Data Loss Prevention in Office 365 Scott Schnoll
Senior Program Manager
Microsoft Corporation
Introduction to Data Loss Prevention in Office 365
End-User Experiences
Policy Management Fundamentals
Sensitive Content Detection
Reporting
Represents United States Source: http://www.privacyrights.org
identify
monitor
protect
Custom DLP content Supplemental DLP policy rules
Supplemental DLP classification rules
Incident reports integration with custom workflows
Custom reporting solutions
Remote PowerShell management
Demo DLP User Experience
Policy distribution across workloads
DLP policy configuration
DLP Overview
Flexible tools for policy enforcement that provide the right level of control
Transport rules
Rights management
Data loss prevention
Alert
Classify
Encrypt
Append Override
Review
Redirect
Block
Country PII Financial Health
US US state security breach laws, US state social security laws,
COPPA
GLBA and PCI-DSS
(Credit, debit card, checking and savings, ABA, swift code) Limited investment:
US HIPAA,
UK health service,
Canada health
insurance card
Rely on partners
and ISVs
Germany EU data protection, Driver's license, Passport national ID EU credit, debit card, IBAN, VAT, BIC, Swift code
UK Data protection act, UK national insurance, Tax ID,
UK driver license, Passport
EU Credit, Debit Card, IBAN, BIC, VAT, Swift Code
Canada PIPED act, Social insurance, Driver's license Credit card, Swift code
France EU data protection, Data protection act, National id (INSEE),
Driver’s license, Passport
EU credit, debit card, IBAN, BIC, VAT, Swift code
Japan Pipa, Resident registration, Social insurance, Passport, Driving
license
Credit card, Bank account, Swift code
Australia Driver's license, Passport, Social insurance Credit card, bank account, swift code
Finland Finland national ID
Poland Poland national ID (PESEL), Poland identity card, Poland
passport
Taiwan Taiwan national ID
Across Compliance Areas
Across Applications
Demo DLP Policies
Examples:
Runs in content processing pipeline as an operator
Invoked by search crawler as new content is discovered and changed
Classification results and counts stored in the content index
Document summary
Property mapping
Document parser
Custom entity extraction
Word breaking
ifilter sandbox
Language detection
Delete item
Delete links
Insert new or updated item
Matching derivative document from a previously configured template
A tax firm needs to detect and encrypt standard tax forms, like the 1040 EZ, W2, etc.
A law firm can fingerprint legal forms, and have them detected automatically for policy application
Integrates with the existing DLP infrastructure as a custom sensitive information type
Surfaced in Exchange, Outlook, and OWA
Co
nfi
gu
rati
on
Fingerprint generation from template documents
Fingerprint stored as custom sensitive type
Configured in policy rules as any other custom sensitive type
Ru
nti
me
Fingerprint generated at run-time for target attachment
Fingerprint evaluated against configured fingerprints for template documents
Match declared based on ‘containment coefficient’
Evaluation + verdict
Demo DLP Document Fingerprinting
Comprehensive view of DLP policy application
Drill into specific departures from policy to gain business insights
Request detailed reporting data up to 90 days
Export reports to Excel workbook and email incident reports
Deploy!
http://blogs.technet.com/b/exchange/archive/2012/09/28/introducing-data-loss-prevention-in-the-new-exchange.aspx
http://blogs.technet.com/b/exchange/archive/2014/02/25/data-loss-prevention-in-exchange-just-got-better.aspx
http://blogs.office.com/2014/08/27/search-sensitive-content-sharepoint-onedrive-documents/
http://technet.microsoft.com/en-us/library/jj657730
http://technet.microsoft.com/en-us/library/jj673559
http://technet.microsoft.com/en-us/library/jj150530
http://technet.microsoft.com/en-us/library/jj150512
http://technet.microsoft.com/en-us/library/jj674307
http://aka.ms/OFC314
Session Evaluation