A whole bunch of Microsoft Document references and links
December 8, 2022Document download
Word documents with all Microsoft hyperlinks for convenience.
Azure AD Privileged Identity Management
Azure Information Protection Logging
Detect viewing of documents centrally
Track Protected Documents
Azure AD Reports
Azure AD Audit Events
Review AAD Logons for Anomalies
Review Signs-ins from multiple geographies
Review Sign-ins after multiple failures
Review Sign-Ins from unknown sources
Tenant Admins MFA Enabled
Strong Passwords
Azure AD Password
Process to roll passwords
Machine generate application passwords
Password Age Meets Policy for Cloud Accounts
Store secrets in a Key Vault
Multi-factor authentication Office 365
Users MFA Enabled
Phone Factor
Mobile App
Text Message Second Factor
Multi-factor authentication Azure AD
Conditional Access
Conditional Access Mobile Devices
Review self-service password reset alt phone and email changes
Deploying Password Management and training users to use it
Password Age Policy < 60 Days
Revoke Access to protected documents
Bring your own key
Azure Information Protection
Azure Information Protection Departmental Templates
Expire documents after # days
Azure Information Protection Supported Clients
Use dedicated Administrative accounts
Disable Identities that are not active
Review that Identities created are approved
Reset Password
Disable Account
Intune conditional Access Policy
Review Sign ins from possibly infected devices
Intune
10 immutable laws of security
Windows Information Protection (WIP)
Intune – Mobile Threat Defense partners
Remote Wipe
DLP in Office 2016 applications
Policy Tip
Office Encryption
Separate Exchange Administrators
Exchange Online Privileged Accounts
Administrator role group changes
Exchange Online Privileged Administrator changes
Detect non-owner mailbox access
Detect changes to eDiscovery and legal hold
Review configuration changes in organization
Exchange Online Protection Privileged Admin Changes
Exchange Online Protection Administrator Audit Log
Review mailbox access by datacenter administrators
Exchange Auditing
List mailboxes under hold
Exchange Online Protection Auditing Reports
Exchange Mailbox Activities (Audit Log Search)
Conditional Access Exchange
Data Loss Prevention Exchange
DLP Procedures
DLP Policy Templates
Keyword matching
Regular expression matching
Structured data fingerprinting
Policy Tip
Report attempted Policy Violations
DLP Matches by Severity for Mail
Attachment handling Outlook on the web
Attachment handling Exchange ActiveSync
Exchange Retention
Retention Tags and Policies
Exchange TLS encryption
Partner Connector
S/MIME Message Signing and Encryption
Office 365 Message Encryption
Delete Mailbox when disable account
Data spillage Exchange
User Education
Detonation Chamber
Safe Links
Rich reporting and URL trace capabilities
Exchange Online Protection Configuration Best Practices
Zero-hour Auto Purge (ZAP)
Advanced spam filtering options
Malware & SPAM Detections
Remove Potential Phishing messages
Top senders and recipients
ATP Protection
End User Spam Notification
Setup SPF Record
SPF Record: Hard Fail
Conditional Sender ID filtering
DKIM
DMARC
Message Trace
PowerShell cmdlets for Phishing and Anti Spam
PST Ingestion
Preserve E-mail
Preservation Lock
Placing All Mailboxes under hold
Query Based hold
Journaling
Single Item Recovery
Recoverable Items
Restore Deleted Mailboxes
Inspect Mailbox Permissions
Disable E-mail client protocols
Restrict forwarding
Review forwarding being setup
Disable Remote PowerShell
Exchange
Exchange External Sharing
Exchange Address Book Policies
Mail-enabled security groups
Exchange Information Protection Integration
Separation of Duties
Customer Lockbox
Review Delegated Partner Administrators
Office 365 User administration activities
Office 365 Group administration activities
Application administration activities
Office 365 Role administration activities
Directory administration activities
Office 365 Cloud App Security (formerly Advanced Security Management)
Office 365 Activity API
Office 365 Management Audit Log
Microsoft Operators
Applications
Search for eDiscovery activities
Token Life time
Plan for File Classification
Azure Information Protection Classification
Search from a Single Unified Portal
Compliance Search
Search on Keywords
Deduplication of results
Export Data for review
Supervisory Review
Advanced eDiscovery
Near-Duplicate Detection
Thread Analysis
Relevance
Themed
Time vs. Accuracy
External Data Sources
Service Encryption with Customer Key
Encryption of Data in Transit
Minimize Tenant Admins
More than one Tenant Admin Designated
Inactivate Office 365 sessions
Data spillage
Data Spillage E-mail compliance search
Keep the contact details in the Office 365 Portal up to date
Log Incident with partner or Microsoft
Configuration checklist
Express Route
IP,URL Filtering
Anti Spam/Phishing/Anti Malware (ATP)
Non Microsoft System Data
Performance Monitoring
Advanced Threat Analytics
Azure AD Connect Health
Password
Client Access Policies
Multi-Factor
Smart Card Authentication
Conditional Access
Filter Traffic to ADFS servers
Limit access to VPN/Direct Access/Local Networks
Review Modification of permissions
Site administration activities
SharePoint Search queries Log
Synchronization Activities
Sharing and access request activities
File and folder activities
SharePoint (Activity Report)
Conditional Access SharePoint
Data Loss Prevention SharePoint
Site classification feature
SharePoint Retention Policies
Site Closure Policy
Data spillage SharePoint Compliance Search
SharePoint Recycle Bin
Inactivate Office 365 sessions
Place Content on in-place Hold
File Server Ingestion
Use Records Center
SharePoint Versioning
OneDrive for Business Deletion
SharePoint Recycle Bin
Manage User Access SharePoint
Inspect SharePoint Permissions
SharePoint External Users
SharePoint Permission Strategy
Hide Users in the People Picker
SharePoint External Sharing
Monitor External Sharing invitations
SharePoint Guest Links
Restrict External Sharing Invites to the E-mail address sent to
Restrict OneDrive for Business synchronization to trusted domains
SharePoint Information Protection Integration
Separate Skype for Business Administrators
Archive Meeting content and Lync conversations
For compliance, turn off non-archived features
Restrict Skype for Business communication with external parties