![]() Manage blob containers using the Azure portalīe sure to save the name and URL of the Azure blob container.Here are links to relevant articles you can refer to help you get started: ![]() The procedures for setting up your Azure storage account, container and blobs are documented in the Azure document set. For more information, see Store business-critical blob data with immutable storage Create an Azure storage account You can also configure immutability policies for your blob data that protects against the saved items being overwritten or deleted. For more information, see Data protection overview. Azure Storage also offers options for disaster recovery, including multiple levels of redundancy to protect your data from service outages due to hardware problems or natural disasters, and customer-managed failover if the data center in the primary region becomes unavailable. In the Azure Storage, data protection refers to strategies for protecting the storage account and data within it from being deleted or modified, or for restoring data after it has been deleted or modified. What is your strategy for protecting against saved item deletion or modification? For example, one for items saved off from the HR department and one for IT department. You can create multiple different evidence containers within same storage account to sort saved items into. Do you want to use containers to organize saved items? This ensures that the Azure storage admins or DLP event investigators can only see the items that matched DLP policies from their respective groups. Do you need to compartmentalize items and access along role or departmental lines?įor example, if your organization wants to have one set of administrators or DLP event investigators who can view saved items from your senior leadership and another set of administrators or DLP event investigators for saved items from human resources, you should create one Azure storage account for senior leadership and another for human resources. You should have answers to these question before setting up your Azure storage and scoping the feature to users. If you need to configure different permission for different regions, you must create multiple storage accounts, not multiple containers. You can't set different permissions per container. Onboard devicesīefore you can use copy matched items you have to onboard Windows 10/11 devices into Purview, see Onboard Windows 10 and Windows 11 devices into Microsoft 365 overview Setup Azure storageĬontainers inherit the permissions of the storage account that they are in. ![]() Standard Microsoft Purview Data Loss Prevention (DLP) permissions are required. You don't need any additional licenses over what is needed for endpoint DLP. See the licensing requirements for Information Protection for details on the subscriptions that support DLP. Set permissions on the Azure blob storageīefore you start these procedures, you should review Learn about evidence collection for file activities on devices (preview).Here are the high level steps for configuring and using evidence collection for file activities on devices. Learn details about signing up and trial terms. Start now at the Microsoft Purview compliance portal trials hub. If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs.
0 Comments
Leave a Reply. |