How Office 365 Data Loss Protection can mitigate the risk of data breaches
Although we’re primarily an analytics company, at Clariba we like to maintain an up to date awareness of the wider business context in which we operate. Recently, we’ve been looking at the risks around data protection practices and how these can be mitigated using AI. We thought it would prove helpful to our readers to publish our findings, even if the subject matter is something of a departure from our core output.
Compliance with data protection legislation is something that, in today’s highly connected world, almost every company must be conscious of at some level. With the introduction of more robust laws such as the GDPR in the EU, and correspondingly robust sanctions for any company who fails to comply, the legal and financial risk to businesses, should any data breach occur, has arguably never been greater.
Organisations have a number of tools at their disposal to mitigate this risk. Compliance training, including regular refresher sessions, is designed to inform employees at all levels of their responsibilities and reporting requirements. Enhanced cybersecurity measures can protect sensitive data against potential hackers, both in transmission and in storage.
However, there’s always the potential for human error. Even a momentary lapse in concentration on the part of a single employee has the potential to cause a data breach which, when discovered, could cost the business a considerable amount in fines.
Office 365 Data Loss Protection (DLP) provides automated protection against the accidental or inadvertent sharing of sensitive information or personal data to avoid exactly this type of scenario. It runs in the background, scanning emails, messages, documents and files for potentially sensitive data, and restricts users’ ability to share any data tagged as sensitive.
Examples include credit or debit card numbers, social security numbers, email addresses and telephone numbers, and personal health information. The system can also be programmed to recognise novel and specific types of data which may be of concern to particular industries.
Using the DLP configurations, which are located within the Office 365 Security and Compliance Center, sensitive data can be identified, monitored and unauthorized sharing restricted. Key features of the system include:
Portals including Exchange Online, SharePoint Online, OneDrive Business, MS Teams can be monitored and controlled for sensitive data.
Any data which is tagged as sensitive can be protected from accidental sharing.
Desktop versions of MS Office applications (Word, Excel, Powerpoint etc.) can also be monitored and controlled.
Detailed and comprehensive DLP reports can be created, shared and archived.
The Office 365 DLP configuration includes five basic components:
Location: such as Exchange Online, MS Teams, Word/Excel etc.
Rules: determines the rules to identify and investigate sensitive data.
Actions: determines the necessary actions in case of any rule conflicts.
User Notifications: informs users of the reason an action was denied.
Incident Reports: immediate reporting of any data policy conflict.
After completing the DLP configuration, it is possible to create an overall report of the whole configuration including rules, conflicts, false positive incidents, and override actions.
So in summary, implementing Office 365 Data Loss Protection adds an extra layer of protection for organisations working with personal or restricted data in any form, and hugely lowers the risk of an unintentional breach.
The user notification system also reinforces staff training, leading to employees becoming more aware of their responsibilities over time, and ultimately strengthening data protection compliance within business units.
For companies already using Office 365, or those considering or in the process of implementing the suite, utilising the DLP functionality which is natively available makes sense from multiple perspectives, and at Clariba, we would wholly recommend it.