An Introduction to Office 365 Security

We’ve often talked about security and compliance here on the ESW Associates blog. Because security is paramount, it’s only natural Microsoft has been investing in making it easier for organizations to achieve their compliance and security goals. Since most organizations have separate teams working in these two spaces, Microsoft has separated them as well.

These new specialized workspaces are the Microsoft 365 Security Center and the Microsoft 365 Compliance Center. They give your security and compliance teams centralized management across all Microsoft 365 services, including Office 365, Windows 10, Enterprise Mobility and Security, as well as several Azure features.

Both centers allow you to find actionable insights, alerts, and scores so you can better understand your security and compliance risks, as well as boasting an AI that strengthens both security and compliance.

Microsoft 365 Security Center

The new workspace has been designed around the concepts of Identity, Endpoints, User Data, Cloud App and Infrastructure rather than the underlying programs at work. This allows for end-to-end security insights and management, leading to a more comprehensive security solution.

This Security Center includes:

An at-a-glance view of the overall security health of your organization in its Home
Provides Alerts across your Microsoft 356 environment, including alerts from Microsoft Cloud App Security, Office 365 ATP, Azure AD, and Microsoft Defender ATP. Available to E3 and E5 customers.
Detailed information you need to improve user experience with
A secure score that improves your overall security. This page provides an all up summary of the different security features and capabilities you’ve enabled and includes recommendations for areas to improve.
Proactive search for malware, suspicious files, and activities in your Microsoft 365 organization through Hunt.
A Classification feature that allows for better protections from data loss through the addition of labels. Whether a label is applied by the user or automatically applied, the content is protected based on the chosen settings for said label.
Policies to manage devices, protect against threats, and receive alerts about various activities in your organization.
Control the access of users to Microsoft 365 security center to view content and perform tasks with Permissions (which you can also assign in the Azure AD Portal).
The Microsoft Secure Score, which is designed to give security admins visibility, controls, and guidance for maximum security improvements.

Microsoft 365 Compliance Center

For your compliance, privacy, and risk management concerns, you now have the Compliance Center. Assess risks through the Compliance Manager, use sensitivity and retention labels to protect and govern data, respond to regulatory requests, and other compliance measures are all now available in this hub.

This hub leads to several different sections such as:

Assess, which shows you at a glance how your organization is doing when it comes to data protection and compliance.
Protect contains cards that give you high-level information about labels, data loss prevention (DLP), third-party apps in use, shared files, shadow IT apps, and so on.
Respond will surface alerts and pending dispositions that you’ll want to review and potentially act upon. Cards like Active Alerts include links to pages where you can view more information on these alerts.
Easy Navigation to more compliance features in the Navigation Plane. This left-side plane gives you easy access to your alerts, policies, reports, compliance solutions, etc.

For more about the new Microsoft 365 security center and Microsoft 365 compliance center, take a look at Microsoft’s technical supporting document.

New features and improvements are being consistently rolled out, so keep an eye on the blog for updates. And if you’re in need of Microsoft Consulting Services, remember you can always contact us here at ESW Associates!