Event details
Is DLP a security or a compliance thing? it depends, and its confusing, sometimes MSFT treats it as compliance, but then the alerts go through the Defender connector which is a "security" thing. reconciling these discrepancies would be helpful.
- Heather_Poulsen
Community Manager
Thanks for participating in the Tech Accelerator! For reference, the panel covered this topic at around 22:20. - It's a lovely bit that is both. You have the mandate to protect PII/PHI data, which makes it a compliance issue, but also you have the security elements for needing to protect company/proprietary data.
- Sarahzin_Shane
Microsoft
Hi Dean! It really can be and is both. You have a way that you build in security using DLP. You are also able to maintain compliance with industry regulations. We have built in templates to help guide that process as well. What would be the ideal scenario to combine these two streams for you? It is feedback I can take back to my team.
- implementing least privileged admin roles to work with DLP is just one of many related issues. As an MSSP who monitors many organizations, DLP alerts lead to all kinds of complex response processes.
- Sarahzin_ShaneHi Dean! Of course. In this case, are you asking for more advanced filtering with several orgs? If you’d like to directly ping me, we work on that feedback on how the ideal scenario would work too!
- It is both. And it is not a Microsoft "definition way". We are using it for both reasons: - being compliant - protecting data and educate users as well.
