Understanding best practices in classifying sensitive data

Slides:



Advertisements
Similar presentations
Information explosion 1.4X 44X Protect communications.
Advertisements

Protect communications Conditions Actions Exceptions Conditions Actions Exceptions.
Success through People with LinkedIn and O365
ActiveSync & DLP management in Exchange Online
9/12/2018 6:21 PM BRK2203 Protect and control your sensitive s with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.
6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee
Azure Information Protection Strategy and Roadmap
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
6/17/ :27 AM BRK3341 Unlock extensibility by connecting your service to PowerApps and Microsoft Flow Theresa (Tessa) Palmer–Sr. Program Manager Sunay.
6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
Office 365 Groups Governance and Compliance
6/26/2018 5:24 AM THR1083 Enabling Advanced Security Capabilities: Drive consistent authorization across multiple applications Bryan Bolling Solution Architect,
Do more with Microsoft Word and Office 365
Optimizing Microsoft OneDrive for the enterprise
Understanding Multi-Geo Capabilities in Office 365
Protect sensitive information with Office 365 DLP
Location – the next frontier in analytics
7/23/2018 6:01 PM BRK2282 Protecting complete data lifecycle using Microsoft’s information protection capabilities Gagan Gulati Alex Li Principal.
7/29/2018 4:45 PM Manage SharePoint and OneDrive in Office 365: A field guide for administrators Chris Bortlik Modern Workplace Technical Architect Microsoft.
Microsoft Ignite /31/ :08 AM
Understanding Windows Analytics Update Compliance
Excel and Power BI Better Together Democratization of data
Protect your data in Office 365 with Data Loss Prevention
Extending classification ,labeling , and protection to 3rd party applications Kartik Microsoft Tony Digital Guardian Amit Cohen.
Workflow Orchestration with Adobe I/O
Customize Office 365 Search and create result sources
The utility belt for managing security and compliance in Office 365
Find, try and get line-of-business apps on Microsoft AppSource
Develop for the Experience Business with Adobe and Microsoft
9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Senior Program.
Automate all things! Microsoft Azure continuous deployment
Microsoft Teams Mobile Collaboration on the go
Prevent Costly Data Leaks from Microsoft Office 365
9/22/2018 3:49 AM BRK2247 Learn from MVPs: Panel discussion on all things SharePoint and OneDrive © Microsoft Corporation. All rights reserved. MICROSOFT.
What’s new in Office 365 administration
Ochrana (nejen) poštovních zpráv pomocí AIP (Azure Information Protection) Miroslav Knotek MVP: Cloud and Datacenter Management, MCSE: Productivity IT.
Azure PowerShell Aaron Roney Senior Program Manager Cormac McCarthy
11/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Customize and Tune Microsoft Office 365 Data Loss Prevention
11/22/2018 1:43 PM THR3005 How to provide business insight from your data using Azure Analysis Services Peter Myers Bitwise Solutions © Microsoft Corporation.
Continuous Delivery with Visual Studio Team Services
Azure Advisor: Optimization in the best way
12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.
Microsoft products for non-profits
Automating security for better, continuous compliance in the cloud
Introduction to ASP.NET Core 1.0
Five mistakes to avoid when deploying Enterprise Mobility + Security
Five cool things you can do with Windows PowerShell on Office 365
What do YOU get from SharePoint Hybrid?
Microsoft To-Do Preview
Microsoft Exchange: Through the eyes of MVPs (Panel discussion)
MDM Migration Analysis Tool (MMAT)
Overview: Dynamics 365 for Project Service Automation
Keep up with Office 365 evolution in the real world
Understand your Azure cloud assets dependencies with BMC Discovery
Surviving identity management in a hybrid world
Breaking Down the Value of A Yammer Post: 20 Things to Do
When Bad Things Happen to Good Applications
Getting the most out of Azure resources with Azure Advisor
“Hey Mom, I’ll Fix Your Computer”
4/28/2019 3:30 AM THR1061 Learn how Dynamics 365, Office 365 and related applications work together to transform the workplace Donna Edwards Solution Architect.
Consolidate, manage, backup, and secure your cloud content
Designing Bots that Fit Your Organization
Ask the Experts: Windows 10 deployment and servicing
Digital Transformation: Putting the Jigsaw Together
WCF and .NET Framework Microservices in Containers
Diagnostics and troubleshooting in Azure App Service Support Center
Optimizing your content for search and discovery
Microsoft Data Insights Summit
Microsoft Data Insights Summit
Presentation transcript:

