Scribd Logo
Upload

Welcome to Scribd!

  • Azure Data Loss Prevention Tips

    Uploaded by

    Mario Worwell
    7 views1 page
    Protect and mask your company's sensitive data using Data loss prevention policies and best practices.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Protect and mask your company's sensitive data using Data loss prevention policies and best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    7 views1 page

    Azure Data Loss Prevention Tips

    Uploaded by

    Mario Worwell
    Protect and mask your company's sensitive data using Data loss prevention policies and best practices.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 1

    Data loss prevention is a compliance feature that's designed to help prevent the intentional or

    accidental exposure of sensitive information to unwanted parties, aka Data Leak.


    DATALOSS
    DLP is mainly applicable to Exchange Online, O365, SharePoint Online, Microsoft Teams and
    PREVENTION
    OneDrive for Business.

    DLP analyses and examines the contents of email messages and files, looking for sensitive
    information, ie Personally Identifiable Information (PII).
    Sensitive information should be encrypted whenever possible. ACTIONS:
    With actions you can:
    - Restrict access to the content Depending on your need, you can restrict access to content in three
    Using DLP you can detect sensitive information, and take action such as:
    - Log the event for auditing purposes ways:
    - Display a warning to the end user who is sending the email or sharing the file - Restrict access to content for everyone.
    - Actively block the email or file sharing from taking place - Restrict access to content for people outside the organization.
    - Restrict access to "Anyone with the link."
    - DLP Policies can be scoped to the members of distribution lists, dynamic - Administrators and Delegeated individuals/groups can remove the sensitive information from the
    distribution groups, and security groups. document or take other action, such as Blocking access.

    - A DLP policy can contain no more than 50 such inclusions & exclusions.
    - When the document is in compliance, the original permissions are automatically restored. When access
    to a document is blocked, the document appears with a special policy tip icon in the library on the site.

    Data Loss
    - For example, you might have a DLP policy that helps you detect for HIPPAA related
    Prevention
    information.
    - This DLP policy could help protect HIPAA related data by proactively searching for The conditions available can determine:
    the informaiton in any document/email/chat that is shared with people outside of your - Content contains a type of sensitive information.
    organization.
    - Content contains a label. For more information, see the below section Using a retention label as a
    - The Policy then completes an ACTION, which can then block access to the
    condition in a DLP policy.
    document and send a notification to the appropriate Party(Manager, Administrator,
    - Content is shared with people outside or inside your organization.
    etc).
    - These requirements are stored as individual rules and grouped together as a DLP - When a DLP policy looks for a sensitive information type such as a credit card number, it doesn't
    policy to simplify management and reporting. simply look for a 16-digit number. Each sensitive information type is defined and detected by using
    Office/MIcrosoft 365 a combination of:
    Search Documents - Keywords.
    Alerts and Incident reports - Internal functions to validate checksums or composition.
    - Evaluation of regular expressions to find pattern matches.
    When a rule is matched, you can send an alert email to your compliance - Other content examination.
    officer ( or any person(s) you choose) with details of the alert. This alert email - This helps DLP detection achieve a high degree of accuracy while reducing the number of false
    will carry a link of the DLP Alerts Management Dashboard which the positives that can interrupt peoples' work.
    compliance officer can go to view the details of alert and events. The
    dashboard contains details of the event that triggered the alert along with
    DLP Policy Conditions
    details of the DLP policy matched and the sensitive content detected.
    identify what types of data you're looking for, and then what actions to take.
    In addition, you can also send an incident report with details of the event.
    This report includes information about the item that was matched, the actual For instance, you choose to ignore content containing passport numbers unless the content contains more than 10
    content that matched the rule, and the name of the person who last modified such numbers and is shared with people outside your organization.
    Teams Chat Documents Conditions focus on the content, such as what types of sensitive information you're looking for, and also on the
    the content. For email messages, the report also includes as an attachment Email Services
    context, such as who the document is shared with. You can use conditions to assign different actions to different
    the original message that matches a DLP policy. risk levels. For example, sensitive content shared internally might be lower risk and require fewer actions than
    sensitive content shared with people outside the organization.

    You might also like