Office 365 Data Loss Prevention

•Download as PPTX, PDF•

1 like•506 views

This document provides an overview of the steps to configure a Data Loss Prevention (DLP) policy in Office 365: 1. Create a new DLP policy and give it a name and description. 2. Choose the locations to include or exclude such as specific sites or users' OneDrives. 3. Configure the policy settings including whether to block or allow sensitive information types and what actions to take if sensitive info is detected, such as blocking access. Advanced settings allow creating custom rules. 4. Turn the policy on or off immediately and review before closing. Custom expressions can also be created to match specific content formats not covered by the default templates.

Technology

Office 365 –
Data Loss Prevention (DLP)
Configuration Settings and Options available
https://support.office.com/en-us/article/Overview-of-data-loss-prevention-policies-1966b2a7-d1e2-4d92-
ab61-42efbb137f5e

Creating New DLP Policy – Step 1
https://support.office.com/en-us/article/What-the-DLP-policy-
templates-include-c2e588d3-8f4f-4937-a286-
8c399f28953a?ui=en-US&rs=en-US&ad=US

Step 3 – Choose Locations
Upon selecting the second option, you get this 
Here you can select, which sites you want to include, exclude,
Which users’ OneDrive you would like to protect and exclude

Step 4 – Policy Settings – Simple & Advanced

If Sensitive Info is detected (for instance an
ABA Routing Number)

Step 4 – Policy Settings - Advanced
• Advanced allows you to configure Rules

Creating Custom Expressions for matching
• In your organization, if you have specific types and formats of content that
does not match the Microsoft provided Sensitive Information Types
templates, then, we can customize and create new templates, based on
Regular Expressions
• For instance, in your company, a patent format can look like: xxxx-xx-xxxx
for instance. You can build a Custom Template for this and thus the
matching content will be blocked out
• References:
• https://technet.microsoft.com/en-us/library/dn781122(v=exchg.150).aspx
• https://blogs.technet.microsoft.com/govcloud/2014/04/15/dlp-creating-custom-
rules/#.VGzf2_9OUiR
• https://justaucguy.wordpress.com/2014/11/21/adventures-in-custom-dlp-rules-part-
one/

*UPDATED* These are slides that were present at SharePoint Saturday Vancouver. They have been updated as of 14 April 2018. Description: You got Office 365 and you need to use it. You need to let others in your organization use it because you were designated the admin but you can't spell Office 365... yet. Where do you start? In this session, you will learn about the basics of administering Office 365 through the Admin Centers and where to start. 1. Be introduced to Office 365 2. Learn how to setup and manage users 3. Learn how to add your organization's domain 4. Learn about the Office 365 Admin Center and the other 3 major admin centers: Exchange, Skype for Business, and SharePoint (old and new). 5. Best practices, tips, and tricks along the way

M365 Virtual Marathon - Microsoft Teams Governance

Jasper Oosterveld

Thinking about Governance doesn’t get many people excited. That said, defining and implementing Governance is the key to a successful rollout and adoption of Microsoft Teams. Jasper Oosterveld, Microsoft MVP & Modern Workplace Consultant, is taking a hands-on approach around Governance for Microsoft Teams. You can expect real world advise around a variety of topics: naming convention, external access, expiration policy, information protection and the creation process. After this session you are ready to go back and build your own successful Governance for Microsoft Teams.

Microsoft Teams Governance and Security Best Practices - Joel Oleson

Joel Oleson

In this session we will focus on the recommendations from the field - what we have learned in the trenches along with recommended best practices related to Teams management, provisioning, OneDrive and SharePoint sharing, as well as retention and sensitivity labelling strategies and common industry considerations for financial data, healthcare and legal holds. Agenda: We will walk through these key points: 1. Getting started with classifications, retention, and sensitivity. 2. Best practices in setting retention policy durations 3. Industry practices in setting archiving policies 4. When to use a suffix or prefix? Which is better? 5. Data backup and its importance with relevant policy settings 6. Best practices for auditing security and settings 7. Maximizing Teams Security 8. Best practices for global administration 9. Best practices for Teams administration Register Now I'm looking forward to seeing everyone on the webinar. Joel Oleson Microsoft MVP and Regional Director

March 2023 CIAOPS Need to Know Webinar

Robert Crane

Tech Module 4 - Microsoft Teams admin and gov.pptx

eco80080

Teams Presentation Microsoft Teams is a proprietary business communication platform developed by Microsoft, as part of the Microsoft 365 family of products. Teams primarily competes with the similar service Slack, offering workspace chat and videoconferencing, file storage, and application integration.[8] Teams replaced other Microsoft-operated business messaging and collaboration platforms, including Skype for Business and Microsoft Classroom. Throughout the COVID-19 pandemic, Teams, and other software such as Zoom and Google Meet, gained much interest as many meetings moved to a virtual environment.[9] As of 2022, it has about 270 million monthly users.[10]

Webinar: Deploy Microsoft Teams and stay in control

ShareGate

Tech days 2011 - database design patterns for keeping your database applicati...Charley Hanania

TeamsNation 2022 - Governance for Microsoft Teams - A to Z.pptx

Jasper Oosterveld

Thinking about Governance doesn't get many people excited. That said, defining and implementing Governance is the key to a successful rollout and adoption of Microsoft Teams. Jasper Oosterveld, Microsoft MVP & Modern Workplace Consultant, is taking a hands-on approach around Governance for Microsoft Teams. You can expect real world advise around a variety of topics: naming convention, external access, expiration policy, information protection and the creation process. After this session you are ready to go back and build your own successful Governance for Microsoft Teams.

