Preparing Your Microsoft Office 365 Environment for Forensic Analysis

Enabling Auditing

It is important to know that auditing may not be enabled currently in the Office 365 environment you manage. Download the step-by-step guide to enabling auditing.

Microsoft’s Office 365 adoption continues among larger enterprises with small and medium size businesses adopting at lower rates. With this market share comes increasing needs for administrators and analysts to further understand the activities taking place in their cloud environments.

Office 365 offers several different business license types. Currently, these types offer different capabilities in the security and auditing area, in addition to main differentiators such as mailbox size and Office application availability.

Key security features available in at least one of the offerings or add-ons are:

• Exchange Online Protection
• Security and privacy controls
• Security groups/permissions
• Policy creation and enforcement (e.g. passwords)
• Advanced Threat Protection – helps protect against ransomware, advanced malware
• Remote wipe company data from devices
• Restrict copy/saving company info to unauthorized apps
• Information Rights Management
• Windows Defender Exploit Guard
• Windows 10 malware protection