In this book, you will learn how to manage the principles of security, compliance, identity, management, and privacy within a Microsoft 365 environment.

By the end of this guide, you will understand how to securely implement and manage hybrid identity and advanced security features to protect your users and devices. You will also have learned how to deploy compliance features for information protection and governance, to ensure that business and regulatory requirements for your organization are being fulfilled.

Azure Active Directory (Azure AD) was renamed by Microsoft in July 2023 as Microsoft Entra ID. This book references the Microsoft Entra portal frequently, but still refers to Azure AD in many places. Please note that only the name has changed; so, wherever you see Azure AD mentioned, this is in fact referring to Microsoft Entra ID. For more information, please refer to https://learn.microsoft.com/en-gb/azure/active-directory/fundamentals/new-name.

This book is designed to help IT professionals, administrators, or anyone looking to pursue a career in security administration to enhance their skills in utilizing the Microsoft 365 security features. Readers of this book will ideally already be well versed in the basic implementation and administration principles of Microsoft 365 and Azure Active Directory. This book will help them learn how to apply modern security, compliance, and identity principles to Microsoft 365 hybrid environments in line with best practices, while providing a user environment that is accessible and easy to use.

Chapter 1, Planning for Hybrid Identity, teaches you how to plan your hybrid environment with Azure AD Connect and introduces you to additional authentication security methods.

Chapter 2, Authentication and Security, covers the implementation of Azure AD dynamic groups, Azure AD self-service password reset (SSPR), multi-factor authentication (MFA), and managing external identities.

Chapter 3, Implementing Conditional Access Policies, explains the principles of Azure AD Conditional Access, how it integrates with Microsoft Intune, and how Conditional Access may be used with device- and app-based policies.

Chapter 4, Managing Roles and Identity Governance, shows you how, with the help of Privileged Identity Management (PIM), you can reduce your permanently assigned admin roles and implement eligibility with just-in-time access. You will also learn about entitlement management and access reviews.

Chapter 5, Azure AD Identity Protection, introduces the principles of identity protection, how to configure user- and sign-in-based risk policies, and how to manage and respond to alerts.

Chapter 6, Configuring a Microsoft Defender for Identity Solution, explains how to set up and manage a Defender for Identity instance and install sensors on servers.

Chapter 7, Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune, helps you to understand how to reduce your attack surface by configuring policies for Microsoft Defender Application Guard, Application Control, Exploit Guard, and Secure Boot. In addition, you will learn how BitLocker device encryption can protect Windows devices.

Chapter 8, Configuring Microsoft Defender for Office 365, covers how to protect users and domains with anti-phishing and anti-spam protection, and the application of safe attachments and safe links policies. It also covers running simulated attacks and running reports.

Chapter 9, Using Microsoft Sentinel to Monitor Microsoft 365 Security, shows you how to configure and use Microsoft Sentinel to respond to threats with playbooks.

Chapter 10, Configuring Microsoft Defender for Cloud Apps, demonstrates how to track your SaaS application usage, configure file and activity policies, integrate with Conditional Access, and navigate dashboards and logs.

Chapter 11, Managing Sensitive Information, explains how to create sensitive information types; how to plan, set up, and implement sensitivity labels and policies; and how to use content explorer and Activity explorer.

Chapter 12, Managing Microsoft Purview Data Loss Prevention, covers the planning and creation of DLP policies and how to review DLP alerts.

Chapter 13, Managing Microsoft Purview Data Lifecycle Management, teaches you how to understand retention requirements for your organization, how to configure retention labels and retention policies, how to find and recover deleted data, and how to use adaptive scopes.

Chapter 14, Managing and Analyzing Audit Logs and Reports in Microsoft Purview, teaches you how to plan for auditing and reporting, as well as understanding how to use the audit logs and alert policies and configure audit log retention.

Chapter 15, Planning For, Conducting, and Managing eDiscovery Cases, shows you how to identify and understand the different versions of eDiscovery, the roles needed to run cases, and how to manage cases.

Chapter 16, Managing Regulatory and Privacy Requirements, explains how to manage regulatory compliance in Microsoft Purview, as well as implementing privacy risk management and subject rights requests.

Chapter 17, Managing Insider Risk Solutions in Microsoft 365, teaches you the principles of privileged access management, Customer Lockbox, Insider risk management policies, and Communication Compliance policies. It also goes over Information Barriers segments and policies.

To get the most out of this book

To get the most out of this book, it is highly recommended to create a test or practice Microsoft 365 environment, where you can follow along and recreate the steps that are covered in each chapter. Unfortunately, trial licenses for Microsoft 365 E5 are not available. The best option for working along with this book is to sign up for an Office 365 E5 trial at https://www.microsoft.com/en-gb/microsoft-365/business/office-365-enterprise-e5-business-software?activetab=pivot:overviewtab and an EM+S E5 trial at https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing. These trial subscriptions will allow you to recreate most of the steps covered in the chapters contained in this book. Should you wish to test the process of establishing a hybrid identity, it is recommended that you acquire a trial Azure subscription, which will allow you to create a Windows virtual server that you may use to install Azure AD Connect and synchronize to your test Microsoft 365 tenant.

This book also has some sample PowerShell commands that can be used instead of the Microsoft 365 admin centers. Therefore, it is recommended to have a Windows 10/11 device available to you where you can run PowerShell and practice some of the commands included in the chapters.

A Windows 10/11 device will also be useful for the purposes of testing how to set up Microsoft 365 test profiles to fully test and deploy features such as Microsoft Intune, Azure AD Conditional Access, MFA, Information Protection, and many more of the features described in the book. A mobile device, such as an iOS or Android device, will also be useful for testing Microsoft Intune in particular.

If you are using the digital version of this book, we advise you to type the code yourself or access the code from the book’s GitHub repository (a link is available in the next section). Doing so will help you avoid any potential errors related to the copying and pasting of code.

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “The Start-ADSyncSyncCycle -PolicyType Initial command will initiate a full synchronization.”

Any command-line input or output is written as follows:

New-RetentionPolicyTag -Name "Personal-2-year-move-to-archive" -Type All -AgeLimitForRetention 730 -RetentionActionMoveToArchive

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in bold. Here is an example: “Click Save to complete the setup of your retention tag.”

Tips or important notes

Appear like this.

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, email us at customercare@packtpub.com and mention the book title in the subject of your message.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Once you’ve read Microsoft 365 Security, Compliance, and Identity Administration, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.

Thanks for purchasing this book!

Do you like to read on the go but are unable to carry your print books everywhere?

Is your eBook purchase not compatible with the device of your choice?

Don’t worry, now with every Packt book you get a DRM-free PDF version of that book at no cost.

Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.

The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily

Follow these simple steps to get the benefits:

1. Scan the QR code or visit the link below

https://packt.link/free-ebook/978-1-80461-192-0

2. Submit your proof of purchase
3. That’s it! We’ll send your free PDF and other benefits to your email directly