Understanding best practices in classifying sensitive data 9/14/2018 6:51 PM BRK3385 Understanding best practices in classifying sensitive data Wesley Holley Program Manager © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

41 % 50 % 58 % 85 % 88 % Protecting information in a mobile world 9/14/2018 6:51 PM Protecting information in a mobile world Employees say mobile business apps change how they work 41 % 50 % Growth in data volume year over year 58 % Have accidentally sent sensitive information to the wrong person 85 % Enterprise organizations keep sensitive information in the cloud 88 % Organizations unable to prevent loss of sensitive data without automatic protection © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

How do I protect my data? 9/14/2018 6:51 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Areas of Focus Intelligence powered insights Identity & access management Areas of Focus Threat protection Intelligence powered insights Reduce total cost of ownership Protection beyond Office 365 Platform Information protection Security management Compliance solutions

Microsoft’s approach to information protection 9/14/2018 6:51 PM Microsoft’s approach to information protection Comprehensive protection of sensitive data throughout the lifecycle – across devices, apps, cloud services and on-premises Detect Classify Protect Monitor Devices cloud On premises © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES Microsoft’s information protection solutions AZURE INFORMATION PROTECTION Classify, label & protect files – beyond Office 365, including on-prem & hybrid MICROSOFT CLOUD APP SECURITY Visibility into 15k+ cloud apps, data access & usage, potential abuse DETECT OFFICE 365 DLP Prevent data loss across Exchange Online, SharePoint Online, OneDrive for Business OFFICE 365 ADVANCED SECURITY MANAGEMENT Visibility into Office 365 app usage and potential data abuse ISV APPLICATIONS Enable ISV partners to consume labels, apply protection MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES MONITOR MONITOR CLASSIFY WINDOWS INFORMATION PROTECTION Separate personal vs. work data on Windows 10 devices and prevent work data from traveling to non-work locations OFFICE APPS Protect sensitive information while working in Excel, Word, PowerPoint, Outlook MESSAGE ENCRYPTION Send encrypted emails in Office 365 to anyone – inside or outside of the company PROTECT PROTECT OFFICE 365 ADVANCED DATA GOVERNANCE Apply retention and deletion policies to sensitive and important data in Office 365 CONDITIONAL ACCESS Control access to files based on policy, such as identity, machine configuration, geo location SHAREPOINT & GROUPS Protect files in libraries and lists

Classifying Data Content Extraction … “For business expenses during fiscal year 2017, the following card holders have been issued corporate cards: Madeline Sawyer 347844699324839 4/19 Miguel Boisvert 342025268740718 4/19 For inquiries about expenses, contact Sara Davis in Merchant Services (+1-202-555-0112 x012) and …”

Classifying Data Assessing content as a whole or identifying elements within it 9 “For business expenses during fiscal year 2017, the following card holders have been issued corporate cards: Madeline Sawyer 347844699324839 4/19 Miguel Boisvert 342025268740718 4/19 For inquiries about expenses, contact Sara Davis in Merchant Services (+1-202-555-0112 x012) and …” 3 8 7 16 4 8 6 18 9 6 2 8 8 6 X 3 8 7 7 4 8 6 9 9 6 2 8 8 6 X 347844699324839 SUM = 91 x 9 = 819 MOD 10 = 9

Classifying Data Assessing content as a whole or identifying elements within it 347844699324839 “For business expenses during fiscal year 2017, the following card holders have been issued corporate cards: Madeline Sawyer 347844699324839 4/19 Miguel Boisvert 342025268740718 4/19 For inquiries about expenses, contact Sara Davis in Merchant Services (+1-202-555-0112 x012) and …” Keywords: “card holders”, “cards” Other patterns: Expiration date “4/19” Result: Credit Card Number (95% confidence)

