Categories

This release introduces a major new initiative by CoreView to introduce best practices for managing Microsoft 365 -- Playbooks. CoreView Playbooks take many of the capabilities of CoreSuite – reporting, workflow, KPIs, but assemble them into a pre-defined, out-of-the-box solution that detects problems in your M365 environment and then provides automated remediation.    

Playbooks are composed of Policies that we define for our M365 environment. Example of policies include: 


  • Admins must have MFA  
  • Teams must have an owner  
  • Shared mailboxes must not be assigned a license  
  • Sharepoint sites shared externally must not have sensitive content  
  • Guest users must be reviewed and approved every 6 months 


Each policy has an associated workflow to help moderate and manage those issues. The workflows are pre-defined but provide flexibility to configure for your organization needs.  Workflows can be scheduled to run on a recurring basis or can be executed manually.  


Playbooks also provide the ability to manage exceptions, either temporary or permanent, with easy oversight to manage those exceptions.  


Policies are also Virtual tenant aware, so two users with different v-tenant responsibilities can review the same policies, but see different users, groups, etc. within the tenant.  


Policy Library 


CoreView provides a set of out-of-the box policies focused on Teams, Security, Identity and License Management with more policies coming soon. Check out the library of policies in the article CoreView Playbook Policy Overview


Configuring Playbooks  


Setting up Policies 


For all of CoreView’s out-of-the box policies, they come enabled by default, but with workflow disabled and not displayed to delegated administrators.  


To configure a CoreView policy: 


  1. Go to Settings > Playbooks 
  2. Click See Details on the policy you want to edit.  
  3. Click Edit.  


This will display a form with configuration settings specific to each policy. This might include choices to enable an approval workflow, to perform a specific management action, to configure a trigger, etc. But these settings are common to all policies: 


  • Acceptance Threshold – This allows you to identify a value to flag a policy as “red”.  For example, if you had a policy to identify inactive users with an E5 license, you might say that there are always going to be some inactive users but flag as red when there are 50 inactive licenses.  
  • Set as public – This allows you to control whether your delegated administrators will have access to this policy.  This works in combination with the Permission to access the Playbook Dashboard. The delegated admin must be given the permission to see the Playbook Dashboard, at which point they will see all the public policies in that playbook.  
  • Enabling workflow – You can configure a policy only to report on the number of problems or you can choose to enable an associated workflow. If you enable the workflow, you can then choose to do that based on an automated schedule or only to be triggered manually 
  • Scheduling workflow – If you wish to schedule workflows you can do it on a daily, weekly, or monthly basis. For some event types it will also be possible to schedule the workflow to remediate immediately. For example if an admin with a weak password was identified that could kick off a password reset workflow immediately.  


Enabling for Delegated Admins 


As stated above, enabling delegated admins to monitor and manage playbooks is a multi-step process 


  • Permissions – Edit the Permissions of the user who you wish to monitor playbooks. Under Permissions, there is a new tab for Permissions. That will list all the Playbooks/Dashboards available. You can select the ones the user will manage. 
  • Making Public – Each policy that the user is allowed to manage must be made public.  That will enable it within the Playbook Dashboard 


Setting up Custom policies & Playbooks 


CoreView also provides the ability to create custom policies and playbooks.  Currently, custom policies cannot be associated with a workflow, but that capability is coming later in 2022.  


To configure a custom policy: 


  1. Go to Settings > Playbooks 
  2. Click Create New > Create Policy 
  3. Enter the Policy details 
    1. You can categorize policies using your own taxonomy. This can then be used to search for policies in the advanced filters. This becomes valuable as you add a large number of policies.  
    2. You can add policies to Customer Playbooks or create the Playbook/Dashboards you want on the fly.  
  4. Click Next  
  5. Create the Policy Definition 
    1. The Policy definition is essentially a custom report. Select the target object, select the fields, and enter the appropriate filters. For example, if you wanted to identify all users who have MFA disabled, you would select the User target, show the Multifactor Auth State column, and filter to show disabled users.  
    2. The Policy Key allows to define criteria around managing exceptions. For example, if you had a policy that identified inactive E5s after 30 days in order to downgrade them to E3s, you might say that all executives are exceptions to that rule. They need E5s no matter what. In that case you could define the policy key to be based on Department (assuming all executives were members of the executive department), so that if a user who was flagged as an exception changed departments, they would be removed as an exception.  
  6. Click Next and click Save.  


To create a custom Playbook:  


  1. Go to Settings > Playbooks 
  2. Click Create New > Create Playbook 
  3. Enter the Playbook details and click Next 
  4. Select the Policies to include in the Playbook and click Next 
  5. Click Save.  


Monitoring and Managing Playbooks 


Once polices and playbooks have been established, monitoring and managing is extremely easy. Each Playbook dashboard is comprised of three tabs.  


  • Strategic – The Strategic tab is only visible by the Tenant Administrator. It provides an overall view of the playbook history showing Policy snapshots over time, remediation actions performed over time, and an calculator showing how much time has been saved by automation.  Different widgets on this page can be configured. Those configurations are personal to the individual.  
  • Operational Dashboard – This tab is available to Tenant and Delegated Admins. This page allows users to monitor workflows and to ensure they are being acted upon. For example, the Workflow Progress by policy dashboard identifies those workflows that have failed or which are pending approval. Different widgets on this page can be configured. Those configurations are personal to the individual. 
  • Monitoring – This allows both Tenant and Delegated Admins to review policy matching items, to manage exceptions, and to execute workflow manually.   


Note: For the September release the Monitoring and Operational dashboard tabs will not filter by virtual tenant. That is currently under development and will be released in October 2022.  


Below is more detail on the monitoring and management activities that can be performed from the Monitoring tab.  


  • Reviewing matching items – The number of matching items is displayed below the policy name. You can click to launch a policy report showing the matched items. 
  • Executing manually – From the policy report you can select items and execute the policy workflow. Note, because it can take time to execute workflows, the number of policy matches will not update immediately.  
  • Marking Exceptions – From the policy report, you can also mark items as exceptions. This will immediately remove them from the policy report 
  • Managing Exceptions – From the Monitoring tab, you can also see the number of exceptions for each policy. Clicking will take you to an exceptions report. From here you can select items that you want to remove as exceptions.   


KPIs and Custom Dashboards 


KPIs and Customer Dashboards that were created in the legacy CoreView UI will be converted to custom policies and custom dashboards. These policies will be flagged as “legacy” and will not be editable within the new UX.  These will be made editable at a future date.