How To Set Up Data Loss Prevention Using Microsoft Azure (Video Tutorial)

Every company in today’s world worries about losing important data. This video tutorial will help you learn how to use the Microsoft Cloud to prevent data loss.

Implementing Data Loss Prevention with Microsoft Cloud - Read Transcript

Hello, my name is Sam and I’m Director of Consulting at Tech Impact, a nonprofit technology services provider. Today I want to talk with you about how to configure simple data loss prevention policies using the Microsoft Cloud to help keep your data safe. Data loss prevention policies allow you to keep an eye on information that is being shared out of your organization that maybe shouldn’t be, like social security numbers or credit card numbers. Before we get started, you need to make sure that you are using E3 or higher Office 365 licenses.

Data loss prevention policies in Office 365 require this level. There is more you can do with an E5 license, or with one of the Enterprise Mobility + Security licenses. That includes very detailed policies and actions, looking at other systems besides just Office 365 like Box, or Dropbox, or Salesforce, and also manual file classification by your users. Okay, so let’s go ahead and get started. Everything we do today is going to be from the Office 365 Administrative Control Panel, so let’s log in. You will see I am entering in two-factor authentication. This is something that all of you should do if you are not already doing it. Let’s go ahead and open up the Admin Control Panel, and from here I’m going to open up the Security & Compliance Center.

This is a consolidated location where you can do most of the basic security and compliance configuration of Office 365. Today we are going to be in the “Data loss prevention” section, and let’s go ahead and click on Policy. I already have a couple of policies set up here but I want to create a new policy. So let’s go ahead and click on “Create a policy.” One of the benefits of doing this with Office 365 is they’ve already set up most of the common templates that you might be looking for.

So I might be a mental health services organization and maybe I need to worry about HIPAA information. I’m going to select Medical and Health. Then I’m going to scroll down and find the “US Health Insurance Act” template for HIPAA. When I click on this we’ll see that I am looking for Social Security Numbers and DEA numbers. Let’s go ahead and click Next. I’m going to provide my policy with a name. And I am going to tell Office 365 where I am looking for content. By default, I’m looking for an email in OneDrive and SharePoint. I could choose other locations too, but I really want to know everywhere that privileged information is that’s being shared.

I’m going to “Use simple settings,” and I’m going to “Detect when this content is shared” > “with people outside of my organization.” That’s really what I care about. It’s okay to keep this information in Office 365 since it is a HIPAA compliant system. Let’s go ahead and click Next. At this point, I have a few settings. For testing, I am going to make this just “1.” I want to know when even one social security number is being sent outside of the organization. And I’m going to “Send incident reports to email.” I also want to actually “Block people from sharing” information. So I don’t want to allow them to send it at all. Let’s go ahead and click Next. And let’s turn it on. And that’s it; the policy is created. Let’s go ahead and log into webmail, and I want to show you how this actually works. So I’m going to go ahead and write a new email. Let’s click on New.

And I’m going to send this to my actual Tech Impact account which is outside of this particular Office 365 instance. Now here I just pasted it a template. This is fake credit card and social security information. Let’s go ahead and send this. So I sent the mail. Let’s go ahead and let’s take a look at my Inbox. And here we will see that I have a couple of notifications that something was blocked. The first one I get is the notification saying that this particular email contained sensitive information. Then I get a notification that it has been blocked. And then as an administrator, I’m getting a notification that someone has sent an email message that has sensitive information in it. These same notifications will also be generated if I create a file that contains sensitive information and shares it outside of the organization. In that case, the detection isn’t real time. It happens at regular intervals throughout the day. But it will notify an administrator and me and then remove access to that file. Thanks for watching this video and I hope it has been helpful in showing you how to set up simple data loss prevention policies using Office 365.

Thank you for watching this tutorial about setting up data protection. Please share this post.

Leave a Reply