To comply with business standards and industry
regulations, organizations need to protect sensitive information and prevent
its inadvertent disclosure. Examples of sensitive information that they might
want to prevent from leaking outside their organization include financial data
or personally identifiable information (PII) such as credit card numbers,
social security numbers, or health records. With a data loss prevention (DLP)
policy in the Compliance Center, organizations can identify, monitor, and
automatically protect sensitive information across Office 365.
With a DLP policy, organizations can:
For example, admins can identify any
document containing a credit card number that’s stored in any OneDrive for
Business site, or admins can monitor just the OneDrive sites of specific
people.
In addition, separately from the
Compliance Center, admins can also create a DLP policy in the Exchange Admin
Center that applies to email and other mailbox items.
Across all sites, admins can
identify any document containing a health record that’s shared with people
outside the organization, and then automatically block access to that document
for everyone except the site owner, document owner, and the person who last
modified the content.
Just like in SharePoint Online and
OneDrive for Business, these Office 2016 desktop programs include the same
capabilities to identify sensitive information and apply DLP policies. DLP
provides continuous monitoring when people share content in these Office 2016
programs.
Admins can educate the users about
DLP policies and help them remain compliant without blocking their work. For
example, if a user tries to share a document containing sensitive information,
a DLP policy can both send them an email notification and show them a policy
tip in the context of the document library that allows them to override the
policy if they have a business justification. The same policy tips also appear
in Excel 2016, PowerPoint 2016, and Word 2016.
To assess how the organization is
complying with a DLP policy, one can see how many matches each policy and rule
has over time.
Admins create and manage DLP policies on the Data loss
prevention page in the Office 365 Compliance Center.
- Office 365 Help pages