We are excited to share that we are set to begin a new chapter with Dropbox, Inc. Dropbox is acquiring our IP technology to embed natively into the Dropbox product, bringing end-to-end, zero-knowledge encryption to millions of business customers around the world. Check out our blog to find out more!

Joerg Schanko

Jörg Schanko | Geschäftsführer Konverion UG (haftungsbeschränkt)

Microsoft 365 - Stay In Control!

In this guest article, Jörg Schanko, Managing Director of Konverion UG (limited liability) presents his tool Microsoft 365 Checker, which helps the works council monitor changes to Microsoft products and whether they affect data security.

Microsoft 365 is an exceptionally comprehensive and complex platform that many organizations use as the basis for all communication and collaboration - both internally as well as with customers and partners.

This complexity is further increased by the so-called "evergreen" approach, meaning Microsoft no longer waits to release new functions and enhancements at fixed intervals, but releases them directly after completion instead.

Regular Review of TOMs

The scope and dynamics brought on by this new approach pose new challenges for IT departments, but also others. Works councils in particular are confronted with the seemingly insurmountable task of monitoring compliance with company agreements on Microsoft 365 that have once been concluded – since these are subject to change, monitoring must be done continuously and often during ongoing operations. Data protection officers also share this fate. After all, according to the EU General Data Protection Regulation, there is an obligation to regularly check and document all technical and organizational measures for the protection of personal data.

The Microsoft 365 Checker

To provide assistance here, we have developed the "Microsoft 365 Checker". With its help, all configurations relevant to co-determination from the various Microsoft 365 components (Azure Active Directory, Security, Compliance, Exchange, Teams...) can be read out and documented. And that without in-depth Microsoft 365 knowledge!

And here's how:

First, you define one or more templates in which you specify which configurations are to be read out.

After the template is saved, you can create reports based on it, which are stored in a local, encrypted database.

Microsoft 365 Checker Screenshot Check

Good to know: Microsoft 365 Checker uses PowerShell "under the hood" to do this, the same technology administrators use to manage complex environments.

By its nature, the information read-out is very technical. Therefore, it is recommended that the initial report be discussed between the works council or data protection officer and IT.

If all settings are as specified, for example, in the company agreement on Microsoft 365, mark the report as a "comparison basis". Reports that are created at a later date can then simply be compared with this basis. If there are discrepancies between the reports, the corresponding areas will be highlighted.

Microsoft 365 Checker Screenshot Compare

This way, you get a quick overview if - and if so, what has changed in the meantime. All reports and comparisons can also be exported as a Word document.

If a group of companies shares a common Microsoft 365 tenant (client), the reports can be configured so that only the personal data of employees is displayed for whom each company is responsible. This allows data protection to be ensured during the monitoring.

Secure Internal Transmission of Reports

To be able to create a report, you need a user account in Azure Active Directory that has the necessary permissions (usually "Global reader" and "Security reader"). If these permissions cannot be provided directly to a panel, the reports can also be created centrally by IT and made available via export. The export files are encrypted and provided with a hash value so that changes to the content are not possible.

In general, the Microsoft 365 Checker provides a monitoring option that is simple and time-saving for all parties.

Partager cet article

Articles similaires


Our New Chapter with Dropbox: What Boxcryptor Users Need to Know

Last week we already announced that we sold important technology assets to Dropbox. What our customers need to know now, we explain in detail here.


A letter from our Founders: We’re joining Dropbox!

Almost 12 years ago, we set out to make complex security solutions easy to use. Now we are excited to share that we are set to begin a new chapter with Dropbox, Inc.

Dummies Book Cover and Back

CLOSED We Celebrate Our Book Release: Your Chance to Win

We have published our first book to get even more people excited about the cloud and data security. Celebrating the official launch, you can win printes copies and Boxcryptor licenses in our raffle. Read about the details in our blog post.