An example of this is credit card numbers. Sensitive information is identified by regular expression (RegEx) pattern matching, in combination with with other indicators such as the proximity of certain keywords to the matching patterns. How Sensitive Information is Detected by DLP You might also be surprised how often employees send emails containing credit card or banking details without considering the consequences. And this type of information tends to float around more than you might expect, as employees quietly go about their day to day tasks, thinking nothing of export a CSV file from a system and emailing it to someone. A spreadsheet of employee names and dates of birth is just as sensitive as a spreadsheet of customer names and credit card details. But any business can handle sensitive information on a regular basis, even if they don’t realize it. The assumption is that sensitive data, such as medical records or financial information, only exists for industries like health care or for companies that run online stores. Sometimes customers dismiss DLP because they don’t consider themselves to have the type of data that needs protecting. Actively block the email or file sharing from taking place.Display a warning to the end user who is sending the email or sharing the file.Using DLP you can detect sensitive information, and take action such as:
![action strings not triggering new patterns action strings not triggering new patterns](https://allisongoldthorpe.com/wp-content/uploads/2016/10/Triggers-on-Slide.png)
Sensitive information should typically not be sent in email, or included in documents, without taking additional steps such as encrypting the email message or files.
![action strings not triggering new patterns action strings not triggering new patterns](https://measureschool.com/wp-content/uploads/2020/02/matching-empty-strings-in-triggers.png)
DLP has its roots in Exchange Server and Exchange Online, and is also applicable in SharePoint Online and OneDrive for Business.ĭLP uses a content analysis engine to examine the contents of email messages and files, looking for sensitive information such as credit card numbers and personally identifiable information (PII). I’ve been meaning to write this post for some time now, and a conversation on Facebook today reminded me that I hadn’t gotten around to it yet.ĭata loss prevention is a compliance feature of Office 365 that is designed to help your organization prevent the intentional or accidental exposure of sensitive information to unwanted parties. In this post I’m going to discuss data loss prevention (DLP) in Office 365, which I feel is an under-utilized feature by a lot of organizations.