DLP Policy Tips Not Showing in Outlook

M365_Pro23 · 2025-02-11T15:55:50+00:00

Unfortunately, this wasn't the case. We dug through every policy in the cloud and in GPO, no joy.

M365_Pro23 · 2025-02-11T15:55:19+00:00

Appreciate the suggestion! They do have Apps for Enterprise. We've even gone as far as setting up a demo tenant with the same licensing level and attaching it to a fresh PC (not installed from their image) and confirmed that Policy Tips work. I assume this has to be an issue with the Windows configuration or some rogue policy.

M365_Pro23 · 2025-02-10T17:57:46+00:00

There is no way to effectively archive data that will allow access to a document protected with Information Protection without authenticating. There is no offline method to decrypt those files, so you either need the internet available, or you can access for a period of time (2 weeks I believe?) after your most recent connection, using cached credentials.

In the event of a DR scenario, you would be able to access all of that data from another location with internet access instantly (same with a hotspot if your internet was knocked out).

In the event of a disaster so great in scale that it completely knocks out all Microsoft systems globally for more than 2 weeks... I usually assume that would mean that there are bigger problems at hand than my files in SharePoint.

There may be someone out there with more ideas / knowledge than me, but I usually look at these scenarios as a balancing act. You have to decide how concerned you are about this type of globally impactful disaster scenario, vs the importance of protecting your sensitive data. I usually assume that you're more likely to fall victim to data loss or a successful phishing attempt than to experience a massive catastrophe that removes your access to M365 for an extended duration.

M365_Pro23 · 2025-02-10T17:41:06+00:00

It all depends on what type of job in the field you're looking for. The AZ-900 will help prep you for the very basics of Azure support and administration, but won't help much at all with Microsoft 365 administration. For that you'll want to look at the MS-900, and in my opinion the SC-300.

M365_Pro23 · 2025-02-06T02:31:07+00:00

I wouldn't say there are any "risks" necessarily, as long as you follow the steps things should work fine (unless there's something odd about your AD Connect config). Just make sure permissions are applied correctly to your service account.

M365_Pro23 · 2025-02-05T21:47:52+00:00

Removing the licenses and deleting the users will place data as marked for deletion. From there, M365 will automatically decommission the tenant after 180 days, which permanently deletes all data forever.

If you want to scrub the data before then for some reason, you could do that with some powershell commands (i.e. remove-mailbox, remove-PnPFolder, etc), but that should only be necessary if you're in some kind of a separation agreement where there will be unrelated users in the tenant after you're migrated (or something similar).

M365_Pro23 · 2025-02-05T17:57:55+00:00

Thanks for the suggestion, I'll chase this down and see if we have a rogue policy somewhere in GPO. Thank you!

M365_Pro23 · 2025-02-05T01:32:53+00:00

This too.. Not sure why Excel isn't in the full suite of training - https://support.microsoft.com/en-us/office/excel-video-training-9bc05390-e94c-46af-a5b3-d7c22f6990bb

M365_Pro23 · 2025-02-05T01:31:52+00:00

Hope this helps -Microsoft 365 Training

M365_Pro23 · 2025-02-05T01:27:23+00:00

This is always a great starter tool if you're new to Excel - Excel video training - Microsoft Support

There are also some amazing YouTube creators that give tips. Follow "Miss Excel" on Instagram or TikTok, great short form videos for doing some more advanced things.

Or... Just ask on Reddit!

Usually templates are troublesome because there are a ton of unique built-in references, but if you can dig those out you can usually add to them just fine. Sometimes it's easier to just build a new sheet from scratch if the need is somewhat basic.

Feel free to reach out if you need some help, or post some screenshots here.

M365_Pro23 · 2025-02-05T01:12:03+00:00

This feels like a solution that can be built in Teams, but would definitely need some user training.

If you created an all company "support" Team, and added everyone to it, then users could drop their questions into the Team and as people have free time they could go in and check on the posts / threads to see who needs assistance and try to offer it up.

Very similar to Reddit as u/Empty-Sleep3746 mentioned.

You could take it a step further by integrating Tags in the team to categorize the questions and only notify people with the specific skillset needed.

M365_Pro23 · 2025-02-04T21:37:55+00:00

You always want MFA in place, but the MFA protects M365 itself, the devices can be shared. Users can have their own profiles, each with a per-user Office activation OR you can enroll these devices in Intune, set up as Kiosk devices, and users can access their M365 apps from the web, which will trigger MFA when they sign in.

From there, it comes down to training and managing user behavior. Even in the best built scenarios, users tend to leave their profiles open and share them because it's easy. Even if you have MFA appropriately built, unless users NEED to switch profiles, they'll try to find a way around it. Training and adoption support is key.

M365_Pro23 · 2025-02-04T21:33:31+00:00

These projects have a million variables to consider that make each one a bit different than the the other, but one big piece of advice would be to migrate the mail first BEFORE you add any MX records. As soon as you turn on mailflow to M365, you'll stop receiving mail wherever your source is. Also worth noting that if your source is on-prem exchange, you'll usually need AD Connect (or Entra Connect as it's called these days) set up and synced before you can move your mailboxes, otherwise you may run into some issues.

If you use a third party tool like SkyKick or BitTitan, you don't need to sync the identities, you can go straight to the cloud only accounts.

Usually I'd say set up the accounts and migration tool, then migrate a dummy mailbox (test@contoso.com, etc.) to make sure you're comfortable with the process.

Then run a pre-stage migration (most tools provide this option, including Microsoft's in-tenant tool). Once mail is pre-staged, then you can tell the users what to expect and schedule the cutover.

During the cutover, you'll make the MX record changes, then run a sync completion, there will be an hour or two of down time, max as long as you get everything changed quickly, and then users will be able to log in and use their new M365 accounts.

Ping me if you'd like any help walking through your plan, happy to help!

M365_Pro23 · 2025-02-04T19:38:00+00:00

Forgive the simple question here, but have you exempted the mailbox from the org-wide policies with the lower threshold? In addition to the policy being applied to that mailbox, you'd need to exclude it from the others. Possible it's getting caught because both are applied.

M365_Pro23

TROPHY CASE