November 01, 2022

Things You Need to Know About Data Loss Prevention in SharePoint Online

What to Know About DLP in SP

Data can be a company’s biggest asset, but only if we know how to effectively protect it. Fortunately, we have rules and regulations that help us with this, like a practice called data loss prevention (DLP). The golden rule of any DLP strategy is that data must be protected at rest, in use, and in motion. Following along with the data protection trend, Office 365 implemented a feature within its SharePoint Online application that helps protect a company’s sensitive data using powerful predefined DPL policy templates. If you’ve been on the fence about migrating your files to SharePoint, let this be a sign that tells you that you finally might be ready to make the move.

How DLP Policies Work

DLP policies are essentially different templates stored inside Office 365 products that can be applied to all Office 365 products to make sure Personal Identifiable Information (PII) is protected by either restricting, blocking, or removing user access. It also prevents a hacker from exporting files. These policy templates are key to DLP because they know what to look for in the files and the additional value is that there are different ones based on industry requirements.

DLP policies follow built-in rules pertaining to the protection of data like passport numbers, bank account numbers, SSN/SINs, health records, credit card information, and more depending on a country’s rules and regulations on private information for each industry. Microsoft 365 allows its users to customize these templates so that it fits best with their industry and the type of information they own. Once the templates are set up and configured as needed, the policy scans and then flags your files if private information is found within them.

Once a policy identifies that a file contains PII, a pop-up “Policy Tip” gets displayed on the user’s screen notifying them of the level of restriction that applies to them. Thankfully, gone are the days (not to mention the time and mistakes saved) when an employee must educate themselves and find an often missing large, dusty, and outdated binder advising them on how to manage sensitive information within a file.

Monitor All Data Movement

Office 365 allows certain users to override the pop-up policy tips they deem to be false positives, or if they’re authorized to override the policy. All overrides are recorded, ensuring full transparency of actions taken by SharePoint Online users, and displayed in an audit log for monitoring. These reports can be sent to the higher-ups if it’s found a user is habitually overriding the rules and policies, or if a pattern emerges that needs to be investigated further.

There are different severity levels that can be assigned to the policies as well, depending on the level of protection needed or the consequence if the policy is not followed.  All this information can be accessed via a high-level graphical dashboard and can be drilled down further if more granular information is needed.

Tough Pill to Swallow

Once you have SharePoint, you can easily migrate all files on your internal server to DLP. This was one critical step that a BT Partners client failed to make. This company had an employee leave for remote work abroad, and while there, they encountered the dreaded incident of a stolen laptop. This laptop contained an Excel spreadsheet loaded with credit card information & PII. This data was then, of course, compromised once it was successfully exported off the laptop and into the illicit hands of the hacker. All it takes is 10 stolen credit cards to result in a yield of up to $2.2 million per month, as each card fetches up to $45 in underground selling forums.

It’s a common scenario. One we’ve heard, many times but seems to continually happen, even when there are measures in place that help to avoid a situation such as this. Fortunately, there is a silver lining in this client’s story. They had adequate cyber security insurance, so they were covered when the hacker demanded a ransom for the return of the PII. However, this all could have been avoided if the client, before going abroad, had migrated their information to SharePoint Online. Even with access to the laptop, the DLP policies would have stopped the hacker from exporting the files if DLP identified there was PII in them. Which in this case, it would have. It’s important to note that a hacker can potentially still access your network by logging into it and viewing private information.

Do I Still Need MFA?

More than 80% of breaches within hacking involve brute force or the use of lost or stolen credentials. This is why you still need to employ an added layer of protection, like multi-factor authorization (MFA). From how quickly the Internet has evolved since the early nineties and the increasingly sophisticated cybersecurity threats, it’s so critical to not just rely on one data security tool to safeguard your information but to combine several tools so that you have a backup in case the unthinkable happens. But we digress….

DLP is not just a cybersecurity buzzword. Its market reached $1.3 billion in 2020 alone. We don’t like scare tactics, but data loss and breaches are a serious threat to organizations everywhere. No business is immune to them, including yours. That’s why you need to take a proactive approach now. Microsoft 365 has added its DLP policies and data security best practices to its SharePoint Online for clients to apply throughout their business, helping you navigate the evolving, complex and unpredictable cyber world. If you still have questions on SharePoint Online DLP and its features, reach out to our experts. We’re here to help you get the information you need to make the best, most informed decision for your company.

Business insights and resources

How & Why to Make Sure Your Login Credentials Aren't a Security Weakness

How & Why to Make Sure Your Login Credentials Aren’t a Security Weakness

How to Spot and Avoid a DocuSign Phishing Email

How to Spot and Avoid a DocuSign Phishing Email

cyber security insurance requirements

Cyber Security Insurance Requirements: What Providers Might Ask You For

Ready to optimize?