colabora nov 2015 - ofice 365 compliance and exchange archiving
TRANSCRIPT
v. Peter Schmidt, Solution Architect, EG A/S
Office 365 Compliance & Exchange Archiving
© EG A/S 2
Peter SchmidtSolution Architect, EG A/S
Expertise:Office 365, Exchange, Skype for Business, Microsoft Azure, ADFS, PKI
Microsoft MVP: Exchange, MCM: Exchange MCSE: Messaging, MCSA: Office 365MCSE: Server Infrastructure, MCSE: Public Cloud
Contact me:E-mail: [email protected]: www.msdigest.netTwitter: @petschPhone: +45 7260 2775/+45 2080 9436
Introduktion
© EG A/S 3
Agenda
Office 365 Compliance Exchange Online Archive
Office 365 Compliance
OUR INFORMATION PROTECTION PORTFOLIO… A C R O SS A P P L I C AT I O N , D E V I C E S , I N T E G R AT E D S E R V I C E S
COMPLIANCE
AAD MULTI-FACTOR AUTHENTICATION
DATA LOSS PREVENTION
ANTI SPAM, ANTI VIRUS
ADVANCED THREAT PROTECTION
MDM/MAM WITH INTUNE
ENCRYPTION—RMS, OME
SECURITY
REGULATORY COMPLIANCE STANDARDS
EDISCOVERY & ANALYTICS
ARCHIVING & RETENTION
AUDITING
Add single large picture in background to represent
security
HOW CAN I PROTECT MY DATA?
1. Email, Outlook, OWA
2. SharePoint, OneDrive for Business
3. Office 2016, Word, Excel, PowerPoint
DATA LOSS PREVENTION IN OFFICE 365Greatly enhanced security capabilities while retaining rich Office Productivity experienceIdentify, monitor, protect sensitive information as they move in the organizationEducate and empower your users while they work on sensitive content
Protect and Educate
Policy Tips to educate end users
Policy Tips in OWA, Outlook, SharePoint and OneDrive and Office Clients (Word, Powerpoint, Excel)
Malicious users are audited and good users are protected
Auditing and Reporting of all DLP activity
Identity and Monitor
Policies govern to flow sensitive data
Index sensitive content as it arrives in the service
Contextual classification based on Windows FCI system or 3rd party system
Select DLP policies from a template Create or extend custom policies to integrate with incident management or alerting systems
O365 DLP Features
POLICY TIPS IN SHAREPOINT AND ONEDRIVE
POLICY TIPS IN OFFICE CLIENTS
DATA LOSS PREVENTION IN COMPLIANCE CENTER
MANAGE DLP POLICIES ACROSS O365 WORKLOADSOne policy definition independent of workloadOne policy lifecycleOne set of sensitive type definitionsNew DLP Policy from templateImport DLP Policy
OFFICE 365 ARCHIVING
IN-PLACE RETENTIONNo need to maintain a separate duplicate storeUNIFIED POLICIESUnified policy across Exchange, SharePoint, and Skype for BusinessEXTENSIBLEArchive data from third-party stores and more formats
Integrated tools to help you import, store, preserve and expire data
One retention policy for Exchange, SharePoint, OneDrive for Business, Skype for Business, and Public Folders
Preserve for X years, delete once X years are upPRESERVATIONDL/BCC information preserved—no need for journal based archiving
Preservation Lock restricts changes to archiving policies and prevents such policies from being turned off or removed
DELETE POLICIESAt item or folder level for email and a site level for SharePoint and OneDrive
UNIFIED POLICIES
SUPERVISORY REVIEWDefine employee communications to be reviewed by internal or external auditors
EQUIVIO ANALYTICS
CLUSTERING TECHNOLOGYThemes to identify data relationships
PREDICTIVE CODINGTrains the system to identify relevant documents
NEAR DUPLICATESReduce the data which is sent to review
Applies machine learning to enable users to explore large, unstructured sets of data and quickly find what is relevant.
