Get All AIP encrypted files - SharePoint Online

One of the recent project merger and acquisition.  Technology - M365 tenant to Tenant migration Areas of consolidation 1. Mailboxes  2. SharePoint online data 3. OneDrive for Business data 4. Teams data migration 5. Security and Compliance Migration  Area of concern from security and compliance side was the encrypted files within EXO, SPO, Teams, ODB. Issue with encrypted data migration - end users will not be able to access the documents once the Source tenant is decommissioned.   Solution available -  Ask end users to unencrypt the data before migration  Alternet Solution - 1. Decrypt the files, mails using eDiscovery - This will give us output in PST format will is available for offline access, but the data in source will still be encrypted.  Decryption in eDiscovery - Microsoft Purview (compliance) | Microsoft Docs   2. Use Get-AIPfileLabel and Get-AIPFileLabel but in order to use this you must be aware of all the files paths.  Challenges -  1. We do not want end user intervention

Add domain and IP to whitelist


Add domain and IP to whitelist



You create an IP Allow list or IP Block list by editing the connection filter policy in the Exchange admin center (EAC). The connection filter policy settings are applied to inbound messages only.

  1. In the Exchange admin center (EAC) (https://outlook.office.com/ecp/) navigate to Protection > Connection filter, and then double-click the default policy.
  2. Click the Connection filtering menu item and then create the lists you want: an IP Allow list, an IP Block list, or both.

To create these lists, click Add Icon. In the subsequent dialog box, specify the IP address or address range, and then click ok. Repeat this process to add additional addresses. (You can also edit or remove IP addresses after they have been added.)

  1. Optionally, select the Enable safe list check box to prevent missing email from certain well-known senders. How? Microsoft subscribes to third-party sources of trusted senders. Using this safe list means that these trusted senders aren’t mistakenly marked as spam. We recommend selecting this option because it should reduce the number of false positives (good mail that’s classified as spam) you receive.
  2. Click save. A summary of your default policy settings appears in the right pane.



Please refer the below link for more details.



To add a domain to whitelist.

  1. In the Exchange admin center (EAC) (https://outlook.office.com/ecp/) navigate to Protection > Spam filter, and then double-click the default policy.
  2. On the Allow Lists page, you can specify entries, such as senders or domains, that will always be delivered to the inbox. Email from these entries is not processed by the spam filter.

  1. Add trusted senders to the Sender allow list. Click Add (+), and then in the selection dialog box, add the sender addresses you wish to allow. You can separate multiple entries using a semi-colon or a new line. Click ok to return to the Allow Lists page.

  1. Add trusted domains to the Domain allow list. Click Add (+), and then in the selection dialog box, add the domains you wish to allow. You can separate multiple entries using a semi-colon or a new line. Click ok to return to the Allow Lists page.


Please refer the below link for more details.

Comments

Popular posts from this blog

Error - AttributeValueMustBeUnique in Azure AD connect sync

Error - QuarantinedAttributeValueMustBeUnique

Add members to office 365 Security Group Using PowerShell and CSV

Analyze Office 365 Message headers

Enforce MFA using CSV