Clouds in Reach

Microsoft 365 Retention Facts In this age of GDPR it is essential to create a policy for data retention.  In fact I would advise creating this policy as one of the first jobs to do before migrating data to Microsoft 365.  It's important that you have a consistent approach to data wherever you store it. One of the principles of GDPR is storage limitation.  Which is in essence not keeping data for longer than you require it for the purposes that is was intended and lawfully agreed to be used.  For more about GDPR take a look at the ICOs website: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/ I've been asked a number of times now at the Microsoft 365 User Group www.m365ug.com and by colleagues about what data retention.  Specifically a question that pops up a few times is how retention works with deletion policies, what takes precedence? It's a good question but rest assured Microsoft h

Microsoft Threat Protection Is Microsoft Threat Protection (MTP) just another dashboard of many in Microsoft 365 or is it a viable unified security product? At Ignite 2018 Microsoft announced Microsoft Threat Protection.  A product that unites many of the existing and new security products available with the Microsoft 365 E5 license.  There have also been many changes to the Microsoft 365 security tool-set including Microsoft Defender ATP replacing Windows Defender ATP.  These changes and improvements are coming thick and fast and although Microsoft would say they aren't a security company (they obviously do lots of other business in Software and Cloud), I'd argue they are now one of the biggest companies that deal with enterprise security. MTP pulls data signals from all the other security solutions in Microsoft 365.  Providing an overlay of insights into the existing security products, effectively giving you one dashboard to begin reviewing your environment.  It co

Microsoft 365 User Group Join us for the inaugural meeting of the new Microsoft 365 (M365) User Group in Leeds! Hosted by Matt Fooks and Microsoft MVPs Chris Rhodes & Andrew Bettany, this exciting new group is hosting its first meetup. We are pleased to offer the technical community in Leeds the opportunity to turn up and find out more about the technologies in and around M365. Our first meeting kicks off with an introduction to Microsoft 365 through the presentation “ What is Microsoft 365? ”. We’ll also talk about GDPR and M365 with the presentation “ Tackling GDPR with Microsoft 365 and Office 365 ”. With the GDPR deadline fast approaching, this session highlights how both Microsoft 365 and Office 365, allows businesses to take a holistic approach to user, device and data security. In this tech talk, Andrew Bettany, Microsoft MVP, will discuss how you can demonstrate GDPR compliance whilst bringing value and security to your business and customers. Andrew will

Office 365 PowerShell Basics Part 1 Knowing PowerShell is essential for any Office 365 Administrator or consultant.  There are a lot of commands as there are many services and products in Office 365.  Below I'll list a few of the basics to get you started.  This article does assume a level of basic familiarity with PowerShell. I'm a good believer in balance and when you can do something in the GUI it's often quicker than PowerShell however there are two reasons why you have to learn PowerShell to be effective. Some commands are only available in PowerShell If you end up repeating steps in the GUI for multiple users, groups or sites for instance this can be hugely time consuming and in-practical as its prone to error.  Running a PowerShell script is essential for these actions.  Who wants to manually edit 500 users through the GUI, not me! Logging in $cred = Get-Credential (Enter credentials for O365, this sets the viable for those credentials) Impo

Microsoft Cloud App Security and Cloud App Security CAS is a great security tool that can help identify shadow IT and protect your environments against nefarious behaviours. Effectively there are two versions.  Which can confuse people somewhat.  The two versions are: Microsoft Cloud App Security - Is the full MCAS solution (available with E5) Cloud App Security - CAS or Office 365 CAS is a cut down version of MCAS (Available with E3) The main different in my opinion is that with Office 365 CAS you can't automatically upload logs from syslog servers.  Therefore to gain insights into what your users are doing you will need to upload snapshots from your firewalls, web filters and other third party devices manually.  The following link from Microsoft goes through the full differences between the two product versions: https://docs.microsoft.com/en-us/cloud-app-security/editions-cloud-app-security-o365

Clearing up the confusion of Information Protection? I had a colleague ask me what the difference is between Azure Information Protection and the Information Protection that comes with Office 365 and the new Microsoft 365?  I know the changes in RMS, AIP and M365 IP can be a bit confusing and it's a bit more than Microsoft's marketing team coming up with the latest Mad Men style buzzwords.  I realised it was a good question and one which I'll hope to address. Putting it simply Azure Information Protection is a data protection product in Azure that allows classification, labelling and protection (CLP) of documents and data in Office 365 and on-premise repositories.  You can also apply encryption to encrypt your data.  AIP also gives you greater controls over protection.  It will protect on-premise SharePoint 2013/2016 servers, Exchange and Windows (CIFS) File servers by use of the Azure Information Protection Scanner.  The scanner can be set to run periodically (nightly)