Tag - compliance

How to use DLP to automatically file HIPAA incident reports in Microsoft 365

I have previously written about Data Loss Prevention (DLP) on this site, and today I am going to demonstrate another important use of this technology in helping to meet certain compliance requirements for HIPAA.* You can also apply this process to other sensitive information types, where incident reports are recommended,...
Read more...

12 Steps you can take to up your Office 365 Security & Compliance game

I don't mean to oversimplify things here. This is not a comprehensive guide or anything like that. Every organization has different goals and business objectives, and depending on your industry, etc., you could have very different compliance regulations or whatever, that you need to consider. My goal is just to...
Read more...

How to configure journaling, and the undeliverable reports mailbox, in Exchange Online

In Office 365 Exchange Online, it is possible to setup journal rules. When you turn on journaling, a copy of email messages that you specify will be written to another (third-party) location. It is not supported to write the journal into another mailbox hosted at Office 365, however, there are...
Read more...

Security Reports and Identity Protection features available in Azure AD, Azure AD Premium P1 and P2

Azure AD Premium P1 is included with Enterprise Mobility and Security (EMS) E3. I have been experimenting with numerous aspects of this subscription, since security is such a high priority these days, especially for the SMB (small businesses are statistically far more more likely to be targeted than large enterprises). As...
Read more...

Configuring Data Loss Prevention (DLP): An example automatically encrypting GLBA content via Email

If you have a subscription such as Microsoft 365 Business or Office 365 E3, then you can configure Data Loss Prevention (DLP) policies, which are great tools for helping your organization meet compliance standards. I especially recommend it for businesses in the financial or medical industries, due...
Read more...

Reading the fine print for Data Loss Prevention (DLP) in Office 365

After implementing DLP policies in your organization, you might consider testing it out. Let's say you implemented Microsoft's DLP policy for identifying U.S. Social Security Numbers, which are a nine-digit string of numbers, often formatted XXX-XX-XXXX (sometimes with dashes, sometimes without).  You decide to draft an email containing such a...
Read more...

What is the difference between an Archive, a Journal and Litigation Hold?

As I've been helping organizations navigate the complexities of Exchange Online and compliance, this question has come up a few times. "What is the difference between an archive and a journal?" I also hear, "What is the difference between a journal and litigation hold?" And finally "What is the difference...
Read more...

How to Encrypt your Hyper-V Host Server using the GUI

Full disk encryption is becoming more important in the SMB.  I recommend this for every Windows 10 Pro PC, and also for your Windows Servers. Small businesses often have a single physical Hyper-V host server, maybe two. And these are usually located in a network closet or mechanical room, in...
Read more...

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.