Data loss prevention practices for Microsoft 365 organizationsPosted by Susan California on February 17th, 2021 There are two words that strike fear in the hearts and minds of most businesses – data leak. There is arguably no greater nightmare for your business than making news headlines due to a leak of sensitive data. However, it has been the brutal reality for many businesses, many of which never recover. As your business defends against many cybersecurity threats, data loss prevention (DLP) is one of the most important considerations for your business. This includes cloud SaaS environments like Microsoft’s Office 365, now rebranded as Microsoft 365 (M365). Let’s take a look at data loss prevention practices for Microsoft 365 organizations and how you can protect your business. Data loss prevention practices for Microsoft 365 organizations
1. Inventory and understand what sensitive data is uploaded to Microsoft 365
Sensitive data generally varies depending on your business type and particular industry. It may include but not be limited to the following:
Businesses must understand what data is housed in Microsoft 365Aside from more traditional audits and scans of data, it is generally necessary to put in place technologies to recognize these types of data and prevent leakage. Microsoft’s built-in DLP solution allows identifying documents with sensitive information such as CCNs and other types of information. 2. Prevent ransomware from infecting, encrypting, and intentionally leaking data
As demonstrated in the “Ransom Cloud” attack by famous hacker turned security researcher, Kevin Mitnick, ransomware can attack and infect cloud environments by simply being granted permissions by end users (the attack was demonstrated in Office 365). With the looming threat of data leak by new ransomware variants, protecting your cloud environment from ransomware is extremely important. There are very little protections built into Microsoft 365 to prevent a ransomware infection. Additionally, most remediation with the native protective tools require administrator intervention. 3. Maintain visibility into who has access to data and where it is sharedNot only is it important to have visibility and control who has access to what data, it is also important to understand how data is shared with others. Cloud environments like Microsoft 365 in default configurations make it extremely easy to share data with those inside as well as outside your organization. The sharing icon next to a folder shared outside the organizationThis is where danger can lurk when it comes to sensitive information. With only a few clicks, an end user can accidentally or intentionally share sensitive information with someone outside, potentially leading to a major data leak. Auditing and controlling data sharing in Microsoft 365 is critically important to preventing unauthorized access to sensitive information. Microsoft’s built-in DLP solution, while limited, allows:
4. Control which third-party apps access your data
Your organization must have visibility to both the apps and the data they have access to. Controlling, and even blocking third-party apps is necessary to prevent data leakage of sensitive data from your Microsoft 365 environment. 5. Detect and prevent abnormal downloads of data from Microsoft 365
This can be a real threat. If an employee copies sensitive data to his or her own device outside of the security measures in place for the organization, data can easily be leaked. Employees that plan on leaving can also easily copy sensitive data from your company to be used elsewhere. Having measures in place to have visibility to abnormal downloads of data from company cloud storage helps to prevent data leakage. This will require technology solutions in place to be effective. How can your organization effectively implement data loss prevention practices for Microsoft 365? SpinOne for Microsoft 365
Most organizations will want to make use of an enterprise grade DLP solution. SpinOne is an artificial intelligence (AI) and machine learning (ML) enabled Client Access Security Broker (CASB) that provides visibility and automated Microsoft 365 protection for business and enterprise. SpinOne for Microsoft 365 provides world-class AI/ML ransomware protection that automatically:
This helps to ensure that your organization’s data is protected from one of the most threatening cyberattack tools in use today. The power of the SpinOne solution is that it is a fully automated approach. Instead of waiting for a Microsoft 365 administrator to intervene to stop an attack, SpinOne takes care of the attack quickly, decisively, and effectively. SpinOne also offers enterprise grade backups for Microsoft 365 data loss prevention environments. If your organization’s data is accidentally or intentionally deleted or improperly migrated, you can quickly restore the data with SpinBackup’s automated backups and easy recovery process.
|