Your business stores and uses information that 1) you don’t want to lose to competitors, 2) is private information that should not be seen out of the proper context, and 3) is protected by data privacy laws. Keeping track of such information, who gets access to it, and how to stop the improper use of sharing of this information can be difficult as your business grows. The new Data Loss Protection (DLP) policies in Office365 are designed to deal with this rather complex issue.
What specific kinds of data need to be protected? Where is that data stored? How do the new data loss protection policies work within Office365 to keep data from being improperly shared or outright stolen?
Where Is the Data?
The Office365 DLP system can protect your content in locations such as SharePoint Online, Exchange Online, and OneDrive for Business sites.
You will be able to specify conditions that trigger actions which in turn protect your sensitive data.
As an example, you can specify any content that contains social security numbers. And you can specify that the content should not be shared with anyone outside of your organization.
You will specify what actions will take place if and when Office365 sees that the data you specified is about to be shared. The actions will typically be to block the person’s access to the document and send an email to both the person and to the data compliance officer.
The email will specify the problem and can offer suggestions as to how the person can properly deal with the data in question.
When you have personal information that is subject to HIPAA (the Health Insurance Portability and Accountability Act) you will set up conditions that designate locations and kinds of information and then conditions to block such as information being emailed out of your organization.
You will set up many specific rules, all of which will be included in a specific data loss policy.
The result will be that you will have system-wide oversight of sensitive data and policies in place to block data loss or improper sharing.
Office365 data loss policy does not just protect information in SharePoint Online, Exchange Online, and OneDrive for Business. You have sensitive information on desktop applications of Word 2016, PowerPoint 2016, and Excel 2016. The new DLP policies in Office365 allow you to monitor continuously in real time whenever users are sharing content using these Office 2016 programs.
Train Your Workers and Don’t Interfere with Their Work
There are times when those in charge of data compliance and security issues seem to forget that your business needs to get some work done too. The Data Loss Protection features of Office365 are set up to help protect your data and not interfere with the operation of your business! When a condition triggers an action to block data transfer, the employee is notified, as well as the data compliance officer. The employee can also receive a policy tip from the document library. This can be set up to allow them to override the rule, providing that they have a valid business reason for such an action. And, because the compliance officer receives the information as well, they can make sure that either the conditions are changed or that the person at fault really has a valid reason!
Not everyone needs every bell and whistle that Office365 DLP offers. You can use “simple settings” or “advanced settings” when setting the rules (conditions and actions). The “simple” route makes it easy to set up a few simple rules. The “advanced” route lets you set up a wide and comprehensive set of rules if that is what your business requires.
Don’t get in trouble with the Federal Government for improperly sharing your employees’ or clients’ health information. Don’t let a forgetful or ignorant employee give away critical business information. Upgrade to Office365 to efficiently and cost-effectively protect your information from those who have no business seeing it!