Classifying Data Assessing content as a whole or identifying elements within it 8 “For business expenses during fiscal year 2017, the following card holders have been issued corporate cards: Madeline Sawyer 347844699324839 4/19 Miguel Boisvert 342025268740718 4/19 For inquiries about expenses, contact Sara Davis in Merchant Services (+1-202-555-0112 x012) and …” 3 8 2 0 2 10 2 12 8 14 4 0 7 2 X 3 8 2 0 2 1 2 3 8 5 4 0 7 2 X SUM = 47 342025268740718 x 9 = 423 MOD 10 = 3

Data Protection Process Policy Enforcement Content Extraction Data Classification

Detection Configuration Microsoft 2016 9/14/2018 6:51 PM Detection Configuration Count & Confidence Settings Grouping & Operators Control & Granularity © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo: Configuring classification in policies Microsoft 2016 9/14/2018 6:51 PM Demo: Configuring classification in policies © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Detection Configuration Microsoft 2016 9/14/2018 6:51 PM Detection Configuration Count & Confidence Settings Grouping & Operators Control & Granularity Modify Built-in Sensitive Types Creating Custom Sensitive Types © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Classifying Data IdMatch – the pattern you are looking for Proximity window – the area in which we’ll look for supportive evidence Match – any additional evidence to corroborate the match Proximity window “... Date: 9/13/2014 Record Number 786121341 Patient’s last name: Valenti …” Record Number Patient’s 786121341 <Match> <IdMatch>

Demo: Creating Custom Sensitive Types Microsoft 2016 9/14/2018 6:51 PM Demo: Creating Custom Sensitive Types © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Detection Methods Summary 9/14/2018 6:51 PM Detection Methods Summary Regular expressions Internal functions (e.g., checksums, dates, etc.) Other evidence in proximity Large keyword dictionaries M of N keyword matches Uniqueness Grouping & logical operators Negative evidence Document fingerprints Exact Data Match (EDM) Advanced fingerprinting ML-assisted classification Future © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9/14/2018 6:51 PM Exact Data Match (EDM) Detects exact values stored in a database or file Match only on data you specify Match on individual values or combinations of them Stores fingerprints — no actual PII stored Name: Sara Davis SSN: 523-37-1866 SSN First Name Last Name 523-37-1866 Sara Davis 386-84-1460 John Doe … Name: John Doe SSN: 523-37-1866 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Sensitive Type Authoring UX 9/14/2018 6:51 PM Sensitive Type Authoring UX Custom sensitive types seeing immense adoption, rapidly growing Building authoring on top of XML Create & test before deploying © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES AZURE INFORMATION PROTECTION Classify, label & protect files – beyond Office 365, including on-prem & hybrid MICROSOFT CLOUD APP SECURITY Visibility into 15k+ cloud apps, data access & usage, potential abuse DETECT OFFICE 365 DLP Prevent data loss across Exchange Online, SharePoint Online, OneDrive for Business OFFICE 365 ADVANCED SECURITY MANAGEMENT Visibility into Office 365 app usage and potential data abuse 3rd PARTY DLP Enable DLP providers to consume labels, apply protection MICROSOFT’S INFORMATION PROTECTION TECHNOLOGIES MONITOR CLASSIFY WINDOWS INFORMATION PROTECTION Separate personal vs. work data on Windows 10 devices and prevent work data from traveling to non-work locations OFFICE APPS Protect sensitive information while working in Excel, Word, PowerPoint, Outlook MESSAGE ENCRYPTION Send encrypted emails in Office 365 to anyone – inside or outside of the company PROTECT OFFICE 365 ADVANCED DATA GOVERNANCE Apply retention and deletion policies to sensitive and important data in Office 365 CONDITIONAL ACCESS Control access to files based on policy, such as identity, machine configuration, geo location SHAREPOINT & GROUPS Protect files in libraries and lists

Please evaluate this session Tech Ready 15 9/14/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite https://myignite.microsoft.com/evaluations Phone: download and use the Microsoft Ignite mobile app https://aka.ms/ignite.mobileapp Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.