Table of Contents

Get Started

Data Loss Prevention

It’s not a matter of if, but when. Protect, detect, and respond to breaches and inadvertent data loss with Microsoft.

Our salespeople are our revenue pipeline. These are high-value people to Callaway; they are constantly meeting with our customers and taking orders. With Windows Intune watching over their computers, we can keep orders and money flowing into the company.
Callaway Golf

Bill Connaghan Global Desktop System Administrator at Callaway Golf

Users, Devices and Apps

If you are only addressing some of the threats, you may be adding locks to a door while a window is left open. 

Data Loss Prevention is the catchall term for the prevention of losing company data, either to maliciously intended actors, from inadvertent user error (i.e. sending a file to the wrong person cached in your Outlook To: window), or from replying to all in error.

Microsoft doesn’t offer one specific Data Loss Prevention product, per se, but instead protects data loss at multiple layers:

  • Locking down files with Azure Information Protection to keep users from sharing personally identifiable information within documents
  • Enabling access controls to critical data (i.e. SharePoint files) and systems (role based access control)
  • Monitoring for and alerting on anomalous behavior (i.e. mass download from OneDrive), especially on users with access to and files with financial data (financial account information, personally identifiable information (PII), payment cards, medical records).
  • Full disk encryption, with Bit Locker is on by default after Windows 8.1
  • Protecting from malware, which is the entry point to many command/control or keylogger attacks, using Advanced Threat Protection in Office 365
  • Protecting user devices from being the entry point via remote application wipe/control using Office 365 Mobile Devices Management or Intune Mobile Application Management

In their unique interactive infographic about the anatomy of a breach, Microsoft outlines an intruder’s approach to infiltrating and extracting data, as well as some of the other Microsoft capabilities that protect, detect, and respond. 

Are data breaches completely preventable?  No, but the impact can be minimized by employing all possible prevention techniques, along with monitoring and response tools.

Video: Data Loss Prevention

Resources

Top 10 Security Best Practices for Azure AD from Ignite

After spending multiple sessions across cybersecurity and Azure, there seems to be a consensus on what tasks organizations should consider sooner for managing and maintaining their Azure AD...

Microsoft Security, Autopilot, and Teams News from Ignite

Advances in Microsoft Threat Protection, Azure Sentinel, Autopilot white glove deployments, and Teams

Microsoft Endpoint Management News from Ignite

Embrace modern management to manage and secure your devices with the unified Microsoft Endpoint Manager

Data Loss Prevention

Want to learn how Microsoft’s DLP tools can help you improve the protection of your company data and reputation?  Fill out your info to have a chat with one of our engineers.

 

ref:_00D80KtFf._5000y1WwWQD:ref