How DLP policies work DLP detects sensitive information by using deep content analysis (not just a simple text scan). This deep content analysis uses keyword matches, dictionary matches, the evaluation of regular expressions, internal functions, and other methods to detect content that matches your DLP policies. Potentially only a small percentage of your data is considered sensitive. A DLP policy can identify, monitor, and automatically protect just that data, without impeding or affecting people who work with the rest of your content. Policies are synced After you create a DLP policy in the Security & Compliance Center, it’s stored in a central policy store, and then synced to the various content sources, including: Exchange Online, and from there to Outlook on the web and Outlook 2013 and later OneDrive for Business sites SharePoint Online sites Office 2016 desktop programs (Excel 2016, PowerPoint 2016, and Word 2016) After the policy’s synced to the right locations, it starts to evaluate content and enforce actions.
Policy evaluation in OneDrive for Business and SharePoint Online sites Across all of your SharePoint Online sites and OneDrive for Business sites, documents are constantly changing — they’re continually being created, edited, shared, and so on. This means documents can conflict or become compliant with a DLP policy at any time. For example, a person can upload a document that contains no sensitive information to their team site, but later, a different person can edit the same document and add sensitive information to it.
For this reason, DLP policies check documents for policy matches frequently in the background. You can think of this as asynchronous policy evaluation.
Here’s how it works. As people add or change documents in their sites, the search engine scans the content, so that you can search for it later. While this is happening, the content’s also scanned for sensitive information and to check if it’s shared. Any sensitive information that’s found is stored securely in the search index, so that only the compliance team can access it, but not typical users. Each DLP policy that you’ve turned on runs in the background (asynchronously), checking search frequently for any content that matches a policy, and applying actions to protect it from inadvertent leaks.
Finally, documents can conflict with a DLP policy, but they can also become compliant with a DLP policy. For example, if a person adds credit card numbers to a document, it might cause a DLP policy to block access to the document automatically. But if the person later removes the sensitive information, the action (in this case, blocking) is automatically undone the next time the document is evaluated against the policy. DLP evaluates any content that can be indexed. For more information on what file types are crawled by default, see Default crawled file name extensions and parsed file types in SharePoint Server 2013.
Now that all attendees have had a chance to experience Microsoft Teams for themselves, take them quickly through a formal introduction into what Microsoft Teams is, and continue to land the messaging around what it can be for their organization. Do not bog down on details, but let the attendees participate in a discussion blending their first experience and messaging from the introduction to Microsoft Teams. The speaker notes in the following slides need to customized for the audience based on their prior knowledge with Microsoft Teams.
Slide Objective: Introduce Microsoft Teams as part of the Office 365 collaboration portfolio Talking points: Microsoft Teams fits in the Office 365 collaboration portfolio by giving teams easy access to the information they need in a dedicated hub for teamwork. Here, people find their team chat, content, people and tools living together in Office 365.
There are four key attributes of Microsoft Teams that help close-knit teams to perform at their best: First, it’s modern day chat that keeps everyone in the know with chat history, whether across the team or in a private chat. It is a dedicated hub for teamwork where people have easy access to the everyday apps such as Word, Excel, PowerPoint, websites, and OneNote, which teams rely on daily for getting work done. Microsoft Teams is customizable for the way different teams work, including publicly available APIs and bot frameworks Lastly, Microsoft Teams is designed to provide a great collaboration experience while upholding our commitments to safeguard customer and user data, to protect their right to make decisions about that data, and to be transparent about what happens to that data.
Objective: Land first what Microsoft Teams is: chat based collaboration for teams Talking points:
Microsoft Teams allows team to communicate in real time and keep everyone in the know at the same time. All team members can see and contribute to the team chat, seeing chat history at any time to recall past discussions and decisions.
You have the flexibility to create private chats for small group conversations with one or many people for when a conversation needs to be taken offline. You stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of.
You can also receive Skype for Business chat messages on Microsoft Teams so that you have one place for your team communications.
And of course, you can use Microsoft Teams across all your devices as we support Microsoft Teams on Windows, Mac, iOS, Android, Windows Phone and on web
Objective: Expand Microsoft Teams value: differentiated with power of Office 365 integration Talking points:
Not only is Microsoft Teams the place for your team chat communications, it’s also a hub for your team’s collaboration. You find in a single place the chat conversations with your team, files, team members, and everyday tools.
