“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

Slides:

Advertisements

Similar presentations

An Introduction to SharePoint Applications using InfoPath 2010

Advertisements

2 DLP helps to identify monitor protect sensitive data through deep content analysis.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

System glitches Malicious intentOops! 39% 24% 37% 97% avoidable! Online Trust Alliance: 2013 Data Protection and Breach Readiness Guide.

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.

As Never Seen Before Ronen Gabbay Microsoft Exchange Regional Director U-BTech & Hi-Tech CTO.

Microsoft Ignite /17/2017 2:11 PM

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Chapter 7 Database Auditing Models

Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.

Computer Associates Solutions Managing eBusiness Catalin Matei, April 12, 2005

Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

MEC /22/2017 5:53 AM © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Florida Information Protection Act of 2014 (FIPA).

Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.

Module 9 Configuring Messaging Policy and Compliance.

Security Best-in-class security with over a decade of experience building Enterprise software & Online services Physical and data security with access.

Empower the User Outlook, Word, PowerPoint, SharePoint, Mobile Apps, etc. Exchange, SharePoint, Lync, AD, File Server, third parties, etc. Exchange/

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

Module 9 Configuring Messaging Policy and Compliance.

Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.

Module 7 Planning and Deploying Messaging Compliance.

“SaaS secure web and gateways frequently provide efficiency and cost advantages, and a growing number of offerings are delivering an improved.

Coding Compliance Components Writing Custom Policies for Auditing, Expiration and More Jason Morrill Program Manager Windows SharePoint Services.

Dino Tsibouris & Mehmet Munur Privacy and Information Security Laws and Updates.

Keep Your Information Safe! Josh Heller Sr. Product Manager Microsoft Corporation SIA206.

Rockton Connect, the powerful, scalable, easy-to-use, and already integrated accounting software for Microsoft Dynamics CRM.

Information explosion 1.4X 44X Protect communications.

Microsoft Virtual Academy Chris Oakman | Managing Partner Infrastructure Team | Eastridge Technology Curtis Sawin | Technical Solutions Professional |

Your data, protected and under control wherever they go SealPath Enterprise – IRM

Protect communications Conditions Actions Exceptions Conditions Actions Exceptions.

Data Loss Prevention and Information Rights Management in SharePoint Tim Beamer, Plus Consulting

Data Loss Prevention (DLP) in Microsoft Office 365

ActiveSync & DLP management in Exchange Online

Intro to Data Loss Prevention In SharePoint 2016\Office 365

Data Loss Prevention in Office 365

Encrypted from CDS Office Technologies

Florida Information Protection Act of 2014 (FIPA)

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,

Exchange security and protection

Protect sensitive information with Office 365 DLP

7/23/2018 6:01 PM BRK2282 Protecting complete data lifecycle using Microsoft’s information protection capabilities Gagan Gulati Alex Li Principal.

Protect your data in Office 365 with Data Loss Prevention

Extending classification ,labeling , and protection to 3rd party applications Kartik Microsoft Tony Digital Guardian Amit Cohen.

Understanding best practices in classifying sensitive data

Florida Information Protection Act of 2014 (FIPA)

Data Loss Prevention in O365:The Basics

Azure Information Protection

11/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Customize and Tune Microsoft Office 365 Data Loss Prevention

Azure Information Protection

Security in SharePoint and Teams with DLP, IRM, and AIP

Top 10 Tips for GDPR Compliance in Office 365

Encryption in Office 365 Shobhit Sahay Technical Product Manager

Data Loss Prevention in Office 365

IN THE PAST, THE FIREWALL WAS THE SECURITY PERIMETER devicesdata users apps On-premises.

4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Data Loss Prevention in Office 365

Microsoft Data Insights Summit

Make it real: Help your customers comply with the GDPR

Comodo Dome Data Protection

Security in SharePoint and Teams with DLP, IRM, and AIP

Presentation transcript:

“ “ Accidental with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

Helps to identify monitor protect sensitive data through deep content analysis.

Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Can work even when disconnected Admin customizable text and actions User education

Outlook policy distribution Contextual policy education DLP policy configuration Backend policy evaluation Audit & incident data generation Admin Information workers

Text extraction Transport rule agent Classification Integrated into Exchange Transport Rule (ETR) engine Runs in categorizer during OnResolvedMessage Integrated as a new ETR Predicate Performs text extraction for body & attachments followed by classification Can be combined with any existing Predicates & Actions

DLP policy templates Built-in templates based on common regulations Import DLP policy templates from security partners Build your own

DLP policy rules Built on transport rules Supports discovery phase of compliance Take action to enforce policy Hold, block, audit & provide notification for that contains sensitive business data Conditions Actions Exceptions

Sensitive content detection Predefined rules targeted at sensitive data types Advanced content detection Combination of regular expressions, dictionaries, and internal functions (e.g. validate checksum on credit card numbers) Extensibility for customer and ISV defined data types

Content analysis process Joseph F. Foster Visa: Expires: 2/2012 Get Content  a 16 digit number is detected RegEx Analysis  matches checksum  does NOT match Function Analysis 1.Keyword Visa is near the number 2.A regular expression for date (2/2012) is near the number Additional Evidence 1.There is a regular expression that matches a check sum 2.Additional evidence increases confidence Verdict Examples

Audit data Classification Rule details Match details

DLP reporting and auditing Comprehensive view of DLP policy application Drill into specific departures from policy to gain business insights Downloadable excel workbook & incident reports

Countr y PIIFinancialHealth US US State Security Breach Laws, US State Social Security Laws, COPPA GLBA & PCI-DSS (Credit, Debit Card, Checking and Savings, ABA, Swift Code) Limited Investment: US HIPPA, UK Health Service, Canada Health Insurance card Rely on Partners and ISVs Germany EU data protection, Drivers License, Passport National Id EU Credit, Debit Card, IBAN, VAT, BIC, Swift Code UK Data Protection Act, UK National Insurance, Tax Id, UK Driver License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Canada PIPED Act, Social Insurance, Drivers License Credit Card, Swift Code France EU data protection, Data Protection Act, National Id (INSEE), Drivers License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Japan PIPA, Resident Registration, Social Insurance, Passport, Driving License Credit Card, Bank Account, Swift Code Australia Drivers License, Passport, Social InsuranceCredit Card, Bank Account, Swift Code

DLP extensibility points Custom DLP content: Supplemental DLP policy rules Supplemental DLP classification rules Incident reports integration with custom workflows Custom reporting solutions

MessageStats Business Insights from Dell Complements the native DLP reporting in Exchange Online for organizations using Exchange 2013 on-premises Gathers DLP data from the message tracking logs and reports on policy violations Generates customized reporting to deliver granular results

Exchange 2013 DLP features Education experience in Outlook 2013 Available in Exchange Server and Office 365 Out of the box DLP policy templates Predefined sensitive content types Support for 3rd party defined DLP policy templates DLP administration in Exchange Admin Center Rich reporting

Exchange 2013 DLP introduction DLP policy templates Managing DLP policies OOB DLP policy templates Policy tips in Exchange Supported file types