Microsoft 365 Compliance - Frequently Asked Questions (FAQ)
ALERT LEGACY ARTICLE: The content in this article is no longer updated and is available for reference purposes only. Features and workflows described may be deprecated, significantly changed, or no longer supported.
Environment
- Datto EDR
Description
Can I just use the Compliance feature or do I also need to have a defined and populated Target Group?
Datto EDR requires you to have at least one trusted host defined and scanned. Our current Response and Extension capabilities will leverage the host as the trusted execution platform for any extension you may write to interact Microsoft 365 APIs
Should I use my account or create a service account?
It is highly recommended that you create a specific service account for Datto EDR and assign the correct and required credentials. Avoid using an individualâs credentials as inspection credentials for the MS 365 inspection.
What level of subscription will Datto EDR inspect?
Datto EDR will support all levels of MS Office 365 from the lowest basic level to enterprise offerings.
Will I be required to install or host a Microsoft App?
No, Datto EDR has taken the burden of handling the Microsoft App ourselves and we manage the authentication negotiation, token renewal and any authentication data we store is encrypted at rest.Â
What type of access am I granting Datto EDR?
Datto EDR requires read only and will only ask you to authorize read only permissions.
Why does my Microsoft Secure Score and Datto EDR Score seem to be out of sync at times?
Microsoft has released a Secure Score Bulletin that has highlighted that the Secure Score and Graph API (API used to interrogate Azure) will be out of sync at times until backwards compatibility is completed. This is a Microsoft issue at this time
Why does the authentication for Datto EDR say "Unverified?"
Datto EDR is currently going through the Partner Verification process with Microsoft. Once this is complete the authentication will change to Verified.
