SMBiT Pro Member Presentation
Data Loss Prevention (DLP) in Office365
Credits:
- Robert Crane http://about.me/ciaops
- David Nicholls https://about.me/david.nicholls
Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...
Office365 DLP for SMBiT Pro (Melbourne, Feb 2019)
1.
2. Robert is recognized within SMBiT Pro as a Valued
Contributor and I must thank him for his contribution
here as he has provided much of this deck for our
benefit.
3. • With so many breaches in the press most of our customers are
very concerned.
• The minute you speak about security you have their attention.
• When you bringing DLP to the table sets you are Offering a
Solution to a Business Problem
When you offer a solution to a problem the
conversation shifts and the customer is more engaged
4. DLP Prevents Data Loss across Exchange Online, SharePoint
Online & OneDrive for Business.
DLP uses automation to assess the data to determine is considered:
confidential, critical, or sensitive
DLP protects Data by restricting or blocking it from sharing or
transmission.
DLP allows us to identify Sensitive Information, then Control and
Limit its egress from the Tenant; be it from Email or Tenant Storage.
5. Source: Office of the Australian Information Commissioner (OAIC) – Q4 2018 Statistics & Reporting
6. Source: Office of the Australian Information Commissioner (OAIC) – Q4 2018 Statistics & Reporting
DLP Protects
this information
out of the box!
7. • DLP reduces RISK – financial, legal, commercial, reputational etc.
• DLP builds business insights as to how sensitive business data is shared & stored
• DLP is a set of policies so it works to protect the Tenant 24×7
• DLP will protect your business data even when your staff are tired or under
pressure; you know, the times when they’re most likely to make mistakes.
• DLP protects your business from accidental sharing as well as intentional or
malicious actions.
DLP brings these Key Benefits to the Office 365 Tenant:
8. DETECT
PROTECT
CLASSIFYMONITOR
MICROSOFT’S
INFORMATION
PROTECTION
SOLUTIONS
WINDOWS INFORMATION PROTECTION
Separate personal vs. work data on Windows 10 devices and
prevent work data from traveling to non-work locations
OFFICE 365 ADVANCED SECURITY MANAGEMENT
Visibility into Office 365 app usage and potential
data abuse
MICROSOFT CLOUD APP SECURITY
Visibility into 15k+ cloud apps, data access & usage,
potential abuse
MESSAGE ENCRYPTION
Send encrypted emails in Office 365 to anyone –
inside or outside of the company
CONDITIONAL ACCESS
Control access to files based on policy, such as identity,
machine configuration, geo location
OFFICE APPS
Protect sensitive information while working in Excel, Word,
PowerPoint, Outlook
AZURE INFORMATION PROTECTION
Classify, label & protect files – beyond Office 365, including
on-prem & hybrid
OFFICE 365 DLP
Prevent data loss across Exchange Online, SharePoint Online,
OneDrive for Business
ISV APPLICATIONS
Enable ISV partners to consume labels, apply protection
OFFICE 365 ADVANCED DATA GOVERNANCE
Apply retention and deletion policies to sensitive and
important data in Office 365
SHAREPOINT & GROUPS
Protect files in libraries and lists
MICROSOFT’S INFORMATION PROTECTION SOLUTIONS
9. PCs, tablets, mobile
Office 365 DLP
Windows Information Protection
& BitLocker for Windows 10
Azure Information Protection
Exchange Online, SharePoint
Online & OneDrive for Business
Highly regulated
Intune MDM & MAM for
iOS & Android
Microsoft Cloud App Security
Office 365 Advanced Data Governance
Datacenters, file
shares
Azure 3rd-Party SaaS
Information protection solutions
O F F I C E 3 6 5D E V I C E S C L O U D S E R V I C E S , S A A S
A P P S & O N - P R E M I S E S
Office 365 Cloud App Security
10. Business1 Enterprise2
Business
Business
Essentials
Business
Premium
ProPlus K1 E1 E3 E5
Estimated retail price per user per month $AUS (with annual commitment) $13.20 $7 $17.50 $19.14 $5.60 $11.20 $29.60 $48.84
Standard
Services
Install Office on up to 5 PCs/Macs + 5 tablets + 5 smartphones per user Business3 Business3 ProPlus4 ProPlus4 ProPlus4
Access to Office apps and documents from all major smartphones and iPad ⚫ ⚫ ⚫ ⚫ ⚫
OneDrive for Business – 1 TB personal online document storage ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Office Online – Create/view/edit rights for online versions of core Office apps for
collaborating on documents
⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Sway for Office 3655 ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Sites - team collaboration & internal portals (SharePoint) ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Private social networking (Yammer) ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Email - 50 GB email, contacts, shared calendars (Exchange) ⚫ ⚫ Kiosk (2GB) ⚫ ⚫ ⚫
Meetings & communications - Web conferencing, IM, video, presence (Skype for Business) ⚫ ⚫ ⚫ ⚫ ⚫
Advanced
Services
On-premises Active Directory synchronization for single sign on ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Mobile Device Management (MDM) for Office 3656 ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫ ⚫
Access to equivalent on-premises server workloads (Exchange Server, SharePoint Server,
