We’re moving!

After 4 glorious years of Technet blogging, I am moving.  The TN blog system is changing, and I’m striking out on my own. My blog is all growed up. You can go see any of your favorite posts at the new site: https://www.undocumented-features.com They’re all there, like my beautiful kids going out into the world….


Creating Scoped DLP rules with Custom Sensitive Information Types

A few weeks ago, I put out a series of posts on creating and using custom sensitive information types (https://blogs.technet.microsoft.com/undocumentedfeatures/tag/sensitive-information-types/).  The blog, posts, however, focus on using the DLP configuration options available in the Security & Compliance Center. Rules created via the DLP wizard in the Security & Compliance Center have the benefit of being…


Looky, looky! Custom sensitive information types with even more customitivity!

So, of course, as soon as I finish up posting a few entries (here and here), we go and release a new UI to help you get it done on your own! You can do most of the effort of creating a data classification here, although if you want to use any of our built…


Update to the AAD Connect Advanced Permissions Tool

Woo! A day of updates!  I’ve made  a few updates to this tool, so hopefully you’ll find them useful: 2018-08-12: A reader noticed that the UpdateAdminSDHolder switch didn’t work ask expected when specifying the ExchangeHybridWriteBack OU without the ExchangeHybridWriteBackOUs parameter.  I have found and updated that!  Thanks, Mark! 2018-06-03: A large customer asked if I…


Searching for Sensitive Information Types

Over the course of your Office 365 administration duties, you may be called to locate data matching particular data patterns (such as matching a particular regular expression or a Sensitive Information Type), either for eDiscovery or data classification purposes.  The good news is you can actually do that.  In this post, we’re going to walk…


Sensitive Information Types–now with more sensitivity!

UPDATE: The Technet Gallery link for this post has been updated. So, this is an entry that has been long in the making.  I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form…