Advanced data governance scenario’sAlbert Hoitingh

Chorin

GOLD

SILVERLOCATION

BRONZE

MEDIA

Have an understanding of data governance in Office 365

Know the difference between labels and retention policies

Know how data loss prevention uses labels

Data governance is a defined process an organization follows to ensure high quality data exists throughout the complete lifecycle. The key focus areas of data governance include availability, usability, integrity and security.

My take on this:

• Know where your (sensitive) data resides

• Remove content after its retention period

• Preserve content when needed

• Protect content from alteration, deletion or unauthorized sharing

1. Regulatory compliancy (GDPR for example)

2. Specific legal requirements (retention, eDiscovery, deletion, data loss prevention)

3. Enabling secure external sharing

PCs, tablets, mobile

Office 365 DLPWindows Information Protection

& BitLocker for Windows 10

Azure Information Protection

Exchange Online, SharePoint Online & OneDrive for

Business

Highly regulated

Intune MDM & MAM for iOS & Android

Microsoft Cloud App Security

Office 365 Advanced Data Governance

Datacenters, file shares

Azure 3rd-Party SaaS

O F F I C E 3 6 5D E V I C E S C L O U D S E R V I C E S , S A A S A P P S & O N - P R E M I S E S

Microsoft’s information protection options

https://support.office.com/en-us/article/Permissions-in-the-Office-365-Security-Compliance-Center-d10608af-7934-490a-818e-e68f17d0e9c1?ui=en-US&rs=en-US&ad=US

Labels Tag content

Can set retention, expiration or record status

Are applied by users or automatically

Work on specific locations (excluding Skype and Exchange public folders)

Require a label policy to be active

Data retention Works in the background without user intervention

Allows for site preservation holds

Works in all Office 365 platforms (including Skype and Exchange public folders)

Demo

Security & Compliance center

Labels and label policies

Labels Tag content

Can set retention, expiration or record status

Are applied by users or automatically

Work on specific locations (excluding Skype and Exchange public folders)

Require a label policy to be active

Data retention Works in the background without user intervention

Allows for site preservation holds

Works in all Office 365 platforms (including Skype and Exchange public folders)

Demo

Security & Compliance center

Data retention

Conditions Labels

Sensitive information

Actions Policy tips

Block access

Notify

Demo

Security & Compliance center

Data loss prevention

Cmdlets for:

eDiscovery

Retention policies

Data loss prevention

Seehttps://technet.microsoft.com/en-us/library/mt587093%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396

Demo

Security & Compliance center

Security & Compliancy Powershell

1. Data governance is a piece of the puzzle

2. Protect identities (MFA, AAD identity protection)

3. Protect the workstation

4. Start creating a label taxonomy

5. Office 365 labels are not Azure Information Protection labels!

Five take aways…

@alberthoitingh

albert.hoitingh@sogeti.com

https://alberthoitingh.com

https://www.linkedin.com/in/appieh/

GOLD

SILVERLOCATION

BRONZE

MEDIA