Upload
joao-livio
View
239
Download
4
Embed Size (px)
Citation preview
Portugal
SETUP AND ENABLEMENT OFFICE 365 MESSAGE ENCRYPTION
Portugal
Portugal
JOAO LIVIO – SharePoint Specialist & Senior Consultant
Joao Livio have 21 years of IT and Development experience. Now working as SharePoint Specialist at NOS Portugal and BOLD International as SharePoint Specialist & Senior Consultant.
Was nominated Microsoft MVP since 2002 to 2012. His main action is maintain and developing Hybrid Systems namely Office 365 and SharePoint using CSOM, JSOM, Custom WCF Services and BCS Models with KnockoutJS and MVVM Patterns and/or MVC using Auto-Hosted and Provided-Hosted Apps.
http://sptime.wordpress.com @jlivio
Portugal
AGENDA
2ª Reunião - Comunidade Office 365 PT
Introduction to office 365 message encryption Architecture and Diagram for encrypted email TASKS
Activate Azure Rights Management for Office 365 Message Encryption
Set up Azure Rights Management for Office 365 Message Encryption Configure RMS with the online key-sharing location Import the Trusted Publishing Domain (TPD) from RMS Online Create Transport Rules to Encrypt Messages
Tests and Conclusions Q&A
Portugal
ARCHITECTURE and Support
Support for all commonly used devices, not just Windows computers
1. Windows computers and phones2. Mac computers3. iOS tablets and phones4. Android tablets and phones
Support for business-to-business collaboration
Because Azure RMS is a cloud service, there’s no need to explicitly configure trusts with other organizations before you can share protected content with them. If they already have an Office 365 or an Azure AD directory, collaboration across organizations is automatically supported. If they do not, users can sign up for the free RMS for individuals subscription.
Support for on-premises services, as well as Office 365
In addition to working seamlessly with Office 365, you can also use Azure RMS with the following on-premises services when you deploy the RMS connector:
1. Exchange Server2. SharePoint Server3. Windows Server running File Classification Infrastructure
Portugal
ARM – Introduction
Microsoft Azure Rights Management provides a
comprehensive policy-based enterprise solution to help
protect your valuable information, no matter whom you
share it with. For $2.00 per user per month, you get
Information Rights Management capabilities such as Do
Not Forward and Company Confidential, as well as Office
365 Message Encryption, which allows you send encrypted
emails to anyone!
Portugal
Requirements for Azure Rights ManagementA cloud subscription for RMS && Azure AD directory
To use Azure RMS, you must have at least one of the following subscriptions:
1. Office 3652. Azure RMS Standalone3. Enterprise Mobility Suite4. RMS for individuals
Microsoft Office applications (Word, Excel, PowerPoint, and Outlook) from the following suites:
5. Office 365 ProPlus6. Office 365 Enterprise E37. Office Professional 20138. Office Professional 2010
Note:
Specific to Office Professional 2010:Windows computers must install the Rights Management sharing application for Windows
All Information: https://technet.microsoft.com/en-us/jj585016
Rights Management Services (RMS) is a premium feature that requires an Enterprise Client Access License (CAL) or a RMS Online
license for each user mailbox
PortugalTASKS – Activate, Install – Configure and Run
https://technet.microsoft.com/en-us/mt126254
Portugal
Introduction - Diagram for encrypted email
Portugal
SIMPLE SCRIPT – No Pain (5 Steps)#Open PowerShell as AdministratorSet-ExecutionPolicy RemoteSigned$cred = Get-Credential$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirectionImport-PSSession $Session
#Verify your IRM isn’t configured alreadyGet-IRMConfiguration
#Configure RMS with the online key-sharing location for Exchange Online (European Union)Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc
#Import the Trusted Publishing Domain (TPD) from RMS OnlineImport-RMSTrustedPublishingDomain -RMSOnline -name "RMS Online"
#Verify successful setup of IRM in Exchange OnlineTest-IRMConfiguration –sender [email protected]
#Disable IRM templates in OWA and OutlookSet-IRMConfiguration -ClientAccessServerEnabled $false
#Enable IRM for Office 365 Message EncryptionSet-IRMConfiguration -InternalLicensingEnabled $true
#View the IRM ConfigurationGet-IRMConfiguration
Portugal
Endpoint’s Geolocation
RMS key sharing location Endpoints
North America https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
European Union https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc
Asia https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc
South America https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc
Office 365 for Governmenthttps://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc1
Portugal
1. Import Session
2. Verify your IRM isn’t configured already
3. Configure RMS with the online key-sharing location for Exchange Online
4. Import the Trusted Publishing Domain (TPD) from RMS Online
5. Verify successful setup of IRM in Exchange Online
6. Disable IRM templates in OWA and Outlook
7. Enable IRM for Office 365 Message Encryption
Portugal
Q&A
I´m not afraid to put my data in the Cloud. I was attacked in my house. Fortunally I could keep my undershorts.
The master has failed more times than the beginner has even tried…
Portugal
REFERENCES
http://blogs.technet.com/b/canitpro/archive/2015/05/20/step-by-step-setup-and-enablement-of-office-365-message-encryption.aspx
https://products.office.com/en-us/business/microsoft-azure-rights-management
Microsoft MVP Kelsey Epps
Microsoft
Portugal
Some notes....
Portugal
Portugal
· https://www.facebook.com/office365portugal · https://www.facebook.com/groups/o365pt · https://twitter.com/O365PT · https://www.linkedin.com/grp/home?gid=8204221
Portugal
Thanks ...