A quick assortment of useful Group Policy concepts starting with a quick review of what Group Policies are, how they work, what they can do (in general). Sections on the following concepts are included: * Software Restriction Policies * Group Policy Preferences * Loopback Preferences * Backing up your GPO's with PowerShell I only had about 45 minutes to go through this, so the topics are glanced over, but it gives the viewer a decent idea of the various aspects of Group Policy.

Deep dive into Microsoft Purview Data Loss Prevention

Drew Madelung

Are you protecting your data at rest and in transit? In this session we will go through all the different types of DLP in Microsoft Purview including endpoint, Exchange, Teams, SharePoint, OneDrive, and more. We will discuss the configuration options, why it is important, and the best practices to get started while going through a collection of demos. You will leave this sessions with a deeper understanding of the technology and how it can impact your employee's experience

Exam Ref 70-741.pdf

Yogeshwaran R

Does DITA need XML? Lightweight DITA and HTML5

Michael Priestley

Over the last year the lightweight DITA document types have been used to prototype content from a variety of different sources within IBM, including marketing, learning and training, technical articles, and internal policies/procedures. This presentation will introduce the lightweight DITA document types, demonstrate the feasibility of using a lightweight but still structured approach for integrating content across the enterprise content ecosystem, and show how lightweight DITA can be implemented using either XML or HTML5 as the base.

Blackhat Analyics 4: May the 25th be with you!

Phil Pearce

Teams Day Online - Microsoft Teams Governance

Albert Hoitingh

June 2020 Microsoft 365 Need to Know Webinar

Robert Crane

Azure Information Protection - Taking a Team Approach

Joanne Klein

There's a lot more to implementing Azure Information Protection(AIP) than meets the eye simply because it goes far beyond the technical implementation of labels. In this practical session, we'll walk thru some steps to help set your organization up for a successful AIP rollout. These steps include: how to plan your organization's AIP labels how to configure them for your tenant how to ensure information workers in your organization have adopted their use. Each step is critical to the overall success of your AIP program and the reason why it cannot be done by the IT-Pro alone. Joanne and Charmaine team up for this session to share some practical advice and creative tips and tricks for rolling out AIP and will cover topics for the IT Pro, Information Manager, and Adoption specialist – all required resources on an AIP rollout team! You might even see an AIP bot!

[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...

Tomasz Poszytek

Office 365 Groups and Planner - Jump Start PM and Digital Collaboration

Gina Montgomery, V-TSP

Today there are more than 96 million mobile workers! With our organizations shifting into more a digital workplace, easy-to-use and secure collaboration space is a necessity. Used together, Microsoft Office 365 Groups and Office 365 Planner give you a user friendly and a visual way to organize your digital teamwork in a given project! Groups let you hold conversations about what you are working on, get progress updates from the team, and share files. Planner shows all your plans in a centralized view and lets you set due dates, assign people to tasks, and track your progress in a chart—all without the learning curve and ramp-up time usually associated with traditional project management software. Join me in this session and learn how Office 365 Groups and Planner can help you jump start project management while striking the right balance for digital collaboration your organization.

The top 10 things I wish I had known about O365 groups

Adam Ochs

Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...

Chirag Patel

Clou doc intro_eng_20160524

sang yoo

Testings 1 (1)

AndreyZatserklaniy

Pass chapter meeting - november - partitioning for database availability - ch...Charley Hanania

BI, AI/ML, Use Cases, Business Impact and how to get started

Karthick S

Microsoft Power BI Dashboard Samples

Karthick S

Similar to Office 365 Data Loss Prevention

Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss

Quick Heal Technologies Ltd.

Data Loss Prevention in O365

Don Daubert

Share poinrt 2013 planning consideration sps atlantaMichael Hinckley

Microsoft Information Protection demystified Albert Hoitingh

Albert Hoitingh

Office 365 Features for GDPR Compliance Webinar

New Horizons Ireland

Useful Group Policy Concepts

Rob Dunn

Deep dive into Microsoft Purview Data Loss Prevention

Drew Madelung

Exam Ref 70-741.pdf

Yogeshwaran R

Does DITA need XML? Lightweight DITA and HTML5

Michael Priestley

Blackhat Analyics 4: May the 25th be with you!

