New Training: Manage Search and Investigation

In this 6-video skill, CBT Nuggets trainer John Munjoma focuses on planning for eDiscovery and managing insider risks. Watch this new Microsoft 365 training.

Learn Microsoft 365 with one of these courses:

• Microsoft 365 Mobility and Security

• Microsoft 365 Certified: Enterprise Administrator Expert (MS-100 & MS-101)

This training includes:

• 6 videos

• 49 minutes of training

You’ll learn these topics in this skill:

• Working With eDiscovery

• Using Content Search

• Deleting Malicious Emails

• Creating Audit Retention Policies

• Usage Reports

• Insider Risk Management

An Intro to Insider Risk Management with Microsoft 365

IT professionals hoping to pass the Microsoft 365 certification test need to study a broad range of topics. One of those topics is insider risk management.

Insider risk is different from other external risk factors. Insider risks are security vectors that might appear from within an organization itself. This can include things like sensitive data leaks, intellectual property theft, fraud, insider trading, and more.

Microsoft 365 helps manage insider risks by using 365 logs with Microsoft Graph. By using Microsoft Graph, Microsoft can help analyze log data with data mining and identify possible risk factors or anomalous behaviors.

Microsoft recommends a specific workflow for managing insider risks with Microsoft 365:

1. Policy

2. Alerts

3. Triage

4. Investigation

5. Action

Policies are pre-defined templates for identifying key risk factors. Once a policy has been activated, it triggers an alarm for IT staff. IT staff can then use Graph to see what the problem is, data to identify whether that alert is creditable, and then take the appropriate actions.