Microsoft 365 is a complex, comprehensive, ever-evolving, and expanding suite, or collection of products, covering broad aspects of cloud computing, work, communication, and collaboration. In summary, it is huge, and it is always changing. You know what they say about cloud and cloud-related products – the only constant thing is change! Microsoft 365 and its related products and features are not an exception to this rule or saying. We wanted to include in the book everything that has anything to do with security and compliance in Microsoft 365, and we were very enthusiastic, motivated, and thrilled. However, it was easier to say and wish than to make it happen. There was – and still is – simply too much to include, too many features, products, capabilities, and so many things to mention, introduce and explain.

We tried to focus our time and energy on addressing all changes, ultimately deciding to bring you the most valuable and useful security and governance knowledge from our day-to-day, real-life, hands-on working experience with Microsoft 365. Compromises were made in what to include and what to leave out of the book, and we hope it will help you to sharpen your skills and become a better Microsoft 365 security and governance administrator, specialist, or user.

This book is for security engineers, technical engineers, consultants, solution and cloud architects, systems administrators, security professionals, security analysts, IT professionals, system architects and SecOps teams working with Microsoft 365 security solutions, and Microsoft 365 security and compliance professionals, all looking to improve their security and compliance posture in Microsoft 365. Individuals, businesses, enterprises, and organizations of various sizes and industries face increasingly hostile cyber-threat environments and complex compliance landscapes.

Chapter 1, Getting Started with Microsoft 365 Security and Compliance, introduces what Microsoft 365 is, what it can do, and what it offers. You will also learn about plans, licensing, and how Microsoft 365 helps you comply with various regulations and standards.

Chapter 2, The Role of Microsoft Entra ID in Microsoft 365 Security, covers Microsoft Entra ID’s plans and features, roles and groups, and Entra ID protection.

Chapter 3, Microsoft Defender for Office 365, discusses Microsoft Defender for Office 365 and how it protects email and collaboration content.

Chapter 4, Microsoft Defender for Endpoint, presents vast endpoint protection capabilities, essential features, and configuration steps.

Chapter 5, Getting Started with Microsoft Purview, familiarizes you with Microsoft Purview configuration, data classification, data search, and Data Loss Prevention features.

Chapter 6, Microsoft Defender for Cloud Apps, presents cloud apps protection capabilities with Microsoft 365, configuration, Oauth apps and files management, governance, and policies in Defender for Cloud Apps.

Chapter 7, Microsoft Defender Vulnerability Management, explains vulnerability management features in Microsoft and what to do when an inventory has weaknesses, analyzes recommendations, and looks at how to remediate vulnerabilities.

Chapter 8, Microsoft Defender for Identity, introduces on-premises identity protection capabilities, and the configuration and management of Defender for Identity.

Chapter 9, Microsoft Purview Insider Risk Management, discusses insider risk management, information barriers, and communication compliance.

Chapter 10, Microsoft Purview Information Protection, explores information protection, labeling, classification capabilities, as well as configuration steps.

Chapter 11, Understanding the Lifecycle of Auditing and Records, explains auditing and records life cycle management in Microsoft 365, including data retention, archiving, e-discovery, and data holds.

To get started with the book, you should have access to a Microsoft 365 subscription and the products mentioned in the book. Any subscription will work, as long as you have access to the licensed products or features – a trial subscription or a commercial subscription.

You should have some basic, fundamental knowledge of Microsoft 365 generally, and fundamental knowledge of security and compliance principles. Additionally, some fundamental knowledge of relevant Microsoft 365 security and compliance services and products is desirable and beneficial, but not required.

Microsoft published a full comparison (PDF) document of Microsoft 365 plans and features on this page: https://www.microsoft.com/en/microsoft-365/enterprise/e5. Consult the information available online and in the full comparison document to find out more about products and licenses. More information about products and licenses is available in Chapter 1, Getting Started with Microsoft 365 Security and Compliance.

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example:

IdentityLogonEvents

| where TimeGenerated >= ago (7d)

| where UserPrincipalName == "user name@domain"

Bold: Indicates a new term, an important word, or words that you see on screen. For instance, words in menus or dialog boxes appear in bold. Here is an example: “In the Microsoft 365 Defender portal, select Permissions, then Settings, followed by Microsoft 365 Defender. Select Permissions and roles to view the available options.”

Tips or important notes

Appear like this.

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, email us at customercare@packtpub.com and mention the book title in the subject of your message.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata and fill in the form.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at copyright@packt.com with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Once you’ve read Microsoft 365 Security and Compliance for Administrators, we’d love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.

Your review is important to us and the tech community and will help us make sure we’re delivering excellent quality content.

Thanks for purchasing this book!

Do you like to read on the go but are unable to carry your print books everywhere?

Is your eBook purchase not compatible with the device of your choice?

Don’t worry, now with every Packt book you get a DRM-free PDF version of that book at no cost.

Read anywhere, any place, on any device. Search, copy, and paste code from your favorite technical books directly into your application.

The perks don’t stop there, you can get exclusive access to discounts, newsletters, and great free content in your inbox daily

Follow these simple steps to get the benefits:

1. Scan the QR code or visit the link below

https://packt.link/free-ebook/9781837638376

2. Submit your proof of purchase
3. That’s it! We’ll send your free PDF and other benefits to your email directly