To comply with business standards and industry regulations, it’s critical that your organization protect sensitive information such as credit card numbers and health records to prevent its inadvertent disclosure. Data loss prevention (DLP) policies in Microsoft Office 365 (M365) helps you identify and protect your organization’s sensitive information. As an example, you can set up policies to help make sure information in email and files aren´t shared with the wrong people.
To help with this, set up DLP policies to identify, monitor, and automatically protect sensitive information across M365. When creating a DLP policy, you can choose between a number of pre-built templates or create your own.
I will in this example use the GDPR template that look for the following sensitive information types:
-
EU Debit Card Number
-
EU Driver’s License Number
-
EU National Identification Number
-
EU Passport Number
-
EU Social Security Number (SSN) or Equivalent ID
-
EU Tax Identification Number (TIN)
After selecting a template, you then select where the policy should be valid, or if any locations should be excluded. DLP covers now also Teams chat and channel messages.
After this, you define the policy settings.
You have a lot of options here, and let me explain them in more detail.
Conditions: How many instances should be allowed, how accurate do you want it, etc.
Exceptions: When should the DLP policy not be active?
Actions: Decide actions to protect content when the conditions are met.
User notifications and overrides: Decide if users should be notified when conditions are met, and if users should see the tip and be able to justify or override the policy.
Incident reports: Decide who should be notified when the conditions are met.
Before turning on the DLP policy, you can let it run in test mode to check the results. Watch an extended overview of DLP and learn how it helps protect your sensitive content.
Feel free to contact us if you need help determining how to automate Office 365 compliance.