Respond To Data Loss Prevention Alerts
Data Loss Prevention (DLP) Alerts
The DLP alerts will help you in your investigation to find the full scope of the incident and can also be generated from the Microsoft 365 Compliance or Microsoft Cloud App Security. With a DLP policy you able to:
- Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
- For example, you can identify any document containing a credit card number that's stored in any OneDrive for Business site, or you can monitor just the OneDrive sites of the specific people.
- Prevent the accidental sharing fo the sensitive information.
- For example, you can identify any document or email containing a health record that's shared with the people outside your organization, and then automatically block access to that document or block the email from being sent.
- Monitor and protect sensitive information in the desktop versions of Excel, PowerPoint, and Word.
- Just like in Exchange Online, SharePoint Online, and OneDrive for Business, these Office desktop programs includes some capabilities to identify sensitive information and apply DLP policies that provides continuous monitoring when people share content in these Office programs.
- Help users learn how to stay compliant without interrupting their workflow.
- You can also educate your users about the DLP policies and help them remain compliant without blocking their work.
- View DLP alerts or reports showing contents that matches your organization's DLP policies.
DLP Components
Sensitive information types
A sensitive information is generally defined by a pattern that can be identified by a regular expression or a function. In addition, it can also be identified by using the corroborative evidence such as keywords and checksums while also using confidence level and proximity in the evaluation process.
Microsoft 365 compliance comprises of a built-in Sensitive information types like Credit Card Numbers, Bank Accounts, and more, which allows you to create a custom sensitive info type matched on regular expressions, keywords, or an uploaded dictionary.
Sensitivity labels
Sensitivity labels specify the classification of a document and they could be the terms like public, private, or classified. These labels also helps in applying more functionality to the documents, like encryption. The Labels are applied to the documents either manually or automatically based on the sensitive info type.
DLP Policy
A DLP policy contains a few basic things:
- Where to protect the content- Locations such as Exchange Online, SharePoint Online, OneDrive for Business site, as well as the Microsoft Teams chat and channel messages.
- When and how to protect content by enforcing rules comprised of-
1. Conditions that the contest must match before the rule is enforced.
2. Actions that you want the rule to take automatically when content matching the conditions is found.
Cloud App Security file policy
File policies can be set to provide continuous compliance scans, legal eDiscovery tasks, DLP for sensitive content shared publicly, and many more user cases. But Cloud App Security can monitor any file type based on more than 20 metadata filters.
Comments
Post a Comment