SlideShare a Scribd company logo

Exchange Data Loss Prevention in Exchange 2013 - Exchange Online

Download as PPTX, PDF
Jethro Seghers
Jethro Seghers
Technology
1 of 33
Exchange 2013 – Exchange Online Data Loss Prevention
Jethro Seghers
“
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD HOW DO PEOPLE EXPOSE SENSITIVE DATA 7 DLP
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DLP IS DESIGNED TO PREVENT ACCIDENTAL DISCLOSURE  IT WILL NOT  Provide 100% unbreakable solution to data loss  It will not prevent analog data loss  Stop the malicious insider  Stop the external threats 9
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIO: COMPLIANCY MANAGER 10 Are we compliant? Are there problems? Our business needs these compliancy rules! Can I create my own compliancy rules?
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIOS: ADMINISTRATOR 11 How will this effect my end users? How much sensitive data is flowing through the system? How do I report this all to management? How do I educate my end users? Will it scan my attachments? What client updates are necessary? What type of policies should I use?
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIOS: INFORMATION WORKER 12 Why is this new rule applied? I just want to work! I want to be able to override the rule if the need it to
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGE: DATA LOSS PREVENTION  Keeps sensitive data safe  WITHOUT interrupting the daily Line of Business of the user. 13
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO Data Loss Protection in action 14
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: LESSONS LEARNED  Doesn’t interrupt daily business  Will work in Offline Mode  Contextual User Education  Only works with Outlook 2013  Requires that the full Office 2013 Professional Plus Edition be installed  All the DLP processing happens on the client  No support for OWA at RTM, up to RTM CU2 15
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: LESSONS LEARNED  Outlook will connect to the ExternalUrl defined in EWS Virtual Directory and download the new/update Policy Definition Files.  Updating Policy Tips happens during opening of Outlook or once every 24 hours.  Outlook 2013 updates the following registry key the last time that it downloaded a policy: HKEY_Current_UserSoftwareMicrosoftOffice15.0Outlook PolicyNudges LastDownloadTimePerAccount 16
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: TROUBLESHOOTING  Be sure that you have the correct version of Client  Check that ExternalUrl is configured  Try to delete the registry key (previous slide) that holds the last download date and time.  Check presence XML in the profile (Users<User>AppdataLocalMicrosoftOutlook) 17
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT DOES DLP PROTECT  DLP will scan content in the mail and attachments  LIMITATIONS  DLP Cannot scan password secured files.  DLP can only work with Encrypted messages and attachments if the DLP agent has the ability to decrypt the data. Not the case in Exchange Online. 18
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD SCANNING ATTACHMENT LIMITATIONS  The following file extensions are scanned: 19 Extensions Type Doc, docx, xls, xlsx, ppt, pptx Word, Excel, Powerpoint (2003-2013) Txt, csv Text files Zip,GZIP (GZ), RAR, TAR (Tape Archive), UU Encode (UUE), Mime, S/Mime, TNEF, MSG, MacBin Archive Files RTF Rich Text Format HTML/XML Internet File PDF Portable Document Format (in Tekst)
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO Manage Data Loss Prevention 20
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD ADMINISTRATION OF DLP  Start from built-in Template  Import DLP Policy  New Custom DLP policy 21
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD STRUCTURE OF A DLP POLICY  XML structure  Defines  Name  Enforcing Options  Policy Definition  Classification of the content (e.g. contains CC info, …)  User Action  Mail Flow Options 22
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD BEHAVIOR ENFORCING OPTIONS 23 TEST WITHOUT NOTIFICATIONS TEST WITH NOTIFICATIONS ENFORCE
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CLASSIFICATION OF CONTENT 24 This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. Get ContentThis content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. RegEx Analysis This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. Function Analysis This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 - > CHECKSUM: OK Expires: 2/2012 Please update his travel profile. Additional Evidence This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 - > CHECKSUM: OK Expires: 2/2012 Please update his travel profile. Verdict
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa CLASSIFICATION OF CONTENT 25 Get Content RegEx Analysis Function Analysis Additional Evidence Verdict Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 -> CHECKSUM = not OK Regards, lisa
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD USER ACTION & FLOW OPTIONS  Integrated with the Exchange Transport Rules Engine  Allows us to use already built-in predicates and actions  New actions  Notify sender  Block Sender (with/out) override (with/out) business justification  Block Sender unless false positive 26
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD THE DIFFERENT COMPONENTS 27 Transport Rules Agent Policy Engine Action Taken on the message Classification Agent Text Extraction Agent
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO AUDIT & INCIDENT REPORTING 28
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD INCIDENT REPORTS 29 Audit data Classification Rule details
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DATA LOSS PREVENTION RECAP 30
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DLP policy configuration Outlook policy distributionContextual policy education Audit & incident data generation Admin Information Workers Backend policy evaluation
www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD EXAMPLE OF DEPLOYMENT FLOW 1. Define Sensitive Data 2. Translate it to DLP 1. Name 2. Rules 3. Classification 4. Test DLP with/out Policy Tips and make sure DLP rules don’t interfere with other transport rules. 3. Analyze Results 4. Update DLP 1. Change rules where needed 2. Change DLP to enforce if needed. 32
Exchange Data Loss Prevention in Exchange 2013 - Exchange Online

