Table of Contents

Get Started

Data Loss Prevention

It’s not a matter of if, but when. Protect, detect, and respond to breaches and inadvertent data loss with Microsoft.

Our salespeople are our revenue pipeline. These are high-value people to Callaway; they are constantly meeting with our customers and taking orders. With Windows Intune watching over their computers, we can keep orders and money flowing into the company.
Callaway Golf

Bill Connaghan Global Desktop System Administrator at Callaway Golf

Users, Devices and Apps

If you are only addressing some of the threats, you may be adding locks to a door while a window is left open. 

Data Loss Prevention is the catchall term for the prevention of losing company data, either to maliciously intended actors, from inadvertent user error (i.e. sending a file to the wrong person cached in your Outlook To: window), or from replying to all in error.

Microsoft doesn’t offer one specific Data Loss Prevention product, per se, but instead protects data loss at multiple layers:

  • Locking down files with Azure Information Protection to keep users from sharing personally identifiable information within documents
  • Enabling access controls to critical data (i.e. SharePoint files) and systems (role based access control)
  • Monitoring for and alerting on anomalous behavior (i.e. mass download from OneDrive), especially on users with access to and files with financial data (financial account information, personally identifiable information (PII), payment cards, medical records).
  • Full disk encryption, with Bit Locker is on by default after Windows 8.1
  • Protecting from malware, which is the entry point to many command/control or keylogger attacks, using Advanced Threat Protection in Office 365
  • Protecting user devices from being the entry point via remote application wipe/control using Office 365 Mobile Devices Management or Intune Mobile Application Management

In their unique interactive infographic about the anatomy of a breach, Microsoft outlines an intruder’s approach to infiltrating and extracting data, as well as some of the other Microsoft capabilities that protect, detect, and respond. 

Are data breaches completely preventable?  No, but the impact can be minimized by employing all possible prevention techniques, along with monitoring and response tools.

Video: Data Loss Prevention


Detecting and Protecting Against Solarigate

This blog provides a summary of the Microsoft tools and guidance to detect and protect against the recent attacks embedded within SolarWinds monitoring agents.

10 Critical Steps to Secure Windows Virtual Desktops

It's simple to spin up a VM host for WVD, but selecting and configuring proper security controls takes more time and effort. After some significant deployments of Windows Virtual Desktop, our...

Azure AD Identity Governance – Terms of Use

Most organizations have some form of Acceptable use policy when logging into a domain-joined PC or server.  However, when moving to the cloud, you have access and exposure to a vast array of data and...

Data Loss Prevention

Want to learn how Microsoft’s DLP tools can help you improve the protection of your company data and reputation?  Fill out your info to have a chat with one of our engineers.