Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Loss Prevention in O365:The Basics

Published byLesley Webster Modified over 5 years ago

Similar presentations

Presentation on theme: "Data Loss Prevention in O365:The Basics"— Presentation transcript:

1 Data Loss Prevention in O365:The Basics
An overview of the data loss prevention offerings from Microsoft to help your business stay secure in today's challenging digital world. Don Daubert Covenant Technology Partners

2 SHAREPOINT SATURDAY ST.LOUIS 2018
Gold Sponsors Silver Sponsors Bronze Sponsors

3 What is Data Loss Prevention?
Data loss prevention (DLP) is a strategy for making sure that users do not send sensitive or critical information outside the enterprise. As part of that strategy a software\cloud solution is usually implemented that uses policies or business rules to protect data. Data at Rest – File Shares, Archives, Storage, Backups. Data In Motion – Across Network, , Sharing. Data In Use – Copy\Paste, Printing, Faxing, Screen Capture. How? – Data Matching, Rule Matching, Regex, Metadata.

4 Who should implement a DLP Strategy?
Everyone  Financial Institutions, Educational Institutions, Health Care Types of information to protect HIPPA PII PHI Why - Reasons-Why-Your-Organization-Needs-Data-Loss- Prevention Auditing, Compliance, Security, Financial, Prevention DLP Deployment Tips - strategy/strategic-planning-erm-7-strategies-for-a- successful-dlp-strategy.html 45%

5 DLP vs RMS + Sharing\Intune
Together - Both provides a comprehensive way in which customers can protect their data in during the lifecycle of that data including data in motion, at rest and in use. DLP – Files and sensitive types must match rules. DLP – Prevent accidental\intentional sharing and communication. Some sharing features assist with this Intune Conditional Access policies assist with MDM RMS - Prevent sensitive information from being printed, forwarded, or copied by unauthorized people. Access and permissions stored in file OneDrive For Business and SharePoint Sharing Security - experience/ba-p/112624 Intune – Secure Devices, Access policies Microsoft 365 – O365, Windows 10, EMS (Enterprise Mobility & Security) - us/microsoft-365/enterprise/home

6 What is Data Loss Prevention in O365?
Discovery and protection of sensitive data in the enterprise. Risk Mitigation. An automated process to simplify security. Common policies across the enterprise. File protection during lifecycle for data at rest and in motion. In use (Other methods ie RMS, Windows Policies, Internet Policies)- Copy to USB, Screeenshot sharing, Exposure to Dropbox, GoogleDrive Must have E3 or E5 Plan - us/library/office-365-plan-options.aspx

7 Deeper Dive…O365 Identify sensitive information across many locations.
Exchange Online SharePoint Online OneDrive For Business Policies apply to each or across all Prevent accidental or intentional sharing of sensitive data Works in the Desktop versions of Word 2016, Excel 2016, Outlook 2016, PowerPoint 2016. Works in Mobile versions of Office Products – OD4B, Outlook, SharePoint. Help users stay compliant – Policy tips. Reporting of incidents. Implement in “test” or “monitor” mode to watch false +- and ensure actions are accurate before deployment. Works hand in hand with O365 Message Encryption.

8 Under The Hood…Information Sensitive Types
Manage from Office 365 Security & Compliance Center. Exchange Online Transport rules and DLP can be created in EXO Admin but will not appear in Security & Compliance. Policies for all (SPO, EXO, OD4B) must be created here. Out Of The Box Information Sensitive Types Definitions SSN, Phone, Drivers License, Credit Card #, Bank Account #. Can create Custom Sensitive Types with .xml and Powershell. Customization - us/article/create-a-custom-sensitive-information-type- 82c382a5-b6db-44fd-995d-b333b3c7fc30

9 ... Policies Policies contain rules.
Where – Location of content to protect. SharePoint Online, Exchange Online, OneDrive For Business. SPO - All or select OD4B – All or Select EXO – All (Cannot chose individual MB’s yet) Rules – These enforce your business requirements. Conditions – The content must match before the rule is enforced -- for example, look only for content containing Social Security numbers that's been shared with people outside your organization. Actions - that you want the rule to take automatically when content matching the conditions is found -- for example, block access to the document and send both the user and compliance officer an notification. Out Of The Box Templates Simple and Advanced Settings User Notification and Overrides – Business Justification.

10 Policy Tips – User education and compliance.
Outlook and Outlook Web SPO & OD4B Excel 2016, Word Powerpoint 2016 stored on site included in DLP policy Can create and upload custom policies with Powershell. Grouping and Logical Operators Group sensitive information types. Choose the logical operator between the sensitive information types within a group and between the groups themselves. Examples – And, Or, Any Of These Rule Priority Set in order of creation Rule Tuning Adjust for false + or false – Match Accuracy - Percentage of accuracy Labels Can use Labels as a condition for rule matching Publish – Users manually apply Labels Auto-Apply

11 Deployment - If you’re creating DLP policies with a large potential impact, this sequence is recommended: Start in test mode without Policy Tips and then use the DLP reports and any incident reports to assess the impact. You can use DLP reports to view the number, location, type, and severity of policy matches. Based on the results, you can fine tune the rules as needed. In test mode, DLP policies will not impact the productivity of people working in your organization. Move to Test mode with notifications and Policy Tips so that you can begin to teach users about your compliance policies and prepare them for the rules that are going to be applied. At this stage, you can also ask users to report false positives so that you can further refine the rules. Start full enforcement on the policies so that the actions in the rules are applied and the content’s protected. Continue to monitor the DLP reports and any incident reports or notifications to make sure that the results are what you intend. Reporting Focus on specific time periods and understand the reasons for spikes and trends. Discover business processes that violate your organization’s compliance policies. Understand any business impact of the DLP policies Fine tuning policies and rules

12 How it Works? That’s Level 200 
EXO - Once created, syncs to EXO, Outlook Web, Desktop SPO & OD4B – Search

13 Questions? Time For Demo?

Download ppt "Data Loss Prevention in O365:The Basics"

Similar presentations

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. Acceleratio specializes in developing high-quality enterprise.

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in Acceleratio specializes in developing high-quality enterprise.
Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.

Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.
Microsoft Ignite /17/2017 2:11 PM

Microsoft Ignite /17/2017 2:11 PM
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.

Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.
Module 7 Planning and Deploying Messaging Compliance.

Module 7 Planning and Deploying Messaging Compliance.
Microsoft Hosting. Simplified admin experience Small Business (1-25)Midsize Business (1-300) Enterprise (unlimited) Full Enterprise admin experience.

Microsoft Hosting. Simplified admin experience Small Business (1-25)Midsize Business (1-300) Enterprise (unlimited) Full Enterprise admin experience.
“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “
James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.

James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.
Local Touch—Global Reach Microsoft SharePoint 2013 Overview Stacy Simpkins, Sr. Consultant, Sogeti Florida.

Local Touch—Global Reach Microsoft SharePoint 2013 Overview Stacy Simpkins, Sr. Consultant, Sogeti Florida.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
One Drive for Business: More Than a File Share Erica Toelle

One Drive for Business: More Than a File Share Erica Toelle
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda

Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Microsoft Virtual Academy Chris Oakman | Managing Partner Infrastructure Team | Eastridge Technology Curtis Sawin | Technical Solutions Professional |

Microsoft Virtual Academy Chris Oakman | Managing Partner Infrastructure Team | Eastridge Technology Curtis Sawin | Technical Solutions Professional |

Similar presentations

Ads by Google