top of page

Do not miss new blog posts! Subscribe to new posts, news, and updates.

Thank you for joining our Blog subscription!

Writer's pictureAtle Skjekkeland

Data Loss Prevention to Automate Office 365 Compliance

To comply with business standards and industry regulations, it's critical that your organization protect sensitive information such as credit card numbers and health records to prevent its inadvertent disclosure. Data loss prevention (DLP) policies in Microsoft Office 365 (M365) helps you identify and protect your organization's sensitive information. As an example, you can set up policies to help make sure information in email and files aren´t shared with the wrong people.


To help with this, set up DLP policies to identify, monitor, and automatically protect sensitive information across M365. When creating a DLP policy, you can choose between a number of pre-built templates or create your own.

DLP to automate Office 365 compliance

I will in this example use the GDPR template that look for the following sensitive information types:

  • EU Debit Card Number

  • EU Driver's License Number

  • EU National Identification Number

  • EU Passport Number

  • EU Social Security Number (SSN) or Equivalent ID

  • EU Tax Identification Number (TIN)

After selecting a template, you then select where the policy should be valid, or if any locations should be excluded. DLP covers now also Teams chat and channel messages.

DLP locations to automate office 365 compliance

After this, you define the policy settings.

DLP policy settings to automate office 365 compliance

You have a lot of options here, and let me explain them in more detail.

Conditions: How many instances should be allowed, how accurate do you want it, etc.

Exceptions: When should the DLP policy not be active?

DLP exceptions to automate office 365 compliance

Actions: Decide actions to protect content when the conditions are met.

DLP actions to automate office 365 compliance

User notifications and overrides: Decide if users should be notified when conditions are met, and if users should see the tip and be able to justify or override the policy.

DLP users notifications to automate office 365 compliance

Incident reports: Decide who should be notified when the conditions are met.


Before turning on the DLP policy, you can let it run in test mode to check the results. Watch an extended overview of DLP and learn how it helps protect your sensitive content.

Feel free to contact us if you need help determining how to automate Office 365 compliance.

1,510 views0 comments

Comments


bottom of page