When you need to talk face to face, you can start a video call from a team chat or private chat. Turn off video if you just want an audio call. You can also join scheduled meetings from Microsoft Teams to meet within a channel or privately outside of one.
Because Microsoft Teams is integrated with Office 365, teams have quick access to the information they need whether they are files shared through SharePoint, notes in OneNote or tasks in Planner. Excel, PowerPoint, Word, PDFs and other documents can be shared and opened right in the app.
If you can’t immediately find what you need you can search in Microsoft Teams for people, files, chats and links. You can move easily between multiple Microsoft Teams so it’s easy to see what’s going on across teams, across channels, across chats. It’s also easy to set up and manage, whether you’re IT or an end user. Because it’s part of Office 365, all of your team members are instantly there
Objective: Show Microsoft Teams is also flexible to meet the individual needs of different organizations Talking points:
Microsoft Teams gives you the flexibility to create a workspace that fits your teams’ needs.
Create different channels for the team based on work streams or topics.
Add new tabs to a channel for quick access to frequently used documents and cloud services like PowerPoint and Planner. Teams also includes integrations from partners like Zendesk, Asana, and Hootsuite. Tabs are used to surface content in its native format, allowing for rich collaboration in the right context.
Explore data and take quick actions with bots like T-bot. or 3rd party bots like Polly, Meekan and many others.
With more than 70 Office 365 Connectors from services like Twitter, Dynamics CRM Online, VSTS or GitHub, available now, you can send rich notifications right into a channel. These are great for notifying a team about required actions, completed transactions, breaking news, and other real-time updates.
You can stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of.
Objective: Differentiate Microsoft Teams through Office 365 platform of security, privacy, transparency and global reach Talking points:
Office 365 has strong commitments around security, compliance, privacy and transparency. Microsoft Teams was built using these same principles to deliver an enterprise grade platform.
From the start, Microsoft Teams was architected with compliance, authentication and privacy in mind. Microsoft Teams will have compliance built-in, with support for industry standards including grade b accessibility, ISO 27001 and 27018, SOC 1 and SOC 2, HIPAA, EU Model Clauses and more. We’ve recently added information features that you’ve come to expect from Office 365 apps and services– Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting. These features help you control sensitive information if your business has specific security requirements for content security and data use.
Microsoft Teams protects team data securely using strong security measures including two factor authentication, hard passwords and access policies. Your data is always encrypted, whether it is chat, notes or files.
It’s your data, you own it, you control it. Microsoft does not mine customer data for advertising purposes and we safeguard customer data with strong contractual commitments. In keeping with our commitment to provide customers the utmost transparency, customers can see uptime, the location of their data, and detailed reports of how Office 365 controls map to the security, privacy, compliance and risk management controls defined in the Cloud Security Alliance Cloud Control Matrix (CSA CCM).
Microsoft Teams is enterprise grade, with support in 18 languages across 181 markets and 6 data centers worldwide, a 99.9% financially backed SLA and 24/7 support.
Speaker Notes: The important piece of information to land with the attendees is that Microsoft Teams lives on existing Office 365 workloads, enhancing end users collaborative capabilities while leveraging existing services they are already (likely) very familiar with. Microsoft Teams is built on the reliability and performance of Office 365.
From an IT Pro perspective, there is no infrastructure to manage for Microsoft Teams.
Speaker Notes: The workshop leader should stop the presentation at this point. Request a volunteer from the attendees to share their screen and be the driver for the rest of the audience in the room. Proceed to lead a conversation that walks the attendees through the checklist on the following slides. The audience should not see the checklist. They should just participate in actually using Microsoft Teams.
After the checklist is completed and the audience has had their first experience with Microsoft Teams, you can return to the workshop to complete a deeper dive.
Note: If the organization is brand new to O365 and has not enabled any other O365 workloads, some pre-work may need to be completed. This should be known to the presenter from the completed pre-engagement questionnaire and this workshop should have been modified to account for any prerequisites prior to delivery.
Please also ensure to understand the limitations the environment may have. Ensure to have run through the environmental checklist offline prior to doing a live walkthrough.
***** Alternative Workshop Order: If the attendees of the workshop are familiar with Microsoft Teams, it may be beneficial to hide slides 9-12. This will allow you as the workshop lead to skip the introduction and engaging the attendees in a live working session with the product. The decision on where to execute this portion of the workshop should be made prior to the workshop starting, if possible.
