Moderating content in Viva Engage

by Contributed | Dec 18, 2023 | Technology

This article is contributed. See the original author and article here.

Viva Engage enables employees to engage in meaningful dialogues, build network, and share insights on relevant organizational topics. In today’s hybrid work environments, Engage plays a key role in fostering a sense of belonging. Engage also empowers leaders and communicators to reach and engage employees, at scale, by bringing organizational news into the apps people use every day, including Outlook and Teams.

Balancing open dialogue with respectful and professional conversations is a priority for our customers, and they frequently seek guidance on the best ways to use Viva Engage’s governance capabilities, particularly for global and diverse workplaces. Viva Engage offers both employees and admins tools to ensure conversation and discussions remain focused, respectful, and conducive to knowledge-sharing. These moderation tools in Viva Engage can support an effective forum where employees trust the information shared and feel safe sharing their knowledge and experiences. Viva Engage admins can enable tools that help ensure balance between empowering employees to share perspectives and maintaining the organization’s code of conduct and usage policies.

Let’s delve into how moderation tools in Engage are designed to enhance and sustain a professional and connected community. These moderation tools are broadly categorized into content level and community level tools.

Content moderation

Content moderation is key to driving conversations that are respectful and are compliant with the organizational guidelines. The following tools provide mechanisms to moderators to monitor, review, and take corrective action as applicable on all content posted in Engage.

Keyword monitoring

Viva Engage provides an option to the admins to monitor keywords and to be alerted when a message contains the words that match defined keywords or regex expressions. When a message containing a keyword match is posted in Engage, an email alert is sent to a designated mailbox with the link to the message. The response team can then review and act on content that if it reflects a violation of expectations, guidelines, or policies. Admins can set keywords or RegEx format to monitor content for.

Example scenario: Contoso is planning to announce a major merger, a topic that requires careful internal communication and monitoring due to its sensitivity, legal regulations, and potential for rumors.

Feature in action: Prior to the announcement, the IT department at Contoso sets up keywords for monitoring (within network admin settings) for terms related to the merger on Viva Engage. This measure is taken to immediately flag any discussions that mention these keywords. When an employee posts a message containing any of the monitored keywords, an email alert is sent to the designated mailbox. This allows them to review the conversation in near real-time and address any misinformation or inappropriate discussions quickly. The use of this feature helps Contoso maintain control over the narrative around the merger, ensuring that internal discussions remain accurate and aligned with the company’s communication strategy.

Viva Engage also offers an enhanced version of keyword monitoring, through integrated support for Communication Compliance policies in Microsoft Purview. Refer to Communication Compliance section in this blog to learn more.

Learn more about keyword monitoring.

Report conversation

Additionally, Viva Engage provides the capability to allow the employees to report any message that they find to be inappropriate. Every reported conversation triggers an email to a designated mailbox with the link to the message that was reported. The response team can then review and respond appropriately to the reported post. Enabling employees to report conversation empowers them to actively contribute to maintaining a positive and respectful environment, ensuring that any concerns are addressed promptly and effectively.

To use report conversation capability, it must be enabled in network settings by network admins for the tenant.

Example scenario: Within a discussion in one of Contoso’s communities, an employee comes across a comment that they find disrespectful and not in line with the company’s values and communication guidelines.

Feature in action: The employee decides to use the ‘Report conversation’ feature in Viva Engage. By reporting the comment, they trigger an alert that is sent directly to the moderation team through the designated mailbox. The team promptly receives an email with a link to the reported message. The team reviews the content quickly and after assessing the comment, the moderation team takes appropriate action in line with Contoso’s policies on respectful and professional communication.

Viva Engage also offers an enhanced version of report conversation, through integrated support for Communication Compliance in Microsoft Purview. Refer to Communication Compliance section in this blog to learn more.

Learn more about how to set up and use report a conversation.

Note: For both keyword monitoring as well as report conversation capabilities, an alert is sent to an email address. We recommend using a shared inbox or email-enabled Microsoft 365 group to allow more than one stakeholder to respond to alerts. We recommend that organizations designate a response team and empower them with guidelines and procedures to ensure that response is programmatic and compliant with organizational policies, applicable laws, regulations, and agreements.

