Office 365 Security and Compliance
What Is the Microsoft 365 Security & Compliance Center?
The Microsoft 365 Security and Compliance Center is a portal for monitoring and managing security and compliance across all Microsoft identities, data, devices, applications, and infrastructure. It centralizes security (e.g., threat protection, data protection), compliance, privacy, and risk management for IT administrators. In addition, it includes a robust set of tools to help administrators meet legal, regulatory, and internal requirements.
A Brief History of Office 365 Security and Compliance
Microsoft launched Office 365 Security and Compliance in 2017. On April 21, 2020, Microsoft changed the name Office 365 to Microsoft 365. With that change, Office 365 Security and Compliance became the Microsoft 365 Security and Compliance Center.
A key feature of the Microsoft 365 Security and Compliance Center is that it allows administrators to view and track data protection and compliance performance. The card section of Microsoft 365 Security and Compliance Center provides summaries of how the organization measures up in terms of compliance with global standards and requirements set by third-party regulators and industry experts, such as the International Organization for Standardization (ISO) and National Institute of Standards and Technology’s (NIST). The cards also provide guidance on how to improve security and compliance.
With the Microsoft 365 Security and Compliance Center, security administrators and security operations teams view “a single pane of glass” from which they can better manage and protect their organization by:
- Addressing issues
- Assessing security and compliance
- Configuring or reconfiguring devices, users, and applications
- Monitoring, adding, and removing users
- Providing a list of integrated solutions that can be tested and added to instances
- Receiving alerts for suspicious activity
- Reviewing summaries of how the organization is performing with regards to security and compliance
The Card Section of the Microsoft 365 Compliance Center
The Microsoft 365 Compliance Center presents a standard set of cards on the home page. Using the Add cards feature, the card section can be augmented with additional ones, such as cloud compliance status, data about users with shared files, or links to tools to explore data.
The Microsoft 365 Compliance Center card section is in an easy-to-navigate pane that provides quick access to cards, including the following:
- Active Alerts Card—to view a summary of the most active alerts with links to drill down into detailed information (e.g., severity, status, category)
- Microsoft Compliance Manager Card—to access the Compliance Manager solution, which:
- Calculates a risk-based score that shows progress toward completing steps to reduce risks related to data protection and regulatory standards
- Provides workflow capabilities and built-in control mapping to facilitate required remediation
- Simplifies compliance management
- Solution Catalog Card—to access collections of integrated solutions and tools to facilitate the management of end-to-end compliance scenarios (e.g., policies, alerts, reports)
How to Access the Compliance Center
One way for administrators to access the compliance center is through the Microsoft 365 Compliance Center portal.
Five Steps to Share Access to the Microsoft 365 Security and Compliance Center
To grant access to other users, go to the Microsoft 365 Security & Compliance Center and:
1. From the Microsoft 365 Security & Compliance Center, go to the Permissions tab.
2. Choose the role group from the list of role groups, and click the Edit icon.
3. In the role group’s properties page, under Members, click the Add Icon, and select the name of the user (or users) to add.
4. Once users have been selected to be added to the role group, click Add and then OK.
5. Click Save.
Managing Permissions in the Microsoft 365 Security and Compliance Center
The principle of least privilege should be used when managing permissions in the Microsoft 365 Security and Compliance Center (i.e., users should be granted only the minimum rights needed to carry out their job responsibilities). When onboarding, new users should be given the view-only role groups until they become familiar with the interface, at which point their permissions can be expanded to a standard role group.
Permissions, Roles, and Role Groups
Access privileges are established by managing permissions in the Microsoft 365 Security and Compliance Center. Permissions are granted with Role-Based Access Control (RBAC). By utilizing RBAC within the Microsoft 365 Security and Compliance Center, systems administrators assign users to roles and role groups, and then assign permissions within those roles.
- Permissions determine the level of access that users have to specific data.
- Roles are a collection of permissions.
- Role Groups are a collection of roles.
