HTH0007: Gartner Satanic Pentagram
Boot-Up (Intro…random topics) 00:12
• Ring 2FA: https://www.engadget.com/2020/02/18/ring-requires-two-factor-authentication/• Microsoft is bringing Defender ATP to Linux, iOS and Android
https://www.theverge.com/2020/2/20/21145388/microsoft-antivirus-ios-android-apps-software-defender-security-malware
• A brief tangent about Wine on Linux
Retention Intervention 9:23
-Exchange MRM VS. Retention Tag Vs. Retention-Global Retention and retention tagging
-Why do I need this?
With traditional on premise solutions, that data can be stored and backed up indefinitely. In O365, the data can be retained, but we would like to recycle licenses to allow for active users to utilize the active subscription without losing that data.
It was previously recommended by Microsoft to use litigation hold, but from what I understand is that retention policies can be used in a similar way.
O365 seems to offer multiple approaches to this, that would work but does seem to have pros and cons for each.
Two things currently need to be retained:
1. Mailboxes
2. OneDrive Data
Here is what I have found, I am looking for validation and guidance as to what the next steps would be to ensure we are setting up an environment that will allow us to easily operationalize, and future proof for future rollouts of O365 products.
Mailboxes:
Suggests using Litigation hold or retention polices
https://docs.microsoft.com/en-us/microsoft-365/compliance/inactive-mailboxes-in-office-365
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-and-manage-inactive-mailboxes
If a mailbox is renamed, is it still searchable in both litigation hold and retention policies?
What are the bulk methods for applying litigation holds and retention policies?
What are best practices around users, since the deletion process keeps the restored items folder?
OneDrive:
https://docs.microsoft.com/en-us/onedrive/retention-and-deletion
-A user is deleted from the Microsoft 365 admin center or is removed through Active Directory synchronization.
-The account deletion is synchronized to SharePoint Online.
-The OneDrive Clean Up Job runs, and the OneDrive is marked for deletion. The deleted user will appear in the Microsoft 365 admin center for 30 days.
This seems pretty straightforward for OneDrive, just up the retention inside the admin console for OneDrive. Since it would apply to all of the OneDrive Accounts.
Is this correct approach?
O365:
Retention Policies and Retention Tags
Would applying global retention policies be best practices?
There do seem to be some limitations such as utilizing a DL to manage the exchange portion, and the retention policy limitation itself.
Are there best practices? Or is the approach to apply it on user creation and just have users on hold/ retention from start?
Do the mailboxes become bloated if this is on from the start, instead of applying from time of departure?
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention-policies.
Is this due to the fact that it runs based on the user, and not the policy? Is there a way to allow this to update?
Teams and Sharepoint
Limitations to Retention Policies
O365 License Recycling and Management 24:30
• https://github.com/AaronDinnage/LicensingO365 Compromised Accounts 31:30
• https://www.reddit.com/r/Office365/comments/f2jkzv/office_365_hack_what_they_did_and_how_to_stop_them/• Enable 2FA!
○ Do not use SMS based 2FA, listen to this story: https://gimletmedia.com/shows/reply-all/v4he6k/
○ CORRECTION: The episode was from Reply All, not This Is Uncomfortable (still worth listening to though)
• Separate on prem admin accounts
“Unplanned Outage” (Sponsor section - "Hope this Helps is helped by…") 39:38
• The Cutting Edge - Bleeding Where It Doesn't MatterO365 Exchange Recipient Limits 40:45
• They have finally come to Exchange Online after a strange absence• https://techcommunity.microsoft.com/t5/exchange-team-blog/customizable-recipient-limits-in-office-365/ba-p/1183228#.Xk2tqMyqnPU.twitter