Finding data across Exchange, SharePoint, and Teams for legal investigation. 3. Administrative Best Practices for Security & Compliance
Identity is the primary security perimeter in cloud environments. Protecting user credentials and managing access levels is the first line of defense against unauthorized entry. Multi-Factor Authentication (MFA)
While the Kranjac and Kudović book provides a structured, in-depth curriculum, it is part of a larger ecosystem of best practices that every administrator should embrace. The book's guidance aligns with and expands upon the following foundational principles, which represent the current : Finding data across Exchange, SharePoint, and Teams for
Centralized logging records user and administrator activities across all Microsoft 365 services, providing the forensic trail required for security investigations.
Each chapter combines conceptual explanations with clear, step-by-step guidance, checklists, and real-world scenarios. The authors emphasize practical implementation: how to verify licensing, assign appropriate permissions (such as the Microsoft Purview Compliance Administrator role), enable unified audit logs, and create audit retention policies that support both security operations and legal investigations. The book also highlights the 2025 direction of Microsoft's security tools, including the centralization of capabilities in the Microsoft Purview portal as the unified interface for managing security, privacy, and compliance. Protecting user credentials and managing access levels is
In the modern digital workspace, securing data and ensuring regulatory compliance are no longer optional—they are the foundation of business continuity. With Microsoft 365 acting as the hub for collaboration and communication, administrators face the monumental task of protecting identities, endpoints, and information against sophisticated threats.
Omar Kudović is a and a long-standing Microsoft MVP in the Office 365 Apps and Services category. His expertise includes: In the modern digital workspace
: Implementation of Microsoft Purview tools for data lifecycle management, information protection, and insider risk management.
Organizations must manage the data lifecycle to comply with legal requirements. Retention schedules ensure critical data is preserved for a mandatory duration and automatically deleted when no longer required. Compliance Management and Auditing
Disable older protocols like IMAP, POP3, and SMTP that cannot challenge users for MFA.