Office 365 and Data Loss Prevention
Phishing campaigns are a leading cause of data breaches. With sensitive information unintentionally being sent out via email daily, companies need solutions that stop susceptible information from ever being transmitted. Office 365 Data Loss Prevention helps prevent the loss of sensitive data by detecting it before it’s sent out and blocking its circulation.
What is Data Loss Prevention?
Data loss prevention (DLP) was designed for compliance with following a company’s protocol on sending out sensitive information. This would include data such as credit card numbers or banking details, social security numbers, driver’s license numbers, spreadsheets with confidential customer data, trade secrets, as well as a host of other information that a company doesn’t want to be sent in an email. DLP detects this information being present in the body of an email or an attachment.
Frequently, companies don’t consider themselves in possession of sensitive data. They believe that only organizations such as hospitals or banks would need to have DLP in place to be HIPAA compliant, or meet regulatory requirements in the case of financial institutions. They don’t consider that they have sensitive information about their customer base, such as credit card numbers, which is at risk.
With phishing attacks on a massive increase, and increased vulnerability due to more remote workers, an increasing number of companies are implementing data loss prevention policies and increasing their data security.
How Data Loss Prevention Works
Data loss prevention works through the recognition and tracking of patterns of numbers and related words. For example, if an email or document contains a string of 16 digits preceded or followed by the phrase “Visa” or “Mastercard,” the transmission of that information will be blocked.
Another example would be an email including a social security number. Social security numbers formatted xxx-xx-xxxx are detected, and the email containing it is then blocked. If those same nine numbers were transmitted in the context of a HelpDesk ticket number, as xxxxxxxxx, it would very likely not be blocked. Microsoft leverages AI to score emails based on content and patterns to match thresholds created by an administrator. If a threshold is tripped, then the email would be stopped from being sent, and proper management personnel would be notified.
Data loss prevention is an essential method of preventing important, sensitive information from falling into the hands of unscrupulous people. It catches data before it’s sent out.
Training, and re-training, employees regularly not to include sensitive data in emails or documents being sent from the company’s network is also an essential step in preventing data loss. Employees get busy and can sometimes get lax about carefully watching what information they’re including in an email they’re sending. Regular reminders and refresher training are vital to a company’s data security, a formal compliance policy and managed training platform are highly recommended to keep staff security focused.
Encryption On The Fly
New developments on the horizon for data loss prevention include the encryption of emails deemed to be containing sensitive information as it is being sent. This would reduce risk of exposing your sensitive data to an attacker if they were to breach a vendor or partner company’s email system. This would not relieve employees of their responsibility of being security conscious, but it would facilitate secure communications between a company and its trusted partners or vendors.
Data loss prevention is regularly evaluated and updated. Office 365 and other software developers recognize that cybercriminals are getting savvier at using phishing emails to secure sensitive data. New data loss prevention enhancements are on the horizon, which is good news to any company that wants to protect itself and its customers from the potentially disastrous consequences of stolen information.