Compliance Announcements, News & Updates

Compliance, Blogs & Vlogs

Compliance Speaking & Virtual Events. Plus, Recordings

All Things M365 Compliance Podcast

About Me

Contact Me

Summary of Key Specialisms

I specialise in all areas of consulting for end-to-end Microsoft 365 technical solutions from design, deployment, and migration, including MCAS and Azure Compliance. In addition, the more recent Microsoft solution; The NHS N365 offering.

My focus area at present is the Microsoft Compliance Solutions Stack, thus giving me the opportunity to extend my expertise to leading organizations within; Public & Private Sectors, Health & Wellbeing, Financial; Private and Retail Banking, Legal Firms and Legal Departments within Corporate Enterprises. I have been assisting them with their Microsoft Compliance Designs and Deployments giving the businesses an opportunity to know their data and their data landscape.

Together with the above, I have been enabling clients to build out configurations to adhere to Internal and External Regulatory controls and Data Sovereignty Laws with the following technical solutions: –

Information Protection: – Creating or extending on their Classification /Labelling Taxonomies, building out Labels that map back to the documentation for Manual Labelling and/or Auto-Labelling Client-Side, Customised Labelling, Auto-Labelling Service Side(v2) & Azure Information Protection Scanner for providing a Discovery of Data and Classifications landscape within their Cloud and On-Premises environment, creating, and extending out their Data Loss Prevention Catalogues to provide a defence in depth for Intellectual Property, Encryption Key Configurations; HYOK, BYOK, Azure Key Vault, Office Message Encryption; Standard & Advanced, Cloud App Security building policies for Information Protection & Data Loss Prevention to extend Data Exfiltration preventative capabilities.

Information Governance: – Data Preservation, Records Management, Defensible Disposal of Data with Disposition, Events Based Retention, Retention Policies & Labels; Automatic and Manual, creating or extending their Master Retention/Records Matrix Catalogues, File Plan Importation

Insider Risk Management & Communications Compliance: – building out a wide range of Insider Threat Risks and Violations from employees, additionally, creating supervision and monitoring policies with Communications Compliance for special projects, and Financial Regulatory Compliance needs when it comes to conflicts of interest with Insider Trading, managing Identity access with Privileged Identity Management, creating Information Barriers, advising on Customer Lockbox,

Advanced eDiscovery: – providing end to end EDRM support of creating, collecting, and managing data investigations, controlling, discovering, and preparing data for analysis, Compliance Boundaries and Security Filtering

Compliance Manager: – assisting in mapping out regulatory requirements from the templates into configurations and documenting this process of completion.

Data Classification: – assisting with Sensitive Information Types, Default & Custom, working with Trainable Classifiers for MIP, MIG and Comms Compliance, building an Exact Data Match Schema and Documents Fingerprint Policies. Providing technical and reviewer insight into the Activity and Content Explorer.

Audit: – Assisting with the collection Audit Logs and creation of and Advanced Audit Logging Policies

Microsoft Technologies

Azure: –

Azure Active Directory – Core Infrastructure – Azure Compliance & Governance

Microsoft 365: –

Architecture: – Exchange – SharePoint – OneDrive – Teams – Security – Compliance

Security & Threat Protection: – Azure Sentinel – Microsoft 365 Defender – Azure Defender, Security Policies & Controls for Identity & Apps.

Compliance: – Classification, Information Protection & Governance (MIP/AIP) Insider Risk Management, Discover & Respond, Compliance Manager – Exchange Online/Hybrid for Enterprise Level Businesses, Email Hygiene, – Microsoft 365 Licencing Modelling & User Profiling

Microsoft Endpoint Manager & Intune: – Enterprise Mobility Suite + Security – Microsoft Devices & Apps for Enterprise: Integration, Migration & Controls

Microsoft Cloud App Security: – User, Data & Application Protection & Governance.