Search Results

What Customers Need to Do to Be HIPAA Compliant? Enable Multi-Factor Authentication (MFA) for all users. Assign admin roles only to trusted personnel. Use Microsoft Purview Message Encryption for emails containing PHI. Set up Data Loss Prevention (DLP) policies. Store PHI only in OneDrive for Business or SharePoint Online. Enable audit logging to track access and changes. Configure retention policies for record-keeping. Train staff on secure handling of PHI. Use Microsoft Purview Compliance Manager to monitor compliance. How Customers Can Show They’re Compliant? Maintain internal documentation of all compliance measures. Use Compliance Manager ( https://purview.microsoft.com ) to generate reports. Optionally, engage a third-party auditor for a compliance attestation. Note: Microsoft does not issue a HIPAA compliance certificate, since only you can prove how securely you manage PHI. HIPAA compliance is therefore self-attested, customers must document their own efforts. Microsoft automatically provides a Business Associate Agreement (BAA) when a tenant is created, confirming that Microsoft 365 services protect PHI through encryption, restricted data center access, and non-disclosure of data.

1. Microsoft 365 Business Basic Description: Ideal for small businesses, this plan includes essential productivity tools and cloud services. Features: Web and mobile versions of Office apps Email hosting with a 50 GB mailbox 1 TB of OneDrive storage Microsoft Teams for collaboration Standard security features 2. Microsoft 365 Business Standard Description: A comprehensive plan for businesses that need full access to Office apps and additional services. Features: Desktop, web, and mobile versions of Office apps Email hosting with a 50 GB mailbox 1 TB of OneDrive storage Microsoft Teams for collaboration Advanced security features Business-class email, calendar, and contacts 3. Microsoft 365 Business Premium Description: Designed for businesses that require advanced security and device management capabilities. Features: All features of Business Standard Advanced threat protection Device management with Intune Information protection with Azure Information Protection Windows Virtual Desktop access 4. Microsoft 365 Apps for Business Description: Perfect for businesses that need Office apps without additional services. Features: Desktop, web, and mobile versions of Office apps 1 TB of OneDrive storage Standard security features No email hosting or Microsoft Teams 5. Office 365 E1 Description: Aimed at enterprises needing essential productivity services without desktop apps. Features: Web and mobile versions of Office apps Email hosting with a 50 GB mailbox 1 TB of OneDrive storage Microsoft Teams for collaboration SharePoint and Yammer for intranet and social networking 6. Office 365 E3 Description: A robust plan for enterprises requiring advanced compliance and security capabilities. Features: Desktop, web, and mobile versions of Office apps Email hosting with a 100 GB mailbox Unlimited OneDrive storage Microsoft Teams for collaboration Advanced compliance tools Data loss prevention (DLP) and encryption 7. Office 365 E5 Description: The most comprehensive plan, offering advanced security, analytics, and voice capabilities. Features: All features of Office 365 E3 Advanced threat protection Microsoft Defender for Office 365 Advanced compliance and analytics tools Microsoft Teams Phone System and Audio Conferencing 8. Microsoft 365 F1 Description: Tailored for frontline workers who need productivity tools on the go. Features: Web and mobile versions of Office apps Email hosting with a 2 GB mailbox 2 GB of OneDrive storage Microsoft Teams for collaboration Basic security features 9. Microsoft 365 F3 Description: Designed for frontline workers who need more advanced tools and capabilities. Features: All features of Microsoft 365 F1 Desktop versions of Office apps Email hosting with a 2 GB mailbox 2 GB of OneDrive storage Microsoft Teams for collaboration Advanced security features 10. Microsoft 365 F5 Description: Provides additional security and compliance features for frontline workers. Features: All features of Microsoft 365 F3 Advanced threat protection Information protection with Azure Information Protection Compliance management 11. Exchange Online Plan 1 Description: A cost-effective email solution for businesses. Features: 50 GB mailbox per user Outlook on the web Anti-malware and anti-spam protection In-Place Archive 12. Exchange Online Plan 2 Description: Enhanced email solution with additional features. Features: 100 GB mailbox per user All features of Plan 1 Data loss prevention (DLP) Hosted voicemail 13. OneDrive Plan 1 Description: Basic cloud storage solution for businesses. Features: 1 TB of storage per user File sharing and collaboration Standard security features 14. OneDrive Plan 2 Description: Advanced cloud storage solution with additional features. Features: Unlimited storage All features of Plan 1 Advanced data loss prevention (DLP) File auditing and data retention 15. Visio Plan 1 Description: Basic diagramming tool for creating professional diagrams. Features: Web and desktop apps Basic templates and shapes Collaboration tools 16. Visio Plan 2 Description: Comprehensive diagramming tool with advanced features. Features: All features of Plan 1 Advanced templates and shapes Data connectivity and integration with Power BI AutoCAD support 17. PowerApps Per App Plan Description: Allows individual users to run one application or one portal. Features: Build and run custom apps Use prebuilt and custom connectors Access to Microsoft Dataverse 18. PowerApps Per User Plan Description: Enables users to build and run unlimited applications. Features: Unlimited apps and portals Advanced AI capabilities Access to Microsoft Dataverse 19. Power BI Pro Description: Essential business intelligence tool for creating and sharing reports. Features: Create