Recommended

How do blockchain and wordpress work together
How do blockchain and wordpress work together How do blockchain and wordpress work together
How do blockchain and wordpress work together
Blockchain Council
 
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Edureka!
 
How blockchain can potentially replace traditional supply chain processes
How blockchain can potentially replace traditional supply chain processesHow blockchain can potentially replace traditional supply chain processes
How blockchain can potentially replace traditional supply chain processes
Blockchain Council
 
7 major problems in blockchain
7 major problems in blockchain7 major problems in blockchain
7 major problems in blockchain
Celine George
 
PoW vs. PoS - Key Differences
PoW vs. PoS - Key DifferencesPoW vs. PoS - Key Differences
PoW vs. PoS - Key Differences
101 Blockchains
 
Comparison Blockchain Developer vs. Blockchain Expert
Comparison Blockchain Developer vs. Blockchain Expert Comparison Blockchain Developer vs. Blockchain Expert
Comparison Blockchain Developer vs. Blockchain Expert
Blockchain Council
 
Blockchain technology and innovation in the insurance sector
Blockchain technology and innovation in the insurance sectorBlockchain technology and innovation in the insurance sector
Blockchain technology and innovation in the insurance sector
Blockchain Council
 
Exploring Blockchain in the Enterprise
Exploring Blockchain in the EnterpriseExploring Blockchain in the Enterprise
Exploring Blockchain in the Enterprise
FredBrandonAuthorMCP
 

Recommended

How do blockchain and wordpress work together
How do blockchain and wordpress work together How do blockchain and wordpress work together
How do blockchain and wordpress work together
Blockchain Council
 
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Blockchain Training | Blockchain Tutorial for Beginners | Blockchain Technolo...
Edureka!
 
How blockchain can potentially replace traditional supply chain processes
How blockchain can potentially replace traditional supply chain processesHow blockchain can potentially replace traditional supply chain processes
How blockchain can potentially replace traditional supply chain processes
Blockchain Council
 
7 major problems in blockchain
7 major problems in blockchain7 major problems in blockchain
7 major problems in blockchain
Celine George
 
PoW vs. PoS - Key Differences
PoW vs. PoS - Key DifferencesPoW vs. PoS - Key Differences
PoW vs. PoS - Key Differences
101 Blockchains
 
Comparison Blockchain Developer vs. Blockchain Expert
Comparison Blockchain Developer vs. Blockchain Expert Comparison Blockchain Developer vs. Blockchain Expert
Comparison Blockchain Developer vs. Blockchain Expert
Blockchain Council
 
Blockchain technology and innovation in the insurance sector
Blockchain technology and innovation in the insurance sectorBlockchain technology and innovation in the insurance sector
Blockchain technology and innovation in the insurance sector
Blockchain Council
 
Exploring Blockchain in the Enterprise
Exploring Blockchain in the EnterpriseExploring Blockchain in the Enterprise
Exploring Blockchain in the Enterprise
FredBrandonAuthorMCP
 
Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
Edureka!
 
Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar] Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar]
Kaleido
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation
101 Blockchains
 
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
Edureka!
 