Skype for Business Server)
⚫ ⚫ ⚫
Upcoming services: Office 365 Video ⚫ ⚫ ⚫
Legal compliance & archiving needs for email – archiving, eDiscovery, mailbox hold ⚫ ⚫
Information protection – message encryption, rights management, data loss prevention ⚫ ⚫
Enterprise Voice w/Skype for Business (on-prem only)7 ⚫
Equivio Analytics for eDiscovery, Secure Attachments and URLs, Access Control ⚫
End User and Organizational Analytics ⚫
Cloud PBX ⚫
PSTN Conferencing ⚫
11. Features (new in blue)
Office 365
BP
Microsoft 365
Business
Microsoft 365
E3
Microsoft 365
E5
Estimated retail price per user per month $USD (with annual commitment) $17.49 $28.07 $49.06 $89.21
Maximum number of users 300 300 unlimited unlimited
Office Apps Install Office on up to 5 PCs/Macs + 5 tablets + 5 smartphones per user (Word, Excel, PowerPoint, OneNote,
Access), Office Online
Business Business ProPlus ProPlus
Email & Calendar Outlook, Exchange Online 50GB 50GB unlimited unlimited
Chat-based
Workspace, Meetings
Microsoft Teams, Skype For Business ⚫ ⚫ ⚫ ⚫
File Storage OneDrive for Business 1 TB 1 TB unlimited unlimited
Social, Video, Sites Yammer, SharePoint Online, Planner ⚫ ⚫ ⚫ ⚫
Stream ⚫ ⚫ ⚫
Business Apps Scheduling Apps – Booking, StaffHub ⚫ ⚫ ⚫ ⚫
Business Apps – Outlook Customer Manager, MileIQ1 Business center2, Listings2, Connections2, Invoicing2
⚫ ⚫
Threat Protection Microsoft Advanced Threat Analytics, Device Guard, Credential Guard, App Locker, Enterprise Data Protection, ⚫ ⚫
Office 365 Advanced Threat Protection ⚫ ⚫
Windows Defender Advanced Threat Protection ⚫
Office 365 Threat Intelligence ⚫
Identity & Access
Management
Azure Active Directory - SSPR Cloud Identities, MFA, SSO >10 Apps ⚫ ⚫ ⚫
Azure Active Directory - Conditional Access, SSPR Hybrid Identities, Cloud App Discovery, AAD Connect Health ⚫ ⚫
Credential Guard and Direct Access ⚫ ⚫
Azure Active Directory Plan 2 ⚫
Device & App
Management
Microsoft Intune, Windows AutoPilot ⚫ ⚫ ⚫
Microsoft Desktop Optimization Package, VDA ⚫ ⚫
Information
Protection
Unlimited Exchange Archiving3, Office 365 Data Loss Prevention*, Azure Information Protection Plan 1 ⚫ ⚫ ⚫
Azure Information Protection Plan 2, Microsoft Cloud App Security, O365 Cloud App Security ⚫
On-Prem CAL Rights ECAL Suite (Exchange, SharePoint, Skype, Windows, SCCM, Win. Rights Management) ⚫ ⚫
Compliance Litigation Hold, eDiscovery, Compliance Manager, Data Subject Requests ⚫ ⚫ ⚫
Advanced eDiscovery, Customer Lockbox, Advanced Data Governance ⚫
Analytics Power BI Pro, MyAnalytics ⚫
Voice PSTN Conferencing, Cloud PBX ⚫
[1] Available in US, UK, Canada; [2] Currently in public preview in US, UK, Canada; [3] Unlimited when auto-expanding turned on *Data Loss Prevention Features will be available summer 2018
Detailed comparison of plans
14. Powerful protection that’s easy to turn on
Centralized location to manage policies, protection
insights, and investigate matches
Policies configured once and applied across Office
365 services and client end-points
Define the data you want to protect using custom
sensitive types
Consistent policies and experiences across other
compliance capabilities
18. Quick and easy to get started
Intent driven configuration with guided
step-by-step wizards
Surface most common capabilities with
full control just a click away
19. Conditions & Exceptions describe what the
content looks like (or doesn’t look like), and
what events to look for.
Actions define what type of automatic
remediation you want to take when the
conditions match
User notifications & overrides define what
the user sees, and if they have the ability to
override with a business justification
Incident reports trigger email notifications or
Alerts based upon severity of event
20.
21. Protectsensitive documentsfrom
being accidentlyshared outside
your organization
Nocodingrequired; simply upload
sample documentstocreate
fingerprints
Scan emailand attachments to
lookforpatterns that match
documenttemplates
DLP document fingerprinting
28. Getting Started with DLP
• You can get started with DLP via the Office365 Portal and do it manually, this is great
for the first couple of tenants to get a feel for it
• Best Practice is to use PowerShell.
• Using PowerShell means you can script the implementation taking less time and produce more
consistent outcomes.
30. Other Resources courtesy of CIAOPS
• Overview of DLP - https://support.office.com/en-us/article/Overview-of-data-loss-prevention-
policies-1966b2a7-d1e2-4d92-ab61-42efbb137f5e
• Create a DLP policy from a template - https://support.office.com/en-us/article/Create-a-DLP-
policy-from-a-template-59414438-99f5-488b-975c-5023f2254369
• What the DLP policy template includes - https://support.office.com/en-us/article/What-the-
DLP-policy-templates-include-c2e588d3-8f4f-4937-a286-8c399f28953a
• Office 365 Compliance - https://technet.microsoft.com/en-au/library/office-365-compliance.aspx
• What sensitive information types look for - https://support.office.com/en-us/article/What-the-
sensitive-information-types-look-for-fd505979-76be-4d9f-b459-abef3fc9e86b
• Office 365 DLP Document Finger Printing - http://blog.ciaops.com/2018/05/office-365-dlp-
document-finger-printing.html