Retention policy, DLP, Groups and Auditing in Office 365

Here I am recycling one of my old post that I had written. Recently as there is lot of emphasis on Retention policy, DLP, Groups in Office 365, though it would be good to recycle this. That being said this could have some legacy information that may not apply now.    

  1. What is retention policy and how do implement and customize the policy to the users?

Retention policy and retention tags are part of Messaging records management (MRM) helps organizations to manage email lifecycle and reduce legal risks associated with e-mail and other communications. MRM makes it easier to keep messages needed to comply with company policy, government regulations, or legal needs, and to remove content that has no legal or business value.

 

Retention Tags and Retention Policies

https://technet.microsoft.com/en-us/library/dd297955(v=exchg.150).aspx

 

Create a Retention Policy

https://technet.microsoft.com/en-us/library/jj150573(v=exchg.150).aspx

 

Apply a Retention Policy to Mailboxes

https://technet.microsoft.com/en-us/library/dd298052(v=exchg.150).aspx

 

 

 2.Legal and how do I get permanently deleted items from the legal hold

Litigation hold, also known as legal hold, allows organizations to preserve electronically stored information. When a user's mailbox is put on litigation hold, the user can delete items from their mailbox but the items are retained on the servers in the Microsoft Exchange datacenter. Litigation hold retains e-mail messages, calendar items, tasks, and other mailbox items. Litigation hold also protects the original version of each mailbox item from modification by the user. If a user changes the properties of items in a mailbox on litigation hold, a copy of the item before it was changed is retained.

            Put a Mailbox on Litigation Hold

https://help.outlook.com/en-us/140/ms.exch.ecp.editlitigationhold.aspx

 

 3.How many days it will keep the items in recover deleted items

By default mails are kept in Recover deleted items for 14 days. Please find my blog post below for more detailed info

 

Single Item Recovery in O365

https://blogs.technet.com/b/praveenkumar/archive/2012/10/16/single-item-recovery-in-exchange-online.aspx

 

 

 4.What is data loss prevention and how do we implement

This is new in new version of O365. It keeps your organization safe from users mistakenly sending sensitive company information to unauthorized people. The new Exchange DLP features identify, monitor, and protect sensitive data through deep content analysis. Exchange offers built-in DLP policies based on regulatory standards such as PII, HIPAA, and PCI, and is extensible to support other policies important to your business. Additionally, the new Policy Tips in Outlook inform you about policy violations before sensitive data is sent.

 

Data Loss Prevention

https://technet.microsoft.com/en-us/library/jj150527(v=exchg.150).aspx

 

5.What is auditing and tell me how to do that

Use audit logging to troubleshoot configuration issues by tracking specific changes made by administrators and to help you meet regulatory, compliance, and litigation requirements. Microsoft Exchange provides two types of audit logging:

  • Administrator audit logging records any action, based on a Windows PowerShell cmdlet, performed by an administrator. This can help you troubleshoot configuration issues or identify the cause of security- or compliance-related problems.
  • Mailbox audit logging records whenever a mailbox is accessed by someone other than the person who owns the mailbox. This can help you determine who has accessed a mailbox and what they have done

Use Auditing Reports in Exchange Online

https://help.outlook.com/en-us/140/ff628722.aspx

 

 

6.How do we create and manage distribution groups and contacts in office 365 in hybrid environment

Consider the scope of the dynamic distribution group before the hybrid deployment and before the mailboxes were moved to Exchange Online. If the scope included only mailboxes, the scope must be expanded to include mail users and mail contacts. To do this, follow these steps:

  1. On an on-premises Exchange server, start the Exchange Management Console (EMC).
  2. In the console tree, navigate to Recipient Configuration. Beneath that, navigate to Distribution Group.
  3. In the results pane, click the dynamic distribution group that you want to configure.
  4. In the Action pane, click Properties.
  5. On the Filter tab, select The following specific types, and then click to select the Users with Exchange mailboxes and the Users with external e-mail addresses check boxes.
  6. Click Apply. Then, click OK.

                            To create a contact in Exchange Online to represent the dynamic distribution group, follow these steps:

  1. Sign in to Outlook Web App on the Office 365 tenant by using a service administrator account.
  2. Click Options, and then click See all options.
  3. Click Manage Myself, and then click Manage Organization.
  4. Click Users and Groups, and then click External Contacts.
  5. Click New, and then type the contact details.
  6. In the External e-mail address box, type the mail address of the Dynamic Distribution group that was created on the on-premises Exchange server.
  7. Click Save.

Exchange Online users can now select the dynamic distribution group from the global address list (GAL). When they do, messages will be delivered to the members of the group as defined by the settings for the group.

 

7.Configure Dynamic Distribution Groups in a Hybrid Deployment

https://technet.microsoft.com/en-us/library/jj150422(v=exchg.141).aspx