Albert Hoitingh
Microsoft MVP and CISSP with a taste for Governance, Risk and Compliance.
The Hague, The Netherlands
Albert Hoitingh is a Microsoft Security MVP as well
as CISSP. He is an (international) speaker on Microsoft Purview
(compliance, security, and risk).
Albert has been working on collaboration, information management, and security for more than
20 years, advising enterprises on deploying and using Microsoft
solutions.
Albert's expertise and experience in compliance, security, and risk in
the cloud and the modern workspace allow him to discuss solutions
with security officers, business users, architects, and management.
Follow his blog at https://alberthoitingh.com.
Links
Awards
Area of Expertise
Topics
Microsoft Teams admin-center - walkthrough
Microsoft Teams is a very complex and integrated platform for collaboration, apps, communications, and more. Managing such an environment can be very daunting.
In this session, Albert will walk you through the Microsoft Teams admin center and explain the different options. Subjects include the difference between policies and settings, Teams archiving, Teams templates, and more.
This is a low-level walkthrough, which will not include Teams devices or telephony.
Working with information barriers and communication compliance
In highly regulated organizations internal communications and collaboration might not be a straight forward as you think. Sometimes there's regulation in-place which prevents certain parts of the organization to share information with other parts. The most common scenario is separate people with insider (trade) knowledge from the people making investments - as to prevent conflicts of interest.
But platforms like Microsoft Teams, Exchange Online and SharePoint Online are designed to stimulate internal and external collaboration and communications. So how can we safeguard any conflicts of interest? One way is to set-up Chinese Walls, or in Microsoft 365 terms: information barriers.
Another option is to check against improper communications between specific sections in your organisation. And here we have Microsoft 365 Communication Compliance.
In this session, Albert will explain how these two components work, what you need to get started and how these are configured.
Working securely with Microsoft Teams
The rise of Microsoft Teams as a collaborative and communications platform has been steady and has really exploded due to the Covid-19 outbreak. And so has working remotely. But how can we work securely from home and with Microsoft Teams? In this session, Albert will dig deep into aspects like mobile device management, conditional access, data loss prevention and working with " anonymous" users. You will get a top-10 of pointers to help you work securely with Microsoft 365 and Teams.
Sensitivity labels deep-dive
Microsoft Information Protection has come a long way. From the earliest beginnings (Azure RMS and Secure Islands) to the auto-classification of SharePoint Online data at-rest, there are no reasons not to use the functions it provides. But the prospect of using the labels is somewhat daunting. Will these work? What options do we have? Can I still collaborate with my partners?
In this session, Albert will do a deep-dive into Microsoft Information Protection. We'll look at the configuration of the labels and the integration with Office Online. Including the (in preview) duo-key options.
Auto-classification of data at rest is also part of the agenda. We'll look at the Microsoft 365 policies for this and the Azure Information Protection scanner. We'll also dive into the scenario of data leakage and how information protection can be used to counter this as-well.
The concept of labeling containers (a SharePoint site or Teams environment) instead of the information itself is also discussed, including the pros and cons.
In the end you will have a great understanding of anything to do with labeling in Office 365 and beyond.
Office 365 data loss prevention de-mystified
Imagine this scenario: an employee is working on a sensitive document and uses OneDrive to store and share this with co-workers. The material in the document is highly classified as it pertains to a new marketing strategy. Because information protection was still in the "pilot-phase", the document itself was not protected.
The employee wants some feedback on the material. He opens Outlook, types the recipients and attaches a link to the document. The link is set to "Recipients can edit". He sends the e-mail. Unfortunately, he also included an external person by accident.
The classified document ended up with the external person and the organization suffered a data loss.
These scenarios are more common than you might think. Employees are busy enough with the day to day activities to be worried about the consequences of sharing sensitive information. And this sensitive information is more widespread within the organization. An email containing personal identifiable information sent to internal and external parties, a list of credit card numbers exported from the CRM system and stored in a SharePoint site, teams exchanging information which according to guidelines is not allowed.
