Does this sound like your day to day? Setting up calendar privileges for Joe from Marketing. And then the finance team has a new Finance Director Puja who needs access to her email ASAP.
When you receive these requests, the time it takes to manually perform this operation can be spent elsewhere more wisely
Join, Sharon Breeze, CoreView Solution Architect, for a 20 minute technical session, where she will show how to:
Learn about Microsoft 365 automated user management using ServiceNow.
We'll look at understanding what licenses people have, what they're using, and then we'll look at mitigating risks. So this is where CoreView has very in-depth, very granular capability in terms of controlling the management within the tenant.
With Least Privileged Access we can look at security gaps that might be in the tenant and can enforce policies for things to remain consistent within that tenant.
When we talk about management, there are three areas that we talk about.
These are built-in tasks that we've created, based on customer feedback. And they're going to be those day-to-day tasks that you might want to do within your tenant. They consist of:
In terms of wiping devices, we also have the hybrid connector.
The hybrid connector allows us to extend out from CoreView to do some on-premise activity as well. Like:
So custom actions are PowerShell, essentially.
It gives you the ability to add in PowerShell scripts that you might already have or something that you want to do that we don't have a management action for.
Microsoft 365 workflows are a series of steps that we can build into an automated flow.
And we're going to take a combination of those management actions that we looked at and those custom actions to build a workflow.
Workflows can be built for:
Audit logs are available for a year. It means we can go back in time to understand what's been happening in the tenant, either from the end user's point of view or something that an administrator has been doing.
In addition, there is a concept of alert. Alerts are where we can look for something within those logs. And if we see that event happening, we can then take action.
That could be a notification that we're sending out just an email, or it could be some workflow that we're going to trigger based on that.
So we have triggered the workflow from within CoreView to ServiceNow.
We also have the capability from CoreView to then based on information that we are seeing in the tenant go and create tickets or create, you know, records within ServiceNow.
So let's go and look at some of those options.
So every Monday morning, we're going to look for our users that are disabled but have got a license assigned. If we find any, we're gonna log an incident in ServiceNow.
We can automatically resolve this as well. So we could go and look at these users that are disabled, they've got the license, let's trigger some workflow to recover that license.
Maybe they've been missed as part of onboarding, so we can automatically respond to what we're seeing as well, as well as looking at those incidents.
Has anybody added or removed them?
When was it done again? That's just an example. It could be. Mailbox permissions on one of the VIP mailboxes, maybe it could be someone we think has had lots of failed sign-ins and has a compromised account that we can maybe look at. Maybe we're looking at other information within those audit logs. Has somebody shared something externally that you don't want them to share?