For organizations using supervision policies in Office , you should immediately plan to transition to communication compliance policies in Microsoft and need to understand these important points:. For retirement information for supervision in Office , see the Microsoft Roadmap for details. Identify the appropriate stakeholders in your organization to collaborate for taking actions on communication compliance alerts. Some recommended stakeholders to consider including in initial planning and the end-to-end communication compliance workflow are people from the following areas of your organization:.
Select dedicated stakeholders to monitor and review the alerts and cases on a regular cadence in the Microsoft compliance center. Make sure you understand how you will assign users and stakeholders to different communication compliance role groups in your organization. After configuring your role groups, it may take up to 30 minutes for the role group permissions to apply to assigned users across your organization. There are six role groups used to configure initial permissions to manage communication compliance features.
To make Communication compliance available as a menu option in Microsoft compliance center and to continue with these configuration steps, you must be assigned to one of the following roles or role groups:. Members of the following roles have the same solution permissions included with the Communication Compliance Admin role group:.
Make sure you always have at least one user in the Communication Compliance or Communication Compliance Admin role groups depending on the option you choose so that your communication compliance configuration doesn't get in to a 'zero administrator' scenario if specific users leave your organization.
Depending on how you wish to manage communication compliance policies and alerts, you'll need to assign users to specific role groups to manage different sets of communication compliance features. You have the option to assign users with different compliance responsibilities to specific role groups to manage different areas of communication compliance features. Or you may decide to assign all user accounts for designated administrators, analysts, investigators, and viewers to the Communication Compliance role group.
Use a single role group or multiple role groups to best fit your compliance management requirements. Choose from these solution role group options when configuring and managing communication compliance:. Before you start using communication compliance, you must determine who needs their communications reviewed.
In the policy, user email addresses identify individuals or groups of people to supervise. Some examples of these groups are Microsoft Groups, Exchange-based distribution lists, Yammer communities, and Microsoft Teams channels.
Windows based computers support several methods of controlling inbound access. In contrast, other methods of controlling inbound access to Windows based computers, such as by using the IPSec Policy filter and the Routing and Remote Access server, depend on user-mode processes or the Workstation and Server services. Use IPSec Policies or packet filtering if you need more control over outbound access. We recommend that you use the Configure E-mail and Internet Connection Wizard on SBS based computers with two network adaptors, and that you turn on the Firewall option and then open the required ports on the external network adaptor.
Select Start , point to Control Panel , point to Network Connections , and then select the local area connection that you want to configure. When you select this check box, you enable filtering for all adaptors, but you configure the filters individually for each adaptor. The same filters don't apply to all adaptors. If a policy is deactivated due to reaching the storage and message limits, be sure to evaluate how to manage the deactivated policy. If you delete the policy, all messages, associated attachments, and message alerts will be permanently deleted.
If you need to maintain these items for future use, do not delete the deactivated policy. To manage policies approaching the storage and message limits, consider making a copy of the policy to maintain coverage continuity or take the following actions to help minimize current policy storage size and message counts:. You can choose to select All users or to define specific users in a communication compliance policy. Selecting All users applies the policy to all users and all groups that any user is included in as a member.
Defining specific users applies the policy to the defined users and any groups the defined users are included in as a member. By default, the Direction is condition is displayed and can't be removed. Communication direction settings in a policy are chosen individually or together:.
You have the option of including sensitive information types as part of your communication compliance policy. Sensitive information types are either pre-defined or custom data types that can help identify and protect credit card numbers, bank account numbers, passport numbers, and more. As part of Learn about data loss prevention , the sensitive information configuration can use patterns, character proximity, confidence levels, and even custom data types to help identify and flag content that may be sensitive.
The default sensitive information types are:. To learn more about sensitive information details and the patterns included in the default types, see Sensitive information type entity definitions.
Configure custom keyword dictionaries or lexicons to provide simple management of keywords specific to your organization or industry. Keyword dictionaries support up to KB of terms post-compression in the dictionary and support any language. The tenant limit is also KB after compression.
If needed, you can apply multiple custom keyword dictionaries to a single policy or have a single keyword dictionary per policy. These dictionaries are assigned in a communication compliance policy and can be sourced from a file such as a. Use custom dictionaries when you need to support terms or languages specific to your organization and policies. Built-in trainable and global classifiers scan sent or received messages across all communication channels in your organization for different types of compliance issues.
Classifiers use a combination of artificial intelligence and keywords to identify language in messages likely to violate anti-harassment policies. Built-in classifiers currently support message keyword identification in several languages:.
Communication compliance built-in trainable and global classifiers scan communications for terms, images, and sentiment for the following types of language and content:.
The Adult , Racy , and Gory image classifiers scan files in. The size for image files must be less than 4 megabytes MB and the dimensions of the images must be greater than 50x50 pixels and greater than 50 kilobytes KB for the image to qualify for evaluation.
Image identification is supported for Exchange Online email messages and Microsoft Teams channels and chats. The built-in trainable and global classifiers don't provide an exhaustive list of terms or images across these areas. Further, language and cultural standards continually change, and in light of these realities, Microsoft reserves the right to update classifiers at its discretion.
While classifiers may assist your organization in monitoring these areas, classifiers aren't intended to provide your organization's sole means of monitoring or addressing such language or imagery. Your organization, not Microsoft, remains responsible for all decisions related to monitoring, scanning, and blocking language and images in these areas, including compliance with local privacy and other applicable laws.
Microsoft encourages consulting with legal counsel before deployment and use. Policies using classifiers will inspect and evaluate messages with a word count of six or greater.
Messages containing less than six words aren't evaluated in policies using classifiers. To identify and take action on shorter messages containing inappropriate content, we recommend including a custom keyword dictionary to communication compliance policies monitoring for this type of content. For information about trainable classifiers in Microsoft , see Getting started with trainable classifiers.
Configure built-in or custom communication compliance policies to scan and identify printed or handwritten text from images that may be inappropriate in your organization. Integrated Azure Cognitive Services and optical scanning support for identifying text in images help analysts and investigators detect and act on instances where inappropriate conduct may be missed in communications that is primarily non-textual.
You can enable optical character recognition OCR in new policies from templates, custom policies, or update existing policies to expand support for processing embedded images and attachments. When enabled in a policy created from a policy template, automatic scanning is supported for embedded or attached images in email and Microsoft Teams chat messages.
For images embedded in document files, OCR scanning isn't supported. For custom policies, one or more conditional settings associated with keywords, built-in classifiers, or sensitive info types must be configured in the policy to enable the selection of OCR scanning.
Scanning and extraction for embedded and attached. When reviewing pending alerts for policies with OCR enabled, images identified and matched to policy conditions are displayed as child items for associated alerts.
This content has been archived , and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable. Security of Information Technology Resources IT requires that you normally refrain from running your Windows computer as an administrator. For more, see About the principle of least privilege. Related documents. Configure the Windows firewall to allow pings.
0コメント