Prerequisites - Microsoft



Security and ComplianceDemo GuideA MOD Hero ModuleThis document is provided “as-is”. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.? 2016 Microsoft. All rights reserved.Contents TOC \o "1-3" \h \z \u Prerequisites PAGEREF _Toc460940557 \h 4Demo home page and login PAGEREF _Toc460940558 \h 4User Accounts PAGEREF _Toc460940559 \h 4First-time Post-Install Steps PAGEREF _Toc460940560 \h 4Pre-demo Setup Steps PAGEREF _Toc460940561 \h 4Security and Compliance PAGEREF _Toc460940562 \h 4Log on to the demo environment: PAGEREF _Toc460940563 \h 4Open an eDiscovery Set: PAGEREF _Toc460940564 \h 5Determine if Advanced Threat Protection is provisioned in your tenant: PAGEREF _Toc460940565 \h 5Prepare the demo starting page and secondary user session: PAGEREF _Toc460940566 \h 6Security and Compliance Demo Steps PAGEREF _Toc460940567 \h 6Compliance Center PAGEREF _Toc460940568 \h 6eDiscovery PAGEREF _Toc460940569 \h 7Data Loss Prevention PAGEREF _Toc460940570 \h 8Advanced Threat Protection (ATP) PAGEREF _Toc460940571 \h 10Reset Instructions PAGEREF _Toc460940572 \h 11Security and Compliance PAGEREF _Toc460940573 \h 11Post-Install Steps PAGEREF _Toc460940574 \h 11Security and Compliance PAGEREF _Toc460940575 \h 11PrerequisitesDemo home page and loginYou will need a Microsoft Office Demo (MOD) Office 365 tenant to complete this demo. You can obtain a demo environment at . User AccountsMegan Bowen (alias MeganB) is the typical account used in MOD Hero demo modules. If this MOD Hero module requires a different account for log in or if additional log in accounts are needed, the information is provided in the Pre-demo Setup Steps.Office 365 tenant: name:MeganB@<Tenant>.Password:Passwords for all users are located within the details section of your tenant on demos..First-time Post-Install StepsIf this is the first time you are using the demo environment, complete the REF _Ref399929624 \h \* MERGEFORMAT Post-Install Steps at the end of this document.Pre-demo Setup StepsSecurity and ComplianceThe following steps are required prior to each presentation of the demo:Log on to the demo environment:Start a new or InPrivate browser session and log into your Office 365 tenant as Megan Bowen (alias MeganB) using the credentials listed in the User Accounts section above.Open Outlook on the Web for Megan Bowen:From App Launcher, right-click Mail, and then click Open in new tab.Navigate to the Compliance Center:From App Launcher, right-click Admin, click Open in new tab and then navigate to the tab.Note: If you see a “Don’t lose access to your account!” message, you can either set up access options, or click Cancel to navigate immediately to the Admin page.In the left navigation, under Admin centers, click Security & Compliance.Duplicate the Compliance Center tab. You will return to this tab later.Open an eDiscovery Set:Note: A provisioned Northwind Hold set should exist if you completed the REF _Ref399929624 \h \* MERGEFORMAT Post-Install Steps. In either of the Compliance Center tabs, in the left navigation, click eDiscovery.Click the Go to the eDiscovery Center in SharePoint link.In the left navigation, click Northwind Traders.Under Identify and Hold, click Northwind Hold.To prepare for the demo, click Get Statistics, and wait for the search to complete (this may take a few minutes).Keep this tab open.Determine if Advanced Threat Protection is provisioned in your tenant:Switch to the portal. tab. If you closed it, duplicate the Northwind Hold tab, and from App Launcher, click Admin. In the left navigation, under Admin, click Exchange.In the left navigation, look for a link to advanced threats. Do not click the link at this time.If the advanced threats link exists, you may run the ATP section of the demo. If it is NOT visible in the left navigation, skip the ATP section in the demo script.Keep the current tab (Exchange admin center) open.Prepare the demo starting page and secondary user session:Return to the Compliance Center tab (it is labeled Home-Security and Compliance). This is the demo starting point. If you no longer have an existing Compliance Center tab open:Open a new tab.Navigate to the URL listed in the REF _Ref445727844 \h \* MERGEFORMAT User Accounts section. You should not need to log in again at this point.From App Launcher, click Admin.In the left navigation, under Admin Center, click Security and Compliance. If presented with a login window, use the credentials for Megan Bowen (alias MeganB).If you wish to show Information Rights Management (IRM) applied to an email attachment:Start another InPrivate browser session and log into your Office 365 tenant as Lidia Holloway (alias LidiaH) using these credentials:User name:LidiaH@<Tenant>.Password:Type