Build a Blockchain
Build a BlockchainBuild a Blockchain
Build a Blockchain
Ipro Tech
 
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Edureka!
 
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
Edureka!
 
Seratio whitepaper educational passport distributed learning ledger (30 april...
Seratio whitepaper educational passport distributed learning ledger (30 april...Seratio whitepaper educational passport distributed learning ledger (30 april...
Seratio whitepaper educational passport distributed learning ledger (30 april...
Sajin Abdu
 
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
Edureka!
 
Blockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | EdurekaBlockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | Edureka
Edureka!
 
TKBlockchain - TrustKeys Network
TKBlockchain - TrustKeys NetworkTKBlockchain - TrustKeys Network
TKBlockchain - TrustKeys Network
Nguyen Thanh
 
Introduction To Solidity
Introduction To SolidityIntroduction To Solidity
Introduction To Solidity
101 Blockchains
 
What are the requirements for becoming a blockchain developer
What are the requirements for becoming a blockchain developerWhat are the requirements for becoming a blockchain developer
What are the requirements for becoming a blockchain developer
OliviaJune1
 
Blockchain in Finance
Blockchain in FinanceBlockchain in Finance
Blockchain in Finance
101 Blockchains
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now
101 Blockchains
 
What Are The Main Features Of Blockchain Technology?
What Are The Main Features Of Blockchain Technology?What Are The Main Features Of Blockchain Technology?
What Are The Main Features Of Blockchain Technology?
Blockchain Council
 
Blockchain Challenge - Enrico Ferro - 14/11/18
Blockchain Challenge - Enrico Ferro - 14/11/18Blockchain Challenge - Enrico Ferro - 14/11/18
Blockchain Challenge - Enrico Ferro - 14/11/18
The Blockchain Council
 
Blockchain
BlockchainBlockchain
Blockchain
Venkatesh Jambulingam
 
How will blockchain development change the supply chain
How will blockchain development change the supply chainHow will blockchain development change the supply chain
How will blockchain development change the supply chain
OliviaJune1
 
Challenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseChallenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the Enterprise
Eugene Aseev
 
SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for Education
Jethro Seghers
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
Jethro Seghers
 

More Related Content

What's hot

Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar] Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar]
Kaleido
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation
101 Blockchains
 
Blockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | EdurekaBlockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | Edureka
Edureka!
 
Introduction To Solidity
Introduction To SolidityIntroduction To Solidity
Introduction To Solidity
101 Blockchains
 
Blockchain in Finance
Blockchain in FinanceBlockchain in Finance
Blockchain in Finance
101 Blockchains
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now
101 Blockchains
 
Challenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseChallenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the Enterprise
Eugene Aseev
 

What's hot (20)

Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
Blockchain Technology | Blockchain Explained | Blockchain Tutorial | Blockcha...
 
Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar] Building Blockchain Projects on Enterprise Ethereum [Webinar]
Building Blockchain Projects on Enterprise Ethereum [Webinar]
 
Blockchain Digital Transformation Presentation
Blockchain Digital Transformation PresentationBlockchain Digital Transformation Presentation
Blockchain Digital Transformation Presentation
 
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
What is Hyperledger | Blockchain Technology | Blockchain Tutorial for Beginne...
 
Build a Blockchain
Build a BlockchainBuild a Blockchain
Build a Blockchain
 
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
Blockchain Interview Questions and Answers | Blockchain Technology | Blockcha...
 
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
BlockChain Tutorial | Getting Started With BlockChain | BlockChain Certificat...
 
Seratio whitepaper educational passport distributed learning ledger (30 april...
Seratio whitepaper educational passport distributed learning ledger (30 april...Seratio whitepaper educational passport distributed learning ledger (30 april...
Seratio whitepaper educational passport distributed learning ledger (30 april...
 
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
Bitcoin Blockchain Explained | Understanding Bitcoin and Blockchain | Blockch...
 
Blockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | EdurekaBlockchain Technology | Blockchain Technology Explained | Edureka
Blockchain Technology | Blockchain Technology Explained | Edureka
 
TKBlockchain - TrustKeys Network
TKBlockchain - TrustKeys NetworkTKBlockchain - TrustKeys Network
TKBlockchain - TrustKeys Network
 
Introduction To Solidity
Introduction To SolidityIntroduction To Solidity
Introduction To Solidity
 
What are the requirements for becoming a blockchain developer
What are the requirements for becoming a blockchain developerWhat are the requirements for becoming a blockchain developer
What are the requirements for becoming a blockchain developer
 
Blockchain in Finance
Blockchain in FinanceBlockchain in Finance
Blockchain in Finance
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now
 
What Are The Main Features Of Blockchain Technology?
What Are The Main Features Of Blockchain Technology?What Are The Main Features Of Blockchain Technology?
What Are The Main Features Of Blockchain Technology?
 
Blockchain Challenge - Enrico Ferro - 14/11/18
Blockchain Challenge - Enrico Ferro - 14/11/18Blockchain Challenge - Enrico Ferro - 14/11/18
Blockchain Challenge - Enrico Ferro - 14/11/18
 
Blockchain
BlockchainBlockchain
Blockchain
 
How will blockchain development change the supply chain
How will blockchain development change the supply chainHow will blockchain development change the supply chain
How will blockchain development change the supply chain
 
Challenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the EnterpriseChallenges of Blockchain Technology for the Enterprise
Challenges of Blockchain Technology for the Enterprise
 

Viewers also liked

Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
Jethro Seghers
 
Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMS
Jethro Seghers
 

Viewers also liked (6)

SPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for EducationSPEDUC: SharePoint on Premises vs Online for Education
SPEDUC: SharePoint on Premises vs Online for Education
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Sa corporate brochure 2014 (1)
Sa corporate brochure 2014 (1)Sa corporate brochure 2014 (1)
Sa corporate brochure 2014 (1)
 
Emerald Group Frankfurt - Corporate Brochure
Emerald Group Frankfurt - Corporate BrochureEmerald Group Frankfurt - Corporate Brochure
Emerald Group Frankfurt - Corporate Brochure
 
Protect your online with IRMS
Protect your online with IRMSProtect your online with IRMS
Protect your online with IRMS
 
enParadigm Corporate Brochure
enParadigm Corporate BrochureenParadigm Corporate Brochure
enParadigm Corporate Brochure
 

Similar to Exchange Data Loss Prevention in Exchange 2013 - Exchange Online

Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Denodo
 
Secure Your Data with Virtual Data Fabric (ASEAN)
Secure Your Data with Virtual Data Fabric (ASEAN)Secure Your Data with Virtual Data Fabric (ASEAN)
Secure Your Data with Virtual Data Fabric (ASEAN)
Denodo
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computing
Dr. Wilfred Lin (Ph.D.)
 
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
DevOpsDays Tel Aviv
 
Altinet_Education_Brochure
Altinet_Education_BrochureAltinet_Education_Brochure
Altinet_Education_Brochure
Henry Doyle
 
Secure your data with Virtual Data Fabric (Middle East)
Secure your data with Virtual Data Fabric (Middle East)Secure your data with Virtual Data Fabric (Middle East)
Secure your data with Virtual Data Fabric (Middle East)
Denodo
 
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
Amazon Web Services
 
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
SlideTeam
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid Clouds
RightScale
 
MacBook Operating System Replacement.pdf
MacBook Operating System Replacement.pdfMacBook Operating System Replacement.pdf
MacBook Operating System Replacement.pdf
Riya Sen
 
Databases, CAP, ACID, BASE, NoSQL... oh my!
Databases, CAP, ACID, BASE, NoSQL... oh my!Databases, CAP, ACID, BASE, NoSQL... oh my!
Databases, CAP, ACID, BASE, NoSQL... oh my!
DATAVERSITY
 

Similar to Exchange Data Loss Prevention in Exchange 2013 - Exchange Online (20)

Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
Simplifying Data Governance and Security with a Logical Data Fabric (ASEAN)
 
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
M365 Virtual Marthon: Protecting your Teamwork across Microsoft 365
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Secure Your Data with Virtual Data Fabric (ASEAN)
Secure Your Data with Virtual Data Fabric (ASEAN)Secure Your Data with Virtual Data Fabric (ASEAN)
Secure Your Data with Virtual Data Fabric (ASEAN)
 
A3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computingA3 oracle database 12c extreme performance for cloud computing
A3 oracle database 12c extreme performance for cloud computing
 
