Office 365 and Azure basic's Part I

Written by Arne Tiedemann on Thursday June 13, 2019

This article describes the basic activities of an Office 365 and Azure administrator. Which configurations should be reconsidered, which are fundamental.
All this can be found in this article.

Basic configuration

The configuration of the basic settings will help you to be informed about news and thus always be up-to-date.

Notifications

In the Office 365 Massage Center, you will get daily news about your tenant and your workloads like Exchange, Teams, SharePoint and all other enabled workloads. It is a good idea to configure the messages that you want to receive in the Message center.

Office 365 Message Center
This image shows a default view of your Message center configuration. Select the services for that you want to receive news and updates.
If you want to get update notification through email, activate email notification and type the email address where you want to get the information.

Up2Date

You should try to stay up to date with the news in the news center because changes to certain workloads are almost exclusively announced here.

Security

Office 365 and Azure is an online service that is accessible from any location! The Microsoft Cloud saves your company data and personal data from your employees. Take care about the administrative roles and the types of logging in the users.

Administrative logon

Each administrator should be enabled to use multi-factor authentication (MFA) and the administrators should know that nobody should save the passwords in any browser because these passwords can easily cached.

Administratory should use the Microsoft Authenticator app as the second factor and if possible they should use an extra machine to manage the tenant.

Licenses

Microsoft is doing a great job in security, including providing Microsoft licenses that increase the security of the entire tenant.
These licenses include, for example, the following:

  • Azure AD Premium P1/P2, more information >> here <<
  • Enterprise mobility & security, more information >> here <<
  • Advanced thread protection, more information >> here <<
  • Azure thread analytics, more information >> here <<
  • and more

For me, all licenses would be useful, but you can also choose license bundles that already contain the security-relevant licenses.

Microsoft 365 F1

Connect with your Firstline Workers through purpose-built tools and resources that allow them to do their best work.

Microsoft 365 E3

Access core products and features within Microsoft 365 to enhance workplace productivity and drive innovation, securely.

Microsoft 365 E5

Access the latest products and features within Microsoft 365, including advanced threat protection, security and collaboration tools.

Privacy Statement

This article explains how a tenant admin can add privacy-related info to an organization’s Azure Active Directory (Azure AD) tenant, through the Azure portal.

We strongly recommend you add both your global privacy contact and your organization’s privacy statement, so your internal employees and external guests can review your policies. Because privacy statements are uniquely created and tailored for each business, we strongly recommend you contact a lawyer for assistance.

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-properties-area

For information about viewing or deleting personal data, see Azure Data Subject Requests for the GDPR. For more information about GDPR, see the GDPR section of the Service Trust portal.

Invoices and notifications

Billing and related information are configured by Microsoft via the billing portal. Please check if the correct email addresses of the invoice recipients are configured because I think that I don't want to receive invoices as an admin. :-)

Dashboard

On the home page of the Office 365 portal, called a dashboard, you can configure the cards that are important to you at first glance.

AAD Connect

If your environment use Azure Active Directory Connect to synchronize your on-premises Active Directory identities to Azure AD. Then you should have a daily look at the synchronization events "AAD Connect synchronization errors" in the portal and the synchronization service at the Azure Active Directory Connect server.

Information

Some errors will only be shown in the portal and others only at the Azure Active Directory Connect server.