Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
welcome back
00:02
security minded cyber professionals
00:05
to the M s 3 65 Security Administration course
00:09
it is my utmost privilege and extend honor.
00:15
Yes, honor to be your instructor for this course. My name is Jim Daniels,
00:20
and we are still model for in this 3 65 infant protection lesson to
00:26
rights management and encryption
00:29
Office 3 65 Message encryption.
00:33
You may have guessed what we're learning about based on the intro. However,
00:38
just for clarity in this lesson, we're going to learn all about 03 65 message encryption mechanisms
00:46
and how to create Mel flu rules. That force of any.
00:51
So I'm gonna give a little bit of another day
00:53
right now over any is still very viable. There are many organizations that still utilize it. However, in the future,
01:03
a lot of the other me based processes
01:06
we're going to be slowly phased out and preferred to use a API.
01:11
So the unified labeling that utilizes as your information protection
01:17
that has labels and triggers and policies across your whole environment because it's unified,
01:23
that is preferred
01:26
moving for,
01:26
So if your organization already has openly set up, that's cool.
01:30
I mean, if your organization looking for message protection from the ground up,
01:34
You may want to look at
01:37
unified labeling
01:38
and applying those 10 place
01:40
to your email messages based one
01:44
The way marker salt is going
01:47
just a little romance.
01:49
State of the Union kind of thing. State of the server
01:53
office for 65 message encryption over me.
01:57
Let me combines email, encryption and rice management capabilities that provide you with a happy
02:05
other me and s mind. Both encrypt email messages. However, s mind requires the client sending the message to encrypt that, you know, message using a PK I public infrastructure certificate,
02:15
as installed or available on the client computer
02:20
over me, uses built and certificates to encrypt messages in office. 3 65 Using transport off the message
02:30
before unify Leg one came out.
02:32
I did. I didn't use That's mine.
02:35
No.
02:36
If it was exchange online if we was a officer 65 10 it
02:39
we use over any
02:42
let's headache
02:43
and less moving parts. Less things to have to set up
02:49
so many
02:51
definitely has a foothold.
02:53
An older tenants
02:54
and tenants who aren't ready to move toward you inviolable and yet
03:01
o M E ensures only the intended recipient. Confuse a message
03:07
again. It's for your I. Only
03:14
there has to be some more of the rings fan out there, right? At least one. Maybe.
03:17
Maybe.
03:19
Okay, all right. For your I only
03:23
So I was really. Tourney could have went with Mike Wazowski in Monsters, Inc
03:28
for your eye,
03:29
but I went straight of Lord of the Rings
03:30
Eyes are
03:36
No, we'll see.
03:45
Well, let's take a closer look at how over me works.
03:50
The user sends an email message.
03:53
The message is filtered by admin. The fund rules and matches a role for encryption, so it
03:58
this feels hurt and masters a trigger.
04:00
The message is encrypted without any.
04:03
Then it gets sent to the recipient Smell service, which is
04:09
any service. Could be Gmail out. Log
04:12
Yeah, product Next sovereign begin Anything
04:15
in creative messages delivered with HTML attachment
04:18
you were sipping opens html attachment. To connect to the portal,
04:24
the recipient authenticates by signing in or entering a one time passcodes.
04:29
The message is decrypted
04:30
recipient views, a message and consent and encrypted reply.
04:35
You can send in the primitive reply. However, he cannot afford that message to a user that wasn't one of the initial email
04:43
because it's intended to be encrypted.
04:45
So if you send other than the message to person, a person A can't open it and forded the person, be
04:50
that's my default
04:53
person. A views it
04:55
remember they just get the html attachment
04:58
so it doesn't download when there are local client that go into a protective portal who survived Microsoft toward then they can view and respond to it.
05:08
This is how we create a exchangeable on no floral.
05:12
We go into the exchange, I'm in center, got a cell phone
05:15
liberal,
05:15
applying
05:16
of EMI encryption and rice protection to messages.
05:20
We're gonna name it of me Trigger
05:23
plough the rule if the message properties include this classification.
05:28
So it is a data classification. You can also sort a number of different triggers.
05:32
You're gonna have it any time a message is sent from this particular address of amazing plot.
05:38
Any time it goes to this particular domain of any supplied, any time it has this word in the subject or body other than these applied,
05:46
you are very, very flexible with the triggers that you can build in use an exchange melt for
05:53
the action after the trigger is we're going to apply over me and rice protection to the message with Apply Over me and rice protection.
06:02
This is what it looks like in action.
06:04
Here's an example
06:05
that was sent to my Gmail. My personal Gino
06:11
Gmail person gets it,
06:13
and it just says someone saying You're protected message. Read the message. You see, there's a
06:18
the tax from the bottom
06:19
click and read the message.
06:21
It says, How do you want to view the message?
06:25
I could see that signing with Google
06:27
because
06:28
Federation is enable between Microsoft and Google
06:30
Or I can sign in with the once on task
06:34
I want complete that.
06:36
Here's the mist
06:38
So this is what it looks like At the top. We can see the euro is https
06:44
that is the hosted portal for Microsoft for over me.
06:49
It even has a told him
06:50
This message is encrypted. Recipients cannot remove encryption
06:57
at the bottom right? We have an example of my Gmail replying to the message.
07:03
So even though it says it was sent by me, it actually goes through the message. Import Sources Office 3 65 and messaging that Microsoft dot com.
07:12
Yeah, that was actually mind Gmail user,
07:15
but because you reply to other me message in the enemy portal,
07:18
that's how it comes across.
07:21
Quizzed on
07:23
when a user sends an email message in exchange that matches encryption role,
07:28
the message is sent out with
07:30
an HTML attachment. True
07:31
or false?
07:34
Correct answer.
07:35
It's true, right? If a match is that over me, role is going to trigger that.
07:42
Remember, with the exchange, Malfoy rules, we have lots of flexibility.
07:46
What I would recommend for your mental environment is to map out a scenario based on your business processes
07:54
requirement in compliance needs. Toe where, when you need over me applied,
07:58
you have a scenario written down and then you go into exchange Mel four and you can create there's triggers for
08:07
You can even get reports
08:09
Well, how often those rules or apply to the messages provided that you audits
08:13
those rules
08:16
to recap. Today's lesson
08:18
over me is a online service that is built on Microsoft Azure Rice Management, which is part of a happy
08:26
So Ernie is built on a Oren S, which is a rt.
08:30
Acronyms got a little
08:33
only uses building certificates to encrypt messages in the 03 65 service during the transport of the message.
08:41
It's mine.
08:41
You got to do more legwork to get it going. Other than me, if you already have a 3. 65 tenant
08:46
is super simple. Ricky, go.
08:50
Thank you for joining me. When this lesson about money
08:54
before you want something,
08:56
I hope to see you next time. Take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor