O365con14 - information protection and control in office 365


Published on

European Office 365 Connect 2014 Presentation

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

O365con14 - information protection and control in office 365

  1. 1. LESS RESTRICTIVE MORE RESTRICTIVE • Apply the right level of control based on the sensitivity of the data • Maximize control and minimize unnecessary user disruptions Alert “Allow delivery but add a warning.” Append “Allow delivery but add a disclaimer.” Protect “Allow delivery but prevent forwarding.” Redirect “Block delivery and redirect.” Review “Block delivery until reviewed.” Block “Do not deliver.” Modify “Allow delivery but modify message.” Classify “Allow delivery but apply classification.”
  2. 2. Transport rules Data Loss Prevention Rights Management 11
  3. 3. Conditions Actions Exceptions Conditions Actions Exceptions 12 New options • Rules can be configured to run for a specific time period • Rules can be run in Test Mode New filters • Total message size • Attachment extension keyword matching • Sender IP address New actions • Criteria-based routing • Forced TLS routing • Halt processing of remaining rules on a message (“Stop processing rules”)
  4. 4. DLP helps to identify monitor protect sensitive data through deep content analysis
  5. 5. 16
  6. 6. • Content to monitor • User action • Mail flow actions contains • Credit cards • EU debit cards Defines the policy objectives to help meet regulatory requirements for identified content Contains data type definitions to help identify sensitive content 17
  7. 7. Predefined rules targeted at sensitive data types Advanced content detection Combination of regular expressions, dictionaries, and internal functions (e.g., validate checksum on credit card numbers) Extensibility for customer and ISV- defined data types
  8. 8. Conditions Actions Exceptions
  9. 9. Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Can work even when disconnected Admin-customizable text and actions 20
  10. 10. 21
  11. 11. Comprehensive view of DLP policy performance Downloadable Excel workbook Drill into specific departures from policy to gain business insights 22
  12. 12. Information Author Information Recipient 2 3 1 4 5 6 8 7 9 Database Server RMS Active Directory Publishing Consuming
  13. 13.  Use Windows Azure AD Right Management  Out-of the box  Integrate natively with Exchange online and SharePoint online  Integrate Office 365 with existing on-premises AD RMS infrastructure
  14. 14. NwTraders Contoso 1. NwTraders exports private key and SLC 2. Contoso imports private key and SLC 4. Ilse sends PL and RAC with request for UL from local licensing server 5. Contoso uses imported private key to decrypt PL and issues UL 3. Robin send IRM-Protected message to Ilse
  15. 15. BYOK and logging are not compatible with Exchange Online
  16. 16. emailtext disclaimertext image
  17. 17. image
  18. 18. image portaltext
  19. 19. Exchange Online Policy detection and Enforcement Tenant configuration O365 User Internet User Microsoft account/Organization Account Mail Reading Portal
  20. 20. Ilse Van Criekinge Technology Advisor Business Productivity @ivcrieki, ilvancri@microsoft.com