What if, in our scenario, the external access to the document was automatically blocked and our employee would be notified of this? For this, Office 365 offers build-in data loss prevention. A compliance features which allows you to log events, display warnings and send e-mails and actively block sharing activities. In our scenario's the access to the document for the external person would be blocked
In this session, Albert will describe the functions of data loss prevention and the architecture which supports it. Albert will explain the concepts of sensitive information types, proximity, certainty, information barriers, trainable classifiers and Cloud App Security. He will also provide pointers to pitfalls which should be avoided.
At the end of this session you will have a very clear understanding of data loss prevention for Office 365, its roadmap and how to start using it right away.
Microsoft Purview what does this mean to me as an organization?
Microsoft Purview brings together data governance from Microsoft Data and AI, along with compliance and risk management from Microsoft Security and is now complemented with many other solutions
But what's in for me as an organization?
• Which solutions does Microsoft Purview actually include?
• Which solutions can be easily deployed in my organization?
• Which portals can I use now and for which solution?
An agreeable series of questions that we will answer during this session. At the end of the session, you will have an answer on what Microsoft Purview could mean in your organization.
Microsoft Purview eDiscovery for Microsoft Teams
As a platform, Microsoft Teams offers a multitude of options for sharing and managing information. In some cases, your compliance department can require that a specific conversation from Microsoft Teams can be exported for eDiscovery purposes. Or specific documents need to be redacted prior to exporting them for eDiscovery.
Now were are talking about (advanced) eDiscovery for Microsoft 365. In this session, Albert will cover aspects including the Microsoft Teams architecture, core eDiscovery, advanced eDiscovery, conversation treads, document discovery and PDF redaction.
Microsoft Information Protection de-mystified
Microsoft Information Protection has come a long way. From the earliest beginnings (Azure RMS and Secure Islands) to the auto-classification of SharePoint Online data at-rest, there are no reasons not to use the functions it provides. But the prospect of using the labels is somewhat daunting. Will these work? What options do we have? Can I still collaborate with my partners?
In this session, Albert will do a deep-dive into Microsoft Information Protection. We'll look at the configuration of the labels and the integration with Office Online. Auto-classification of data at rest (either on-premise or in the cloud) is also part of the agenda. We'll also dive into the scenario of data leakage and how information protection can be used to counter this as-well.
The concept of labeling containers instead of the information itself is also discussed, including the pros and cons. In the end you will have a great understanding of anything to do with labeling in Office 365 and beyond.
Microsoft 365 information protection - what's new?
2020 has seen a lot of new and enhanced information protection features become available in Microsoft 365. To name a few: labeling of data at rest, Office Online integration and the Office Proplus integration of the classification-client.
In this session Albert will give an overview of information protection before, now and to come - as related to Microsoft 365 and Azure.
Delve into the encryption functions for Microsoft 365.
Encryption and decryption - that's what this session is all about.
In this overview-session, Albert will talk about encryption in Microsoft 365 and how this works from SharePoint Online and Microsoft Teams. From the encryption standards and key-management (including double-key encryption), via Information Rights Management, to Microsoft Information Protection and the ability to co-author encrypted documents.
Microsoft Information Protection will be center-stage during this session. You will learn about the protection settings for the sensitivity labels and auto-classification. But will also look at any pitfalls for working with these labels.
Office 365 Message Encryption is also part of the session. What effect does the "do-not-forward" option have on your e-mail with attachments and why is this also a form of encryption? This is just one of the questions answered.
At the end of the session, we will look at some very specific scenarios, including the Super User role, B2B collaboration do's and don't, decrypting e-mail attachments, licensing, co-authoring and auto-save and how encryption effects eDiscovery.
So if you want to know more about Microsoft 365 and ecnryption, then this session is for you!
Microsoft 365 - Dispose with care
The last couple of years have seen a lot of changes and enhancements for records management in Microsoft 365. But many organisations are still struggeling to get records management up and running. Should they use the record center or the [new] retention labels? And what about managing a records management environment?
In this session Albert will go through the different scenario's from a business/records manager perspective. He'll explain and show what works and what doesn't work (yet). He'll will also explain some of the caveats to the more classic records management solution, but also the new one.
Albert will also discuss the newly released trainable classifiers and show the fileplan options which are included in Microsoft 365. If you want to get to know records management in Microsoft 365: this is the session to go to - even if you have no prior knowledge of records management.
Unified labelling in Office 365 - does it fulfil its promises?
