How To Stop Data Leakage With Microsoft 365
Microsoft 365
Once you have clicked on ‘Policies’ you’ll be able to see the option to create a policy.
As you can see in the diagram below, you are able to select Policies based off of which country you’re located in. This is because legislation within different countries varies and names/terms differ all over the world.
You can now see that there are lots of policies that have been pre-built within categories. This will help if you’ve never created a policy before however, you can also start from scratch.
Takin a look at the data protection act template, we can see what the policy will protect as well as read through a brief description of its role.
Selecting the template you wish to continue with, select next.
We are now asked to name/rename the policy and optionally add a description of our own to help identify the policy and its purpose.
The next step, as shown below, is to choose the location of the policy. This means deciding where the policy should apply and to whom it should apply.
Following on from the previous step, you are asked to review the settings of the policy. You’re given the option to use the default settings or customise advanced Data Loss protection Rules.
There are lots of settings and rules that you can edit along with it’s conditions, contents and adding a description.
You can add more sensitive information types to the rule. There are 212 types to read through and apply if you see fit.
Another edit that you can make is user notifications. This can be used to inform and educate your users on how to properly share sensitive data as well as which data is appropriate to share.
This is done by alerting the chosen users when someone attempts to share the data.
After you complete your policy settings, you’ll be asked if you would like to either test the policy, turn it on or keep the policy off the following completion of the policy.
We have selected to turn on the policy.
Now, before finishing the policy reviewing it is essential. ensuring your policy is fit for the intended purpose as well as checking the other details are correct.
Once the policy is completed, you will be able to see your policy as shown below.
We can test the policy that we have created by sending an email containing a fake National Insurance number, as shown below/above and using an internal business email account to send this to and external email account.
This policy test has evidently worked, as you can see by the below notification email that has been received by the email addresses involved in the transaction.
Data loss and data leakage could be the end of your business.
Please make sure you and your employee’s data is secure and safe from leaks hackers can save your business and save you and your employee’s plenty of money.