Playbooks
Step-by-step operational guides for configuring, managing, and troubleshooting Microsoft 365 and Microsoft Purview. Each playbook walks you through a specific scenario with clear actions, recommended settings, and best-practice guidance.
DLP Rollout Modes
DLPPurviewRolloutStrategyMonitorThe four-step path to turning on DLP: start quiet in Monitor, add warnings in Educate, encrypt in Protect, and Block only the highest-risk data. Links to the Monitor-only and Exchange Baseline playbooks for implementation.
Monitor-only DLP Policy (EXO, SPO, ODB, Teams)
DLPPurviewMonitor-onlyEXOSPOMonitor external sharing and sensitive information detections without enforcement. Two SIT volume tiers and an IT Secrets rule. Sends admin alerts on IT data.
Exchange Online Baseline DLP🔒
DLPPurviewEXOEnforcementEncryptEnforcement policy for Exchange Online: encrypt outbound credit card data, block high-volume SSN exfiltration with education, and warn senders on low-volume SSN sharing.
Sensitivity Label Deployment🔒
Sensitivity LabelsPurviewMIPCompliancePlan, configure, and roll out Microsoft Purview sensitivity labels across M365 workloads.
eDiscovery — Subject Rights Request
eDiscoverySRRPrivacyGDPRPurviewCondensed SRR playbook for Microsoft Purview eDiscovery. Interactive KeyQL builder generates search queries from a subject's name and email. Covers access, export, and deletion across Exchange, SharePoint, OneDrive, and Teams.