Wednesday, January 9, 2019

Managing Advance alerts in #Office365 Security & Compliance

Introduction:

You can use alert features in Office 365 to view and manage alerts for your Office 365 organization, including managing advanced alerts as part of Advanced Security Management.
Advanced Security Management is available with Office 365 Enterprise E5 if your organization is using another Office 365 subscription, Advanced Security Management can be purchased as an add-on.
After purchasing this add-on, you will be able to see Manages Advance Alerts under Alerts in office 365 security and compliance.
  1. In Office 365 Security & Compliance, go to Alerts > Manage advance alerts.
  2. Choose Go to Advance Security Management.
    In the Advance Security Management portal, you can:
    • Define policies and set up alerts and actions.
    • Know about cloud usage across your organization through reports.
    • Manage third party apps that people in your organization are using with Office 365.

    Create a new activity policy:

    1. From the Control menu of Advanced Security management portal, select Policies.
    2. Click Create policy, and then select Activity policy.
    3. On the Create activity policy page, type the Policy name and Description. You can base a new policy on one of the default templates, if you like, by choosing one in the Policy template drop-down menu.
    4. Choose a policy severity and category for this policy. This can help you filter and sort alerts that have been triggered.
    5. Choose Activity filters to set up other actions that will trigger an alert based on this policy.
    6. Check Create alert to receive notifications from this policy.
    7. Choose Actions that should be taken when an alert is triggered to suspend the user or require the user to sign in again to Office 365.
    8. When an activity matches a policy, alerts will be generated and notification will be sent to the mail ID enabled for getting alerts (see below screenshot)

      An email will be coming from this mail id.
    9. You can also receive SMS, for the same you must provide a contact number.
    10. After you got the email notification, you can also view the details and take necessary actions on alert in Portal.
    11. You will able to see all the alerts under Alert
    12. By clicking on Alert which you got, you can see the details, activity log and take necessary actions on the alert.

    Conclusion:

    It is a good practice to set advance alerts which helps in monitoring the user activities by getting alert notifications.

No comments:

Post a Comment

Set custom status message in Microsoft Teams

As Microsoft released Teams as Skype for Business replacement it was also right to say that Microsoft Teams must have the useful features ...