Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Information management and data governance in Office 365

1,110 views

Published on

Learn the basics about AIP, Retention labels and DLP in Office 365 and how it can be used to protect our data. This presentation is from SharePoint Unite 2017 in Haarlem, Netherlands.

Published in: Technology
  • Be the first to comment

Information management and data governance in Office 365

  1. 1. Photo by Mark Solarski on Unsplash A presentation by Joanne Klein #SPUnite17
  2. 2. @JoanneCKlein joannecklein@nexnovus.com https://joannecklein.com Joanne Klein SharePoint/O365 consultant, Microsoft MVP Speaker , Trainer, Volunteer Saskatchewan SharePoint/O365 User Group
  3. 3. Information Management …the acquisition of information from one or more sources, the custodianship and the distribution of that information to those who need it, and its ultimate disposition through archiving or deletion… #WOCinTech
  4. 4. Collaboration options changing The Challenges in Office 365 Data Protection options evolving
  5. 5. What IWon’t Cover eDiscovery and Audit Identity and Device Protection
  6. 6. 3 2 1 4 5 The Digital Workplace Information Management Office 365Tools to Help Demos Sage advice
  7. 7. The DigitalWorkplace
  8. 8. Whatisit? “… a business strategy that enables new and more effective ways of working, improves employee engagement and agility, and exploits consumer-oriented styles and technologies.” – *Gartner
  9. 9. Workplacedisrupted The number of teams compared to five years ago Of the world’s data was created in the last two years The number of remote workers compared to 10 years ago Of workforce will be made up of millennials by 2020 2x 90% 4x 50%
  10. 10. Organizations using SharePoint/OneDrive as part of O365 Growth of SharePoint usage in the last year Growth of content stored in the last year Of SharePoint seats are Online MicrosoftNumbers FromIgnite 300K 90% 300% >65%
  11. 11. Department Division Team User Groups Formal Projects Similar Job Role Special Interest Informal Projects Tiger Team Organization wide
  12. 12. BusinessValueofCollaboration? Stay Competitive Maximize contribution Mobile & remote workers External partners/suppliers Productivity Metrics
  13. 13. “What tool to use when?” Information Management ChallengeswithCollaboration inOffice365
  14. 14. What tool to use when…
  15. 15. • Corporate Portal1 • DivisionAreas2 • Project Sites/Workspaces3 • Team/Community Sites4 • Personal Sites5 Structure and Governance
  16. 16. • Corporate Portal1 • DivisionAreas2 • Project Sites/Workspaces3 • Team/Community Sites4 • Personal Sites5 Structure and Governance COLLABORATION LIVES HERE WORKPLACE DISRUPTION
  17. 17. “WhenTo UseWhat” in Office 365 by 2toLEAD “Collaboration from Millennials to Boomers” by Avanade “When do I Use What?” by AvePoint “Choose the right collaboration tool for your group” by Microsoft
  18. 18. When to UseWhat tool? It depends!! What’s the audience size? What’s the urgency? What’s the tone of the message? What’s the purpose? Should this be private? EnterpriseTechnology Strategy Corporate Culture Who’s on the team? Is this an official channel?
  19. 19. Understand collaboration features Own your own organization strategy Train/guide staff on feature capabilities Collaboration
  20. 20. Stop right there!
  21. 21. Information Management
  22. 22. Information is changing! Team Channels Documents Persistent Chat Group Conversations Yammer Posts Emails Video Channels Planner Tasks Social Media Flows Power Apps
  23. 23. Team Channels Documents Persistent Chat Group Conversations Yammer Posts Emails Video Channels Planner Tasks Social Media Flows Who we share it with is also changing! Power Apps
  24. 24. Partners and SuppliersTeam Channels Documents Persistent Chat Group Conversations Yammer Posts Emails Video Channels Planner Tasks Social Media Flows Who we share it with is also changing! Co-workers CustomersPower Apps
  25. 25. Your perimeter Company internal