Communication Compliance

Communication Compliance, one of the newest offerings within Microsoft Purview, is the central incident management tool to define compliance policies for content across multiple Microsoft’s products, as well as receive, review, and respond to all communication that is reported to be non-compliant in regard to established organizational policies.

In Communication Compliance, designated admin roles can define multiple policies (such as sensitive information, profanity, keywords etc.) and apply to multiple Microsoft products including Teams and Viva Engage. When content published in Viva Engage is found to have matched a policy (or be in violation), it triggers an incident, surfacing it in the appropriate Communication Compliance policy dashboard. Designated investigators can then review such incidents and take one of many available actions from within the tool. This further complements Engage’s keyword monitoring capability, through application of stronger and smarter policies for automated content moderation.

Admins can also leverage Communication Compliance to review user reported conversations in Engage. This replaces the mailbox-oriented process with a more streamlined incident management experience. Starting mid-December 2023, we are rolling out the integration with Communication Compliance for user reported conversations in Engage worldwide, which will continue through CY24 Q1. (Refer to this blog for more details).

Learn more about Communication Compliance and its licensing requirements.

Close a conversation

Closing conversations in Viva Engage disables any further comments or replies, but allows continued reactions (e.g. “likes”) to the root post or existing replies. This helps contain the conversation. While closing a conversation, we recommend that the moderator post a final message before the conversation is closed.

Example scenario: Contoso recently hosted a successful company-wide virtual innovation fair. The event’s community thread on Viva Engage was active with excitement, discussions, and feedback. As the event concludes and the conversations naturally slow down, there’s a need to formally close the discussion while retaining the valuable insights shared.

Feature in action: To neatly wrap up the event conversation, a community admin at Contoso utilizes the ‘Close Conversation’ feature. This action prevents new replies, while still preserving the thread as a record of the discussions and feedback. Before closing, the admin adds a thank-you note that informs employees where they can find more information.

The following roles can close a conversation:

1. Community conversations

a. Community admins can close any conversation in a community.
b. The conversation’s author can close conversations they started.

2. Storyline conversations can be closed by the storyline owner.

Learn more about closing a conversation.

Move a conversation

Occasionally, someone posts a conversation in a community where it doesn’t belong. A conversation can be moved from one community to another to ensure that conversations stay relevant to the purpose of the community. Moving a conversation notifies the conversation author and adds a reply that the conversation was moved.

The following roles can move conversations:

Communities conversations:

• Anyone can move a conversation to a community where they have permissions to start conversations.
• Community admins of a restricted community can move a conversation into the restricted community.
• Network admins can move any conversation between any communities.

Example scenario: In Contoso’s retail workers’ community, an employee starts a conversation asking about employee benefits. While this may be a valid question, it would be more appropriate and could generate more focused discussion in the dedicated HR community.

Feature in action: Recognizing that the conversation is a better fit for the HR community, a community admin in the askhr community uses the ‘Move Conversations’ feature to transfer the entire conversation thread. This not only ensures that the conversation finds the right audience but also helps maintain the thematic integrity of both communities. The conversation continues in the new location, now with participants who are specifically interested in the topic. Moving conversation to a muted community will also ensure that non-members do not receive any content from it in their feeds.

Learn more about how to move or share a conversation.

Delete a conversation

When a message is deleted, it will:

• Be removed completely from the storyline or community if there are no replies under it
• Be replaced with a deleted message notice if there are replies under it

This applies to all conversation starters, comments, and replies.

Deleting a conversation provides the option to delete a particular message or the entire conversation from a community or storyline.

Deleting entire conversation thread (including the initial post and subsequent replies.)

• Only a network admin can delete an entire conversation thread. Upon deleting, the entire conversation will be removed.

Deleting a specific message

• Community admins can delete any message from any conversation thread within that community.
• Conversation author – one who authors the conversation starter can delete any message within that thread.
• Storyline owners – employees can only delete messages from a conversation on their own storyline.
• All employees – employees can delete their own message from within a conversation.

Note: While content deleted by users in Engage is removed from user-facing experiences, content will be retained in compliance with the organization’s data deletion and retention policies.

Example Scenario: An employee shares a photo of their children and the photo includes their address. The community admin spots this and informs the employee that they shared personal sensitive information, and it should be removed as per organizational policies. They can repost the image without including personal information.

