Data Loss Prevention

The Challenges

• My organization needs to identify, monitor and protect sensitive corporate data
  
• I have compliance policies that I need to implement
  
• My compliance officer is charged with securing corporate information

What is Microsoft Data Loss Prevention (DLP)?

Securing corporate information is serious business.  It can be difficult to implement.  There are always new threats and new rules intended to protect corporate financial, health and personally identifiable information (PII).  Industry rules and policies.  Business partner requirements.  Government requirements.  Not to mention internal requirements to protect your sensitive financial data and intellectual property.

Identify

Microsoft DLP tools allow you to create policy rules to identify the sensitive data you want to protect.  You can select from dozens of predefined rule templates (e.g. Financial Data (by country), PII (by country), US Social Security, UK Data Protection Act…) and tailor the rules to your specific requirements (e.g. allow a user to send a single credit card number to users outside the company by email or shared file/folder). And you can create custom rules for policies not covered by the predefined templates.  Policies are distributed to all devices (e.g. Outlook clients).

Monitor

For each policy you determine which type(s) of resources you want to protect (email, Office 365/SharePoint, and/or OneDrive).  The system then monitors all devices using the rules you have defined.  When a rule is violated, the user receives a message immediately.  By rule, you can define an over-ride policy to allow the user to send the message/file, and to attach a business reason – notification is sent to your compliance officer/team.

Protect

Sensitive information is blocked as your policies are enforced.  Alerts are created, sensitive messages are classified and encrypted and logged for review by compliance officers.  A DLP dashboard provides insight into frequency and type of information blocked plus drill-down to review details and if necessary, to identify new rules or helpful changes to existing rules.

How can B2B help?

A B2B Data Loss Protection consulting engagement begins with interviews and internal systems reviews that identify your DLP objectives, your current DLP systems and the areas requiring improvement.
The scope of our recommended solutions is corporate wide protection of email and documents using the DLP features of Microsoft Exchange, SharePoint (on premise or Azure) and OneDrive.

If you are using Office 365 or SharePoint, give us a call or fire up a chat.  We’d love to talk about your situation and show how we can help lighten the burden of DLP compliance.