Author: Sophia Lisk
-
Summary-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Summary-Describe security, compliance, privacy, and trust in Microsoft 365Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…
-
Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365Arguably, the most difficult part of the risk management planning process is trying to anticipate all the possible threats that could afflict the company’s data in the future. The three basic risk factors for the data—confidentiality, integrity, and availability—can be exploited in any number of specific ways, but the general threat categories are listed in…
-
Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365The third element of the digital estate that must be considered when creating a risk management plan is the people who actually access the data. Whether deliberately or inadvertently, users are a constant vulnerability—if not an actual threat—to the organization’s data. After quantifying the organization’s information assets and their value and inventorying the hardware used…
-
Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Inventorying hardware-Describe security, compliance, privacy, and trust in Microsoft 365Once the data sensitivity and value have been assessed, the next step of the risk-management plan design process is to consider the technology used to store, access, transmit, and process that data. This includes the servers or cloud services where the data is stored when at rest, the client systems and devices used to access…
-
Identifying and valuing information assets-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Identifying and valuing information assets-Describe security, compliance, privacy, and trust in Microsoft 365Companies often generate vast amounts of data with varying levels of sensitivity. It is usually not practical for an organization to implement the ultimate level of security over its data, so it is necessary to classify the information according to its function and value. Therefore, the risk management process should begin with an inventory of…
-
Priva rights requests-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Priva rights requests-Describe security, compliance, privacy, and trust in Microsoft 365In recent years, there has been legislation passed in many countries providing citizens with the right to request that organizations disclose any personal information about them that they possess. These might seem like simple requests to the requestor, but for an organization that maintains a large data store, locating all of the requested information concerning…
-
Describe the capabilities and benefits of Microsoft Priva-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Describe the capabilities and benefits of Microsoft Priva-Describe security, compliance, privacy, and trust in Microsoft 365As mentioned frequently in this book, an organization’s data is its most valuable commodity, and keeping that data secure is one of the primary functions of Microsoft 365. That company data frequently includes confidential information, however, and it is the responsibility of the IT department not only to keep the data secure but also to…
-
Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Microsoft Advanced Threat Analytics-Describe security, compliance, privacy, and trust in Microsoft 365Advanced Threat Analytics (ATA) is an on-premises solution that uses information gathered from a wide variety of enterprise sources to anticipate, detect, and react to security threats and attacks. ATA receives log and event information from Windows systems and also captures network traffic generated by security-related protocols, such as Kerberos and NTLM. This traffic provides…
-
Microsoft Entra ID (Azure Active Directory Premium)-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Microsoft Entra ID (Azure Active Directory Premium)-Describe security, compliance, privacy, and trust in Microsoft 365Active Directory (AD) is a directory service that has been a part of the Windows Server product since the Windows 2000 Server release. A directory service is a database of objects, including users and computers, that provides authentication and authorization services for network resources. Authentication and authorization are essentially the front gates of information protection,…
-
Auditing-Describe security, compliance, privacy, and trust in Microsoft 365
Read More: Auditing-Describe security, compliance, privacy, and trust in Microsoft 365Microsoft Purview includes auditing capabilities that log operations for many Microsoft 365 applications and services. Administrators can search the audit log directly from the Microsoft Purview portal, providing detailed information that can be useful during security, compliance, and legal investigations. Microsoft Purview can provide two levels of audit logging, as follows: FIGURE 3-49 The Audit…
Search
Popular Posts
-
Summary-Describe security, compliance, privacy, and trust in Microsoft 365
Thought experiment In this thought experiment, demonstrate your skills and knowledge of the topics covered in this chapter. You can find the answers to this thought experiment in the next section. Ralph is the Director of the Brooklyn datacenter at Contoso Corp. The company currently has three office buildings in the New York area with…
-
Anticipating threats-Describe security, compliance, privacy, and trust in Microsoft 365
Arguably, the most difficult part of the risk management planning process is trying to anticipate all the possible threats that could afflict the company’s data in the future. The three basic risk factors for the data—confidentiality, integrity, and availability—can be exploited in any number of specific ways, but the general threat categories are listed in…
-
Classifying users-Describe security, compliance, privacy, and trust in Microsoft 365
The third element of the digital estate that must be considered when creating a risk management plan is the people who actually access the data. Whether deliberately or inadvertently, users are a constant vulnerability—if not an actual threat—to the organization’s data. After quantifying the organization’s information assets and their value and inventorying the hardware used…