Security Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12cSecurity Inside Out: Latest Innovations in Oracle Database 12c
Security Inside Out: Latest Innovations in Oracle Database 12c
 
MySQL Enterprise Monitor
MySQL Enterprise MonitorMySQL Enterprise Monitor
MySQL Enterprise Monitor
 
The Evolving Role of the Network Engineer - Jon Hudson
The Evolving Role of the Network Engineer - Jon HudsonThe Evolving Role of the Network Engineer - Jon Hudson
The Evolving Role of the Network Engineer - Jon Hudson
 
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
Hold My Beer, I'm going to do DevOps with DICOM, HIPAA, and Hospitals, or at ...
 
Altinet_Education_Brochure
Altinet_Education_BrochureAltinet_Education_Brochure
Altinet_Education_Brochure
 
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
 
Secure your data with Virtual Data Fabric (Middle East)
Secure your data with Virtual Data Fabric (Middle East)Secure your data with Virtual Data Fabric (Middle East)
Secure your data with Virtual Data Fabric (Middle East)
 
Advanced Web Security Deployment
Advanced Web Security DeploymentAdvanced Web Security Deployment
Advanced Web Security Deployment
 
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
 
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
Overview Of Blockchain Technology And Architecture Powerpoint Presentation Sl...
 
Securing Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid CloudsSecuring Servers in Public and Hybrid Clouds
Securing Servers in Public and Hybrid Clouds
 
MacBook Operating System Replacement.pdf
MacBook Operating System Replacement.pdfMacBook Operating System Replacement.pdf
MacBook Operating System Replacement.pdf
 
The influence of consumerization on enterprise apps
The influence of consumerization on enterprise appsThe influence of consumerization on enterprise apps
The influence of consumerization on enterprise apps
 
Databases, CAP, ACID, BASE, NoSQL... oh my!
Databases, CAP, ACID, BASE, NoSQL... oh my!Databases, CAP, ACID, BASE, NoSQL... oh my!
Databases, CAP, ACID, BASE, NoSQL... oh my!
 
How to increase your understanding of application usage with LeanIX and OneLo...
How to increase your understanding of application usage with LeanIX and OneLo...How to increase your understanding of application usage with LeanIX and OneLo...
How to increase your understanding of application usage with LeanIX and OneLo...
 

More from Jethro Seghers

SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
Jethro Seghers
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid world
Jethro Seghers
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 Hybrid
Jethro Seghers
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spo
Jethro Seghers
 

More from Jethro Seghers (8)

SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
Office365 BI
Office365 BIOffice365 BI
Office365 BI
 
Share point 2013 in a hybrid world
Share point 2013 in a hybrid worldShare point 2013 in a hybrid world
Share point 2013 in a hybrid world
 
Preparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 HybridPreparing for an Exchange 2013 Hybrid
Preparing for an Exchange 2013 Hybrid
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
Supporting architecture for office 365 spo
Supporting architecture for office 365 spoSupporting architecture for office 365 spo
Supporting architecture for office 365 spo
 
Adfs azure
Adfs azureAdfs azure
Adfs azure
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 

