Browsed by
Category: Data Governance

App protection and a disabled Account

App protection and a disabled Account

Today I realised I totally forgot to add this setting to my App protection baseline. This setting was released some months ago. You can configure this conditional launch setting within the app protection policy. You have got 2 options: Block access: When Intune has confirmed the user has been disabled in Azure Active Directory, the app blocks access to work or school data. Wipe data: When Intune has confirmed the user has been disabled in Azure Active Directory, the app…

Read More Read More

The sum of all App protection policies

The sum of all App protection policies

Obviously, there is a need to use mobile devices to access company data. These devices and apps need to be secured. There are many articles written about when to use MDM and when to use MAM or combining them. This blog will be about troubleshooting App protection policies. This week we were enrolling new surfaces and mobile devices into Microsoft 365. It can be a struggle when you don’t have a greenfield tenant and you need to make sure the…

Read More Read More

Sensitivity Labels DLP’s Excellent Adventure

Sensitivity Labels DLP’s Excellent Adventure

In this blog, I’ll be talking about using DLP in combination with sensitivity labels and device protection. A perfect addition to labeling your data with sensitivity labels. Labeling your data may already be the best option you have to protect your data but adding an additional barrier by making sure data can’t be moved is even more excellent! Yeah! Microsoft 365 E5/A5 compliance license or the information protection and governance add-on is the “only” big requirement you need to start…

Read More Read More

What Happened to Monitoring External Access to Your Data?

What Happened to Monitoring External Access to Your Data?

Some time ago I wrote a blog about securing your data in which I described that this is only the first step in making sure your data is safe.   For example, whilst working with Teams, did you think about the “shadow users”? These users are not members of your Teams / Microsoft 365 groups but can still somehow access your data.  It’s very easy for an employee to share the whole Teams general folder within the Sharepoint site without you noticing. An employee just has to click on “share” to begin sharing it…

Read More Read More