Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protect your data in Office 365 with Data Loss Prevention

Published byJustin Fields Modified over 6 years ago

Similar presentations

Presentation on theme: "Protect your data in Office 365 with Data Loss Prevention"— Presentation transcript:

1 Protect your data in Office 365 with Data Loss Prevention
8/9/2018 7:27 AM BRK3111 Protect your data in Office 365 with Data Loss Prevention Alex Li Senior Program Manager Lead © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 41 % 50 % 58 % 85 % 88 % Protecting information in a mobile world
Employees say mobile business apps change how they work 41 % 50 % Growth in data volume year over year 58 % Have accidentally sent sensitive information to the wrong person 85 % Enterprise organizations keep sensitive information in the cloud 88 % Organizations unable to prevent loss of sensitive data without automatic protection © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Areas of Focus Intelligence powered insights
Identity & access management Areas of Focus Threat protection Intelligence powered insights Reduce total cost of ownership Protection beyond Office 365 Platform Information protection Security management Compliance solutions

4 MICROSOFT’S INFORMATION PROTECTION SOLUTIONS
DETECT PROTECT CLASSIFY MONITOR MICROSOFT’S INFORMATION PROTECTION SOLUTIONS WINDOWS INFORMATION PROTECTION Separate personal vs. work data on Windows 10 devices and prevent work data from traveling to non-work locations OFFICE 365 ADVANCED SECURITY MANAGEMENT Visibility into Office 365 app usage and potential data abuse MICROSOFT CLOUD APP SECURITY Visibility into 15k+ cloud apps, data access & usage, potential abuse MESSAGE ENCRYPTION Send encrypted s in Office 365 to anyone – inside or outside of the company CONDITIONAL ACCESS Control access to files based on policy, such as identity, machine configuration, geo location OFFICE APPS Protect sensitive information while working in Excel, Word, PowerPoint, Outlook AZURE INFORMATION PROTECTION Classify, label & protect files – beyond Office 365, including on-prem & hybrid OFFICE 365 DLP Prevent data loss across Exchange Online, SharePoint Online, OneDrive for Business ISV APPLICATIONS Enable ISV partners to consume labels, apply protection OFFICE 365 ADVANCED DATA GOVERNANCE Apply retention and deletion policies to sensitive and important data in Office 365 SHAREPOINT & GROUPS Protect files in libraries and lists

5 Office 365 Data Loss Prevention
8/9/2018 7:27 AM Office 365 Data Loss Prevention Office 365 customers adopting data loss prevention – huge increase More and more users protected by DLP – insights and activity feed into Office 365 security graph © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Compliance/Security Officers
8/9/2018 7:27 AM Who We Build DLP For & Where We Focus Target Roles IT Admins Enterprise protection that I can configure according to my company policy. Compliance/Security Officers Analyst recommended protection that is a great ROI. I don’t have to worry about betting on the cloud, and get a complete solution Information Workers Protection doesn’t get in the way of my productivity. Empowering and educating end-users Investment Areas Insights driven protection for your data Sophisticated built-in protection across Office 365 workloads, and extensible by partners © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Demo Educating End Users
8/9/2018 7:27 AM Demo Educating End Users © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Balancing user productivity and risk
Policy Tips help educate users when they are about to violate a policy. Available in desktop, web, and mobile apps.

9 Detect Classify Protect Monitor 8/9/2018 7:27 AM
Scan & detect sensitive data based on policy Classify Classify sensitive data Protect Apply protection actions and access restrictions Audit, report, alert, remediate Monitor © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Detect + Classify Built in, not bolt on
8/9/2018 7:27 AM Detect Classify Built in, not bolt on Integrated directly in content pipeline - Exchange Online, SharePoint Online, and OneDrive for Business Easy to use common sensitive information 80+ sensitive types & 40+ policies for common world wide regulations out of box Tailor the detection to your needs Create custom classification types, dictionaries, and document fingerprints (in Exchange Online) with tuning available NEW Custom sensitive information types across O365 NEW HIPAA template + large dictionary support NEW Grouping, binary operators, and unique matches © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Deep Content Analysis Built-in and custom sensitive type definitions
Microsoft 2016 8/9/2018 7:27 AM Deep Content Analysis Built-in and custom sensitive type definitions Multiple matching techniques and heuristics: Regular expressions Internal functions (e.g., checksums, dates, etc.) Other evidence in proximity Large keyword dictionaries M of N keyword matches Uniqueness Grouping & logical operators Negative evidence Document fingerprints Fully extensible to support custom types Extend built-in types with additional criteria, or create custom types from scratch © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Sensitive Type Authoring UX
8/9/2018 7:27 AM Sensitive Type Authoring UX Custom sensitive types seeing immense adoption, rapidly growing Building authoring on top of XML Create, test, & fine tune before deploying © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Protect Stop a violation before it happens
End users have visibility and are educated though policy tips integrated into Office applications. Balance productivity and security Options to let users override a block if they have a business reason or it is a false positive. Range of protection and enforcement Multiple options like alert, encrypt ( ), block available. NEW Automatic DLP policies for new tenants NEW Policy tips in SharePoint & OneDrive during sharing NEW scoping controls & not-matches NEW Streamlined management experience

