A data breach is one of the biggest fears that keep business leaders up at night. In fact, nearly 80% of senior IT and IT security leaders believe their organizations are not prepared against cyberattacks—even those who invested more than ever in IT security investments in 2020.

So how can you protect your business from the absolute worst-case scenario? It begins with knowing where all your sensitive data is stored.

Defining “sensitive data”
By sensitive data, we are referring to classified information that should be inaccessible to outside parties unless they are permitted access. This could include financial data such as credit cards and bank account numbers; personally identifiable information (PII) such as health records or social security, driver’s license or passport numbers; or intellectual property.

Regardless, sensitive data must be explicitly protected from the so-called nefarious “dark forces” of the internet. Moreover, with more data moving around as a result of businesses increasingly transitioning to cloud services, ensuring its safety becomes ever more critical to the wellbeing and longevity of your business.

Data Loss Prevention and sensitive information types
Microsoft 365 provides a service for Data Loss Prevention (DLP), which can detect sensitive or critical data within your organization.

Using a DLP policy, you can identify, track, and protect all kinds of different types of sensitive information across Microsoft 365—with each sensitive information type defined by a pattern and identified by a regular expression or function.

Generally speaking, each sensitive information type entity is defined by several fields including a name, a description, and a pattern that consists of the following components:

  • As the main element, the primary element can be a regular expression with or without a checksum validation, a keyword list, a keyword dictionary, or a function.

  • A supporting element acts as supporting evidence to help increase the confidence of the match (e.g., the keyword “SIN” in proximity of a social insurance number). This element can be a regular expression with or without a checksum validation, keyword list, keyword dictionary.

  • Meanwhile, confidence levels—whether high, medium or low—reflect how much supporting evidence was detected along with the primary element. The more supporting evidence an item contains, the higher the confidence that a matched item contains the sensitive info you are looking for.

  • Finally, the proximity component is the number of characters between the primary and supporting elements.

Using Content Explorer
Another way to identify your most sensitive organizational information is through Content Explorer. Essentially, Content Explorer shows a current snapshot of any items in Office 365 that contains sensitive information, based on the defined sensitivity information types.

Content Explorer is especially useful in that it provides compliance, security and privacy officers with quick insights into any sensitive data stored to content sources such as Exchange Online, OneDrive for Business and SharePoint Online sites—all without affecting the people who work with that very content.

Using Content Explorer within Microsoft 365, your organization can discover the different types of sensitive information present, plus determine how they should be defined or classified. The end result: controls are placed on where that data goes, ensuring its protection and preservation regardless of where it resides; and enabling it to be deleted should your organization need that to occur.

There are two viewer roles in Content Explorer that require permission for access: List viewer, and Content viewer. Using Content Explorer, you can use these viewer roles to filter content by sensitive information type, retention label or sensitivity label—and know instantly how many documents have been classified, or how many need to be classified.

Knowledge is power
Protecting your organization and ensuring you are complying with business standards and industry regulations is a major undertaking. However, Microsoft 365 makes it easy to get started. Take a staged approach, beginning with identifying the exact sensitive data that needs extra care. Considering the potential impact of that data getting out into the external world, any additional efforts you make to ensure its protection are certainly worth it.

Jeny Alex
Senior Consultant, Hybrid Identity and Cybersecurity

Avaleris focuses exclusively on hybrid identity, enterprise mobility, and cloud security, enabling businesses to improve their agility and security while enabling employee productivity and collaboration.

Reach out to us to discuss your project objectives.
1-844-996-9695[email protected]avaleris.wpengine.com

Subscribe to the SecureScoop Newsletter