Brief Summary
This video introduces Data Loss Prevention (DLP) in Microsoft 365, explaining its purpose, licensing, and practical implementation. It covers identifying sensitive information types, creating DLP policies using templates, and customizing settings to protect data from accidental or intentional leakage. The video also demonstrates how DLP policies work in real-time, preventing sensitive information from being shared outside the organization.
- DLP prevents data loss by plugging holes in your "data bucket."
- Microsoft 365 Business Premium includes DLP for email, SharePoint, and OneDrive.
- Sensitive information types are predefined or custom categories of data to protect.
- DLP policies can be created from templates and customized for specific needs.
- Policies can be tested in simulation mode before full deployment.
Introduction
The video introduces the concept of data loss prevention (DLP) as a critical component of data protection in Microsoft 365. It emphasizes that in today's digital landscape, data is a valuable asset that needs safeguarding. The presenter, Jonathan Edwards, also known as the Bearded 365 Guy, highlights the importance of protecting data, especially for small businesses that often overlook this aspect. He notes that Microsoft 365 has built-in technologies like DLP to help businesses protect their data.
What is Data Loss Prevention?
Data Loss Prevention (DLP) is defined as a mechanism to prevent the loss of data within a business. Using an analogy, the business is portrayed as a bucket, and the data is the water inside. DLP helps plug the holes in this bucket to prevent data leakage from various sources, including Microsoft 365 services like email, SharePoint, OneDrive, Teams, Office applications, on-premises servers, and other cloud applications like Box and Dropbox. The presenter also mentions the importance of Copilot security to prevent data loss.
DLP Licensing
The video discusses the licensing requirements for DLP in Microsoft 365. Microsoft 365 Business Premium includes DLP protection for email, SharePoint, and OneDrive. For more comprehensive protection, including devices, Microsoft 365 E3 or E5 is required. The demonstration in the video focuses on a tenant with Microsoft 365 Business Premium.
Sensitive Information Types
DLP helps protect sensitive business information, which is the most valuable data to an organization. It distinguishes between general business data and sensitive data, such as credit card information or important research. Before creating DLP policies, businesses need to identify what information is considered sensitive using sensitive information types in Microsoft 365. Microsoft provides built-in sensitive information types for different countries, and businesses can also create custom types based on their specific needs, such as protecting trading algorithms or research data.
Create DLP Policy
The video transitions to creating a DLP policy using a template for UK financial data. The presenter navigates to the Microsoft Purview portal, goes to the data loss prevention section, and selects policies. He then clicks on create a policy and chooses the financial category to find the UK financial data template. This template consists of several sensitive information types.
DLP Templates
Microsoft provides templates to simplify the creation of DLP policies. These templates consist of a number of sensitive information types. Users can use these templates as they are or build on them. The presenter selects the UK financial data template, which includes various sensitive information types relevant to UK financial regulations.
Admin Units
The video explains admin units, which are available with Microsoft 365 E5 licenses. Admin units allow organizations to delegate the management and visibility of DLP policies based on groups, departments, and regions. This feature is useful for large multinational companies where different security teams manage policies in their respective areas.
Where to Apply Policy
The presenter specifies where the DLP policy should be applied, selecting Exchange email, SharePoint sites, and OneDrive. The scope section allows further refinement, such as excluding specific sites or applying the policy to specific sites only. The presenter emphasizes that organizations typically have multiple DLP policies protecting different types of information.
Policy Settings
The video covers the policy settings, including the option to use default settings or advanced DLP rules. The advanced rules allow for further customization, such as adding new groups and changing confidence levels. The presenter notes that he will cover these advanced rules in more detail in future videos.
Protection Actions
The video explains the protective actions that occur when content matches the policy conditions. For example, if someone tries to send an email with a credit card number to someone outside the organization, the user will receive a policy tip. These policy tips are notifications that can be customized. The presenter also discusses customizing access and override settings, including blocking users from sending sensitive information and allowing users to override the policy with a business justification.
Policy Mode
The video discusses policy modes, including simulation mode, which allows running the policy in test mode without affecting users. In simulation mode, the policy is switched off, but reporting is available. This mode is useful for introducing DLP to a business gradually. The presenter chooses to run the policy in simulation mode for testing.
User Experience
The video demonstrates the user experience when a DLP policy is triggered. A user, Percy Pig, attempts to email credit card information outside the organization. The policy works as expected, and Percy immediately receives an email notification that the message conflicts with a policy and was not delivered. The email contains sensitive information (credit card number), and the DLP policy prevents the email from being sent outside the business.