14 DLP System Walkthrough: Configuration
Microsoft 2016 8/9/2018 7:27 AM DLP System Walkthrough: Configuration ADMIN DLP policy configuration UNIFIED POLICY STORE Policy distribution across workloads © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Demo DLP Policy Authoring
8/9/2018 7:27 AM Demo DLP Policy Authoring © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Sophisticated Built-in Protection Across Office 365
Microsoft 2016 8/9/2018 7:27 AM Sophisticated Built-in Protection Across Office 365 Powerful protection that’s easy to turn on Centralized location to manage policies, protection insights, and investigate matches Policies configured once and applied across Office services and client end-points Define the data you want to protect using custom sensitive types Consistent policies and experiences across other compliance capabilities © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Built-in Policies & Templates
8/9/2018 7:27 AM Built-in Policies & Templates Proactive default protection policy for most common sensitive content Over 40 policy templates for common industry regulations and compliance needs – included out of the box Easy starting point for further customizations System-generated insights with step-by-step enablement for additional protection controls © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Usage-driven recommendations
8/9/2018 7:27 AM Usage-driven recommendations Quick enablement of additional protection System insights based on actual organizational data usage Simple step-by-step activation workflows Deep content analysis using most common sensitive types © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Simplified DLP Policy Authoring
Microsoft 2016 8/9/2018 7:27 AM Simplified DLP Policy Authoring Quick and easy to get started Intent driven configuration with guided step-by-step wizards Surface most common capabilities with full control just a click away © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Microsoft 2016 8/9/2018 7:27 AM Rich customization Conditions & Exceptions describe what the content looks like (or doesn’t look like), and what events to look for. Actions define what type of automatic remediation you want to take when the conditions match User notifications & overrides define what the user sees, and if they have the ability to override with a business justification Incident reports trigger notifications or Alerts based upon severity of event © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Monitor and Remediate Know when policy is violated
8/9/2018 7:27 AM Monitor and Remediate Know when policy is violated Incident report and alert s inform you in real time when content violates policy. See the effectiveness of your policies Built-in reports help you see historical information and tune policies. Take action to correct violations Investigate violations in your organization and take remediation actions. Integrates with other systems Leverage the Activity Management API to pull information into SIEM and workflow tools. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 DEMO Monitor & Remediate
8/9/2018 7:27 AM DEMO Monitor & Remediate © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Personal Information.docx
8/9/2018 7:27 AM Smart Reports Smart report insights provide information on data abnormalities Suggest actions to take to remediate Enable admins to continue their investigation through the explorer Personal Information.docx © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Investigate and Remediate
8/9/2018 7:27 AM Investigate and Remediate Personal Information.docx DLP Incident report Investigate policy violation in your organization Take remediation steps for documents to prevent further risk Personal Informaton.docx © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 DLP alerts and notification
8/9/2018 7:27 AM DLP alerts and notification Operational view into your protection controls View into policy application and impact across Office 365 deployment: policy, rule, false positive, override action and incident level views Proactive notifications of policy violations Cross-scenario aggregation of signals for more actionable insights © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 8/9/2018 7:27 AM Incident Level View Personal Information.docx DLP Incident report Complete view of DLP detection for quick assessment of impact Consolidates applicable policies, rules, detected classifications Optionally includes sensitive data matches Personal Information.docx Personal Informatin.docx © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Extensibility Office 365 Activity API
8/9/2018 7:27 AM Extensibility Office 365 Activity API Exposing DLP Events Programmatically DLP Activity Feed API Events © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Office 365 Activity API OneDrive for Business
SharePoint Online Compliance Center Office 365 Activity Report Long-term Auditing Storage in O365 Unified Auditing Pipeline Azure AD PowerShell cmdlet Management Activity API Third party application Exchange Online