and publish reports Collaborate and share insights Access to Power BI service 20. Power BI Premium Per User Description: Advanced business intelligence tool with additional features. Features: All features of Power BI Pro Advanced AI capabilities Dataflows and paginated reports 21. Power BI Premium Per Capacity Description: Enterprise-level business intelligence solution. Features: Dedicated cloud resources Advanced data analytics Unlimited content sharing Conclusion Choosing the right Microsoft 365 subscription depends on your organization’s specific needs and budget. Whether you’re a small business, a large enterprise, or an educational institution, Microsoft 365 offers a plan that can enhance productivity, collaboration, and security. Note: This blog does not include Microsoft Teams licenses because there is a dedicated blog for it. Click here to get redirect to Microsoft Teams licenses blog

Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information. Microsoft 365 uses encryption in two ways: in the service itself and as a customer control. In the Service Microsoft uses Transport Layer Security (TLS) by default to encrypt connections between servers, ensuring secure communication within the service. This is part of the built-in encryption that Microsoft 365 provides without requiring any additional configuration from the user. For example, Microsoft 365 uses TLS to encrypt the connection, or session, between two servers. Customer Control Microsoft Purview Message Encryption is a customer control that allows organizations to encrypt email messages and apply additional protection policies. This feature requires configuration by the customer to set up and manage encryption policies according to their specific needs. How Email Encryption Works Encryption : A message is encrypted, transforming it from plain text into unreadable ciphertext. This can happen either on the sender's machine or by a central server while the message is in transit. In Transit : The message remains in ciphertext while it's in transit to protect it from being read if intercepted. Decryption : Once the message is received by the recipient, it is transformed back into readable plain text in one of two ways: The recipient's machine uses a key to decrypt the message. A central server decrypts the message on behalf of the recipient after validating the recipient's identity. The Evolution of Email Encryption Before the introduction of Microsoft Purview Message Encryption, Microsoft offered two primary methods for securing emails: Office 365 Message Encryption (OME) and Information Rights Management (IRM). Office 365 Message Encryption (OME) : Designed to encrypt emails with options like "Do Not Forward" and "Encrypt-Only" to control access. Information Rights Management (IRM) : Applied additional usage restrictions, such as preventing recipients from forwarding, copying, printing, and editing the encrypted email. OME and IRM are not deprecated. While OME can still be applied through mail flow rules in the Exchange admin center, the Encrypt button in Outlook is now exclusively available with Microsoft Purview Message Encryption. This button uses IRM and allows users to apply encryption and usage restrictions directly from the email interface. A Unified Approach In April 2022, Microsoft unveiled the Microsoft Purview suite, which includes the Microsoft Purview Message Encryption. This new service combines the capabilities of OME and IRM, providing a comprehensive solution for email encryption and rights management. Microsoft Purview Message Encryption combine the capabilities of both OME and IRM into a single, unified solution. This integration enhances the user experience, allowing them to easily encrypt and protect their emails with the rights management features of IRM. Built on Azure Rights Management Services (Azure RMS) Azure Rights Management Services (Azure RMS) is a component of Azure Information Protection. In the background, Microsoft Purview Encryption uses Azure RMS to manage encryption keys and policies. When a user sends an encrypted email, Azure RMS applies the appropriate encryption rules and manages the decryption process for authorized recipients. Azure RMS also powers the IRM features within Microsoft 365 applications, helping to prevent sensitive information from being printed, forwarded, or copied by unauthorized people. Encryption Technologies Microsoft Purview Message Encryption leverages several encryption technologies to ensure robust protection for data at rest and in transit: Transport Layer Security (TLS) : Encrypts data in transit between servers. Microsoft 365 stopped supporting TLS 1.0 and 1.1 on October 31, 2018, and completed disabling TLS 1.0 and 1.1 in all environments since 2022. To maintain a secure connection to Microsoft 365 services, all client-server and browser-server combinations use TLS 1.2 and modern cipher suites. IPSec : In the context of Microsoft Purview Message Encryption, IPSec is not directly used for encrypting email messages. Instead, Microsoft Purview Message Encryption relies on Azure RMS to provide encryption, identity, and authorization policies. However, IPSec can be used to secure the network connections over which these encrypted emails are transmitted, ensuring that the data remains protected during transit. Advanced Encryption Standard (AES) : The primary cipher used for encrypting emails is AES with a 256-bit key length in Cipher Block Chaining mode (AES256-CBC). By October 2023, AES256-CBC will be the default for encryption of Microsoft 365 Apps documents and emails. Encryption of Data at Rest : In Microsoft 365, email data at rest is encrypted using BitLocker Drive Encryption. BitLocker encrypts the hard drives in Microsoft data centers to provide enhanced protection against unauthorized access. You can also use third-party encryption tools with Microsoft 365, such as PGP (Pretty Good Privacy). Microsoft 365 does