CollabDays Belgium 2022 - How to secure and manage your data while collaborating with Microsoft Teams
•Télécharger en tant que PPTX, PDF•
0 j'aime•162 vues
Collaboration is a crucial part of our daily work lives. Microsoft Teams made collaboration easier and the sky is the limit. In between all the applause and cheers, customers are starting to ask an important question: How can we secure and manage our data? Jasper Oosterveld, Microsoft MVP & Modern Workplace Consultant, is going to answer this question. You can expect real world advise around sensitivity & retention labels, DLP and managing external access.
Recommandé
Recommandé
Contenu connexe
Similaire à CollabDays Belgium 2022 - How to secure and manage your data while collaborating with Microsoft Teams
Similaire à CollabDays Belgium 2022 - How to secure and manage your data while collaborating with Microsoft Teams (20)
Plus de Jasper Oosterveld
Plus de Jasper Oosterveld (20)
Dernier
Dernier (20)
CollabDays Belgium 2022 - How to secure and manage your data while collaborating with Microsoft Teams
- 1. How to secure & manage your data while collaborating, internally & externally, with Microsoft Teams Jasper Oosterveld | @jappie1981 CollabDays Belgium 2022 by BIWUG #CollabDaysBE
- 2. Platinum Gold Silver Community Thanks to our sponsors! Organized by SharePint
- 6. InSpark The power of Microsoft Teams Welcome to Microsoft Teams Chat Meetings Calling Collaboration Apps & workflow
- 7. InSpark Business value of Microsoft Teams Welcome to Microsoft Teams Integration Productivity Safe & secure
- 8. InSpark But! Welcome to Microsoft Teams
- 9. InSpark Our customer also worry about Teams Welcome to Microsoft Teams Explosion Managing Adoption External access Being compliant
- 10. InSpark This is where you step in! Welcome to Microsoft Teams
- 12. InSpark Define these two strategies Governance and adoption & change management Governance Adoption & change management
- 13. InSpark • Steering committee • Roles & responsibilities • Collaboration requirements with Microsoft Teams • Policies & settings • SharePoint & OneDrive • Processes & procedures • Security & Compliance Governance strategy Governance and adoption & change management
- 14. InSpark • Vision & goals • Advantages organization & employees • Risks & challenges • Success criteria • Personas • Business & user scenarios • Change & project communication • Training & Education • Support • Challenge the organization • Planning Adoption & change management Governance and adoption & change management
- 15. InSpark guest access in MS Teams Working with
- 16. InSpark Someone who doesn’t have a Microsoft 365 account from your organization. What is a guest? Working with guest access in Microsoft Teams
- 17. InSpark Who disabled guest access? Working with guest access in Microsoft Teams
- 18. InSpark Risks with Microsoft Teams Working with guest access in Microsoft Teams Access standard channels Data leak
- 19. InSpark Solution for standard channels Working with guest access in Microsoft Teams Shared channels
- 20. InSpark Take one step back! Working with guest access in Microsoft Teams Define your policy
- 21. InSpark Managing these risks Working with guest access in Microsoft Teams MFA Labels & content DLP Labels & Teams Conditional access
- 22. InSpark Managing guests Working with guest access in Microsoft Teams Settings • Block or allow specific domains. • Expiration per 30 days. • Verification code per 1 day. • Idle session sign-out. Guest review • Azure Access Reviews (Azure AD P2) • 3rd party solution (for example ShareGate). • Manually
- 24. InSpark Not compliant? Staying compliant with Microsoft Teams Fines Reputational damage Bankruptcy
- 25. InSpark • OLVG receives fine of 440,000 euros for unlawful access to sensitive information. • Personal data of 65,000 civil servants on the street due to data leak at the ministry. • Over 100,000 resumes illegally downloaded at Employee Insurance Agency. Real world examples Staying compliant with Microsoft Teams
- 26. InSpark 1. Do you know where your business’s critical and sensitive data resides and what is being done with it? 2. Do you have control of this data as it travels inside and outside of your organization? 3. Do you know what regulations are applicable to your type of industry? Three important questions Staying compliant with Microsoft Teams
- 27. InSpark Microsoft 365 Purview Staying compliant with Microsoft Teams Information Protection Data Loss Prevention Data Lifecycle Management
- 28. InSpark Step 1: Information Classification Policy Staying compliant with Microsoft Teams • Company data specifically prepared and approved for public use. • Company data intended for general use within the organization. • Company data specific to internal employees or specific individuals or organizations. Public Internal Confidential
