Auditing and Reporting in Microsoft Cloud Services

Introduction

Microsoft cloud services include several auditing and reporting features you can use to track user and administrative activity within their tenant, Examples include changes made to Exchange Online and SharePoint Online tenant configuration settings, and changes made by users to documents and other items. You can use audit information and reports available in Microsoft cloud services to more effectively manage user experience, mitigate risks, and fulfill compliance obligations.

Security & Compliance Centers

The Office 365 Security & Compliance Center, the Microsoft 365 Security Center, and the Microsoft 365 Compliance Center are one-stop portals for protecting data in your organization, and they include many auditing and reporting features. These centers help you with your data protection or compliance needs and audit user and administrator activity. You can access these centers using your subscription admin account.

These centers include navigation panes for access to several features:

  • Alerts: Enables you to manage alerts, view security-related alerts, and manage advanced alerts using Office 365 Cloud App Security.
  • Permissions: Enables you to assign permissions such as Compliance Administrator, eDiscovery Manager, and others to people in your organization so they can perform tasks in these centers. You assign permissions for most features in each center, but other permissions must be configured using the Exchange admin center and SharePoint admin center.
  • Threat management: Enables you to create and apply device management policies using Office 365 Mobile Device Management, to set up Data Loss Prevention (DLP) policies for your organization, to configure email filtering, anti-malware, DomainKeys Identified Mail (DKIM), safe attachments, safe links, and OAuth apps.
  • Data governance: Enables you to import email or SharePoint data from other systems into Office 365, configure archive mailboxes, and set retention policies for email and other content within your organization.
  • Search & investigation: Provides content search, audit log, quarantine, and eDiscovery case management tools to quickly drill into activity across Exchange Online mailboxes, groups and public folders, SharePoint Online, and OneDrive for Business.
  • Reports: Enables you to quickly access reports for SharePoint Online, OneDrive for Business, Exchange Online, and Azure AD.
  • Service assurance: Provides information about how Microsoft maintains security, privacy, and compliance with global standards for Office 365, Azure, Microsoft Dynamics CRM Online, Microsoft Intune, and other cloud services. Also includes access to third-party ISO, SOC, and other audit reports, as well as Audited Controls, which provides details about the various controls that have been tested and verified by third-party auditors of Office 365.

Service Assurance

Many organizations in regulated industries are subject to extensive compliance requirements. To perform their own risk assessments, customers often need in-depth information about how Office 365 maintains the security and privacy of their data. Microsoft is committed to the security and privacy of customer data in its cloud services and to earning customer trust by providing a transparent view of its operations, and easy access to independent compliance reports and assessments.

Service Assurance provides transparency of operations and information about how Microsoft maintains the security, privacy, and compliance of customer data in Office 365. It includes third-party audit reports along with a library of white papers, FAQs, and other materials on Office 365 topics such as data encryption, data resiliency, security incident management and more. Customers can use this information to perform their own regulatory risk assessments. Compliance officers can assign the "Service Assurance User" role to give users access to Service Assurance. The tenant administrator can also provide external users, such as independent auditors, with access to information in the Service Assurance dashboard through the Microsoft Cloud Service Trust Portal (STP). For details on how to access the STP, visit Get started with the Service Trust Portal for Office 365 for business, Azure, and Dynamics CRM Online subscriptions.

OneDrive for Business Admin Center

The Microsoft OneDrive admin center helps you quickly and easily manage your organization's OneDrive for Business settings in one place. To use the OneDrive admin center, access to onedrive.com is required. You must also be a global admin for your organization or a custom admin with the SharePoint administrator role. Access the OneDrive for Business admin center at https://admin.onedrive.com.

Key features include a Compliance area that provides administrators with links to the appropriate management center for key scenarios like searching the audit log, working with DLP, retention, eDiscovery, and alerting.