Lidia’s passwordFrom App Launcher, click Mail.Minimize the Lidia Holloway browser session.Security and Compliance Demo StepsCompliance CenterSpeaker ScriptClick StepsCompliance Officer, Megan Bowen, knows that losing sensitive corporate information can spell disaster for Contoso.The Office 365 Compliance Center is the hub for all activities related to data loss prevention. Megan can define settings and policies that help keep the company’s information secure, whether in messages, attachments, SharePoint, or OneDrive.Among other activities, Megan can manage email archiving, set up audit reports and retention policies, and set permissions for Compliance Center users.In the Megan Bowen browser session, start in the Compliance Center. The tab is labeled Home-Security and ComplianceClick Archive under the Data management tab and wait for the page to load.In turn, click Retention, pausing briefly to show the UI in each section.eDiscoverySpeaker ScriptClick StepseDiscovery tools benefit from improved scaling and performance capabilities. At the request of the Legal Department, Megan created a search for content related to Northwind Traders. The search discovered about 70 items across user mailboxes and SharePoint. Megan can preview the results.From the preview, Megan could go directly to any document or email.If desired, Megan could now start an in-place hold for this content. All of the data will remain where it was created. Emails stay in Exchange, documents stay in SharePoint and OneDrive, and so on. Users can still update the content, but the hold preserves separate copies of all files and emails at that point in time.Any new content added after a site is on hold is discoverable, and likewise preserved if deleted.Navigate to the Northwind Hold tab.Click Preview Results.Click the Exchange and SharePoint tabs to show the previews.Close the Preview Results window.In the In-Place Hold section, point to the Enable In-Place Hold radio button, but do not change the selection.Data Loss PreventionSpeaker ScriptClick StepsData loss prevention, or DLP, is a powerful security feature in Office 365. DLP initially protected email content in Exchange and Outlook. However, people collaborate and share sensitive information in ways other than email. For example, they might share sensitive Word documents or Excel spreadsheets in SharePoint or OneDrive for anizations can protect such data in several ways, including document fingerprinting and Information Rights Management policies.Document fingerprinting identifies and protects documents that contain specific and repeatable structures, such as tables or forms, that are used as templates.In this example, Contoso security managers want to protect patent information from distribution outside the company. The DLP policy detects files based on a patent submittal form. The policy flags any attempt to share a document based on the form, whether it is filled out or not.The policy rule blocks any user from sharing a patent form outside of the organization. The sender will see a Policy tip.If Megan removes the external recipient, the Policy tip disappears and she can now send the message to internal recipients.Navigate to the Mail – Megan Bowen tab.Above the message list, click New.In the To: field, type Lidia. Wait for the name Lidia Holloway to resolve, and then add the name.Add a recipient that is outside the Contoso organization, e.g. your own personal email or a fictitious name such as John@.In the Subject line, type Sharing a file.Click Attach.In the OneDrive – Contoso > Files list, select Contoso Patent App 150219a.docx and click Next.Click Attach as a copy.Point to the Policy tip.Click Show details.In the Policy tip, click Learn more.Point to the details in the Policy tip.Click outside the pop-up to close.Next to This recipient isn’t authorized to receive this type of information, click Remove recipient.Click Send. Information Rights Management warning for internal recipientsNote: These steps assume you completed step 2 under REF _Ref445886913 \h \* MERGEFORMAT Prepare the demo starting page and secondary user session: for Lidia Holloway.A second DLP policy rule applies Information Rights Management (IRM) to the content. The IRM message Megan just sent is now in Lidia’s inbox. Specifically, the IRM rule allows sending the email to internal recipients, but they cannot forward, copy, or print the content.Switch to the Lidia Holloway browser session and select the email Sharing a file (you may need to refresh the screen).Point to the Do Not Forward warning.Minimize the Lidia Holloway browser session and return to the Megan Bowen session.Advanced Threat Protection (ATP)Note: This section assumes the demo tenant has ATP