EMAIL THREADINGReconstruct email threads from unstructured data
AuditingNew Audit pipeline to capture all O365 activity
Correlation and search across content that is person and content centric
Search, Stream and Export using the new O365 Management Activity API.
Extend
O365 Management API
Single API
Consistent Schema
150+ events and growing including Exchange, SharePoint, OneDrive, Azure AD and O365 Datacenter Admin
100+ partners and growing
Capture and Store
Consistent logging and Compliant Storage
Compliance Center experience
Consistent and Complete logging
90 days of events by default, can be extended for as long as you need.
Immutability and freshness
O365 Auditing Features
THE COST OF NON-COMPLIANCEA financial institution was fined $9 million for failing to produce customer emails in arbitration proceedings.
The Wall Street Journal. “LPL Fined $9 Million for Email ‘Failures.’” 2013.
eDiscovery &Compliance Center
Scalable, complete, built in search
Search and Refine with Compliance Search
One search for all data types
Analyze using ZoomWelcome to the Equivio team!
Export to Review and Legal Partners
eDiscovery FeaturesAnalyze
Equivio enabled insights
Download results of a search from SharePoint, OneDrive, Exchange, and file shares whether on premises or in Office 365.
EDRM XML supported formats
Can export to legal or review partners
Export the smallest amount of data
Themes to understand what you’re looking for
Pivots and grouping to enable complex and powerful searches
Predictive coding to cull large amounts of data
O635 + Equivio in Preview
ExportQuery and Hold
Search and Preserve
Unlimited, Concurrent searchesProximity search, rich query syntax, hit highlighting, infix and suffix wildcards
Granular Search Permissions Hold mailboxes, sites and queries with no impact to end users
Indexing is immediate and full fidelity with built in search
No need to worry about what Office 365 products your users are using, audit data will be made available to you from a centralized location.
IMMUTABLE AUDITING STORAGE90 day retention for all Office 365 Enterprise SKUs
COMPLIANCE CENTER One click configuration to search all your audit data
POWERSHELL CMDLETSProvides a more powerful search option
CENTRALIZED
O365 Compliance…your peace of mind
Office 365SP/OneDrive
Skype for Business
Exchange
And more…
Compliance Center
SPO/OneDrive
EXO
Archiving eDiscovery DLP AuditingDevice Protectionand more…
Social, IM (FB, Twitter, etc.
Third Party Archives
And more…
Partner Ecosystem (APIs, Experiences)
AlertingIngestion Review Auditing and more…
YammerSkype
SERVICE TRUST PORTAL
Designed to provide deeper information on how Microsoft manages security, compliance and privacy
Resources to help you evaluate how Office 365 maintains compliance with your regulatory requirements and how you can mitigate the risks with moving to Office 365
Office 365 company administrators can delegate access via https://trustportal.office.com
DEMOCompliance Center
Compliance CenterOne experience across all
workloads (EXO, SPO, Skype for Business, etc.)
Consistent Governance(Preservation, Delete,
Device Protection, DLP)
Insights and Alerts for Security and Compliance
Exchange Archiving
Personal Archive - Email
Click icon to add picture
The personal archive is simply an overflow container.
What is archiving?• Long-term storage of records or information• Provision for retention controls • Not necessarily the same as additional storage• Specific meaning in some legal / organizational contexts
Simplify email discovery and retention mgmt.
No time spent managing mailbox quota
Eliminate lost or corrupted .PST files
Access to all email from most clients
Benefits of large mailbox with archiving
Store and Retain
Store and AccessPreserve what you need, Delete what you don’t
Inactive and Active data with immutability built into the servicePreserve for Exchange, SharePoint/One Drive and LyncDelete for Exchange and LyncEnd user Access with Outlook, OWA, OneDrive, SharePoint and Lync
O365 Archives grow with your data (1 TB SPO/OD, unlimited EXO)Public Folder PreservationDocument Deletion in SharePoint
Compliance for Modern Groups, Yammer on its way.