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Data Loss Prevention in Microsoft Office
sensitive data through deep
DLP policy configuration
Audit & incident
DLP system walkthrough
Integrated into Exchange
Transport Rule (ETR) engine
• Runs in categorizer during
• Integrated as a new ETR predicate
• Performs text extraction for body &
attachments followed by classification
• Can be combined with any existing
predicates & actions
Transport rule agent
DLP content detection flow in Exchange
Runs in Content Processing Pipeline as an operator
Invoked for search crawler as new content discovered and changed
Classification results and counts stored in the content index
DLP Policy Enforcement
Flexible tools for policy enforcement that
provide the right level of control
• Transport Rules
• Rights Management
• Data Loss Prevention
DLP policy templates
Built-in templates based on common
Import DLP policy templates from partners
Build your own
Sensitive content detection
Predefined rules targeted at sensitive data types
Advanced content detection
Combination of regular expressions, dictionaries,
and internal functions (e.g. validate checksum on
credit card numbers)
Extensibility for customer and ISV defined data
DLP Document Fingerprinting
Advanced deep content analysis enabling new scenarios!
Integrates with the existing DLP infrastructure
as a custom sensitive information type
Surfaced in Exchange, Outlook and OWA
Fabrikam Patent Form Tracking Number
Author Date Invention Title Names of all
1. Condensed representation of the template
2. Document is not stored
3. Stored as a sensitive information type
Fabrikam Patent Form Tracking Number 12345
Author Alex Date 1/28/2014 Invention Title
Fabrikam Green Energy...
1. Temporary in memory representation
2. Used for comparson with source
fingerprint created at config time
1. Compare the two fingerprints
2. Evaluate a ’containtment coefficient’ to
declare template contained in email
CLASSIFICATION RULE with
DLP in SharePoint Online
Search for sensitive data
Identification and export
Extends to data in OneDrive
How DLP policies work
Policies are stored in Central Policy store
Policies are synced to then synced to all various Content
O4B,SPO, EXO & Office Applications( Office 2016)
It starts to evaluate content and enforce actions
Policy evaluation in O4B & SPO sites
They’re continually being created, edited, shared, and so
Documents can conflict or become compliant with a DLP
policy at any time
DLP policies check documents for policy matches
frequently in the background --- Asynchronous policy
Asynchronous DLP Policy evaluation
Empower users to manage their compliance
Contextual policy education
Doesn’t disrupt user workflow
Can work even when disconnected
Admin customizable text and actions
Deep content analysis
46 OOB sensitive
40 OOB DLP Templates
Support for 3rd party
defined DLP policy
Policy Tips in OWA and
Fingerprinting in Exchange,
Outlook, and OWA
5 new OOB sensitive
Policy Tips in Outlook 2013
Contextual user education
DLP in SharePoint coming soon
Chat for today’s
Communicate in the moment and
keep everyone in the know
Tailor your workspace to include
content and capabilities your team
needs every day.
A hub for
Give your team quick access to
information they need right in
Chat-based workspace in Office 365
Get the enterprise-level security
and compliance features you
expect from Office 365.
Chat for today’s teams
People can see content and chat history anytime
Team chats and activities are visible to the entire team
Use private chats for small group conversations
Mobile access on Android, iOS and Windows Phone
A hub for teamwork
Chat, content, people, and tools live in a team workspace
Voice and video meetings right within Microsoft Teams
Built-in access to SharePoint, OneNote and Planner
Work with Office and other documents right in the app
Audio calling on mobile
Customizable for each team
Create different channels for work streams and topics
Add tabs to frequently used files and cloud services
Get updates from the apps your team uses every day
Customize notifications so you don’t miss important info
Build integrations with developer preview APIs
Security teams trust
Broad compliance standards support: Accessibility,
ISO27018/01, SOC 1 and 2, HIPAA, EU Model Clauses &
Information protection with Archive, eDisovery, Legal
Hold, Compliance Content Search, Auditing and
Data encryption at all times, at-rest and in-transit.
Multi-factor authentication for enhanced identity
1 Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting are in E3 and above suites.
• Microsoft Teams is built on existing Microsoft technologies woven
together by Office 365 Groups.
• Powered by Microsoft’s cloud, organizations can expect excellent
performance and reliability when leveraging Microsoft Teams as
part of their collaboration story.