Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article provides a checklist for the continued steps to configure security for your Standard Microsoft 365 education tenant.
Required Microsoft products
- Microsoft 365 A3 license
Cloud Access Security Broker
Cloud Access Security Broker (CASB) in education acts as a security intermediary between cloud services and users.
| ☐ | Microsoft Defender for Cloud Apps Discovery - Enables institutions to monitor, analyze, and secure the use of cloud applications, ensuring compliance and safeguarding sensitive data across the educational environment. |
| ☐ | Office 365 Cloud App Security - Provides advanced threat detection, data protection, and activity monitoring to ensure secure and compliant use of cloud applications in learning environments. |
eDiscovery and auditing security
eDiscovery and auditing security features help institutions manage and protect data for legal and compliance purposes.
| ☐ | Litigation hold - Preserves email and other Exchange Online data to ensure it remains unaltered and accessible for legal or compliance purposes during investigations or disputes. |
Identity access management
Identity access management features help institutions manage user access and protect sensitive data.
| ☐ | Advanced security reports - Provides detailed analyses of potential threats, vulnerabilities, and compliance measures to ensure the safety and integrity of educational institutions and their stakeholders. |
| ☐ | Microsoft Defender for Cloud Apps - Provides advanced security and threat detection to protect students, staff, and institutional data across cloud applications. |
| ☐ | Microsoft Defender for Cloud App Discovery - Provides institutions with visibility into cloud app usage, enabling secure access, compliance monitoring, and risk management for students and staff. |
| ☐ | Office 365 Cloud App Security - Provides advanced threat detection, data protection, and activity monitoring to safeguard students, staff, and institutional data in the cloud environment. |
| ☐ | Microsoft Advanced Threat Analytics - Provides real-time threat detection and security analytics to protect sensitive academic data and IT infrastructure from cyberattacks. |
| ☐ | Cloud user self-service password reset - Enables students, faculty, and staff to securely reset their passwords independently. |
| ☐ | Hybrid user self-service password change/reset on-premises - Enables users to securely manage their on-premises passwords through a streamlined process that integrates cloud-based identity solutions with local directory services. |
Information protection
Information protection features help institutions classify and protect sensitive data.
| ☐ | Manual default and mandatory sensitivity labels in Microsoft 365 - Ensures data protection by allowing educators and students to apply predefined labels manually (default) or enforcing them automatically (mandatory) to classify and safeguard sensitive information based on institutional policies. |
| ☐ | Sensitivity labels for containers in Microsoft 365 - Enables institutions to classify and protect groups, Teams, and SharePoint sites by applying specific access controls, privacy settings, and data protection policies. |
| ☐ | Personal data encryption - Ensures the secure storage and transmission of sensitive student and institutional information. |
| ☐ | Microsoft personal data encryption - Ensures that sensitive information is securely protected by encrypting data at rest and in transit. |
Threat protection
Threat protection features help institutions detect and respond to security threats.
| ☐ | Microsoft Defender Firewall - Provides a robust layer of security by monitoring and controlling network traffic. |
| ☐ | Microsoft Defender Exploit Guard - Enhances cybersecurity by protecting educational institutions from advanced threats and vulnerabilities through preventative controls and real-time threat detection. |
| ☐ | Microsoft Defender Credential Guard - Protects sensitive student and staff credentials by isolating and securing authentication processes using virtualization-based security. |
| ☐ | **BitLocker and BitLocker To Go - Provides robust encryption to secure institutional and student data on devices and removable drives. |
| ☐ | **Windows Information Protection - Safeguards sensitive institutional and student data by preventing accidental data leaks and ensuring secure access on managed devices. |
| ☐ | Microsoft Defender for Endpoint Plan 1 - Provides advanced threat protection and security management tools to safeguard devices, data, and users in academic environments. |