Feature in action: The community admin sends a message to this employee, asking to repost the information without personal details. The employee goes ahead and deletes the post. Alternatively, the community admin could also delete the post. The user then goes ahead and makes another post, this time ensuring that the address is not included, and the post adheres to all organizational compliance guidelines.

Learn more about editing posts in Viva Engage.

Community moderation

Community-level moderation is essential for maintaining a focused and productive Viva Engage network, particularly ensuring that conversations within communities are true to the purpose, goals, and spirit of those communities.

Restrict community

Changing communities to ‘Restricted Communities’ restricts its members’ ability to start conversations in the communities. This limits the permission to start new conversations to only community admins (along with Network admins) in restricted communities. Members of restricted communities are also not able to move conversations to those communities. This capability is specifically useful to manage org-wide communities used for sharing important announcements.

Example scenario: Contoso’s “All Company” community is becoming filled with various employee posts, leading to important corporate messages being lost in the mix. This dilution makes it difficult for employees to identify and engage with critical organizational updates.

Feature in action: To tackle this challenge, the internal communications team at Contoso activates the ‘Restrict Posting’ feature for the “All Company” community. This means that only authorized individuals, like community admins and certain corporate communicators, can initiate new conversations. This shift dramatically cuts down the general post traffic, allowing corporate messages to stand out.

Learn more about restricting who can post within communities

Mute community

Muting a community ensures that non-members will not see that community’s content within their feeds or notifications. While individual users can mute any community for themselves, network admins can mute a community for the entire network, which restricts exposure of that community’s content in everyone’s home feed.

Example scenario: At Contoso, the diverse range of communities offers employees a rich and engaging experience. However, this can sometimes lead to an overload of notifications, especially from interest-based communities. For example, Jordan is part of the “Contoso Cooking Club” but finds that updates from this group can be distracting during busy workdays.

Feature in action: Contoso recommends that employees like Jordan use the ‘Mute a Community’ feature for managing their focus and productivity. Following this advice, Jordan decides to mute the “Contoso Cooking Club” community in Viva Engage. This action stops updates from the cooking club from appearing in his Home Feed and discovery emails, significantly reducing non-essential distractions.

Learn how to mute a community.

Additional recommended practices

In addition to content moderation capabilities in Viva Engage, organizations might also consider the following practices that can help foster respectful and open conversations, empowering everyone to contribute more, learn more, and achieve more.

Communicate policies, guidelines, and expectations

It is a best practice to inform and remind people of policies, guidelines, and expectations related to their use of Viva Engage. There are several ways to do so:

Viva Engage usage policy

When configured, the Viva Engage usage policy is shown to all users who visit Viva Engage. They must acknowledge the policy before being given access to Viva Engage. The usage policy is the best place to provided detailed information about policies, guidelines and expectations.

It’s best practice to review and re-prompt employees to accept the usage policy yearly or as necessary when policy or guidelines have changed. Admins can remind people of the policy, reinforce its message, and require renewed acknowledgement by republishing the policy.

Providing links to the policy guidelines can also make it easy for employees to quickly reference them.

Example scenario: Over recent months, Contoso’s internal communications team observes a gradual shift in the tone and nature of conversations on Viva Engage. There is an increase in informal and off-topic posts in professional communities, leading to discussions and some instances of misunderstanding or miscommunication. Additionally, a significant influx of new hires unfamiliar with the company’s digital communication standards highlights the need for clear guidelines.

Feature in action: This shift prompts Contoso’s Engage administrators to take proactive steps by republishing the organization’s communication and usage policies on the platform. The republished policies are not only a reminder but also serve as a reorientation for all employees, new and old, about the expected professional conduct on Viva Engage.

The message includes comprehensive links to the full policy documents and an acknowledgment requirement, ensuring all employees have read and agreed to the standards. This action reinforces the importance of maintaining a professional and respectful tone in digital communications. It also serves as a gentle reminder to all employees, especially the new hires, about the organizational culture and expectations of online interactions.

Learn more about how to set up the usage policy.

Community information panel and pinned posts

Community admins can reinforce policies, guidelines and expectations to their community members. This can be as simple as sharing a link to the Viva Engage usage policy, or reiterating policies and making them relevant to the members of a community.

