Microsoft 365 Targeted Security Notifications [Template]

Overview

Organizations have hundreds of sources generating log events each day, with a large proportion generated by end-users. Most IT departments won’t have the resources to validate the legitimacy of log events leaving suspicious activities going unnoticed.

Voleer Microsoft 365 Targeted Security Notifications can help by generating notifications of potentially suspicious activities to end-users every 7 or 14 days so that they can help verify their activity and alert IT if there is any activity not performed by them.

How it works

The template processes log data across Microsoft 365 and generates end-user specific notifications based on activity as such

  • Compromised third party accounts

  • Login locations

  • Bulk emails sent

  • Granted or received mailbox permissions

  • Added devices

Requirements

To generate notifications, you will need to

The following are also required

  • A Microsoft 365 account with Global Administrator, Cloud Administrator or Application Administrator permissions

  • If using Cloud Administrator or Application Administrator permissions, an account with the additional permissions is required

    • Global Reader in Microsoft 365 Admin Center

    • User Options, View-Only Audit Log and View-Only Mail Recipients in Exchange Admin Center

Getting started

To start using this template, perform the following:

  1. Launch the Microsoft 365 Targeted Security Notifications template from the library and follow the instructions

  2. Optionally schedule the template as a recurring job

Sign in or sign up to use this template