not support PGP/MIME, and you can only use PGP/Inline to send and receive PGP-encrypted emails. Subscription Plans Microsoft Purview Message Encryption is included in the following subscription plans: Office 365 Enterprise E3 and E5 Microsoft 365 Enterprise E3 and E5 Microsoft 365 Business Premium Office 365 A1, A3, and A5 Office 365 Government G3 and G5 Activation and Configuration You do not need to perform any manual configuration to enable Microsoft Purview Message Encryption for your users. Once you assign them one of the above subscriptions with the Microsoft Purview Message Encryption feature, all required features and services should automatically be enabled and ready to use. However, since Microsoft Purview Message Encryption works on Azure RMS, you will need to ensure Azure RMS is active in your tenant. Azure RMS is also activated automatically for most subscriptions, so you probably don't have to do anything in this regard either. If you disabled Azure RMS, or if it was not automatically activated for any reason, you can activate it manually. You must use PowerShell to activate the Azure RMS service. You can no longer activate or deactivate this service from the Azure portal. Run Get-AipService to confirm whether the protection service is activated. To activate the service, run Enable-AipService You can verify that your Microsoft 365 tenant is properly configured to use Microsoft Purview Message Encryption using the Exchange Online PowerShell module. Run the Get-IRMConfiguration You should see a value of $True for the AzureRMSLicensingEnabled parameter, which indicates that Microsoft Purview Message Encryption is configured in your tenant. If it is not, use Set-IRMConfiguration to set the value of AzureRMSLicensingEnabled to $True to enable Microsoft Purview Message Encryption. Run the Test-IRMConfiguration cmdlet using the following syntax: Test-IRMConfiguration [-Sender -Recipient ] Example: Test-IRMConfiguration -Sender securityadmin@contoso.com -Recipient securityadmin@contoso.com For sender and recipient, use the email address of any user in your Microsoft 365 tenant. Your results should be similar to: Results : Acquiring RMS Templates ... - PASS: RMS Templates acquired. Templates available: Contoso - Confidential View Only, Contoso - Confidential, Do Not Forward. Verifying encryption ... - PASS: Encryption verified successfully. Verifying decryption ... - PASS: Decryption verified successfully. Verifying IRM is enabled ... - PASS: IRM verified successfully. OVERALL RESULT: PASS Your organization name will replace Contoso and the default template names may be different from those displayed above. Troubleshooting If the test fails with an error message "Failed to acquire RMS templates," execute the following cmdlets in the AIPService module in the specified order: $RMSConfig = Get-AipServiceConfiguration $LicenseUri = $RMSConfig.LicensingIntranetDistributionPointUrl Set-IRMConfiguration -LicensingLocation $LicenseUri Set-IRMConfiguration -InternalLicensingEnabled $true Run the Test-IRMConfiguration cmdlet again to verify that it passes. Microsoft Purview Advanced Message Encryption So far, we have been talking about Microsoft Purview Message Encryption (Basic). There is also Microsoft Purview Advanced Message Encryption. Microsoft Purview Advanced Message Encryption is included in: Microsoft 365 Enterprise E5 Office 365 E5 Microsoft 365 E5 (Nonprofit Staff Pricing) Office 365 Enterprise E5 (Nonprofit Staff Pricing) Office 365 Education A5. If your organization has a subscription that does not include Microsoft Purview Advanced Message Encryption, you can purchase it with: Microsoft 365 E5 Compliance SKU add-on for Microsoft 365 E3 and Microsoft 365 E3 (Nonprofit Staff Pricing) Office 365 Advanced Compliance SKU add-on for Microsoft 365 E3, Microsoft 365 E3 (Nonprofit Staff Pricing) and Office 365 SKUs Microsoft 365 E5/A5 Information Protection and Governance SKU add-on for Microsoft 365 A3/E3. Differences in Features Between Microsoft Purview Message Encryption and Advanced Message Encryption: Microsoft Purview Advanced Message Encryption includes all the features of Microsoft Purview Message Encryption, plus several advanced capabilities. Here are the additional features: Automatic Policies: Configure policies to automatically encrypt emails containing sensitive information such as Personally Identifiable Information (PII), financial data, or health records. Expiration and Revocation: Set expiration dates for encrypted emails and revoke access to them at any time, providing additional control over sensitive information. Tracking and Reporting: Track activities related to encrypted emails through access logs, ensuring compliance and security. Multiple Branding Templates: Use multiple branding templates for customized email experiences, enhancing the recipient's experience. Alternative Options: If you cannot use Microsoft Purview Message Encryption for some reason, you can consider the following alternatives: Varonis Data Security Platform Virtru Email Encryption Acronis Cyber Protect Cloud Druva Data Security Cloud S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is completely separate from Microsoft Purview Message Encryption and is its own method of sending encrypted emails. In addition to encrypting emails, it also digitally signs them so the recipients can verify the sender's identity. If you want to encrypt emails using the S/MIME method when sending emails from your Microsoft 365 email account (Exchange Online), you do not need to purchase any add-on license or specific Microsoft 365 subscriptions. You only need to purchase an S/MIME certificate from any Certificate Authority (CA) or set up your own CA within your organization. You can then set up S/MIME in users' Outlook desktop app or Outlook on the web. Please note: Recipients should also have S/MIME configured on their end to read your encrypted email using this method.