Phil Pearce

Teams Day Online - Microsoft Teams Governance

Albert Hoitingh

June 2020 Microsoft 365 Need to Know Webinar

Robert Crane

Azure Information Protection - Taking a Team Approach

Joanne Klein

[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...

Tomasz Poszytek

Office 365 Groups and Planner - Jump Start PM and Digital Collaboration

Gina Montgomery, V-TSP

The top 10 things I wish I had known about O365 groups

Adam Ochs

Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...

Chirag Patel

Clou doc intro_eng_20160524

sang yoo

Testings 1 (1)

AndreyZatserklaniy

Pass chapter meeting - november - partitioning for database availability - ch...Charley Hanania

Similar to Office 365 Data Loss Prevention (20)

Seqrite Data Loss Prevention- Complete Protection from Data Theft and Data Loss

Data Loss Prevention in O365

Share poinrt 2013 planning consideration sps atlanta

Microsoft Information Protection demystified Albert Hoitingh

Office 365 Features for GDPR Compliance Webinar

Useful Group Policy Concepts

Deep dive into Microsoft Purview Data Loss Prevention

Exam Ref 70-741.pdf

Does DITA need XML? Lightweight DITA and HTML5

Blackhat Analyics 4: May the 25th be with you!

Teams Day Online - Microsoft Teams Governance

June 2020 Microsoft 365 Need to Know Webinar

Azure Information Protection - Taking a Team Approach

[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...

Office 365 Groups and Planner - Jump Start PM and Digital Collaboration

The top 10 things I wish I had known about O365 groups

Understanding Security and Compliance in Microsoft Teams - M365 Saturday Bang...

Clou doc intro_eng_20160524

Testings 1 (1)

Pass chapter meeting - november - partitioning for database availability - ch...

Recently uploaded

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

Free Complete Python - A step towards Data Science

RinaMondal9

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

Neo4j

Dr. Sean Tan, Head of Data Science, Changi Airport Group Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

National Security Agency - NSA mobile device best practices

Quotidiano Piemontese

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Microsoft - Power Platform_G.Aspiotis.pdf

Uni Systems S.M.S.A.

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Neo4j

Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Communications Mining Series - Zero to Hero - Session 1

DianaGray10

This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered: • Communication Mining Overview • Why is it important? • How can it help today’s business and the benefits • Phases in Communication Mining • Demo on Platform overview • Q/A

Recently uploaded (20)

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

DevOps and Testing slides at DASA Connect

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Free Complete Python - A step towards Data Science

PHP Frameworks: I want to break free (IPC Berlin 2024)

GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...

The Art of the Pitch: WordPress Relationships and Sales

National Security Agency - NSA mobile device best practices

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Microsoft - Power Platform_G.Aspiotis.pdf

GraphRAG is All You need? LLM & Knowledge Graph

Securing your Kubernetes cluster_ a step-by-step guide to success !

Monitoring Java Application Security with JDK Tools and JFR Events

GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...

Climate Impact of Software Testing at Nordic Testing Days

Communications Mining Series - Zero to Hero - Session 1

Office 365 Data Loss Prevention

1. Office 365 – Data Loss Prevention (DLP) Configuration Settings and Options available https://support.office.com/en-us/article/Overview-of-data-loss-prevention-policies-1966b2a7-d1e2-4d92- ab61-42efbb137f5e

2. Creating New DLP Policy – Step 1 https://support.office.com/en-us/article/What-the-DLP-policy- templates-include-c2e588d3-8f4f-4937-a286- 8c399f28953a?ui=en-US&rs=en-US&ad=US

3. Step 2 – Give it a name and description

4. Step 3 – Choose Locations Upon selecting the second option, you get this  Here you can select, which sites you want to include, exclude, Which users’ OneDrive you would like to protect and exclude

5. Step 4 – Policy Settings – Simple & Advanced

6. If Sensitive Info is detected (for instance an ABA Routing Number)

7. Step 4 – Policy Settings - Advanced • Advanced allows you to configure Rules

8. Turning On immediately or Off

9. Review and Close

10. Creating Custom Expressions for matching • In your organization, if you have specific types and formats of content that does not match the Microsoft provided Sensitive Information Types templates, then, we can customize and create new templates, based on Regular Expressions • For instance, in your company, a patent format can look like: xxxx-xx-xxxx for instance. You can build a Custom Template for this and thus the matching content will be blocked out • References: • https://technet.microsoft.com/en-us/library/dn781122(v=exchg.150).aspx • https://blogs.technet.microsoft.com/govcloud/2014/04/15/dlp-creating-custom- rules/#.VGzf2_9OUiR • https://justaucguy.wordpress.com/2014/11/21/adventures-in-custom-dlp-rules-part- one/

11. Thank you…

Office 365 Data Loss Prevention

Recommended

Recommended

More Related Content

Similar to Office 365 Data Loss Prevention

Similar to Office 365 Data Loss Prevention (20)

More from Karthick S

More from Karthick S (7)

Recently uploaded

Recently uploaded (20)

Office 365 Data Loss Prevention