Sometimes Office 365 can be infuriating. My latest tribulation came in the form of missing retention labels, which disappeared from SharePoint Online without any reason for two weeks. Some labels returned due to auto-label policies, but any applied to documents manually had a vacation somewhere in the bowels of the services. It wasn’t a good experience.
The Microsoft 365 Security and Microsoft 365 Compliance Centers are now generally available. The new consoles will eventually replace the Office 365 Security and Compliance Center (SCC) but some work is needed to fill out their functionality and make the switchover possible. In the meantime, the Office 365 for IT Pros eBook writing team will stay focused on the SCC. And when the time’s right, we’ll switchover.
Although Office 365 supervision policies are intended to monitor a subset of user communications, usually involving specific groups of people, you might want to use a policy to monitor all email. In that case, how do you make sure that your policy has everyone in scope? The problem is that supervision policies don’t support dynamic distribution lists, so you need to do some work to build and maintain a distribution list containing all user mailboxes.
Office 365 content searches now support a hard-delete (permanent deletion) option for the purge action, but only for mailbox items. You can purge up to 10 items at a go. If you have more to purge, you just have to keep on purging until everything is gone. Or use the Search-Mailbox cmdlet, which keeps on proving its usefulness to administrators who need to remove lots of mailbox items quickly.
Security alerts from Office 365 Cloud App Security now flow into the Office 365 Audit Log, which means that you can run the Search-UnifiedAuditLog to find the alerts. Unhappily, more work than should be needed is necessary to extract the interesting information from the alert records.