Session

Office 365 data loss prevention de-mystified

Imagine this scenario: an employee is working on a sensitive document and uses OneDrive to store and share this with co-workers. The material in the document is highly classified as it pertains to a new marketing strategy. Because information protection was still in the "pilot-phase", the document itself was not protected.

The employee wants some feedback on the material. He opens Outlook, types the recipients and attaches a link to the document. The link is set to "Recipients can edit". He sends the e-mail. Unfortunately, he also included an external person by accident.

The classified document ended up with the external person and the organization suffered a data loss.

These scenarios are more common than you might think. Employees are busy enough with the day to day activities to be worried about the consequences of sharing sensitive information. And this sensitive information is more widespread within the organization. An email containing personal identifiable information sent to internal and external parties, a list of credit card numbers exported from the CRM system and stored in a SharePoint site, teams exchanging information which according to guidelines is not allowed.

What if, in our scenario, the external access to the document was automatically blocked and our employee would be notified of this? For this, Office 365 offers build-in data loss prevention. A compliance features which allows you to log events, display warnings and send e-mails and actively block sharing activities. In our scenario's the access to the document for the external person would be blocked

In this session, Albert will describe the functions of data loss prevention and the architecture which supports it. Albert will explain the concepts of sensitive information types, proximity, certainty, information barriers, trainable classifiers and Cloud App Security. He will also provide pointers to pitfalls which should be avoided.

At the end of this session you will have a very clear understanding of data loss prevention for Office 365, its roadmap and how to start using it right away.

Albert Hoitingh

Dial Microsoft MVP and CISSP with a taste for Governance, Risk and Compliance.

The Hague, The Netherlands

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top