Blog

Microsoft 365 Logo

Data Loss Prevention Overview

Microsoft 365
 / 8 February 2019 / 0 Comments

What Does DLP Do?

  • Identify sensitive information From across many locations, such as Exchange/SharePoint Online, OneDrive [not personal but Business], and Microsoft Teams. As an example, you can look for any document containing any credit card numbers that's stored in any OneDrive for Business site, or you can monitor OneDrive site collections of specific people.

  • Prevent the accidental sharing of sensitive information. Healthcare looks for HIPPA related content as an example. Policies can be configured for client needs as they see fit for any document or email containing a health record that's shared with people outside your organization, and then automatically block access to that document or block the email from being sent.

  • Monitor and protect sensitive information in the desktop versions of Excel, PowerPoint, and Word. Much like Online versions of Office 365, Office desktop programs include the same capabilities which identify sensitive information and apply DLP policies. DLP provides continuous monitoring as users share content in Office programs.

  • Help users learn how to stay compliant without interrupting their workflow. Obviously, we can throw HR paperwork at our users, but we can educate users about DLP policies and help them remain compliant without blocking their work. Much as we mentioned above with emails and documents containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Outlook on the web, Outlook, Excel, PowerPoint, and Word.

 

What does a DLP contain at a high level?

Locations

You can choose to protect content in Exchange email, Microsoft Teams chats and channels, and all SharePoint or OneDrive libraries, or select specific locations for a policy.

Creating DLPs in Office 365

Rules

This is what enforces your business requirements on your organization's content. A policy contains one or more rules, and each rule consists of conditions and actions. For each rule, when the conditions are met, the actions are taken automatically. Rules are executed sequentially, starting with the highest-priority rule in each policy.

A rule also provides options to notify users (with policy tips and email notifications) and admins (with email incident reports) that content has matched the rule.

 

Many choices for DLP Rules

 

Grouping and logical operators

 

Often your DLP policy has a straightforward requirement, such as to identify all content that contains a U.S. Social Security Number.

 

Editing a DLP policy

Rule Priorities

 

When you create rules in a policy, each rule is assigned a priority in the order in which it's created - meaning, the rule created first has first priority, the rule created second has second priority, and so on. After you create a rule, its priority can't be changed, except by deleting and re-creating it.

 

Policy and matching

 

So, these are the higher level components to DLP’s There is much more information in creating these DLPs and we will be more than happy to discuss in detail so feel free to reach out.

Tags
Microsoft 365 Consulting
Security and Compliance

Contact info

Call or email to speak with a consultant about your business need or project.

  • 13001 Founders Square Dr.
            Suite 200
            Orlando, Florida 32828, USA
  • +1 689.348.3635
Jones Professional Services Corporation is a BBB Accredited Strategic Planning Consultant in Orlando, FL

About

While the goal is simple, the execution is what sets us apart.

Every day, we help organizations share what they know and find what they need by connecting and collaborating people, data, and content.
We focus on what drives user adoption to create solutions people will use.

© Copyright 2024 Jones Professional Services Corporation. All Rights Reserved.