Ingest
Ingest into Office 365
Network Ingestion for emailDrive Shipping for your Email!
3rd Party data Ingestion in Preview • Social – Twitter, FB etc.• IM Yahoo, Bloomberg, etc.• Rehydration from archives
Drives for documents coming soon.
O365 Archiving Features
Today: Data storageExchange In-Place Archive
Outlook OWA
Retain folder hierarchy
Primary
Immutable
Deletions
Inbox
Purges
Versions
DiscoveryHolds
Deleted Items
…
Archive
Immutable
Deletions
“Inbox”
Purges
Versions
DiscoveryHolds
…
User A
… …
Cloud Connect On-premises can still have compliance features in the cloudCloud based Compliance Center, Auditing, Analyze with Equivio, DLP and more…
Pure On-Premises
…and not just for data in the cloud.
What is Exchange Online Archiving?• Additional archive mailbox hosted in Office 365 EXO• Appears to user as additional mailbox with unique folder
structure and content• Assuming a supported client, that is
• Virtually no difference in how on-premises archive works vs. cloud archive• Manage, move, and apply retention policies just like with “real” mailboxes
• Identical, seamless user experience
Speaking of hybrid…• Archives grow without requiring on-prem storage• Potential large cost savings• You are outsourcing the preservation of what may be
important information• Microsoft probably puts more resources behind it than you can• Be aware of whether EOA meets your legal / compliance requirements for archiving
(as opposed to “storage”)• Requires good connectivity• Behaves almost identically to on-prem archives• Recycle your existing retention policies and tags
ProvisioningIt’s a multi-step process
UserMailbox
Enable‘remote’Archive
DirSync
CreateExchangeArchive
DirSyncActivate
UserArchive
What you can do with Exchange Online Archiving
Archives in OutlookAdded as a ‘secondary’ mailbox through Autodiscover.
Initial Autodiscover performed against the on-premises Exchange environmentBased on Autodiscover results, second Autodiscover request to Exchange Online for connection info.No different from on-premises archive
Archives in OWASimilar process as in OutlookExchange performs the AutoD requestArchive appears as peer of “real” mailbox
Archives in other clientsMac Outlook (“Office 365” edition): supportedMac Outlook 2011: not supportedOutlook for iOS / Android: not supportedOutlook for Windows Phone: not supportedUniversal Outlook: ?IMAP: not supported
How things get into the archive
Basic archiving strategies1. Users put things in the archives themselves2. You use retention policies/tags to archive things3. You use bulk import to move PSTs, etc. into archives
User self-archiving
Low admin overheadHigh flexibilityCan complement with bulk import
Very unlikely to happenNot all users are selective about what they archiveDifficult to monitor compliance with your policies
Pro Con
Retention policies / tags
Automates much of the processHelps users do the right thingHigh flexibility
More admin workloadRequires care and caution when designing policies and tagsClient support limited
Pro Con
Retention tagsRetention tags combine a (configurable) retention age and a specific (pre-defined) action.
Can be applied to both folders and individual items
What happens when an item is tagged?
Item (folder/message/calendar entry) gets a few new MAPI properties
PR_ARCHIVE_DATEPR_ARCHIVE_PERIODPR_ARCHIVE_TAG
Retention PoliciesCombine one or more retention tags in a policy which can be applied to individual mailboxes:
Get-RetentionPolicy “name” | Select –ExpandProperty RetentionPolicyTagLinks | ft Name -Auto
Managed Folder Assistant (MFA)Mailbox Assistant which processes items in a mailbox
Throttle-based (work-cycle)Default work-cycle is 1 dayConfigurable
Stamps items with retention settings Takes policy action on items that pass retention period
© EG A/S 50
SpørgsmålPeter SchmidtMail: [email protected]. 7260 2775