Common Microsoft 365 Security and Compliance Center Tasks
- Case Management—access eDiscovery cases
- Hold—place mailboxes on hold
- Manage alerts—monitor and configure alerts
- Review—view and analyze Microsoft 365 Security and Compliance Center data
- RMS decrypt—decryption of RMS-encrypted emails
- Search and purge—find and remove suspicious items (e.g., phishing emails, attachments with viruses)
Common Microsoft 365 Security and Compliance Center Role Groups
- Compliance data administrator—compliance officers and administrators who manage devices, data protection, and preservation
- Data investigator—performs searches on mailboxes, SharePoint Online sites, and OneDrive for Business locations
- Organization management—focuses on data management that establishes settings and permissions
- Records management—manages data retention
- Reviewer—oversees eDiscovery
- Security administrator—includes cross-service administrators, as well as external partner groups and Microsoft Support
- Security operator—manages security alerts, as well as views reports and settings of security features
- Service assurance—monitors compliance, privacy, and security of data
- Supervisory review— creates and manages the policies that define which communications are subject to review in an organization
How to Assign Permissions
To assign permissions in Microsoft 365 Security and Compliance Center, the user must be either a global administrator or a member of the organizational management group. Within the Admin Center, an area lists the description, assigned roles, and current memberships. Additions can be made by editing the list of current members and adding the new user.
The steps for how to assign permissions in Microsoft 365 Security and Compliance Center are:
1. Log in to the Microsoft 365 Security and Compliance Center.
2. Go to the Admin centers section and find Security & Compliance.
3. Click Permissions.
4. From the list of role groups, select one to Edit.
5. Find Members and Add the user/users.
6. Click OK to confirm the changes.
7. Save the changes.
To verify the updates, go to Permissions again. Select the role group to view its members and confirm that the new user/users are there.
Microsoft 365 Security and Compliance Capabilities
The Microsoft 365 Security and Compliance capabilities include a robust suite of tools to ensure the protection and integrity of systems and data. Three key areas of the Microsoft 365 Security and Compliance Center are:
1. Threat protection
2. Data protection
In the Microsoft 365 Security and Compliance Center, threat protection capabilities include email filtering to identify and neutralize malware and viruses as well as zero-day protection from unsafe attachments and malicious links. These and other security services are provided through Microsoft Defender Advanced Threat Protection (ATP) solutions.
- Microsoft Defender for Identity to detect and investigate advanced external attacks and insider threats across on-premise, cloud, and hybrid environments
- Microsoft Defender for Endpoint (formerly known as Windows Defender Advanced Threat Protection or Windows Defender ATP) to detect and protect against malicious activity on the endpoints with comprehensive monitoring tools that can detect any abnormalities and respond to potential attacks
Microsoft 365 Security and Compliance data protection capabilities help locate and organize sensitive information across all systems (i.e., cloud, on-premise, hybrid), applications, and endpoints to protect it and prevent data loss. These services include:
- Data classification to identify important information and add appropriate labels to control where data travels
- Data Loss Prevention (DLP) to protect sensitive information (e.g., financial data, credit card numbers, health records, social security numbers) by creating and managing DLP policies
- Microsoft Information Governance (MIG) to maintain compliance with data privacy regulations by managing information lifecycles with in-place management, automated policies, defensible disposal, and pre-built data connectors
Microsoft 365 Security and Compliance includes a robust suite of compliance capabilities, including:
- Ability to respond to data subject access requests by finding and exporting users’ data as required by the General Data Protection Regulation (GDPR)
- Access to a catalog with all the compliance and risk management solutions available through the Microsoft 365 Security and Compliance center
- Audit capabilities to review issues with support and compliance
- Communication compliance to minimize risks related to organizational communications, by identifying risky messages and examining possible policy violations
- Content search to locate emails in Exchange mailboxes, documents in SharePoint sites and OneDrive locations, and instant messaging conversations in Microsoft Teams and Skype for Business
- Data investigation to identify sensitive, malicious, or misplaced data across Microsoft 365 to prevent and address compliance issues
- Data loss protection to detect sensitive content and prevent accidental data loss
- eDiscovery capabilities to preserve, collect, analyze, and export content that is required for internal and external investigations
- Information governance to manage content, including importing, storing, and classifying critical data as well as storing and deleting data as needed
- Information protection to classify and protect sensitive content
- Insider risk management to detect risky activity and address it
- Records management to automate and simplify the retention schedule for regulatory, legal, and business-critical records
Get Centralized, Managed Services with Microsoft 365 Security and Compliance
Microsoft 365 Security and Compliance instantiates Microsoft’s commitment to helping users successfully and efficiently protect sensitive information and meet regulatory compliance requirements. Administrators and users have a centralized cloud solution that is automatically kept up to date with the latest releases and new solutions.
In addition, Microsoft 365 Security and Compliance provides access to complimentary, integrated solutions for customization and advanced services. It gives organizations the power of best-of-breed solutions without the headaches of managing them.
Egnyte has experts ready to answer your questions. For more than a decade, Egnyte has helped more than 16,000 customers with millions of customers worldwide.
Last Updated: 24th January, 2022