Unifying Data Loss Prevention in Office 365

Former Employee

All organizations, regardless of size and industry, have data that they consider sensitive. Data Loss Prevention (DLP) is an important capability for protecting this information from getting into the wrong hands. We are always looking to enhance the DLP solution in Office 365 to help meet this organizational need. Today, the Office 365 Team is pleased to announce a single management experience for DLP policy creation and reporting across Exchange Online, SharePoint Online and OneDrive for Business. In addition, they are introducing enhancements to the DLP data delivered via the Management Activity API.


Take a look at the updates and enhancements on Office Blogs.


MTC 01-09.png

6 Replies

Exciting news!


If you want to learn more about DLP, I recommend watching this session: Protect your sensitive information with Office 365 Data Loss Prevention

An independent take on the topic...


You might be familiar with the DLP policies available in Exchange or SharePoint. These policies work, but they are workload-specific. Microsoft has embarked on a journey to replace them with Unified DLP policies, which provide protection across multiple Office 365 workloads. The new policies are not yet as functional as those available for Exchange, but they will get there. https://www.petri.com/unifying-data-loss-prevention-across-office-365

Thank you Tony!

We are investigating setting up the SharePoint eDiscovery center. With this Unified DLP feature coming up, does it still make sense to setup the SharePoint eDiscovery center?


I am reading about it and comparing it with what can be done with the current Content search that can be done with the Office 365 Compliance and Security Center. I do not see the difference between the 2 eDiscovery services. Looks like the Content search in the Office 365 Compliance and Security Center (which covers SPO document searches) does the same function as the SharePoint eDiscovery center.


Any thoughts on this?


Thank you.

My general advice is to use Office 365 functionality whenever possible, so I would definitely use functionality exposed through the Security and Compliance Center instead of anything exposed in an application-specific admin console, like the SharePoint eDiscovery you are considering. At this point, my view is that the application-specific functionality only exists for backwards compatibility with the on-premises applications. All the action is centered on what appears in the Security and Compliance Center.

Good comment. Thanks, Tony!