How Data Loss Prevention Policies in Office 365 Protect Your Business

Microsoft Office has enjoyed being the industry standard in desktop productivity for over 20 years. Recent years have also seen the rapid growth of the Office 365 line of products, of which the traditional Office desktop apps are core components. Every bit as significant, however, is that many organizations now trust Microsoft with their private corporate data, which now accounts for a large percentage of the files stored online using the OneDrive cloud storage service.

Although there has long been a popular misconception that the cloud is inherently less secure than an on-premises data center, Office 365 does provide enterprises with the tools they need to keep their data safe as per compliance regulations like HIPAA and PCI-DSS. That’s why Office 365 for Business ships with the Security & Compliance Center, one of the core features of which is data loss prevention.

How Does Data Loss Prevention Work in Office 365?

Data loss prevention lets administrators define policies that will automatically take action on any content that needs to be handled within the bounds of certain rules. If the application detects any attempted data breach or improper handling of any information defined as confidential, it will alert both the administrator and the end user to permit them to act accordingly.

DLP in Office 365 provides a fully automated approach, thereby eliminating the necessity for any complex and repetitive processes that might be subject to human error. It starts by providing a complete view of where your data is physically located by automatically discovering sensitive information stored in your database. Even if your database contains years’ worth of financial documents, customer details, health records and other confidential information, DLP will still be able to locate and protect your data. In most cases, this initial implementation process will take a few hours, although it depends on the size and complexity of your database.

While it’s Microsoft’s obligation to deliver a secure cloud platform for companies to store their confidential data, it’s up to the customer to ensure that compliance and internal security policies are met. That’s exactly where data loss prevention comes in, since it provides a complete platform for meeting the following critical security goals:

  • Preventing regulated data from being uploaded to OneDrive if doing so would violate internal policies or existing industry regulations
  • Preventing confidential data from being sent outside the organization or to any unauthorized third parties

With the above in mind, you’ll be ready to create DLP policies as per the requirements of your organization and the industry in which it operates. You can create a new DLP policy by visiting the Office 365 Administration Center on your company account page and navigating to Admin Centers – Security & Compliance – Data Loss Prevention.

Creating a DLP policy for Office 365 couldn’t be easier thanks to the many templates provided. They are designed to help you meet specific industry regulations in different states and countries and save you from having to write new DLP policies from scratch. Depending on the sensitive data type you choose, Office 365 will then look out for information like the following:

    • Bank account numbers
    • Credit card numbers
    • User logins and passwords
    • Personal health information
    • Salary information
    • Account numbers
    • Social security numbers

Once you’ve activated a policy, Office 365 will constantly monitor your data, whether it’s stored in SharePoint Online, an Exchange Server, OneDrive or your local computer. If the system detects what it suspects to be a confidential information leak, it will then send an alert to the end user.

For example, if an employee attempts to send credit card details by email, they may be greeted with a notification drawing their attention to your security policies. Depending on your settings, this notification may only be a warning, or it may also prevent the message from being sent entirely.

In another example, you can use DLP to automatically prevent highly confidential data from being uploaded to Office 365’s online storage service OneDrive. You can create any type of policy you like, including fully customized ones that can identify confidential data by dictionary terms, structure and form, or meta information.

Here at Dyrand, we believe that technology should work for you rather than against you. That means it should be secure, smart and simple to use. That’s why we help businesses get set up in the cloud with Office 365. Contact us today to find out more.