3. “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “

4. Data Loss Prevention in Microsoft Office Helps to identify monitor protect sensitive data through deep content analysis Identify Protect Monitor End user education

6. Policy distribution Contextual policy education DLP policy configuration Backend policy evaluation Audit & incident data generation Admin Information workers DLP system walkthrough

7. Integrated into Exchange Transport Rule (ETR) engine Runs in categorizer during OnResolvedMessage Integrated as a new ETR predicate Performs text extraction for body & attachments followed by classification Can be combined with any existing predicates & actions Text extraction Transport rule agent Classification DLP content detection flow in Exchange

8. Content Processing Component Delete item Crawler Index Insert new or updated item Runs in Content Processing Pipeline as an operator Invoked for search crawler as new content discovered and changed Classification results and counts stored in the content index

9. DLP Policy Enforcement Flexible tools for policy enforcement that provide the right level of control Transport Rules Rights Management Data Loss Prevention ALERT CLASSIFY ENCRYPT APPENDOVERRIDE REVIEW REDIRECT BLOCK

10. DLP policy templates Built-in templates based on common regulations Import DLP policy templates from partners Build your own

12. Sensitive content detection Predefined rules targeted at sensitive data types Advanced content detection Combination of regular expressions, dictionaries, and internal functions (e.g. validate checksum on credit card numbers) Extensibility for customer and ISV defined data types

13. Built-in DLP Content Areas CountryPIIFinancialHealth US US State Security Breach Laws, US State Social Security Laws, COPPA GLBA & PCI-DSS (Credit, Debit Card, Checking and Savings, ABA, Swift Code) Limited Investment: US HIPPA, UK Health Service, Canada Health Insurance card Rely on Partners and ISVs Germany EU data protection, Drivers License, Passport National Id EU Credit, Debit Card, IBAN, VAT, BIC, Swift Code UK Data Protection Act, UK National Insurance, Tax Id, UK Driver License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Canada PIPED Act, Social Insurance, Drivers License Credit Card, Swift Code France EU data protection, Data Protection Act, National Id (INSEE), Drivers License, Passport EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code Japan PIPA, Resident Registration, Social Insurance, Passport, Driving License Credit Card, Bank Account, Swift Code Australia Drivers License, Passport, Social InsuranceCredit Card, Bank Account, Swift Code

14. Examples: Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2015 Get Content 4485 3647 3952 7352  a 16 digit number is detected RegEx Analysis 1.4485 3647 3952 7352  matches checksum 2.1234 1234 1234 1234  does NOT match Function Analysis 1.Keyword Visa is near the number 2.A regular expression for date (2/2015) is near the number Additional Evidence 1.There is a regular expression that matches a check sum 2.Additional evidence increases confidence Verdict Content analysis process

15. DLP Document Fingerprinting

16. Fabrikam Patent Form Tracking Number Author Date Invention Title Names of all authors... Get Template Content 1.Condensed representation of the template content 2.Document is not stored 3.Stored as a sensitive information type Create Fingerprint Fabrikam Patent Form Tracking Number 12345 Author Alex Date 1/28/2014 Invention Title Fabrikam Green Energy... Get Email Content 1.Temporary in memory representation 2.Used for comparson with source fingerprint created at config time Create Fingerprint 1.Compare the two fingerprints 2.Evaluate a ’containtment coefficient’ to declare template contained in email content Verdict CONFIGURATIO N RUNTIME Document Fingerprinting CLASSIFICATION RULE with FINGERPRINT GENERATION Evaluation + verdict

18. DLP in SharePoint Online Search for sensitive data Built-in classifications Identification and export Extends to data in OneDrive

20. User education Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Can work even when disconnected Admin customizable text and actions Outlook OWA

21. Policy Tips in OWA for devices

23. DLP reporting and auditing Comprehensive view of DLP policy application Drill into specific departures from policy to gain business insights Export to excel workbook & email incident reports

24. Real Time Notifications Audit data Classification Rule details Match details

25. DLP extensibility points Custom DLP content Supplemental DLP policy rules Supplemental DLP classification rules Incident reports integration with custom workflows Custom reporting solutions Remote PowerShell management

26. Deep content analysis engine 46 OOB sensitive information types 40 OOB DLP Templates Support for 3rd party defined DLP policy templates Policy Tips in OWA and Mobile OWA Advanced Document Fingerprinting in Exchange, Outlook, and OWA 5 new OOB sensitive information types Policy Tips in Outlook 2013 Contextual user education and empowerment Incident management Rich reporting DLP in SharePoint coming soon

27. Exchange 2013 DLP introduction http://blogs.technet.com/b/exchange/archive/2012/09/28/introducing-data-loss-prevention-in-the-new-exchange.aspx http://technet.microsoft.com/en-us/library/jj150527.aspx DLP policy templates http://technet.microsoft.com/en-us/library/jj657730 Managing DLP policies http://technet.microsoft.com/en-us/library/jj673559 OOB DLP policy templates http://technet.microsoft.com/en-us/library/jj150530 Policy tips in Exchange 2013 http://technet.microsoft.com/en-us/library/jj150512 Supported file types http://technet.microsoft.com/en-us/library/jj674307 MessageStats Quick Guide http://mbidemo.quest.com/Insights/#page/home

28. Q&A

30. www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd