Securing Emails with O365 DLP
E-Mail communication plays vital role in day-to-day business activities of any organization. Let it be an interesting announcement or minutes of meeting or sensitive information such as personal files and financial or strategic details, email is still a most reliable and official way for such communications. Along with emails, other collaboration tools such as messengers e.g MS TEAMS, Skype or central cloud storage services like OneDrive empower employees, various teams to work together with efficiency.
Considering email as widely accepted mode of communication inside as well as outside organization network, its provides easiest ways for unauthorized access and security breach which can impact negatively impact an organization financially as well as in terms of public image. Hence its an absolute need to protect email infrastructure from such malicious activities and to control, monitor flow of information over email.
If you are using Microsoft Office 365 for your email infrastructure (which we suggest you should), a solution called O365 Data Loss Prevention (DLP) offered by Microsoft can help us achieve extensive email security mechanism and along with additional benefits. Using DLP, we can implement ready to use or even build custom policies for establishing secure email communication.
Our O365 experts at Infotechner will help you to configure all related configuration and implement necessary policies as per your custom business requirements.
How does it work?
- Once a policy is activated, it can be enforced on all or certain end users’ mailbox. Such policies can help to prohibit sharing of sensitive customer information such as banking, social security details. There is also configuration which warns users if any sensitive information is found in emails they are about to send.
- A DLP policy can be created to scan incoming emails for malicious contents in email attachments. DLP administrator can disallow sharing or opening of files with particular format.
- Using DLP policy, wide range of well-known security compliance such as GDPR, HIPAA as well as custom security compliances can be enforced. With this, DLP will use intelligent algorithm to scan every email being sent and flag possible breach of compliance to administrators and respective group of personnel.
- Additional layer of security can be added using already provided template to protect emails from unauthorized access. For example, If certain user account is accessed from two geographically separated locations and if one of these location is found suspicious, DLP will report this unusual behaviour following which administrator can block the account if it’s found compromised and threat is confirmed.
- With DLP, its possible to easily create specific business domain related policies using preconfigured templates provided by Microsoft. For example, a policy can be created to monitor all finance related information being shared via emails and report in case of policy violation.
- DLP policies can be enforced not only for emails but also for OneDrive. This provide greater control and vigilance over data of an organization
- DLP feature comes with useful dashboards where consolidated email activity and policy breach can be monitored with great ease.
Some of the examples where certain type of information that can be identified by DLP policies is as follows:
U.S. Federal Trade Commission (FTC) Consumer Rules | Helps detect the presence of information subject to U.S. Federal Trade Commission (FTC) Consumer Rules, including data like credit card numbers. |
U.S. Financial Data | Helps detect the presence of information commonly considered to be financial information in United States, including information like credit card, account information, and debit card numbers. |
U.S. Gramm-Leach-Bliley Act (GLBA) | Helps detect the presence of information subject to Gramm-Leach-Bliley Act (GLBA), including information like social security numbers or credit card numbers. |
U.S. Health Insurance Act (HIPAA) | Helps detect the presence of information subject to United States Health Insurance Portability and Accountability Act (HIPAA),including data like social security numbers and health information. |
U.S. Patriot Act | Helps detect the presence of information commonly subject to U.S. Patriot Act, including information like credit card numbers or tax identification numbers. |
U.S. Personally Identifiable Information (PII) Data | Helps detect the presence of information commonly considered to be personally identifiable information (PII) in the United States, including information like social security numbers or driver’s license numbers. |
U.S. State Breach Notification Laws | Helps detect the presence of information subject to U.S. State Breach Notification Laws, including data like social security and credit card numbers. |
U.S. State Social Security Number Confidentiality Laws | Helps detect the presence of information subject to U.S. State Social Security Number Confidentiality Laws, including data like social security numbers. |