Exchange Data Loss Prevention in Exchange 2013 - Exchange Online

  • 1. Exchange 2013 – Exchange Online Data Loss Prevention
  • 3.
  • 4. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
  • 5. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
  • 6. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT IS SENSITIVE DATA
  • 7. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD HOW DO PEOPLE EXPOSE SENSITIVE DATA 7 DLP
  • 8.
  • 9. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DLP IS DESIGNED TO PREVENT ACCIDENTAL DISCLOSURE  IT WILL NOT  Provide 100% unbreakable solution to data loss  It will not prevent analog data loss  Stop the malicious insider  Stop the external threats 9
  • 10. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIO: COMPLIANCY MANAGER 10 Are we compliant? Are there problems? Our business needs these compliancy rules! Can I create my own compliancy rules?
  • 11. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIOS: ADMINISTRATOR 11 How will this effect my end users? How much sensitive data is flowing through the system? How do I report this all to management? How do I educate my end users? Will it scan my attachments? What client updates are necessary? What type of policies should I use?
  • 12. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGES IN REAL LIFE SCENARIOS: INFORMATION WORKER 12 Why is this new rule applied? I just want to work! I want to be able to override the rule if the need it to
  • 13. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CHALLENGE: DATA LOSS PREVENTION  Keeps sensitive data safe  WITHOUT interrupting the daily Line of Business of the user. 13
  • 14. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO Data Loss Protection in action 14
  • 15. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: LESSONS LEARNED  Doesn’t interrupt daily business  Will work in Offline Mode  Contextual User Education  Only works with Outlook 2013  Requires that the full Office 2013 Professional Plus Edition be installed  All the DLP processing happens on the client  No support for OWA at RTM, up to RTM CU2 15
  • 16. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: LESSONS LEARNED  Outlook will connect to the ExternalUrl defined in EWS Virtual Directory and download the new/update Policy Definition Files.  Updating Policy Tips happens during opening of Outlook or once every 24 hours.  Outlook 2013 updates the following registry key the last time that it downloaded a policy: HKEY_Current_UserSoftwareMicrosoftOffice15.0Outlook PolicyNudges LastDownloadTimePerAccount 16
  • 17. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD OUTLOOK POLICY TIPS: TROUBLESHOOTING  Be sure that you have the correct version of Client  Check that ExternalUrl is configured  Try to delete the registry key (previous slide) that holds the last download date and time.  Check presence XML in the profile (Users<User>AppdataLocalMicrosoftOutlook) 17
  • 18. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD WHAT DOES DLP PROTECT  DLP will scan content in the mail and attachments  LIMITATIONS  DLP Cannot scan password secured files.  DLP can only work with Encrypted messages and attachments if the DLP agent has the ability to decrypt the data. Not the case in Exchange Online. 18
  • 19. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD SCANNING ATTACHMENT LIMITATIONS  The following file extensions are scanned: 19 Extensions Type Doc, docx, xls, xlsx, ppt, pptx Word, Excel, Powerpoint (2003-2013) Txt, csv Text files Zip,GZIP (GZ), RAR, TAR (Tape Archive), UU Encode (UUE), Mime, S/Mime, TNEF, MSG, MacBin Archive Files RTF Rich Text Format HTML/XML Internet File PDF Portable Document Format (in Tekst)
  • 20. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO Manage Data Loss Prevention 20
  • 21. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD ADMINISTRATION OF DLP  Start from built-in Template  Import DLP Policy  New Custom DLP policy 21
  • 22. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD STRUCTURE OF A DLP POLICY  XML structure  Defines  Name  Enforcing Options  Policy Definition  Classification of the content (e.g. contains CC info, …)  User Action  Mail Flow Options 22
  • 23. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD BEHAVIOR ENFORCING OPTIONS 23 TEST WITHOUT NOTIFICATIONS TEST WITH NOTIFICATIONS ENFORCE
  • 24. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD CLASSIFICATION OF CONTENT 24 This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. Get ContentThis content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. RegEx Analysis This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2012 Please update his travel profile. Function Analysis This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 - > CHECKSUM: OK Expires: 2/2012 Please update his travel profile. Additional Evidence This content would match for Credit Cards ACME Travel, I have received updated credit card information for Joseph Joseph F. Foster Visa: 4485 3647 3952 7352 - > CHECKSUM: OK Expires: 2/2012 Please update his travel profile. Verdict
  • 25. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa CLASSIFICATION OF CONTENT 25 Get Content RegEx Analysis Function Analysis Additional Evidence Verdict Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 Regards, lisa Hi Alex, I expect to be in Hawai too. My booking code is 1234 1234 1234 1234 and I’ll be there on 3/2012 -> CHECKSUM = not OK Regards, lisa
  • 26. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD USER ACTION & FLOW OPTIONS  Integrated with the Exchange Transport Rules Engine  Allows us to use already built-in predicates and actions  New actions  Notify sender  Block Sender (with/out) override (with/out) business justification  Block Sender unless false positive 26
  • 27. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD THE DIFFERENT COMPONENTS 27 Transport Rules Agent Policy Engine Action Taken on the message Classification Agent Text Extraction Agent
  • 28. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DEMO AUDIT & INCIDENT REPORTING 28
  • 29. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD INCIDENT REPORTS 29 Audit data Classification Rule details
  • 30. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DATA LOSS PREVENTION RECAP 30
  • 31. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD DLP policy configuration Outlook policy distributionContextual policy education Audit & incident data generation Admin Information Workers Backend policy evaluation
  • 32. www.devconnections.com DATA LOSS PREVENTION IN THE REAL WORLD EXAMPLE OF DEPLOYMENT FLOW 1. Define Sensitive Data 2. Translate it to DLP 1. Name 2. Rules 3. Classification 4. Test DLP with/out Policy Tips and make sure DLP rules don’t interfere with other transport rules. 3. Analyze Results 4. Update DLP 1. Change rules where needed 2. Change DLP to enforce if needed. 32

