Data Loss Prevention (DLP)
To comply with business standards and industry regulations, organizations need to protect sensitive information and prevent its inadvertent disclosure. Examples of sensitive information that you might want to prevent from leaking outside your organization include financial data or personally identifiable information (PII) such as credit card numbers, social security numbers, or health records.
With a data loss prevention (DLP) policy in the O365 Security & Compliance Center, you can identify, monitor, and automatically protect sensitive information across Office 365.
For Exchange Online
You can configure DLP policies which allows you to:
-
Start with a pre-configured policy template that can help you detect specific types of sensitive. DLP includes 80 sensitive information types that are ready for you to use in your DLP policies
-
Use the full power of existing transport rule criteria and actions and add new transport rules.
-
Test the effectiveness of your DLP policies before fully enforcing them.
-
Incorporate your own custom DLP policy templates and sensitive information types.
-
Detect sensitive information in message attachments, body text, or subject lines and adjust the confidence level at which the service takes action.
-
Detect sensitive form data by using Document Fingerprinting which helps you easily create custom sensitive information types based on text-based forms.
-
Add Policy Tips, which can help reduce data loss by displaying a notice to your Outlook 2013, Outlook Web App, and OWA for Devices users and can also improve the effectiveness of your policies by allowing false-positive reporting.
-
Review incident data in DLP reports or add your own specific reports by using a generate incident report action
For SharePoint Online and OneDrive for Business
By extending DLP to OneDrive for Business and SharePoint Online, we expanded on the same protection you already have in Exchange, Outlook and Outlook on the web, offering broader protection of your data wherever it lives.
With a DLP policy, you can:
-
Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business. For example, you can identify any document containing a credit card number that’s stored in any OneDrive for Business site, or you can monitor just the OneDrive sites of specific people.
-
Prevent the accidental sharing of sensitive information. Across all sites, you can identify any document containing a health record that’s shared with people outside your organization, and then automatically block access to that document for everyone except the site owner, document owner, and the person who last modified the content.
-
Monitor and protect sensitive information in Office 2016. Excel 2016, PowerPoint 2016, and Word 2016 include capabilities to identify sensitive information and apply DLP policies. DLP provides continuous monitoring when people share content in these Office 2016 programs.
-
Help users learn how to stay compliant without interrupting their workflow. Send them an email notification and show them a policy tip in the context of the document library. Allow them to override the policy if they have a business justification. The same policy tips also appear in Excel 2016, PowerPoint 2016, and Word 2016.
-
View DLP reports showing content that matches your organization’s DLP policies.
Resources
Watch Videos …
-
Updates to Data Loss Prevention in Office 365
Read …
-
Data loss prevention in Exchange Online
-
How DLP rules are applied to evaluate messages
-
Document Fingerprinting
-
Overview of data loss prevention policies
-
Create a DLP policy from a template
-
Sensitive information types inventory
Microsoft IT recently released a case study on how it leverages the data loss prevention solution in Office 365 to help reduce the risk of sharing sensitive data while still promoting collaboration.
Read: How Microsoft monitors and protects sensitive data in Office 365
|
eDiscovery and Content Search
Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. You can use eDiscovery in Office 365 to search that spans Exchange email, SharePoint and OneDrive for Business documents, and Skype conversations.
If you only need to search mailboxes, you can use In-Place eDiscovery in the Exchange admin center (EAC). If you need to search mailboxes and SharePoint sites in the same eDiscovery search, you can use the eDiscovery Center in SharePoint Online. In both cases, you can identify, hold, and export content found in Exchange mailboxes and SharePoint sites
The Office 365 Security & Compliance Center is quick and easy way to …
-
go to the eDiscovery Center,
-
manage existing eDiscovery cases,
-
create new eDiscovery cases, and
-
close eDiscovery cases that are no longer needed.
Content Search
You can use Content Search in the Office 365 Security & Compliance Center to search all the mailboxes, SharePoint Online sites, and OneDrive for Business locations in your Office 365 organization.
-
Compliance Search is a new eDiscovery search tool with new and improved scaling and performance capabilities.
-
Run very large eDiscovery searches.
-
Search all mailboxes, all SharePoint Online sites, and OneDrive for Business locations in a single compliance search.
-
No limits on the number of mailboxes and sites that you can search.
-
No limits on the number of searches that can run at the same time.
-
Number of content sources and an estimated number of search results are displayed in the details pane on the Compliance search page, where you can preview the results
Place sources on hold
When a content source is part of a case, you can place it on hold so that a copy is preserved. This includes SharePoint sites, documents, or pages, and Exchange mailboxes.
These types of content can be placed on hold as part of a case:
-
SharePoint Objects, such as, Documents, Lists (including blogs and wiki content), Pages (including pages that host blogs and wikis)
-
Exchange objects, such as tasks, calendar entries, contacts, email messages and attachments. If Microsoft Skype conversations are archived in Microsoft Exchange, they will be included.
When you place a hold on the content sources in an eDiscovery set, the hold status for each source is displayed in the In-Place Hold Status column in the list of content sources.
Scenarios -
Reduce risk of non-compliance due to time delays
-
Control increasing cost of compliance processes: time, expenses, resources.
-
Effective management of compliance processes.
Resources -
eDiscovery in the Office 365 Security & Compliance Center
-
Permissions in the Office 365 Security & Compliance Center
-
Compliance Search in the Office 365 Security & Compliance Center
-
Add content to an eDiscovery case and place sources on hold
-
In-Place Hold and Litigation Hold (Exchange Online)
-
MSIT Showcase: Office 365 meets evolving eDiscovery challenges in a cloud-first world
Share with your friends: |