Nov 12, 2018 - Dell EMC's Mike Shea discusses the features of Office 365. Across all these services from a single place – the Security & Compliance Center.
Guest Post by Isha Kapoor
Compliance Center is a tool that was recently added to Office 365 admin panel to facilitate searching mailboxes, SharePoint Online Content, and OneDrive for Business locations.
With Compliance Center, an administrator can setup a Compliance Search which provides an option to Search SharePoint Content across all or specific SharePoint Online sites in Office 365. The UI designed for Compliance center is user-friendly and is easy to use but an option to run Compliance Searches using PowerShell is also available.
In the following blog post, we will look at the PowerShell cmdlets that can be used for accessing Compliance Center and setting up a Compliance Search for SharePoint Online sites.
To begin with, a global administrator needs to first Connect to Office 365 using PowerShell. For details, please refer to Connect to Office 365 using PowerShell
Next, the following Commands should be ran to Connect to the Compliance Center using PowerShell.
1. In the PowerShell Window, run the following command
$UserCredential = Get-Credential
In the Credential Request dialog box, type your Office 365 user name and password, and then click OK.
2. Run the following command.
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic –AllowRedirection
3. Finally, run the following command to import the session
Import-PSSession $Session
This should connect your PowerShell to Compliance Center in Office 365.
4. Next, for an administrator to have access to the Compliance Center, specific permissions are needed. The basic permissions that are required are:
a) An Administrator either needs to be an Office 365 global admin or a member of one or more Compliance Center role groups.
b) For an Administrator to have access to the Compliance search page to perform compliance searches, they have to be a member of Compliance Administrator and eDiscovery Manager role group in the Compliance Center.
Let’s look at commands to add a user to Compliance Administrator and eDiscovery Manager role group in the Compliance Center.
To add a user to ComplianceAdministrator role, use the Add-RoleGroupMember cmdlet as following.
Add-RoleGroupMember 'ComplianceAdministrator' -Member 'Isha Kapoor'
Repeat the command for eDiscoveryManager role.
Add-RoleGroupMember 'eDiscoveryManager' -Member 'Isha Kapoor'
Note: You must be logged in as a global administrator to perform the above Operations. |
5. Now, once the permissions are all setup, the next step is to configure the Compliance Search. To create a new Compliance Search, Compliance user can use the New-ComplianceSearch cmdlet as following.
New-ComplianceSearch -Name 'SP Compliance Search' -SharePointLocation 'https://spsite.sharepoint.com' -ContentMatchQuery createdby:'Isha Kapoor'
The above command creates a Compliance Search entry with the name 'SP Compliance Search', as shown in the screenshot below.
Notice that we have also used 'ContentMatchQuery' parameter which lets you specify the query that the search results can be filtered upon.
After you have created a Compliance Search, to edit the Keyword Query, you can use the Set-ComplianceSearch cmdlet to edit the ContentMatchQuery parameter.
Example: Set-ComplianceSearch -Identity 'SP Compliance Search' -ContentMatchQuery created:'08/19/2015''
For more examples see: Keyword queries for Compliance Search
You can also verify the Compliance Search creation by running the following.
Get-ComplianceSearch | Format-Table Name, Status.
6. Once you have the Compliance Search Created, the next step is to start the Search. To start the Search, run the following Command.
Start-ComplianceSearch -Identity 'SP Compliance Search'
7. Following the Start, a new Compliance Search Action needs to be created to track the status of the Search activity. Run the following to create a new Action using the New-ComplianceSearchAction cmdlet.
New-ComplianceSearchAction -SearchName 'SP Compliance Search' -Preview
Tip: The time it takes run the Action depends upon the number of results being returned. So give it some time before you try to download the results. |
8. Finally, run the Get-ComplianceSearchAction cmdlet to verify the status of the query and to download the results.
To confirm the status of the Action run the following:
Get-ComplianceSearchAction -Identity 'SP Compliance Search_Preview' | Select Status
To download the results as a csv file run the following:
Get-ComplianceSearchAction -Identity 'SP Compliance Search_Preview' | Select Results | Export-Csv c:results.csv
For instructions on how to configure Compliance search through UI, see my blog post here
|
Overview
If you're interested in your organization's compliance posture, you're going to love the new Microsoft 365 compliance center. The Microsoft 365 compliance center provides easy access to the data and tools you need to manage to your organization's compliance needs.
