advanced data governance in office 365
TRANSCRIPT
Advanced data governance scenario’sAlbert Hoitingh
Chorin
GOLD
SILVERLOCATION
BRONZE
MEDIA
Have an understanding of data governance in Office 365
Know the difference between labels and retention policies
Know how data loss prevention uses labels
Data governance is a defined process an organization follows to ensure high quality data exists throughout the complete lifecycle. The key focus areas of data governance include availability, usability, integrity and security.
My take on this:
• Know where your (sensitive) data resides
• Remove content after its retention period
• Preserve content when needed
• Protect content from alteration, deletion or unauthorized sharing
1. Regulatory compliancy (GDPR for example)
2. Specific legal requirements (retention, eDiscovery, deletion, data loss prevention)
3. Enabling secure external sharing
PCs, tablets, mobile
Office 365 DLPWindows Information Protection
& BitLocker for Windows 10
Azure Information Protection
Exchange Online, SharePoint Online & OneDrive for
Business
Highly regulated
Intune MDM & MAM for iOS & Android
Microsoft Cloud App Security
Office 365 Advanced Data Governance
Datacenters, file shares
Azure 3rd-Party SaaS
O F F I C E 3 6 5D E V I C E S C L O U D S E R V I C E S , S A A S A P P S & O N - P R E M I S E S
Microsoft’s information protection options
https://support.office.com/en-us/article/Permissions-in-the-Office-365-Security-Compliance-Center-d10608af-7934-490a-818e-e68f17d0e9c1?ui=en-US&rs=en-US&ad=US
Labels Tag content
Can set retention, expiration or record status
Are applied by users or automatically
Work on specific locations (excluding Skype and Exchange public folders)
Require a label policy to be active
Data retention Works in the background without user intervention
Allows for site preservation holds
Works in all Office 365 platforms (including Skype and Exchange public folders)
Demo
Security & Compliance center
Labels and label policies
Labels Tag content
Can set retention, expiration or record status
Are applied by users or automatically
Work on specific locations (excluding Skype and Exchange public folders)
Require a label policy to be active
Data retention Works in the background without user intervention
Allows for site preservation holds
Works in all Office 365 platforms (including Skype and Exchange public folders)
Demo
Security & Compliance center
Data retention
Conditions Labels
Sensitive information
Actions Policy tips
Block access
Notify
Demo
Security & Compliance center
Data loss prevention
Cmdlets for:
eDiscovery
Retention policies
Data loss prevention
Seehttps://technet.microsoft.com/en-us/library/mt587093%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396
Demo
Security & Compliance center
Security & Compliancy Powershell
1. Data governance is a piece of the puzzle
2. Protect identities (MFA, AAD identity protection)
3. Protect the workstation
4. Start creating a label taxonomy
5. Office 365 labels are not Azure Information Protection labels!
Five take aways…
GOLD
SILVERLOCATION
BRONZE
MEDIA