Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Microsoft

Manage insider risk in Microsoft 365

Microsoft via Microsoft Learn

Overview

  • Module 1: Insider risk management in Microsoft 365 helps organizations address internal risks, such as IP theft, fraud, and sabotage. Learn about insider risk management and how Microsoft technologies can help you detect, investigate, and take action on risky activities in your organization.
  • Upon completion of this module, you should be able to:

    • Explain how insider risk management in Microsoft 365 can help prevent, detect, and contain internal risks in an organization.
    • Describe the types of built-in, pre-defined policy templates.
    • List the prerequisites that need to be met before creating insider risk policies.
    • Explain the types of actions you can take on an insider risk management case.
  • Module 2: Communication compliance in Microsoft 365 is a solution that helps organizations address code-of-conduct policy violations in company communications, while also assisting organizations in regulated industries meet specific supervisory compliance requirements. Communication Compliance uses machine learning to intelligently detect violations across different communication channels such as Microsoft Teams, Exchange Online, or Yammer messages.
  • Upon completion of this module, you should be able to:

    • List the enhancements in communication compliance over Office 365 Supervision policies, which it will replace.
    • Explain how to identify and remediate code-of-conduct policy violations.
    • List the prerequisites that need to be met before creating communication compliance policies.
    • Describe the types of built-in, pre-defined policy templates.
  • Module 3: Information barriers enable administrators to define policies to allow or prevent communications between groups of users in Microsoft Teams chats and channels. When information barrier policies are in place, people who should not communicate with other specific users won't be able to find, select, chat, or call those users. With information barriers, checks are in place to prevent unauthorized communication.
  • Upon completion of this module, you should be able to:

    • Describe how information barrier policies can help your organization maintain compliance with relevant industry standards and regulations, and avoid potential conflicts of interest.
    • List the types of situations when information barriers would be applicable.
    • Explain the process of creating an information barrier policy.
    • Explain how to troubleshoot unexpected issues after information barriers are in place.
  • Module 4: Privileged access management allows granular access control over privileged admin tasks in Office 365. Privileged access management requires users to request just-in-time access to complete elevated and privileged tasks through a highly scoped and time-bound approval workflow. This configuration gives users just-enough-access to perform the task at hand without risking exposure of sensitive data or critical configuration settings.
  • Upon completion of this module, you should be able to:

    • Explain the difference between privileged access management and privileged identity management.
    • Describe the privileged access management process flow.
    • Describe how to configure and enable privileged access management.
  • Module 5: Customer Lockbox supports requests to access data in Exchange Online, SharePoint Online, and OneDrive when Microsoft engineers need to access customer content to determine root cause and fix an issue. Customer Lockbox requires the engineer to request access from the customer as a final step in the approval workflow. This gives organizations the option to approve or deny these requests and provide direct-access control to the customer.
  • Upon completion of this module, you should be able to:

    • Describe the Customer Lockbox workflow.
    • Explain how to approve or deny a Customer Lockbox request.
    • Explain how you can audit actions performed by Microsoft engineers when access requests are approved.

Syllabus

  • Module 1: Manage insider risk in Microsoft 365
    • Insider risk management overview
    • Introduction to managing insider risk policies
    • Create and manage insider risk policies
    • Knowledge check
    • Investigate insider risk alerts
    • Take action on insider risk alerts through cases
    • Summary and knowledge check
  • Module 2: Prepare communication compliance in Microsoft 365
    • Introduction to communication compliance
    • Identify and resolve communication compliance workflow
    • Introduction to communication compliance policies
    • Knowledge check
    • Case study--Configure an offensive language policy
    • Investigate and remediate communication compliance alerts
    • Summary and knowledge check
  • Module 3: Plan information barriers
    • Introduction to planning information barriers
    • Plan information barriers
    • Sample scenario on information barriers
    • Summary and knowledge check
  • Module 4: Implement privileged access management
    • Introduction to privileged access management
    • Case study--Implementing privileged access management
    • Summary and knowledge check
  • Module 5: Manage Customer Lockbox
    • Introduction to Customer Lockbox
    • Manage Customer Lockbox requests
    • Summary and knowledge check

Reviews

Start your review of Manage insider risk in Microsoft 365

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.