18May
01Nov
Announcing the Microsoft 365 SMB Data Protection Toolkit
Update March 2023: This product has been updated significantly, and renamed too. It is now called The SMB Guide to Data Protection and Microsoft Purview in Microsoft 365 Business Premium Plans. It still contains the written guide as well as supporting materials such as scripts and templates to help you...
11Jun
Simple Sensitivity Label design for the SMB
In the recent updates to the CIS Controls (v8), one of the most noticeable changes was the re-prioritization of Data Protection (now Control #3, up from #13 previously). This control calls out a number of safeguards: inventory of sensitive data and data classification is among them. Sensitivity labels can help...
09Mar
There is no panacea, there is no silver bullet
I had a really interesting question come up during one of my recent online courses. One of the participants asked whether device management, and even MAM (application-based management) were necessary anymore, now that we have stuff like MIP and Sensitivity Labels. I was taken aback by this question and I...
18Aug
Behold: The Power of Sensitivity Labels
Even though some people are aware of the concepts of Data Classification and tools such as Microsoft 365 Sensitivity Labels, I do not think that many of us out there have yet grasped the full implications, or taken the long view, so to speak. Note: this is a longer read....
17Dec
The many ways to prevent data leakage in Microsoft 365
Office 365 Data Loss Prevention (DLP), Windows Information Protection (aka Endpoint DLP), Conditional Access App Enforced Restrictions, Conditional Access App Control with Microsoft Cloud App security, Sensitivity labels, Retention labels--are you thoroughly confused yet? All of the above can help you to prevent the leakage of sensitive data under certain...
27Aug
Protecting extra-sensitive accounts and data sets in Microsoft 365, Part 2: Apps and Data
Last time we looked at some additional identity-based protections that are possible via additional subscriptions like Enterprise Mobility + Security E5 (which contains Azure AD Premium P2). In this post, we'll work within the same framework, but shift our focus from identity, towards protections which can be applied to apps and...
15Aug
Teams, SharePoint and OneDrive best practices? Part 3: Data governance
In part 1 of this series, we discussed external sharing and chat. In part 2, we dealt with access controls and notifications. Now, we turn our focus to Data governance, a very important conversation indeed when it comes to compliance. And when it comes to compliance, every organization is going to...
08Aug
Teams, SharePoint and OneDrive best practices? More like considerations… Part 1: External sharing and communication
This article is part of a series. Also see Part 2, Part 3. Ever since I released the Office 365 Email Security Checklist, I have had a lot of people asking me for similar best practices checklists related to the "other" Office 365 services--especially Teams, SharePoint Online and OneDrive for Business. The...
25Apr