Data Loss Prevention
Businesses and organizations have a challenging responsibility to protect sensitive information and prevent data disclosure. Sensitive information consists of financial data, social security numbers, health records, etc.
Implementing a data loss prevention or DLP policy is an effective strategy to identify, monitor, and protect sensitive data.
What is data loss prevention (DLP), and how it works?
Data loss prevention is a policy that protects content containing sensitive information and prevents it from being shared with people outside the organization. It can be set up in Microsoft 365 Security & Compliance Center. Instead of a simple scan, a DLP policy detects sensitive data through deep content analysis using keyword matches, dictionary matches, the evaluation of regular expressions, and other methods. Once a data leakage has been detected, an automatic remediating action takes place, restricting access to the content and marking it for later investigation. A DLP policy identifies, monitors, and protects only the sensitive data and does not affect the people working with other content.
A DLP policy includes:
- The locations where the content must be protected, such as Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams chat.
- Determining when and how to protect the data by enforcing rules that contain:
- Conditions that the data must match.
- Actions that the rule will take when content matching the conditions is found.
Examples
For instance, a DLP policy can have a rule set up that detects and protects information liable to the Health Insurance Portability and Accountability Act (HIPAA). Once a document containing HIPAA data has been found outside of the organization, the DLP policy works by blocking access and sending a notification for later evaluation.
Another example is configuring a rule to only look for data such as Social Security numbers, block access to the document once sensitive data has been detected and send both the user and compliance officer an email notification. These rules are grouped together as a DLP policy to simplify data security management.
By going the extra mile to implement security policies, your data is more protected, allowing for more efficient and productive growth.