1. Data Loss Prevention and Information Rights Management in SharePoint Tim Beamer, Plus Consulting Tim.beamer@plusconsulting.com

2. Thanks to our Sponsors!  Platinum:  Gold:  Silver:

3. More Fun Stuff  Raffle: Please join us in the Atrium at 5:15 PM for the raffle. We are raffling some exciting prizes including a Wacom tablet, a BB-8 droid, and who knows, maybe a Xbox One S (need to be present to win)!!!  SharePint will be held at Mad Mex (370 Atwood St, Pittsburgh, PA 15213). While it starts at 5:45 PM, there’s no end time!!!!  Pittsburgh Area SharePoint User Group  Meets at the Microsoft office on the North Shore  More Info: https://www.linkedin.com/groups/Pittsburgh-Area-SharePoint- User-Group-3769745/abouthttps://www.linkedin.com/groups/Pittsburgh-Area-SharePoint- User-Group-3769745/about

4. We do Request that…  You fill out the Session Evals. These will also be your Raffle tickets. Print your name clearly if you intend to participate in the Raffle and drop the forms at the registration desk after the last session.  You visit the sponsors. The event is possible due to their generous support and we request that you visit them and inquire about their products & services.  Cell phones be kept on silent as a courtesy to other attendees and speakers

5. Agenda +Introduction +Identify +Setup +Monitor +Block +End User Education +Limitations +IRM +Q&A

6. The “good old days”…NOT +Files in file shares (NTFS permissions) – Move the file? Lose the permissions! – E-mail the file? Lose the permissions! +SharePoint – “Secure” the doc library with permissions – No notification of sensitive information +Policies – “I didn’t know…” – A policy with no enforcement mechanism is useless!

7. 02 Introduction +What is data loss prevention?

8. What is DLP? +Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside your organization +DLP software products use business rules to classify and protect confidential and critical information so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk

9. Data Loss Prevention in Sharepoint 2016 Find that information before it’s too late! +Search for sensitive content in your existing eDiscovery Center, keeping content in place and enabling you to search in real time. +Credit Card Numbers, SSN, Bank Account Numbers, Passports (51 total information types!) +You can search across SharePoint 2016, One Drive for Business and SharePoint Online! +NOTE: If you have document libraries with Search disabled, DLP will NOT work in them

10. Data Loss Prevention in Sharepoint 2016 +Identify +Monitor +Protect +End User Education

11. 02 Identify +How does SharePoint find this information?

12. DLP Processing in Sharepoint 2016 +Content Sources Crawler Content Processing Index Query Unified Policy Processing Tasks Policy Definitions

13. Sensitive Information Evaluation +16 digits – dddd-dddd-dddd-dddd – dddddddddddddddd +CVN, CVV2, CID +Visa, MasterCard, Amex +Expiration Date +Card Holder

14. Sensitive Information Evaluation +A DLP policy is 85% confident that it's detected this type of sensitive information if, within a proximity of 300 characters: +The functionFunc_credit_cardfinds content that matches the pattern. +One of the following is true: – A keyword fromKeyword_cc_verification is found. – A keyword fromKeyword_cc_name is found. – The functionFunc_expiration_date finds a date in the right date format. +A DLP policy is 65% confident that it's detected this type of sensitive information if, within a proximity of 300 characters: – The functionFunc_credit_cardfinds content that matches the pattern.

15. Sensitive Information Evaluation

16. 02 Setup +Requirements to make it work!

17. Prerequisites +Configure the search service application +Crawl the location of the conflicting documents +Configure outgoing email +Your users need to have an email address in their profile

18. Site Collections +EDiscovery Center: – A site to manage the preservation, search, and export of content for legal matters and investigations +Compliance Policy Center: – A site to manage compliance and deletion policies

19. 02 Monitor

20. EDiscovery Center

21. eDiscovery Center

22. Found it!

23. EDiscovery Center Excel Reports

24. 02 Block +Minimize the Damage

25. Block Sensitive Information +Create policy in policy center +Assign policy +Lather, rinse, repeat

26. Select the template of the information you want to find! Description of the template Select the number of occurrences before an alert is triggered. Also select who the alert gets sent to! Do they want to notify the user that they did something wrong? Do you want to block that document?

27. 02 End User Education

28. In Context Information +Blocked documents are visible directly in the document library

29. Policy Information +Policy tips appear directly in the document library informing the users what they did wrong

30. Email Notification +Users receive emails to know what they did wrong

32. 02 Limitations +Perfection doesn’t exist!

33. Still A Lot to Improve +Custom rules can be cumbersome, especially if you need to build a regex expression to define a new content type +1 policy center per web application +No “clean” PowerShell cmdlets for automation +One area for SharePoint and OneDrive, separate for Exchange (being consolidated in O365) +Mac clients do not support Policy Tips

34. 02 Information Rights Management

35. WHO can use the information People & groups within and outside of the organization can be defined as rightful users of the information WHAT can each person do Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled WHEN can he use it Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days WHERE can he use it from Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses IRM allow enterprises to define, implement & track information usage “policies”. A “policy” defines : Information Rights Management

36. Configure Azure RMS for Office 365

37. RMS Templates

38. Default Templates

39. Custom Templates

40. Select groups or users

41. Assign rights

42. Select who can see template (Always use groups if possible)

43. Configuration Options

44. Enable in SharePoint Online

45. Enable in a Document Library

46. Secure a document

47. 02 Questions?

48. 02 Thank you! We look forward to seeing you at PlusCon in November!