What is the new Microsoft Compliance Configuration Analyzer?

The Compliance toolset available in Microsoft 365 has been quickly growing and maturing during in the last year, but where do you start if you want to start deploying them?

To implement a compliance strategy, you need to understand the business and regulatory requirements and then map them to the technology available. This requires input from information policy setting groups such as Information Governance, Information Security, Records Management, HR and IT teams. But before you can discuss options you need to know what your current compliance posture looks like to aid in setting the scene and assigning priorities.

The Microsoft Compliance Configuration Analyzer (MCCA) is a tool run from PowerShell that outputs a detailed report showing your current compliance configuration across the compliance portal feature set against Microsoft recommended practices.

MCCA Report

MCCA is currently in preview so the following disclaimers should be noted:

  • You are running a preview version of MCCA! Preview versions may contain errors which could result in an incorrect report. Verify the results and any configuration before deploying changes.
  • Recommendations from (MCCA) should not be interpreted as a guarantee of compliance. It is up to you to evaluate and validate the

To run MCCA the following prerequisites are required:

  • Install the Exchange Online PowerShell module v2.0.3 or higher (Install-Module -Name ExchangeOnlineManagement)
  • Install the MCCA PowerShell module (Install-Module -Name MCCAPreview)
  • Assign access to the Office 365 Compliance Portal (your Azure AD account requires the Compliance Admin role to reporting on all solutions)

The report is run using the following cmdlet: Get-MCCAReport. Once the report has been generated it is displayed in the browser. If you need to share the report it is available in the C:\Users<username>\AppData\Local\Microsoft\MCCA folder.

The report begins with a summary followed by details for each compliance solution:

The detail sections show how the solution is currently configured and provides recommendations for where improvements can be made to your configuration and contains links to the Compliance Manager feature of the Microsoft 365 Compliance Portal.

If you need help understanding, planning or implementing solutions for Microsoft 365 Compliance features, please get in touch.

Further information can be found in this Microsoft Docs article: https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-mcca

About the author