Office 365 has been very well received by organisations, and the platform has been an integral stepping stone to the cloud for many businesses. However, there are many features in Office 365 which are underutilised or not utilised at all.
We live in a world where business-critical information is stored in emails, financial documents can be opened on a personal device on the move, and so on. Preventing this precious data going astray is known as Data Loss Prevention.
Data Loss Prevention is not the sexiest of topics, however, it is an essential piece of today’s security posture for a business. It is included with the Office 365 E3 license and only requires a bit of up-front work to set it up in the manner that best fits your business.
Data Loss Prevention or DLP uses rules and policies to determine which files are considered confidential, crucial or sensitive. Using these same rules and policies, protective measures are put in place to prevent data loss from your Office 365 environment. DLP has been used by many organisations to comply with new data regulations or to complement existing regulations. Some examples where DLP can be used for compliance are with PCI DSS compliance, GDPR compliance and it can also help businesses achieve ISO 27001 status.
A Data Loss Prevention policy typically applies to specific Office 365 tools such as Exchange, SharePoint or One Drive. The policy can contain conditions which will be used against the piece of content in question before a rule is enforced. Some examples of sensitive data that you may want your DLP policy to cover would be things like:
- Credit Card Numbers
- Social Security Numbers
- Bank Account Numbers
- Identity details like Driver’s License Numbers or Passport details
DLP in Office 365 will automatically classify the data based on the policies which have been set up, such as stopping an email from being sent or preventing the sharing of sensitive data. It can recognise patterns of sensitive information, e.g. 16 digit credit card numbers using the xxxx xxxx xxxx xxxx format.
Upon flagging a piece of sensitive information, the DLP policy will spring into action and then follow the process that it has been set. This could include:
- Stopping the email from being sent
- A notification email to the user who has breached the policy
- An incident report is emailed to the global admin or compliance officer
- Or it could be nice and just display a “Policy Tip” – this lets the user know what they have done wrong, so they can learn from it going forward.
DLP can also be implemented in Test Mode which allows organisations to go from the idea of a DLP policy to the research phase and then on to proof of concept quickly. This is great for businesses that want to test their policy out before full implementation. DLP Test Mode will notify you when a breach has occurred but will let the breached event pass through. This gives businesses the chance to ascertain the impact a DLP policy will have before pushing it out to users.
This is also a great tool for administrators to get management buy-in. Run DLP in test mode and present the results of the testing which highlights the various breaches.
DLP is currently available for Exchange Email, SharePoint Sites and One Drive Accounts.
Before you start with DLP be very clear what data as an organisation you want to protect. As with anything there are ways of implementing it and there are better ways of implementing it. If you are interested in finding out how a DLP implementation may benefit your organisation contact Lucidity today.