Protecting sensitive data from risky or inappropriate sharing, transfer or use is simplified with Microsoft’s unified approach to Data Loss Prevention (DLP).
The new reality of significant numbers of employees working from home or other remote locations indefinitely has created renewed emphasis on providing strong and coordinated protections across all user touchpoints with sensitive data.
Microsoft has long invested in developing cutting-edge information protection solutions for our customers. Microsoft Information Protection (MIP) is a built-in, intelligent, unified, and extensible solution to know your data, protect your data, and prevent data loss across an enterprise – in Microsoft 365 apps, services, on-premises, devices, and third-party SaaS applications and services.
With the recent Public Preview of Microsoft Endpoint DLP, we added native fully built-in DLP capabilities to Windows 10, Office Apps (e.g. Excel), and Microsoft Edge to help prevent risky or inappropriate sharing, transfer, or use of sensitive data across applications or services. Endpoint DLP simplifies deployment scenarios for customers by eliminating the need to install, manage, or update dedicated endpoint agents to support DLP capabilities for a broad set of use cases.
Endpoint DLP integration with Microsoft Edge adds native awareness of Microsoft Information Protection sensitive content classification and labels, and DLP policies to online activities. When users attempt to share or use sensitive information in an unapproved way they are informed using familiar alerts and DLP enforcement prevents the potential loss of sensitive information.
Today we announce the extension of Microsoft data loss prevention to Microsoft Cloud App Security (MCAS). MCAS gives detailed compliance visibility and control to any app your organization wants to use, with over 16,500 cloud apps in our catalog and growing every week. This new capability, rolling out in public preview in the coming weeks, extends integration for Microsoft DLP policy-based content inspection across connected applications such as Dropbox, Box, Google Drive, Webex, One Drive, SharePoint and others. This extension of Microsoft DLP to MCAS helps users remain continuously compliant when using popular native and third-party cloud apps and prevents sensitive content from accidentally or inappropriately being shared. DLP in MCAS now uses the same DLP policy framework common across all Microsoft DLP offerings, to provide a familiar, consistent and seamless compliance experience.
Today, we also announce the general availability ofMicrosoft Graph API for Teams DLP. Organizations with existing third-party DLP deployments can apply, monitor and enforce DLP policies to activities in their Microsoft Teams environments providing direct visibility into risky behaviors of their users.
Microsoft’s unified approach to DLP and the fact that DLP is an integral part of Microsoft Information Protection means that our customers realize quick value and benefit from a consistent user experience and integrated insights.
Quick path to value
Microsoft provides a one-stop approach to data protection and DLP policy deployment in the Microsoft 365 Compliance Center. This helps customers accelerate their deployment of a comprehensive information protection and data loss prevention strategy across all their environments containing sensitive data and realize immediate value.
Microsoft Information Protection provides a common set of classification and data labeling tools that leverage Artificial Intelligence and Machine Learning to support even the most complex regulatory or internal sensitive information compliance mandates. MIP’s 100+ sensitive information types and 40+ built-in policy templates for common industry regulations and compliance offer a quick path to value.
Figure 1: Easy policy configuration in the Microsoft 365 Compliance Center
Microsoft’s data loss prevention solution offers customers the ability to apply a consistent set of policies across individual environments, groups and specific users to monitor and remediate risky activities with sensitive data. Microsoft Information Protection policies can be pushed to all DLP enforcement points without requiring any adaptation or reconfiguration.
Figure 2: DLP policy location choices in the Microsoft 365 Compliance Center
Due to the cloud-based nature of these offerings, customers have a simplified on-boarding experience that does not require the deployment of any additional management infrastructure hardware or software on premise or in the cloud. This approach eliminates one of the most complex and disruptive requirements of traditional deployments.
Consistent user experience
No matter where DLP is applied, users have a consistent and familiar experience when notified of an activity that is in violation of a defined policy. Policy Tips and guidance are provided using a familiar look and feel users are already accustomed to from applications and services they use every day. This reduces end-user training time, eliminates alert confusion, increases user confidence in prescribed guidance and remediations, and improves overall compliance with policies – without impacting productivity.
Figure 3: Familiar user experience in Endpoint
The familiar user experience is maintained across all applications supported by Microsoft’s data loss prevention solution.
Figure 4: Familiar user experience in Edge
Microsoft DLP integrates with other Security & Compliance solutions such as Microsoft Threat Protection and Insider Risk Management to provide broad and comprehensive coverage and visibility required by organizations to meet regulatory and policy compliance.
This reduces the dependence on individual and uncoordinated solutions from disparate providers to monitor user actions, remediate policy violations and educate users on the correct handling of sensitive data at the endpoint, on-premise and in the cloud.
Microsoft Threat Protection provides integrated protection against sophisticated attacks. It unifies a pre- and post-breach defense suite that natively coordinates detection, prevention, investigation and response across endpoints, identities, email and applications. This is critical insight that enhances the context of a DLP event and helps organizations quickly assess if there are additional factors to consider, beyond the DLP policy violation itself and if a broader set of remediations need to take place.
Insider Risk Management provides organizations with the ability to detect, investigate and take actions on risky user activities. Organizations can define a range of acceptable threshold for a broad set of user activities (including device activity) beyond which an alert is generated and displayed in an interactive chart that plots risk activities over time and by risk level for current or past activities. This critical insight enhances the context of a DLP event and helps organizations quickly assess the scope of a policy violations and can help quickly triage intentional vs accidental policy violations.
Microsoft’s DLP solution is part of a broader set of Information Protection and Governance solutions that are part of the Microsoft 365 Compliance Suite. You can sign up for a trial of Microsoft 365 E5 or navigate to the Microsoft 365 compliance center to get started today.
For the latest on Microsoft Information Protection, see this.
For the latest on Insider Risk Management, please see this.
For more information on the Teams DLP API and other connectors and APIs we are announcing at Microsoft Ignite 2020, please see this
To learn more about Microsoft Compliance and access technical training, visit the Virtual Hub today.
Maithili Dandige, Principal Group Program Manager, Microsoft Information Protection and Compliance Engineering
Eric Ouellet, Senior Product Marketing Manager, Microsoft Compliance