Data Loss Prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. DLP operates in a monitoring mode to detect and block sensitive data for all agencies that reside on MNIT’s M365 tenant.
- DLP is currently deployed as a monitoring service. It is configured to scan communications and report issues. It is set to report on, but not stop these communications.
- DLP is currently turned on for all agencies in a monitoring capacity only.
- DLP policies are like AIP policies but are designed to prevent the unauthorized sharing of M365 documents that contain sensitive information using pattern recognition instead of using labels the way AIP does. Example: a DLP policy that was defined to stop the sharing of social security numbers will scan documents for text that looks like a social security number and then prevent the sharing of this information.
- DLP policies are targeted computer algorithms that look for patterns such as credit card data or social security data in documents or email. DLP then applies actions determined by the agency’s defined policy, such as report, alert, block, or many other features.
- DLP policies scan documents to automatically identify sensitive data including:
- Financial data
- Personally Identifiable Information (PII)
- Credit card numbers
- Social security numbers
- Health records
- DLP identifies, monitors, and prevents unauthorized sharing of sensitive data in the following platforms:
- Microsoft Office: emails, Word, Excel, and PowerPoint
- Exchange Online
- SharePoint Online
- OneDrive for Business
- Microsoft Teams
- Windows 10 Devices
- Microsoft Defender for Cloud Apps
What is included:
- Service management
- Reporting
- The DLP Alerts Management Dashboard provides alerts and reports for the agency.
- View policy match reports to assess the agency’s compliance.
- View reports of policy overrides and false positives.
