Table of Contents

Get Started

Data Loss Prevention

It’s not a matter of if, but when. Protect, detect, and respond to breaches and inadvertent data loss with Microsoft.

Our salespeople are our revenue pipeline. These are high-value people to Callaway; they are constantly meeting with our customers and taking orders. With Windows Intune watching over their computers, we can keep orders and money flowing into the company.
Callaway Golf

Bill Connaghan Global Desktop System Administrator at Callaway Golf

Users, Devices and Apps

If you are only addressing some of the threats, you may be adding locks to a door while a window is left open. 

Data Loss Prevention is the catchall term for the prevention of losing company data, either to maliciously intended actors, from inadvertent user error (i.e. sending a file to the wrong person cached in your Outlook To: window), or from replying to all in error.

Microsoft doesn’t offer one specific Data Loss Prevention product, per se, but instead protects data loss at multiple layers:

  • Locking down files with Azure Information Protection to keep users from sharing personally identifiable information within documents
  • Enabling access controls to critical data (i.e. SharePoint files) and systems (role based access control)
  • Monitoring for and alerting on anomalous behavior (i.e. mass download from OneDrive), especially on users with access to and files with financial data (financial account information, personally identifiable information (PII), payment cards, medical records).
  • Full disk encryption, with Bit Locker is on by default after Windows 8.1
  • Protecting from malware, which is the entry point to many command/control or keylogger attacks, using Advanced Threat Protection in Office 365
  • Protecting user devices from being the entry point via remote application wipe/control using Office 365 Mobile Devices Management or Intune Mobile Application Management

In their unique interactive infographic about the anatomy of a breach, Microsoft outlines an intruder’s approach to infiltrating and extracting data, as well as some of the other Microsoft capabilities that protect, detect, and respond. 

Are data breaches completely preventable?  No, but the impact can be minimized by employing all possible prevention techniques, along with monitoring and response tools.

Video: Data Loss Prevention

Resources

Azure Active Directory SSO Integration with Salesforce

This article goes through the steps to integrate Azure AD identity with Salesforce.com, enabling end users with SSO and IT better control of corporate identities. This article goes through the...

Instagram Hack - Protect Yourselves This Holiday

Enjoying those holiday photos you're getting in the mail and seeing online? Instagram recently had a security issue that accidentally exposed some of its users' passwords. You can read about it at...

Understanding Office 365 Identities

Which one is right for you? Your identity model is how you choose to integrate your Office 365 user directory with your existing corporate directory. When moving your organization to Office 365, this...

Data Loss Prevention

Want to learn how Microsoft’s DLP tools can help you improve the protection of your company data and reputation?  Fill out your info to have a chat with one of our engineers.

 

ref:_00D80KtFf._5000y1WwWQD:ref