provisioned and activated. You will show the UI for creating new ATP policies, but to save time, will not actually create any policies.Speaker ScriptClick StepsSafe AttachmentsUsing Advanced Threat Protection, or ATP, Contoso provides additional protection against specific types of advanced threats. For example, Megan can set up a safe attachments policy to prevent users in her organization from opening malicious attachments in email.She opens the page to create a new safe attachments policy.Megan has options to Monitor, Block, or Replace the malware, and to turn off the policy if desired.She can redirect emails containing malware to another email address.She can apply the policy to all recipients in a domain, to specific groups, or just to certain recipients.In the Megan Bowen browser session, switch to the Exchange admin center tab. The tab is named Welcome – Microsoft Exchange and you may not see the entire name. If you closed the tab:From App Launcher, click Admin.Under Admin, click Exchange.In the left navigation, click advanced threats.If not selected, in the upper navigation, click safe attachments.Click the Add (+) icon.In turn, pause on the Off, Monitor, Block, and Replace options to view the pop-up explanations at the far right.Point to the Enable redirect check box.Scroll down if needed to the Applied To section.Click the down-arrow next to Select one and point to the choices that appear.Click Cancel.Safe LinksSafe links policies prevent users from following malicious email links.Megan opens the page to create a new safe links policy.She can customize the policy settings to suit her organization’s needs. For example, she can enable or disable the policy, or turn click tracking on or off.If Megan wants to enable users to open a malicious website, she can enable that option.She can also create a “white list” of URLs that should not be redirected.As in the safe attachments policy, Megan can apply the policy to all recipients in a domain, to specific groups, or just to certain recipients.In the advanced threats section of the Exchange admin center, in the top navigation, click safe links.Click the Add (+) icon.Point to the radio buttons for turning the policy on or off.Point to the check boxes for Do not track user clicks and Do not allow users to click through to original URL.Point to the Do not rewrite the following URLs section.Scroll down if needed to the Applied To section.Click the down-arrow next to Select one and point to the choices that appear.Click Cancel.Reset InstructionsSecurity and ComplianceFollow these steps to reset the demo at the conclusion of each presentation:If you used a Lidia Holloway browser session to show IRM, go to that session and delete the Sharing a file email from Megan Bowen. Then sign out of Office 365 and close the browser.In the Megan Bowen browser session, sign out of Office 365 and close the browser.Post-Install StepsSecurity and ComplianceStart a browser session and log into your Office 365 tenant as Administrator:Office 365 tenant: name:Admin@<Tenant>.Password:Type the admin password.Navigate to the Compliance Center:From App Launcher, click Admin.In the left navigation, under Admin centers, click Security & Compliance.Set eDiscovery permissions:In the Compliance Center left navigation, click Permissions, and then in the Permissions list, click eDiscovery Manager.Click the edit (pencil) icon.Scroll down if needed, and under eDiscovery Administrator, click the + sign.From the display name list, click Megan Bowen, and then click add ->.Click OK.At the bottom of the eDiscovery Manager page, click Save.Provision an eDiscovery Set:In the left navigation under Search & Navigation section, click eDiscovery.Click Go to the eDiscovery Center in SharePoint link.In the left navigation, click Northwind Traders.Under Identify and Hold, click Northwind Hold.Next to Sources, click Add & Manage Sources.Add the mailboxes for Lidia Holloway, Christie Cline, and Isaiah Langer:In the first mailbox field, type Lidia Holloway and click the “check People” icon. Wait for the check mark to appear to the left of the field.In the remaining empty mailbox fields, repeat for Christie Cline and Isaiah Langer.Under Locations, in the text box, type and check the folder to confirm. Note: There is no space between Northwind and Traders.Click OK.Back in the Northwind Hold page, in the Filter section, type Northwind.Click Get Statistics. Wait for the search to complete.Click Preview Results.Click the Exchange and SharePoint tabs to confirm the results display. Close the Preview Results window.At the bottom of the page, click Save.Sign out of the Admin browser session and close the browser. ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download