Microsoft is set to make some news about Exact Data Match (EDM) for DLP. If you are not familiar with what EDM is, check out this blog post. You can also check out Part 1 of my blog series on implementing EDM as well.
Ok, on to the good stuff. First up is that EDM will be supported in the Government Cloud (GCC, GCC High, and DoD) at the end of July! This is great news as it will allow those government entities that utilize Microsoft Government Cloud environments to use EDM to protect sensitive data from being exposed.
Next up is that Microsoft will be adding SALT to all environments for Hashing of the data prior to uploading. If you are not familiar with SALTing you can read more about it here. SALTing of the Hash greatly improves the security of the data being Hashed. SALTing adds random data into the Hashing process to protect the data from being accessed. For EDM the data is Hashed on-premises and then uploaded to the service. This ensures that the actual data is not transmitted or stored in plain text, only the hashed value is stored. When data is processed and compared to the uploaded data, it is hashed in the same manner and the service then compares the hashes to determine a match.
Another improvement coming for EDM will be the support for 100 million rows of data, partially made possible due to a 50% reduction in the time it takes for data upload and indexing. Currently Microsoft’s EDM supports 10 million rows and 5 searchable columns. With the increase of the number of rows supported will allow for companies to utilize the service with larger amounts of data.
Along with the additional rows supported, Microsoft will be introducing data Normalization. What this will provide is the service will be able to compare data that could be in upper or lower case (case insensitivity will be the first normalization available). This will greatly help companies by looking at the data in a consistent manner and reduce the number of searchable columns needed.
Finally, Microsoft will enable customers to be able to encrypt the data using a Customer Managed Key (CMK). When launched, a company will be able to use their own encryption key to encrypt their data.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.