Usage policies can be communicated within the community’s information panel – including description, info, and pinned url sections. Community admins can also use a post or announcement to share the usage policy with community members. Community admins can pin the post to the top of a community to raise its visibility.

Example scenario: With a significant policy overhaul underway, Contoso needs to ensure all employees are informed of the changes and can ask questions.

Feature in action: The HR department creates a comprehensive announcement about the policy change and shares it in the “AskHR” community on Viva Engage. By posting it as an announcement, all community members receive a notification, ensuring immediate awareness. Additionally, to facilitate ongoing awareness, the HR department uses the ‘Pin Conversation’ feature. This ensures that the announcement remains prominently at the top of the “askhr” community feed, making it easy for employees to find and refer to the information anytime they visit the community. This approach not only guarantees initial awareness but also ongoing visibility of the policy changes.

Learn here how to create and customize community and pin conversations

Featured conversations

By featuring important threads, these posts (and their replies) appear directly in users’ home feeds, further ensuring that critical information reaches every employee effectively . This will help improving the visibility of essential updates and enhances the overall communication experience for employees, making it easier for them to stay appropriately informed.

Learn more about the ability to Feature a conversation

Dedicated communities to host conversations for all employees

Organizations often leverage official communities (such as All Company) to disseminate important information to all the employees. Leaders, internal communicators, and admins often prefer to restrict such communities to host relevant conversations. However, it is equally important to offer spaces for employees to have open dialogues on topics of mutual interest. Organizations can create communities that are dedicated to a particular topic of interest. These communities can serve as open spaces where employees can initiate and engage in conversations with peers who have similar interests.

Keeping these communities private will provide access to only community members to the conversations hosted. Additionally, muting the communities will also help ensuring that non-members will not receive any content from these communities in their feeds or notification. This way, access to content in these dedicated spaces will be provided as per the employees’ intent. Conversations in these communities, however, should be monitored to ensure that they are compliant to organizational policies, through Engage’s content moderation tools. (as described in previous section)

Wrap up

We hope that your organization takes advantage of these moderation capabilities to help admins understand how Viva Engage can be a transformative tool for organizations and facilitate open communications while upholding the organization’s values and standards. Successful moderation helps ensure an informed, engaged, and cohesive digital workplace, ultimately contributing to organizational success, employee satisfaction and employee retention.

Interested to learn from others? Freja from Vestas shares how they are working to make Viva Engage a safe space where people can share openly and honestly, building stronger connections and communicating more effectively. Watch this presentation from the 2023 Viva Engage Festival.

Stay tuned to the M365 Roadmap as we continue to innovate and evolve our capabilities to meet our customers needs for moderation.

The 12 Days of Copilot – Day 10 Microsoft 365 Copilot in Microsoft Teams Meetings –HLS Show Me How

by Contributed | Dec 15, 2023 | Technology

This article is contributed. See the original author and article here.

  Microsoft 365 Copilot is not only a powerful tool for creating documents, but also a smart assistant for Microsoft Teams meetings. With Copilot, you can easily prepare for your meetings, take notes, capture action items, and follow up on tasks. Here are some ways that Copilot can help you in your Teams meetings:

– Before the meeting, Copilot can scan your calendar and suggest relevant documents, insights, and questions to help you get ready. You can also ask Copilot to create an agenda and share it with the attendees.

– During the meeting, Copilot can listen to the conversation and transcribe it in real time. You can also ask Copilot to summarize the key points, highlight important information, and generate a meeting recap.

– After the meeting, Copilot can send the meeting recap to the attendees, along with the action items and due dates. You can also ask Copilot to follow up on the tasks, check the progress, and remind the assignees.

With Microsoft 365 Copilot in Teams meetings, you can save time, improve collaboration, and enhance productivity. (fyi, this preceding description… was written by Microsoft 365 Copilot)

In this Day 10 of Copilot I walk through the use of Microsoft 365 Copilot within Microsoft Teams meetings.