  26. 26. Your perimeter Company internal Mobility Managed Devices
  27. 27. Your perimeter Company internal Mobility Managed Devices External Sharing Secured Data
  28. 28. Your perimeter Company internal Mobility Managed Devices External Sharing Secured Data
  29. 29. Applies to all Hefty fines Consent Breach Notifications Privacy
  30. 30. How do we manage and protect this information?
  31. 31. Microsoft Information Protection
  32. 32. Threat Protection Identity & Access Mgmt Secure Access & Sharing Information Protection Compliance Solutions “Empower users and enable collaboration while protecting your corporate assets”
  33. 33. 1 Establish Information Protection priorities 2 3 Set org’s minimum standards Find and protect sensitive data 4 Protect high-value assets (HVA)
  34. 34. A Data-CentricApproach OldWorld Model “Catch everything before it leaks” NewWorld Model “Data is born being classified, labeled & protected”
  35. 35. Office 365 Personas Needed
  36. 36. IT Administrator Office 365 Personas Compliance Officer Records Manager Information Worker
  37. 37. Office 365Tools
  38. 38. External Sharing Policies Device Access Policies Classification, labeling & Protection (CLP)
  39. 39. Azure Information Protection Data Loss Prevention Retention Policies
  40. 40. Azure Information Protection … a cloud-based solution to help organizations classify, label, and protect documents and emails across apps and services.
  41. 41. Classification and Labeling Protection and Use Rights Tracking and Reporting
  42. 42. Data Protection Lifecycle Classification Labeling
  43. 43. Tip 1 Pick standard labels
  44. 44. Resonate with users Not use jargon or acronyms
  45. 45. Non-Business Public General Confidential Highly Confidential Low business impact Medium business impact High business impact
  46. 46. Wide Open Keep it in the Family Lock it down
  47. 47. Tip 2 Create sub-labels
  48. 48. HR Finance Legal
  49. 49. Risk of internal consumption Need for external consumption Someone has to manage these!
  50. 50. Tip 3 Use scoped policies
  51. 51. Secret Project Board Members Specialized Team
  52. 52. Demo AIP Scoped Policies
  53. 53. Tip 4 Encourage right user behaviour
  54. 54. 1 User-driven 2 3 Recommended Automatic Start here
  55. 55. Demo AIP Policy Recommendations
  56. 56. Tip 5 Protect and Enforce
  57. 57. Data Protection Lifecycle Classification Labeling Encryption Access Control Policy Enforcement
  58. 58. Demo Azure RMS Protection (Prevent Forwarding)
  59. 59. Data Protection Lifecycle Classification Labeling Encryption Access Control Policy Enforcement DocumentTracking Document Revocation
  60. 60. https://track.azurerms.com
  61. 61. Who? When? Where? Revoke Exclude
  62. 62. Demo Azure DocumentTracking
  63. 63. Data Protection Lifecycle Classification Labeling Encryption Access Control Policy Enforcement DocumentTracking Document Revocation
  64. 64. Where to begin with AIP… Don’t try to solve it all (0 to 100)Don’t Start with classificationStart Apply protection/controls for small use- cases Next
  65. 65. Retention Policy … a unified retention and deletion system across apps and services. Done to comply with industry regulations and policies and mitigate risk.
  66. 66. Exchange mailboxes Public folders Skype conversations OneDrive for Business SharePoint sites Office 365 Group mail/files
  67. 67. 1 Add a label 2 3 “Retain for 5 years then delete” Configure Settings Auto-apply (keyword query editor) 4 Publish label(s) to a policy (locations) Budget
  68. 68. Label Policy A Location(s) to publish the labels Label 1 Label 3 Label 1 Label 2 Label 3 Label 4 Label 5 Label Policy B Location(s) to publish the labels Label 3 Label 4 Label 5 Exchange SharePoint OneDrive Office 365 Groups 1 2
  69. 69. Labeling a document as a record The item can’t be permanently deleted. The item can’t be edited. The label can’t be changed. The label can’t be removed.
  70. 70. Demo Retention Labels
