Month: October 2022

This is the final video in the series on building an EDM solution using Microsoft Purview. In this video, we will set up the Sensitive Info Definition that uses EDM. I will cover creating the SIT using XML, and cover the key decisions/items that go into your policy design.

L I N K S
MSFT Doc
https://learn.microsoft.com/en-us/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package?view=o365-worldwide#create-a-rule-package-manually

Git Hub Design
https://github.com/dougsbaker/Public-Toolbox/blob/main/o365Tools/Compliance/ExactDataMatch/DLP-Test-SIT.XML
https://github.com/dougsbaker/Public-Toolbox/blob/main/o365Tools/Compliance/ExactDataMatch/EDM-SIT-Setup.ps1

C H A P T E R S
00:00 Intro
00:41 Create an EDM SIT Rule Pack using XML
14:59 Upload Rule Pack
17:06 Test EDM SIT / Diagnosing Issues
20:45 Adding EDM SIT to Data Loss Prevention Policy
22:55 EDM Primary Match Issue testing
28:22 Wrap Up

I am back with another M365 Security Basic, this one isn’t a setting but a change in methodology. Separating your Standard user account and Admin account, and mastering your cloud admin accounts in M365.

Let me know in the comments if you separate your accounts and if you use cloud-only admins.

C H A P T E R S
00:00 Video Intro
00:58 Separate Admin Accounts
05:17 Cloud Only Admin Accounts
06:53 Wrap UP

L I N K S
Audit Cloud Synced Admins
https://github.com/dougsbaker/Public-Toolbox/blob/main/o365Tools/AzureAD/Audit-AdminSync.ps1

Alex Weinart – Protecting Microsoft 365 from on-premises attacks
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/protecting-microsoft-365-from-on-premises-attacks/ba-p/1751754

Best practices for Azure AD roles
https://learn.microsoft.com/en-us/azure/active-directory/roles/best-practices#8-use-cloud-native-accounts-for-azure-ad-roles

Enterprise Access Model
https://learn.microsoft.com/en-us/security/compass/privileged-access-access-model