- 29. InSpark Step 2: Information Protection Policy Staying compliant with Microsoft Teams Company data is specifically prepared and approved for public use. • Accessible to all employees (internal) or authorized individuals (external). • No security. Company data is intended for general use within and outside the organization (business partners). • Accessible to all employees. • Data is protected. Internal Public Company data is intended for internal employees or specific individuals or organizations. • Accessible for all employees (internal) or authorized persons (external). • Data is protected. Confidential
- 30. InSpark Who defined these policies? Staying compliant with Microsoft Teams
- 32. InSpark Scope Working with sensitivity labels Sensitive information M365 Groups Purview Data Map
- 33. InSpark Importance of labels & sensitive information Working with sensitivity labels Encryption Location independent
- 34. InSpark Importance of labels & Microsoft Teams Working with sensitivity labels Conditional access Privacy setting Guest access External sharing
- 35. InSpark Applying sensitivity labels Working with sensitivity labels Manually Automatic
- 36. InSpark “Pattern-based classifiers for sensitive content.” Sensitive Information Types Working with sensitivity labels
- 37. InSpark Who is using sensitivity labels? Working with sensitivity labels
- 38. InSpark Scenario: Manual & auto labeling Working with sensitivity labels • Megan Bowen works as a marketing specialist for Contoso. • She works on the development of the PlayStation 6 (codename: Project Raven). • She wants to manually and automatically classify & protect the content related to the project.
- 39. InSpark • Sensitivity label for file & e-mail. • Custom Sensitive Information Type (SIT) for PlayStation 6 with auto labeling. • Auto classification connected to the Project Raven document library. Solution summary Working with sensitivity labels
- 40. InSpark • AIP unified labeling client is in maintenance mode. • Microsoft advice moving towards the built-in labeling within Office. • Review the current options & limitations (see resources slide). Important information about labels! Working with sensitivity labels
- 41. InSpark Scenario: Limited external sharing Working with sensitivity labels 1. Alex works as PM on the development of the PlayStation 6 (codename: Project Raven). 2. Alex wants a private & secure collaboration space with Microsoft Teams. 3. It’s not allowed to add guests. 4. External sharing is only allowed with approved accounts.
- 42. InSpark • Sensitivity label for M365 Groups. • Attach to project sites. Solution summary Working with sensitivity labels
- 44. InSpark Data Loss Prevention Working with Data Loss Prevention Identify Monitor Protect
- 45. InSpark The importance of DLP Working with Data Loss Prevention Conscious sharing unconscious sharing
- 46. InSpark • Create a policy based on existing regulations (GDPR) or customize your own. • Select the location (M365, OnPrem, Devices, OS & non-MS cloud apps). • Define your policy settings (conditions & actions). • Test & deploy. High-level overview Working with Data Loss Prevention
- 47. InSpark Who is using DLP? Working with Data Loss Prevention
- 48. InSpark Scenario: Prevent sharing sensitive information Working with Data Loss Prevention • Megan Bowen wants to prevent the sharing of Project Raven information in other teams.
- 49. InSpark • Data Loss Prevention Policy for all Microsoft 365 services. • Connect with Project Raven Sensitive Information Type. Solution summary Working with Data Loss Prevention
- 51. InSpark • Retain the content for a specified period (days, months & years). OR • Retain & automatically delete content after a specified period (days, months & years). OR • Automatically delete content after a specified period (days, months & years). OR • Retain content forever. Data lifecycle management Working with Data Lifecycle Management
- 52. InSpark Importance of Data Lifecycle Management Working with Data Lifecycle Management Govern lifecycle Regulatory requirements
- 53. InSpark Applying Data lifecycle management Working with Data Lifecycle Management Policy Labels Record Management
- 54. InSpark Who is using Data Lifecycle Management? Working with Data Lifecycle Management
- 55. InSpark Scenario: Preserve all project content Working with Data Lifecycle Management • Alex wants to preserve all content from Project Raven for an indefinite amount of time.
- 56. InSpark • Retention Policy for the Project Raven team. • Retention Label for all Microsoft 365 services. Solution summary Working with Data Lifecycle Management
- 57. InSpark to wrap up and DRINK! It is time
- 58. InSpark My advice Wrap it up! Define policies Pilot Governance Adoption & change management Licensing
- 59. InSpark Contact details Wrap it up! @jappie1981 in/jasperoosterveld
- 60. https://collabdays.be Please rate this session and have a chance to win an awesome prize #CollabDaysBE
- 61. #CollabDaysBE