Read this article to get acquainted with the Microsoft 365 compliance center, how to get it, frequently asked questions, and your next steps.
Welcome to Microsoft 365 compliance
When you go to your Microsoft 365 compliance center for the first time, you'll be greeted with the following welcome message:
The welcome banner gives you some pointers on how to get started, with next steps and an invitation for you to give us feedback.
The Assess section
The Assess section on the home page shows you at a glance how your organization is doing with respect to data protection and compliance.
From here, you can go to the Microsoft Compliance Score card, which leads you to Compliance Manager, where you can review or edit your configurations and potentially improve your overall compliance score.
You'll see additional cards, such as one showing your organization's cloud app compliance, and another showing data about users with shared files, with links to Cloud App Security or other tools where you can explore data.
The Protect section
The Protect section on the home page contains cards that provide you with high-level information about labels, data loss prevention (DLP), third-party apps in use, shared files, shadow IT apps, and so on.
Each card has a link to a report or additional information where you can learn more.
The Respond section
The Respond section on the home page surfaces alerts and pending dispositions that you'll want to review and potentially act upon.
Cards, such as the Active alerts card, include a link to a page where you can view more detailed information, such as Severity, Status, Category, and more.
Easy navigation to more compliance features and capabilities
In addition to links in cards on the home page, you'll find a navigation pane on the left side of the screen that gives you easy access to your alerts, reports, policies, compliance solutions, and more.
Go to Alerts to view and resolve alerts Visit Reports to view data about label usage and retention, DLP policy matches and overrides, shared files, third-party apps in use, and more. Expand the Classification section to access your labels, label policies, sensitive information types, and label analytics. Go to Policies to view alerts and to access your DLP and retention policies. Use the links in the Solutions section to access your organization's compliance solutions. These include: Data governance > Dispositions eDiscovery (preview) Supervision Data investigations Data subject requests |
How do I get this?
- If you don't have the new Microsoft 365 compliance center already, you will have it soon. The new Microsoft 365 compliance center will be generally available now.
- To visit the Microsoft 365 compliance center, as a global administrator or compliance administrator, go to https://compliance.microsoft.com and sign in.
- To learn more about requirements, see Required licenses and permissions.
Frequently asked questions
Why am I taken to the Office 365 Security & Compliance Center to perform some tasks, such as defining certain policies?
We are still developing the Microsoft 365 compliance center, and we'll be adding more functionality and solutions over the coming months. In the meantime, there are some tasks that must be performed in the Office 365 Security & Compliance Center (https://protection.office.com). In those cases, you'll be directed automatically to the location where you can perform the task at hand, such as creating or editing a supervision policy.
Why don't I see the new Microsoft 365 compliance center yet?
First, make sure you have the appropriate licenses and permissions. Then, sign in at https://compliance.microsoft.com. If you don't see the new compliance center yet, you will have it soon.
Some of my compliance features are not available in the Microsoft 365 compliance center. What do I do?
We are still adding functionality to the Microsoft 365 compliance center. If you can't find something, such as audit log search, use the Office 365 Security & Compliance Center (https://protection.office.com). Your configurations will be saved in both the existing Office 365 Security & Compliance Center and in the new Microsoft 365 compliance center automatically.
To go there, in the Microsoft 365 compliance center, in the navigation pane on the left side of the screen, choose More resources, and then, under Office 365 security & compliance center, choose Open.
Next steps
- Review your Microsoft Compliance Score, and use Compliance Manager to improve your score. To learn more, see Use Compliance Manager to help meet data protection and regulatory requirements when using Microsoft cloud services.
- Review your organization's Data Loss Prevention policies and make required adjustments as necessary. To learn more about, see Overview of data loss prevention policies.
- Get acquainted with and set up Microsoft Cloud App Security. See Quickstart: Get started with Microsoft Cloud App Security.
- Visit your Microsoft 365 compliance center often, and make sure to review any alerts or potential risks that might arise. Go to https://compliance.microsoft.com and sign in.