  71. 71. Demo Retention LabelsAuto-applied
  72. 72. Retention wins over deletion Longest retention period wins Explicit inclusion wins over implicit inclusion Shortest deletion period wins
  73. 73. Disposition Review But we can’t just delete it!!
  74. 74. Suspend the deletion Remove content with value Assign a different retention Transfer content elsewhere Disposition Review Review pending deletions
  75. 75. Available now: SharePoint Online and OneDrive for Business Preview soon: Exchange Online
  76. 76. What not to use…
  77. 77. • eDiscovery Holds • Messaging Records Management Exchange • eDiscovery Holds • In place records management • Site Closure and Deletion Policies • Information Management Policies (Deletion) SharePoint and ODFB
  78. 78. Roadmaps from Ignite
  79. 79. • AIP/Retention Unified Labels (Public Preview end 2017) • AIP Scanner (Oct 2017) • Event-based retention (Currently in preview) • Compliance Manager (Preview Signup for Nov 2017 start) Roadmap/Announcements
  80. 80. 1 Windows Service 2 3 Configures SQL Service DB Define repositories: - Local folders - UNC paths - SP Server URLs 4 Run AIP Scanner to scan files to set label
  81. 81. Demoed at Microsoft Ignite Step 1 Define event types. Each gets an AssetID. Step 2 Associate a label with an event type. Step 3 Assign the label to a document. The document will be given an AssetID which associates it back to the event type. “Event-based” retention
  82. 82. Compliance Score • Shows all controls you have configured in your tenant • Real-time risk assessment • Actionable insights to improve your score • Sign up for preview program of Compliance Manager https://resources.office.com/ww-landing-compliance-manager-trial.html
  83. 83. Data Loss Prevention … system to detect potential data breach and prevent its inadvertent disclosure.
  84. 84. 1 Identify sensitive information 2 4 Prevent accidental sharing Help users to be compliant 3 Monitor & protect in Office clients Exchange Online SharePoint Online OneDrive for Business
  85. 85. DLP is constantly checking… DLP Content created or changed Search crawls content Search index updated DLP Policies query Search index DLP policies take action 1 3 4 5 2
  86. 86. What is DLP? DLP Policy Locations to apply the policy Rule 1 Rule n Conditions Actions Conditions Actions
  87. 87. Rule 1 Conditions Actions SensitivityTypes Block sharing Alert user Allow override Financial Data Credit Card Numbers Social Insurance Numbers Health Records Label
  88. 88. DLPPolicyTip in SharePoint andODFB
  89. 89. Demo DLP PolicyTips
  90. 90. Business data only Group No Business data allowed Group
  91. 91. MySageAdvice
  92. 92. • End-user doesn’t label or labels incorrectly • AIP label not defined yet AIP needs DLP • Period of time before content is crawled DLP needs AIP TIP: Put AIP Label at priority 1 position of DLP rules.
  93. 93. Start with recommendations Training “Data Protection 101” “When to use what label” Beware of rogue IT Take time to define your Labels Simplicity is Genius Work with IM/Compliance Team(s) Itallcomesdowntothis…
  94. 94. @JoanneCKlein joannecklein.com joannecklein@nexnovus.com Images by: wocintechchat.com Thank you! Questions?
  95. 95. https://docs.microsoft.com/en- us/information-protection/get-started/faqs-rms https://docs.microsoft.com/en- us/information-protection/get-started/scenario-sharepoint https://flow.Microsoft.com/en- us/blog/introducing-data-loss-prevention http://www.eugdpr.org/key-changes.html https://joannecklein.com/2017/05/30/o365-data-governance-and- retention-a-measured-approach/ https://resources.office.com/ww- landing-compliance-manager-trial.html
  96. 96. http://productivitylibrary.fasttrack.microsoft.com http://www.2tolead.com/whitepaper-when-to-use-what-in- office-365/?ref=header http://blog.avanade.com/avanade-insights/collaboration/microsoft- teams-supercharges-collaboration-for-millennials-to-boomers/ https://www.avepoint.com/blog/strategy-blog/how-to-use-office-365- groups/

×