29 Exposing DLP events programmatically
Microsoft 2016 8/9/2018 7:27 AM Exposing DLP events programmatically DLP event data available via O365 Management Activity API REST-based API exposing audit events in Exchange, SharePoint, OneDrive for Business, Azure AD ISVs can build rich compliance-oriented applications. Customer data is not accessible unless customer grants consent to application 2 types DLP events: DLP event type Available Data Exposed via this Content Type in Activity API Required Permission Non-sensitive Document or that triggered the hit User that triggered the hit Policy, Rule Actions taken Type of sensitive data detected (e.g. Credit card) Audit.Exchange Audit.SharePoint Read Activity Data for your organization Sensitive All non-sensitive data, plus: Value of sensitive data (e.g. Visa ) Context (excerpt of content including chars) Dlp.All Read DLP policy events including sensitive data © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Detect Classify Protect Monitor 8/9/2018 7:27 AM
Scan & detect sensitive data based on policy Classify Classify data and apply labels based on sensitivity Protect Apply protection actions and access restrictions Audit, report, alert, remediate Monitor © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Recent Updates & Upcoming Investments
8/9/2018 7:27 AM Recent Updates & Upcoming Investments Simplified, intent-driven authoring experience Enhanced reporting experience Customizable sensitive information types across all supported locations HIPAA template & ICD9/10 large dictionaries Usage-driven policy recommendations Policy-based alerts & incident reports Sensitive content grouping & uniqueness Content scoping with Office 365 labels DLP in Germany datacenter Policy tips across OneDrive and SharePoint Shares Enhancements for DLP Dynamic scoping for OneDrive accounts Advanced content detection - Exact Data Match (EDM), Advanced fingerprinting, ML-assisted classification New built-in sensitive info types UX for building and fine tuning sensitive types Office365 Message Encryption and Security & Compliance Center Migrate DLP rules from Exchange Admin Center  Security & Compliance Center … and more © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Best practices Get started today with templates
8/9/2018 7:27 AM Best practices Get started today with templates Use test mode to audit impact before impacting *anyone* Turn on Incident Reports to see policy match accuracy results Use valid sample data when testing - © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Information Protection related sessions
Date / Time Keep what you need and don’t horde everything with intelligent data governance in Office 365 Tues, 9:00am-10:15am Protecting complete data lifecycle using Microsoft information protection capabilities Tues, 10:45am-12:00pm Elevating your security with Office 365 clients Tues, 4:30pm-5:45pm Discover what’s new in Azure Information Protection and learn about the roadmap and strategy Weds, 9am-10:15am Protect sensitive information with Office 365 DLP Weds, 10:20am-10:40am Accelerate Azure information protection deployment and adoption Weds, 12:30pm-1:45pm Understanding best practices in classifying sensitive data as part of your information protection strategy Weds, 2:00pm-2:45pm Deploying and managing Windows Information Protection Weds, 4:00pm-5:15pm Extending classification, labeling and protection to third-parties with Azure Information Protection Weds, 5:05pm-5:25pm Encryption key management strategies for compliance Thu, 10:15am-11am Protect your sensitive s through encryption and rights management capabilities in Office 365 Thurs, 2:00pm-2:45pm Understanding advanced concepts in getting the most out of Office 365 Data Loss Prevention Fri, 9:00am-10:15am

34 Resources Other sessions (videos) http://aka.ms/dlp
8/9/2018 7:27 AM Resources Other sessions (videos) © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 Please evaluate this session
Tech Ready 15 8/9/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36

Download ppt "Protect your data in Office 365 with Data Loss Prevention"

Similar presentations

Information explosion 1.4X 44X Protect communications.

Information explosion 1.4X 44X Protect communications.
Protect communications Conditions Actions Exceptions Conditions Actions Exceptions.

Protect communications Conditions Actions Exceptions Conditions Actions Exceptions.
Microsoft Virtual Academy

Microsoft Virtual Academy
Success through People with LinkedIn and O365

Success through People with LinkedIn and O365
Data Loss Prevention (DLP) in Microsoft Office 365

Data Loss Prevention (DLP) in Microsoft Office 365
ActiveSync & DLP management in Exchange Online

ActiveSync & DLP management in Exchange Online
Deployment Planning Services

Deployment Planning Services
Deployment Planning Services

Deployment Planning Services
Make your app a native part of Office with Add-ins

Make your app a native part of Office with Add-ins
9/12/2018 6:21 PM BRK2203 Protect and control your sensitive emails with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.

9/12/2018 6:21 PM BRK2203 Protect and control your sensitive s with new Office 365 Message Encryption capabilities Praveen Vijayaraghavan Principal.
Leverage the O365 Task Ecosystem with Microsoft To-Do and Planner

Leverage the O365 Task Ecosystem with Microsoft To-Do and Planner
Secure Hyperconnectivity with TeamViewer and Windows technologies

Secure Hyperconnectivity with TeamViewer and Windows technologies
Build transformative industry solutions on the Office 365 platform

Build transformative industry solutions on the Office 365 platform
5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.

5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.
Understanding EU GDPR from an Office 365 perspective

Understanding EU GDPR from an Office 365 perspective
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
Azure Information Protection Strategy and Roadmap

Azure Information Protection Strategy and Roadmap
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Deployment Planning Services

Deployment Planning Services
SaaS Application Deep Dive

SaaS Application Deep Dive

Similar presentations

Ads by Google