(76) Microsoft Purview - Protect Office 365 Sensitive Data with DLP

What is DLP in Office 365?

To hold sensitive information from falling into the prey’s hands, data loss prevention was included as part of Microsoft Information Protection (MIP). It helps to identify and prevent unauthorized messages from being shared, altered, or exploited.

The Data loss prevention rules identify whether the data shared contains any sensitive information (like credit card numbers, IP addresses, etc.) that could result in a breach of security. If it detects any such data, then it enforces the configured policies and prevents sharing.

Licensing:

There are two DLP license types and a standalone option:

Data loss prevention
Data loss prevention for Microsoft Teams

Allow users access the DLP policy:

1. Navigate to https://compliance.microsoft.com/

2. Select Roles & scopes then select Permissions then select Microsoft Purview solutions then select Roles.

3. Select create a group role.

4.Enter the following:

Name the role group:

Add roles to the role group:

Add members to the role group:

Create the group:

Create DLP Policy from Default Templates:

1. Navigate to https://compliance.microsoft.com/datalossprevention/policies

2. Select create policy.

Note: There are 40+ in-built policy templates for common industry regulations and compliance needs.

3. Select from one of the templates or create a custom policy.

4. To limit the policy to certain users or group, you will need to assign admin units that is created in Azure AD or it can be applied to all users and groups in the organistation.

Note: you will need an E5 license to configure.