompt MS365 compliance, information governance.

Figure 1 Classification

2. Click on create a label

Figure 2 create a label

3. Give name and description, then click next

Figure 3 name and description

4. Define the scope for this label

Figure 4 scope for this label

5. Choose protection settings for files and emails

Figure 5 protection settings

6. Review settings and finish, after creating you have to publish the label as well

Figure 6 Review settings and finish

7. Click on publish labels
8. Choose sensitivity labels to publish, give users or groups, setting, name and click finish.

Figure 7 publish labels

Retention labels:

Retention labels appear in your users' apps, such as Outlook, SharePoint, and OneDrive. When tags are
applied to email or docs (automatically or by the user), the content is retained based on your chosen
settings. For example, you can create labels that maintain range for a particular time or delete content
when it reaches a certain age.

How to create retention labels

1. Click on ‘classification’ then retention labels. It will prompt MS365 compliance, information
governance.
2. Click on create label ‘+’

Figure 8 create label ‘+’

3. Name your retention label

Figure 9 Name

4. Define retention settings

Figure 10 Define retention settings

5. Review and finish. Click on create label

Figure 11 Review

6. After creation, publish labels so users can apply them to their content.
7. Click on publish labels

Figure 12 publish labels

8. Choose retention labels to publish, give users or groups, setting, name and click finish.

Data loss prevention policy:

Use data loss prevention (DLP) policies to help identify and protect your organization's sensitive info. For example, you can set up guidelines to help make sure information in email and docs isn't shared with the wrong people.

How to create data loss prevention policy:

1. Click on ‘Data loss Prevention’ then ‘policy’. It will prompt MS365 compliance, data loss prevention.
2. Click on ‘Create policy’

Figure 13 Create policy

3. Choose an industry regulation to see the DLP policy templates you can use to protect that info or create a custom policy start from scratch.

Figure 14 Choose an industry regulation

4. Choose locations to apply the policy

Figure 15 Location

5. Decide if you want to use the default settings from the template you selected to quickly set up a policy or configure custom rules to refine your approach further.

Figure 16 Define policy settings

6. Test or turn on the policy

Figure 17 Test or turn on the policy

7. Review your policy and create it

Figure 18 Review your policy