Data volume has been growing exponentially, dramatically increasing opportunities for theft and accidental disclosure of sensitive information. Sirius Edge reports that according to International Data Corp, the “global data-sphere” will reach 163 zettabytes by 2025. To put that in perspective, if every gigabyte in a zettabyte were a brick, one zettabyte would be the equivalent of 258 Great Walls of China. To comply with business standards, industry regulations, and regional requirements, organizations must protect this critical information and prevent its disclosure. Data breaches can wreak havoc on an organization through fines, lost revenue, liability, and reputation. More than a quarter of data will be real-time in nature, meaning that along with the increases in mobility and portability of data, perhaps the most pressing security question is: What else can organizations do to protect themselves? A central part of the answer is data loss prevention (DLP).
Deploying DLP policies in Office 365 allows you to identify, monitor, and automatically protect sensitive information. With a DLP policy, you can:
- Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams
You can identify any document containing a credit card number that’s stored in any OneDrive for Business site, or you can monitor just the OneDrive sites of specific people.
- Prevent the accidental sharing of sensitive information
Often, organizations will think and plan for an external event, but do not have such a plan in place for theft or accidental/inadvertent disclosure from within. You can identify documents or emails containing confidential data that are shared with people outside your organization and automatically block access to that document or block the email from being sent.
- Monitor and protect the information in the desktop versions of Office
Just as in Exchange Online, SharePoint Online, and OneDrive for Business, these programs include the same capabilities to identify sensitive information and apply DLP accordingly, including when content is shared.
- View DLP reports showing content that matches your organization’s DLP policies
To assess how your organization is complying with a DLP policy, you can see how many matches each policy and rule has over time. If a DLP policy allows users to override a policy tip and report a false positive, you can also view what users have reported.
You create and manage DLP policies on the Data loss prevention page in the Office 365 Security & Compliance Center.
Infographic courtesy of Microsoft: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies
In order to effectively deploy DLP, you need to understand what is contained within a DLP policy:
- Where to protect the content – Many organizations are not sure where their confidential data is stored, where it’s being sent, and who has access, so locations such as Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams allow for a more broad approach to protection.
- When and how to protect the content by enforcing rules comprised of conditions and actions
Rules are what enforce business requirements on the organization’s content.
Determine what types of information you’re looking for and when to take action. They focus on content (types of information) and context (how and with whom the document is shared).
When content matches a condition in a rule, you can apply actions to automatically protect the content ex. Restrict/block access to the content, notify users via policy tips etc.
*In order to see how to enable and deploy DLP in your environment, please watch our video “Enabling DLP”.
As you can see from our very brief overview, data loss prevention is a highly customizable, feature-rich tool that provides a centralized management framework to help detect and prevent unauthorized use and transmission of an organization’s confidential and sensitive information. Our borderless digital environments have made data protection even more challenging and complex, and when properly deployed, DLP can reside at the center of your protection.
Click here to contact Wellforce to see if you qualify for a free security assessment. Our security experts can walk you step-by-step through DLP, from licensing to enabling and managing, to take your data security to the next level.