Editor's Notes

  1. These werenotmaliscous hackers or intentialleaking of information. This was doneunintentiallyby end users byeitherconnection the wrong data toemails or send information to the wrong recipient.
  2. There are 3 categories of sensitive data that are relevant in this session:Personal data: your ethnic or racial origin; political opinion; religious or other similar beliefs; memberships; physical or mental health details; personal life; or criminal or civil offences. These examples of information are protected by your civil rights.Society Sensitive data: Social security numbers, Credit Card Data, Passport InformationCompany Sensitive data: data that is defined as sensitive by the company.
  3. Society Sensitive data: Social security numbers, Credit Card Data, Passport InformationCompany Sensitive data: data that is defined as sensitive by the company.
  4. Company Sensitive data: data that is defined as sensitive by the company.
  5. 25% of all lost data happens by accident. Source: “Data loss by the numbers” a white paper of McAcfee: http://www.mcafee.com/us/resources/white-papers/wp-data-loss-by-the-numbers.pdf
  6. It helps to identity, monitor and protect sensate data through deep content analysis.Identity through the classification engine that is been build in Exchange to identity sensitive data and attached to it a set of rules on what has to be happen when that data is detected.Monitor, yearly review and a set of tools we want to know what kind of sensitive data is flowing through the organization and what business impact it would be if we would deploy a certain set of DLP rules without interrupting any LOB Applications, without interrupting day to day business processes. Protection: array of different options, it depends on the environment and the context of interaction. If you want to protect with external partner, you use e.g. hosted encryption, if you want to protect certain communication internally you might want to use IRM. The same is the case with sending sensitive data. Sending 5 credit card number to another internal department can require a whole other set of rules then sending a 100 credit cards to an external recipient. The system can define which kind of protection is needed on what level.End User education: change behavior.
  7. In this demo I’ll cover DLP in action.This will cover the end user side of DLP. Examples: User add a single VISA numbertoanexternalrecipient. Thisrulesblocks but canbeoverriden. User cansendittoaninternalrecipient. We’ll do the samefor multiple VISA numbersstored in a document forinternal &amp; externalnumbers. Thoserulescannotbeoverridden. This demo willbeexecuted in Outlook 2013 and OWA. In this demo we’ll show the diffencebetween Outlook 2013 and OWA. Make sure you show the things that make up the Lessons Learned Slide. Use Fiddler to see how it connects to Exchange (Online)
  8. Will check the number of attachments…
  9. Enforce   Rules within the policy are evaluated for all messages and supported file types. Mail flow can be disrupted if data is detected that meets the conditions of the policy. All actions described within the policy are taken.Test DLP policy with Policy Tips   Rules within the policy are evaluated for all messages and supported file types. Mail flow will not be disrupted if data is detected that meets the conditions of the policy. That is, messages are not blocked. If Policy Tips are configured, they are shown to users.Test DLP policy without Policy Tips   Rules within the policy are evaluated for all messages and supported file types. Mail flow will not be disrupted if data is detected that meets the conditions of the policy. That is, messages are not blocked. If Policy Tips are configured, they are not shown to users.
  10. Text Extraction Agent: Does the text extraction of information that will be fed into classification engine Only extracts content from known file types Classification Engine Does deep content analysis and matches it to classificationsContent needs to be text format when it feeds into classification engine Custom classifications can be developed by third parties or customers Custom classifications can be imported into classification enginePolicy EngineBrains of the operation Knows the Rules and classifications Moves the data through the different components and the different stages Will eventually take action based on results of examination