Resources:

• Get started with Copilot in Microsoft Teams meetings – Microsoft Support  


• Use Copilot without recording a Teams meeting – Microsoft Support 


• Welcome to Copilot in Microsoft Teams – Microsoft Support


• Frequently asked questions about Copilot in Microsoft Teams – Microsoft Support 


• Copilot for Work | Microsoft 365

Previous Days of Copilot: 

• The 12 Days of Copilot – Day 1 Microsoft 365 Copilot in Outlook – HLS Show Me How


• The 12 Days of Copilot – Day 2 Microsoft 365 Copilot in Word  1 of 2 – HLS Show Me How


• The 12 Days of Copilot – Day 3 Microsoft 365 Copilot in Word 2 of 2 – HLS Show Me How


• The 12 Days of Copilot – Day 4 Microsoft 365 Copilot in PowerPoint 1 of 2 – HLS Show Me How


• The 12 Days of Copilot – Day 5 Microsoft 365 Copilot in PowerPoint  2 of 2 – HLS Show Me How


• The 12 Days of Copilot – Day 6 Microsoft 365 Copilot in Excel – HLS Show Me How


• The 12 Days of Copilot – Day 7 Microsoft 365 Copilot Image Generation in PowerPoint – HLS Show Me Ho…


• The 12 Days of Copilot – Day 8 Microsoft 365 Copilot in Microsoft Loop –HLS Show Me How 


• The 12 Days of Copilot – Day 9 Microsoft 365 Copilot in Microsoft OneNote –HLS Show Me How


• The 12 Days of Copilot – Day 10 Microsoft 365 Copilot in Microsoft Teams Meetings –HLS Show Me How 

Thanks for visiting – Michael Gannotti LinkedIn | Twitter

Enhance your Azure PostgreSQL Flexible Server security posture with Azure Defender

by Contributed | Dec 13, 2023 | Technology

This article is contributed. See the original author and article here.

We are excited to announce limited General Availability of Azure Defender for new Microsoft Azure Database for PostgreSQL – Flexible Server instances. This is another add-on, which, if deployed, provides another important security barrier to your Azure PostgreSQL server in addition to existing security features, we blogged about earlier. 

In the following article, we will discuss how adding Azure Defender for OSS databases with your PostgreSQL Flexible server will help you secure your applications from hacking attacks.

Protection against brute force attacks

A brute force attack uses trial-and-error to guess login info, encryption keys, or find a hidden web page. Hackers work through all possible combinations hoping to guess correctly.

These attacks are done by ‘brute force’ meaning they use excessive forceful attempts to try and ‘force’ their way into your private account(s). 

The “brute-force” terminology is derived from the tactic of using constant attempts or excessive “force” until the threat actor arrives at the desired result—entry into a system with the right credentials. Despite this being one of the oldest hacking methodologies, according to Verizon’s 2020 Data Breach Investigations Report, hacking, which includes brute forcing passwords, remains the primary attack vector. Over 80% of breaches caused by hacking involve brute force or the use of lost or stolen credentials. 

PostgreSQL brute force attack example

When Microsoft Defender detects a brute force attack, it triggers an alert to bring you awareness that a brute force attack took place. It also can separate simple brute force attack from brute force attack on a valid user or a successful brute force attack.

Detecting anomalous database access patterns

Databases may store extremely sensitive business information, making them a major target for attackers. Therefore, securing their data from damage or leakage is a critical issue. To manage this, enterprises typically implement several layers of protection between users and data, working at the network, host, and database levels.  The data protection at database level includes the access control models to limit the permissions to of legitimate users to read, write data and encryption at times.  These security models are sometimes insufficient to prevent misuse, especially insider abuse by legitimate users.  When Microsoft Defender detects anomalous pattern, it fires an alert to make you aware of such activity as well. 

Enabling Microsoft Defender with PostgreSQL Flexible Server

Enabling Defender with PostgreSQL Flexible Server in Azure Portal

1. From the Azure portal, navigate to Security menu in the left pane.


2. Pick Microsoft Defender for Cloud


3. Click Enable in the right pane.

Resources

For more information on Azure Defender and its use with Postgres Flexible Server see following:

• Security in Azure Database for PostgreSQL – Flexible Server | Microsoft Learn


• Microsoft Defender for open-source relational databases – the benefits and features – Microsoft Defender for Cloud | Microsoft Learn


• Reference table for all security alerts – Microsoft Defender for Cloud | Microsoft Learn

To learn more about our Flexible Server managed service, see the Azure Database for PostgreSQL service page. We’re always eager to hear customer feedback, so please reach out to us at Ask Azure DB for PostgreSQL.