Edge Pereira presentation at Microsoft TechEd Australia. Session OSS304 Regulatory Compliance and Microsoft Office 365 - data leakage protection, dlp, privacy, sharepoint
4. Source: Gartner Report: IT Governance, Risk, and Compliance Management Solutions, http://www.gartner.com/resId=1884814
5.
6.
7.
8. Levels and activities are driven by many factors
For example
• Public or private sector
• Industry vertical
• Business activities
• Geography
• Laws or regulation
Example Avanade
9.
10. Built-in Office 365 capabilities
(global compliance)
Customer controls for
compliance for internal policies
• Access Control
• Auditing and Logging
• Continuity Planning
• Incident Response
• Risk Assessment
• Communications Protection
• Identification and Authorisation
• Information Integrity
• Awareness and Training
• Data Loss Prevention
• Archiving
• eDiscovery
• Encryption
• S/MIME
• Legal Hold
• Rights Management
16. “Data loss/leak prevention solution is a system that is designed
to detect potential data breach / data ex-filtration transmissions
and prevent them by monitoring, detecting and blocking
sensitive data while in-use (endpoint actions), in-motion
(network traffic), and at-rest (data storage).“[1]
[1] http://en.wikipedia.org/wiki/Data_loss_prevention_software
“Quotation...”
Good definition
http://csrc.nist.gov/groups/SNS/rbac/documents/data-loss.pdf
19. •
•
•
credit cards, and SWIFT codes)
medical account number and TFN)
driver's license)
driver's license and passport number)
20. Country PII Financial Health
USA
US State Security Breach Laws,
US State Social Security Laws, COPPA
GLBA & PCI-DSS
(Credit, Debit Card, Checking and
Savings, ABA, Swift Code)
Limited Investment:
US HIPPA,
UK Health Service,
Canada Health
Insurance card
Rely on Partners
and ISVs
Germany
EU data protection,
Drivers License, Passport National Id
EU Credit, Debit Card,
IBAN, VAT, BIC, Swift Code
UK
Data Protection Act,
UK National Insurance, Tax Id, UK Driver
License, Passport
EU Credit, Debit Card,
IBAN, BIC, VAT, Swift Code
Canada
PIPED Act,
Social Insurance, Drivers License
Credit Card,
Swift Code
France
EU data protection,
Data Protection Act,
National Id (INSEE),
Drivers License, Passport
EU Credit, Debit Card,
IBAN, BIC, VAT,
Swift Code
Japan
PIPA,
Resident Registration, Social Insurance,
Passport, Driving License
Credit Card,
Bank Account,
Swift Code
23. • Protect communications
• Basic level of built-in anti-malware and enhanced spam
filtering to help protect your email environment from
threats
Enforce policy
Data loss prevention (DLP) controls that can detect sensitive data in email
before it is sent and automatically block, hold or notify the sender
Simplify management
Unified administration of anti-spam, anti-malware and data loss prevention
within Exchange
26. Find relevant content (documents, emails, Lync conversions)DISCOVERY
PRESERVATION
Place content on legal hold to prevent content modification
and/or removal
Collect and send relevant content for processing
Prepare files for review
PRODUCTION
REVIEW
Lawyers determine which content will be
supplied to opposition
Provide relevant content to opposition
COLLECTION
PROCESSING
28. Provide a high level of immutability by:
• Preserving data in source
• Protecting from deletion
• Protecting from tampering
Provides easy management via:
• Rich query, location and time based content target
• Across Exchange, Lync and SharePoint
• Using Exchange Admin or eDiscovery Centres
48. Content analysis process
Joseph F. Foster
Visa: 4485 3647 3952 7352
Expires: 2/2012
Get
Content
4485 3647 3952 7352 a 16 digit number
is detected
RegEx
Analysis
1. 4485 3647 3952 7352 matches checksum
2. 1234 1234 1234 1234 does NOT match
Function
Analysis
1. Keyword Visa is near the number
2. A regular expression for date (2/2012)
is near the number
Additional
Evidence
1. There is a regular expression that matches
a check sum
2. Additional evidence increases confidence
Verdict
49. Office 365 Message Encryption – Encrypt messages to any SMTP
address
Information Rights Management – Encrypt content and restrict
usage; usually within own organization or trusted partners
S/MIME – Sign and encrypt messages to users using certificates