Learn the Privacy Policy before visiting Web site. Privacy Policy Last updated: October 2025 This Privacy Policy explains how this website collects, uses, and protects your information. We respect your privacy and are committed to keeping your data safe and transparent about how it’s handled. 1. Who We Are This website is owned and operated by the site administrator (“we,” “our,” or “us”). If you have questions about this Privacy Policy, you can contact us using the “Contact” section of the website. 2. Information We Collect Currently, our website does not collect personal information such as names, emails, or payment details. We only collect non-personal, anonymous data to understand how visitors use the site. Examples include: Pages visited and time spent Browser type and device type General location (city or country, not exact address) This data helps us improve our website’s content and performance. 3. Cookies and Analytics Our site may use cookies or similar technologies to enhance the browsing experience. Usercentrics manages cookie consent and ensures compliance with privacy laws like GDPR and CCPA. TWIPLA Website Intelligence (formerly Visitor Analytics) may collect anonymous usage statistics, such as page views or interactions. TWIPLA does not identify individual users and can operate in a cookieless, privacy-friendly mode. You can manage or revoke your cookie preferences anytime using the consent banner at the bottom of this website. 4. Contact Forms (Future Updates) If we later add a “Contact Me” form, your name and email will be used only to respond to your inquiry. We will update this Privacy Policy before collecting such data. 5. Data Sharing We do not share, sell, or trade your personal information with third parties. Our service providers (such as Wix and Usercentrics) process data only to maintain and operate this website securely. 6. Your Rights Depending on your location, you may have rights to: Access or delete your data Withdraw consent to cookies Complain to your local data protection authority To exercise these rights, contact us through the contact page. 7. Updates to This Policy We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated date at the top. 8. Contact If you have any questions about privacy or data protection, please reach out via the Contact page on this website.

Learn about Sagar Sharma | IT Professional based in Mumbai IN Hello My name is Sagar I am Sagar Sharma, a passionate individual dedicated to sharing my thoughts and experiences with you. Explore my site to discover insights, stories, and inspirations that reflect my journey and perspective. Join me on this adventure! About Me

Everything about Microsoft 365 in the words of Sagar Sharma. About Me. Hello! I’m Sagar Sharma, a dedicated IT professional based in the vibrant city of Mumbai, India. Born on August 30, 1996, I have always been passionate about technology and its potential to transform lives. Educational Background I completed my studies in Mumbai, culminating in a Bachelor’s degree in Computer Science from the prestigious University of Mumbai. My academic journey equipped me with a solid foundation in various aspects of computer science and technology. Professional Experience My professional career began with a role in system/IT helpdesk support, where I honed my skills in troubleshooting and providing technical assistance. After almost a year, I transitioned to Microsoft 365 technical support, a field in which I have been thriving for the past four years. My experience in this role has allowed me to develop deep expertise in Microsoft 365, helping businesses and individuals leverage this powerful suite of tools to enhance productivity and collaboration. Technical Skills Over the years, I have acquired a diverse set of technical skills, including: Microsoft 365: Comprehensive knowledge of the suite, including setup, management, and troubleshooting. Computer Building: Expertise in assembling and configuring custom computer systems. Networking: Proficient in setting up and managing Cisco routers and switches. Operating Systems: Skilled in both Linux and Windows Server environments. Active Directory & Exchange Server: Experience in managing user accounts, permissions, and email services. Virtualization: Knowledge of virtual environments and their applications in modern IT infrastructure. Firewalls: Proficient in configuring and managing firewalls to ensure network security. Download CV Personal Interests When I’m not immersed in the world of technology, I enjoy exploring new gadgets, staying updated with the latest tech trends, and sharing my knowledge with others. I believe in continuous learning and am always on the lookout for opportunities to expand my skill set. Thank you for visiting my website! Feel free to reach out if you have any questions or need assistance with your IT needs. Email contact@sagarsharma.in