Office 365 keeps on changing, which makes it very hard to keep up with detail. The big stuff gets covered in articles but small changes might be overlooked. In this post, Tony looks at some of the changes that happened in the last week or so that you might have missed, including Teams, Planner, OneDrive, Yammer, and Exchange. And preparation for GDPR…
GDPR is coming and Office 365 tenants need to be prepared to deal with topics like data spillage and the right to be forgotten. It’s easy to see how to remove someone’s PII from Exchange mailboxes and SharePoint Online, but you might have a bigger challenge dealing with offline data in PSTs and OneDrive-synchronized folders. More to ponder…
Microsoft has a new Information Protection guide to help Office 365 tenants prepare for GDPR. The guide is incomplete because it focuses on SharePoint Online and OneDrive for Business, but it contains some good information that will help companies figure out what they need to do to prepare for the May 25, 2018 deadline. Expect more guides of this type to appear in the future.
In this Ask the Admin, Russell Smith looks at how Microsoft’s new service can help organizations meet compliance requirements.
Azure Conditional Access policies can be used with Azure Information Protection (AIP) to secure protected documents against unauthorized access. If you have already decided to use AIP as part of your Office 365 data protection strategy, adding a conditional access policy is a quick way to frustrate people who try to access documents when they shouldn’t.
Microsoft’s Compliance Manager is intended to help cloud tenants cope with regulations like ISO 27001 and GDPR. The Compliance Manager has a nice dashboard, but it is passive and offers very weak options in terms of organizing the work needed to achieve compliance. But Office 365 has Planner and Teams, and it is easy to create the necessary collaboration structure to allow people to work on GDPR controls.
Microsoft released Compliance Manager Preview, after initially announcing the new service during Ignite 2017 in late September. It is, for now at least, a free service for existing Office 365 customers, that aims to provide a management interface for organization’s compliance management activities.
A new premium Azure Active Directory feature allows you to force group owners to certify that external members should have continued access. Given that Office 365 Groups and Microsoft Teams now both support guest users, it is wise to check on who can access what from time to time. Whether you will want to pay extra for such a feature is quite another matter!
The European Union will introduce the General Data Protection Regulations (GDPR) in May 2018. The intention is to deliver better protection for personal data, which is laudable. Like with many regulations, the problems arise in implementation. Office 365 holds a lot of personal data, so Office 365 tenants must cope with GDPR.
The Office 365 Admin Center experienced a problem on August 3 when it began to include data from other tenants in its usage reports. It seems like the problem arose in a flawed code change and Microsoft fixed the issue quickly. What’s worrying is what data leaks like this mean in the context of regulations like the EU GDPR.