All posts tagged Compliance

Microsoft 365 Information Protection – Site Sensitivity Label Alerts

In my previous post, I discussed configuring site sensitivity using Microsoft 365 MIP (Microsoft Information Protection) labels.  In this follow-up, I’ll discuss site sensitivity label alerts, what is there automatically and what you need to configure.

Read more

Microsoft 365 Information Protection – Apply Sensitivity Labels to Sites, Groups, and Teams

Previously I provided instructions on how to create a sensitivity label scoped to your sites and groups.  In this short post, I’ll demonstrate how one apply sensitivity labels to sites, Groups, and Teams in Microsoft 365.  I’ll present the before and after effects that applying the sensitivity label has on your sites.  I’ll also show you how site sensitivity labels can help ensure content that isn’t supposed to be within the site is flagged automatically for you.

Read more

Information and Records Management in M365 – Creating a Disposition Review Compliance Role

I recently blogged a recommendation to create a new role within the Microsoft 365 Compliance Center to ensure users that must be able to review content that is up for disposition actually have the necessary access to do so.  I call the role Disposition Review, but it obviously can be named whatever makes sense in your own organization.  This role is necessary as even a global admin does not have the necessary access to view disposition rules by default.  Disposition reviews are considered a specialized role similar to content reviewers, which also needs specialized access within the tenant (but that’s a post for another day).  This post will cover creating a disposition review compliance role in the Microsoft 365 Compliance Center

Disclaimer: Microsoft is making changes all the time to the Microsoft 365 interface.  Any screenshots displayed in this post are current at the last edit of the post.

Read more

Microsoft 365 Records Management – Moving Beyond the Created Date

Over the last few weeks, I have had the privilege to speak to several conferences and user groups about a topic that has become quite a passion of mine within Microsoft 365.  Records management is increasingly becoming important to many organizations. They realize their content is being maintained for longer than it should be, or in some cases, removed before it should be.  Microsoft 365 has made huge strides to help organizations control this through its various compliance controls.  In my session, I discuss both the basics and some advanced concepts of M365 records retention.  As promised to my session attendees, here is the slide deck from my presentation.


Thanks for reading and attending my sessions!

SharePoint Conference North America – Information And Records Management Advanced Concepts

For the first time, I have the honour to be speaking at SharePoint Conference North America which is to be held in Las Vegas from May 19-21, 2020.  If you want to take in the workshops the conference is actually taking place from May 17 – 22.  The conference is going to be providing a ton of very handy content from recognized experts in their fields as well as experts and even some creators from Microsoft.  Considering this conference is in May and I live in the coldest part of Canada (which is saying something), hitting Las Vegas then is going to be a real treat (hopefully I don’t melt).

If you take a look at the site you’ll be able to quickly access all you need to know about the conference.  As I mentioned above, the speakers are all carefully selected as experts in their fields (I somehow slipped through the cracks 😉 ).  There will be many MVPs and Microsoft employees speaking.  In fact, the only conference I have been to that may have more is Ignite.  But every speaker knows what they are doing and have a great deal of skill in getting the information across in the sessions.

Speaking of sessions, you should check out the line-up of presentations.  I think you would be hard-pressed to not find something of interest to you.  In fact, there are 60 different products that you can choose from at the conference covering 20 topics.  It’s not limited to working within just Microsoft products either.  Working with Android?  No problem. There are sessions for that.  Want to know how to control devices within your environment check out the Intune session.  What about Project Cortex?  I am sure you have heard about that by now.  It’s the new kid on the block and sounds very exciting to me as I see huge benefits to it for all of my clients.  There will be multiple sessions on Cortex at the conference as well.  But don’t take my word for it check out all the sessions at!/sessions.

Another important consideration for this conference is that Microsoft while not the organizer is a key supporter.  There are going to be announcements that you haven’t heard yet at the conference.  You’ll get to find out about new features before others.  I can’t tell you what to expect cause I don’t even know yet what they are going to announce.

For those who follow my posts on Twitter, LinkedIn and here on my blog you know that I cover a wide variety of topics.  SharePoint Conference also provides a variety of topics.  Because there is such a variety I thought I might provide a few suggestions for some topics to keep an eye out for.

Security and Compliance

  • An Introduction to Microsoft Enterprise Mobility + Security

    • This session is given by Antonio Maio a known expert in Cloud Security and especially in the Microsoft Cloud.  If you are just starting out or looking for tips to better secure your environment I strongly suggest you check out Antonio’s session.
  • Exploring Conditional access to content stored in Office 365
    • Paul Hunt will provide some great information around protecting your tenant and the important information within using Conditional Access which is a tool in Azure AD for controlling how users are able to access information.
  • Protecting your Teams work across Office 365
    • Do you have Microsoft Teams or looking to roll out Microsoft Teams into your tenant for your organization to use?  You may want to check out Joanne Klein’s session to ensure the information you are sharing within Teams is protected both from improper sharing and also from improper retention.


Modernizing Your Data Retention. Moving Beyond the Created Date

Finally, I would like to discuss the session I am going to be covering for the conference.  I have been working with clients on their information governance for a while now.  Many file plans and retention schedules these days are still based on old physical records as opposed to digital media.  While it is possible for organizations to migrate a physical record retention schedule into a tool like Microsoft 365 (and many have) many are not aware of some advanced features that can be utlized to properly implement your required retention schedules.  I have seen companies that believe they are limited to retention based solely on when a document was created or perhaps when it was last created.  While these are both very viable options for building a retention schedule in Microsoft 365 there is more that can be used to support the corporation’s file plan.

In my session, I’ll take you beyond the created or modified date and show you different techniques to implement your schedule as your organization requires.  Along the way, I’ll cover some more advanced techniques you can use to ensure your data is maintained or removed as required by your internal processes.   My hope is to show you the art of the possible when it comes to information governance in Microsoft 365, specifically how you can retain your data.