Microsoft Teams is a powerful tool, but it can pose a challenge when it comes to data security. The data generated and stored within Microsoft Teams is of different types, ranging from chat and channel messages to documents, images, recordings, and meetings. This makes it difficult to manage and ensure compliance with ever-changing regulations, putting organizations at risk. However, Microsoft is aware of these risks and has developed comprehensive solutions, such as Microsoft Purview, to help protect and govern sensitive data. Jasper Oosterveld, a Microsoft MVP and Consultant, will focus on Microsoft Purview Information Protection and Data Loss Prevention. He will combine his real-world experience to ensure successful implementation of these solutions for customers or internal organization.
11. InSpark
Data Classification Policy
03 Data Security
• Company data
specially prepared
and approved for
public use.
• There is no breach of
confidentiality.
• Company data
intended for general
use within the
organization.
• There is a potential
breach of
confidentiality with
external sharing.
• Company
information
specifically intended
for internal
employees or
specific individuals
or organizations.
• Information is only
shared on basis of
confidentiality.
• Breach of
confidentiality
causes serious harm
to the organization.
Public General Confidential
12. InSpark
Data Security Policy
03 Data Security
Public
• Accessible to all employees and external individuals or organizations.
• Data not protected
• Accessible to all employees and external individuals or organizations.
• Data not protected.
• Accessible for all employees (internal) or authorized individuals or organizations (external).
• Data is protected.
Confidential
General
13. InSpark
Data Security Policy
03 Data Security
• R&D information is specifically intended for HR employees.
• Data is protected for all R&D employees.
R&D
• HR information is specifically intended for HR employees.
• Data is protected for all HR employees.
HR
15. InSpark
Generic Organizational
Examples
03 Data Security
Social Security Number
Credit Card Number
Passport Number
Drivers License Number
IBAN
Physical Address
Medical Information
Criminal information
Intellectual property
Employee information
Customer information
Mergers & acquisitions
18. InSpark
Scattered data
03 Data Security
Type Locatie
1:1 chat & group chat Exchange Online (User mailbox)
Channel messages Exchange Online (M365 group mailbox)
Voicemail, call summary, and contacts Exchange Online (User mailbox)
Channel meeting recordings & transcript SharePoint Online
Chat meeting recordings & transcript OneDrive for Business
Calendar data Exchange Online
Files shared in chat OneDrive for Business
Files shared in channels SharePoint Online
Notes private meetings OneDrive for Business
Notes channel meetings SharePoint Online
Whiteboard OneDrive for Business
Tasks Tasks for Planner & To Do
Source:
https://blog.quest.com/microsoft-teams-meeting-content-where-is-it-stored/
https://www.syscloud.com/saas-data-protection-center/microsoft-365/teams-data-storage/
26. InSpark
Scenario: Enforcing governance
requirements
05 Microsoft Purview Information Protection
• Jane is the manager of the project
department of Hammond Robotics.
• Hammond Robotics distinguish different
type of projects.
• Each project has unique requirements for
external invites & and sharing.
• Jane needs an internal project site with
no external access and sharing allowed.
Type of projects
28. InSpark
Owners can change the label.
Monitor with the Activity Explorer and Audit.
Connect with your provisioning solution.
Talk with your Intune colleagues before enabling CA with labels.
Use PowerShell to define the default sharing link (view or edit) for a SharePoint site and site sharing settings.
Tips & tricks
05 Microsoft Purview Information Protection
29. InSpark
Mergers
Scenario: Protect sensitive project
information
05 Microsoft Purview Information Protection
• Alex is part of the Hammond
Robotics Mergers & acquisitions
team.
• He is currently part of a merger with
codename Project MRVN.
• All content related to this project
needs to be automatically protected.
32. InSpark
Office add-in for the Unified Labeling Client is in maintenance mode.
AIP unified labeling client (could) cause an issue with built-in labels.
OCR now in preview!
Use the remove encryption option for the public labels.
Assign scoped labels to specific departments, teams, or projects.
Viewing encrypted content only works with Microsoft accounts.
Tips & tricks
05 Microsoft Purview Information Protection
36. InSpark
Mergers
Scenario: Prevent a data leak in chat and
channel messages
06 Microsoft Purview Data Loss Prevention
• Alex is part of the Hammond
Robotics Mergers & acquisitions
team.
• He is currently part of a merger with
codename Project MRVN.
• Any mention of Project MRVN is
prohibited outside the dedicated
team.
38. InSpark
Customer information
Scenario: Prevent a data leak with
external sharing
06 Microsoft Purview Data Loss Prevention
• Julia is the CISO of Hammond
Robotics.
• One of the company policies aims to
prevent sharing five or more IBANs in
files.
• This is confidential information and
shouldn’t be shared with external
people.
40. InSpark
DLP is not 100% failproof.
Test the SIT with real-world content related to the DLP policy.
Create a separate policy for Exchange Online.
Tips & tricks
05 Microsoft Purview Information Protection