Azure Information Protection is part of the Microsoft Information Protection portfolio. It offers an easy to use solution for classifying and protecting documents, regardless of their location. One of these locations might be SharePoint Online, as part of Office 365.
Many an organisation has struggled with these two platforms. How to protect your document when these are stored in SharePoint, for example? During Ignite 2018, Microsoft introduced us to the new unified labelling experience in Office 365. Unified labelling allows us to us both retention and protection labels in Office 365. Finally bridging the gap between Azure Information Protection and Office 365. And more - offering site-classifications that actually work as-well :-)
During this session Albert will detail how this new experience works. He will also talk about and show the differences in functionality and how to migrate your Azure Information Protection labels to the new sensitivity labels.
SharePoint and Azure Information Protection
Azure Information Protection is Microsoft's solution for classifying and protecting documents, regardless of their location. As many documents are stored in SharePoint (either on-premise or Online), many organisations want to label and protect these as-well.
In order to use Azure Information Protection with SharePoint on-premise we will need the Azure Information Protection scanner. For SharePoint Online we need Cloud App Security. In this session, Albert will describe Azure Information Protection and show how the scanner and Cloud App Security allow you to label (and protect) documents.
Citizen developer vs. the admin - win/win or win/lose?
Sure, Microsoft's Power platform (PowerBI, Flow and PowerApps) is one of the most innovative and accessible environments for your power-users out-there. Daniel is one of those citizen developers. Making business apps on a daily basis, and sometimes needing to take little short-cut to get the job done.
Albert’s the security guy. He wants to make Daniel’s live easy (at least on the PowerApps/Flow front) and wants him to make the most out of the platform. But he also wants to keep it secure, be in control and keep the compliance people happy.
In their session, Albert en Daniel discuss these questions and will give several ready-to-use pointers. Subjects include the CDS, the admin-dashboard, environments, data loss prevention, licensing, the Office 365 auditlog and alerting. And Daniel will even show how to use the new Powerplatform connectors.
Sensitive data and Office 365: Advanced data governance scenario's
In order to be compliant, enterprise need to be serious about data retention and archiving. Some sensitive (personal) content needs to be removed from the enterprise when an employee leaves, while other content needs to be preserved.
Advanced data governance introduces machine learning to find and retain this important content. In this session, Albert will talk about and demonstrate data classification from the end-user perspective, automatic classification, the effect of classification on the content and managing data governance using the PowerShell cmdlets.
Making the pieces fit - the Office 365 security & compliance puzzle
Office 365, Microsoft Cloud App Security, Enterprise Mobility and Security (EMS), Azure Information Protection. There's no lack in Microsoft's offering of security & compliance solutions. But how do these solutions work together? Up to 2017 SharePoint Online and Azure Information Protection didn't like each other much. And data governance labels and Azure Information Protection labels were equal in name only.
In this session, Albert will go over all these pieces and will explain them. He will also demonstrate the functions and show you how to create a complete puzzle.
Teams10X - April 12 - 13, 2023 Sessionize Event
Modern Workplace Conference Paris 2022 Sessionize Event
M365 Below in Chicago! Sessionize Event
Microsoft Teams Day Online 4 Sessionize Event
CollabDays Belgium & Netherlands 2021 Sessionize Event
aMS Southeast Asia 2021 Sessionize Event
Techorama 2021 Spring Edition Sessionize Event
Teams Day Online 3 Sessionize Event
Virtual Scottish Summit 2021 Sessionize Event
Global Security and Compliance Community Conference Sessionize Event
CollabDays BeNeLux Online 2020 Sessionize Event
Teams Day Online 2 Sessionize Event
Omaha365 Conference - Virtual Edition Sessionize Event
EXPERTS LIVE NETHERLANDS 2020 Sessionize Event
Scottish Summit Sessionize Event
SharePoint Saturday Netherlands 2019 Sessionize Event
SharePoint Saturday London 2019 Sessionize Event
SharePoint Saturday Cologne Sessionize Event
The North American Collaboration Summit 2019 Sessionize Event
SharePoint Saturday Netherlands 2018 Sessionize Event
Albert Hoitingh
Microsoft MVP and CISSP with a taste for Governance, Risk and Compliance.
The Hague, The Netherlands
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top