Office 365 E3 License: Unlock the Value
The Office 365 E3 license is the most popular Office 365 user license Ergo deliver to our customers. The main pillars of this license are Exchange, SharePoint and Skype for Business and tend to be implemented as appropriate during the initial Office 365 install and configuration project. Beyond this however, there are a group of other useful features that are included with the E3 license monthly cost that are often overlooked. These services are all standalone and can be implemented as required.
Data Loss Prevention
With Exchange Online, Microsoft now makes it possible to enforce compliance requirements for data and control how it is used in e-mail. Data Loss Prevention [DLP] is one of the features that allows administrators to manage sensitive data in Exchange Online.
DLP is a system designed to detect and prevent an accidental or deliberate email data breach/leakage incident in real time. It can watch out for and react to a range of different patterns, as defined by a DLP template which is customised to catch important data types being sent by email. These might be credit card numbers, social security numbers invoice numbers or any defined pattern of characters that are indicative of sensitive personal or company information in your organisation.
This has always been an important matter for most organisations as the loss of sensitive data can be very damaging for an organisation. Exchange administrators traditionally had to rely on 3rd party solutions to achieve this functionality, but it can now be enabled within Office 365 for no additional licensing cost.
Azure Rights Management Service
Azure Rights Management Services (also known as RMS) is a form of Information Rights Management that uses encryption and a form of selective functionality denial to limit access to information, such as e-mails or Microsoft Office documents for example, and enforce what operations authorised users can perform on them.
This technology is used to encrypt information stored in such document formats and, through policies embedded within these documents, prevent the protected content from being accessed except by specified people or groups, under certain conditions, and even for certain periods of time.
Specific operations such as printing, copying, screenshots, editing, forwarding and deleting can be allowed or disallowed by the author and will follow the file or email wherever it is, inside or outside the organisation. Through an online control panel, security settings can also be altered even after a file has been sent outside the organisation and all access rights can be denied to the file at any time, making it unreadable wherever it is.
When enabled on an individual or a group of user accounts, Multi-factor authentication adds a second authentication method for each logon and increases cloud services security above and beyond just a password. Typically this service is selectively applied to users that have sensitive data in their email but can just as easily be applied to all users.
When enabled, users are required to acknowledge a text message, an automated phone call or a smartphone app notification after entering their standard password as normal. Only after this second authentication factor has been satisfied can a user get access to their Office 365 account.
In-Place Legal Hold
If an organisation is involved in a legal action, it may have to take steps to preserve relevant data, such as e-mail messages, that may be used as evidence. In situations like this, administrators may have to retain all e-mails sent and received by specific people or by the entire organisation for a specific period of time.
The purpose of In-Place Hold is to address this and preserve mailbox items that need to be held, without having to move them to a separate repository. In-Place Hold prevents the destruction or alteration of evidence, which could have a catastrophic impact on the defence or accusation and could expose the organisation to legal and financial risks.
With Exchange Online, administrators can now easily define policies that specify whether items should be preserved indefinitely, according to their age, or based on keyword contents. Once an item is identified as the target of a hold, Exchange performs copy-on-write operations to preserve both the original item and all changes made to it.
In terms of archiving and compliance, Office 365 introduces the eDiscovery service which helps organisations perform searches for relevant content across multiple users and services at the same time. Having a single search query bring back results from multiple sources can save huge amounts of time over a traditional manual search through individual mailboxes and SharePoint sites. This may be a requirement by an organisational policy, compliance or even a lawsuit for example.
Administrators can use the eDiscovery Center in SharePoint Online to perform eDiscovery search across an individual or group of users on Exchange Online, SharePoint Online and Skype for Business Online data and preserve the results as they are for as long as needed without alerting the target users.