Connecting Technology and Business.

The Where and the How of Data Leak Prevention

To comply with business standards and industry regulations, organizations need to protect sensitive information and prevent its inadvertent disclosure. Examples of sensitive information that they might want to prevent from leaking outside their organization include financial data or personally identifiable information (PII) such as credit card numbers, social security numbers, or health records. With a data loss prevention (DLP) policy in the Compliance Center, organizations can identify, monitor, and automatically protect sensitive information across Office 365.

With a DLP policy, organizations can:

  • Identify sensitive information across many locations, such as SharePoint Online and OneDrive for Business.

For example, admins can identify any document containing a credit card number that’s stored in any OneDrive for Business site, or admins can monitor just the OneDrive sites of specific people.

In addition, separately from the Compliance Center, admins can also create a DLP policy in the Exchange Admin Center that applies to email and other mailbox items.

  • Prevent the accidental sharing of sensitive information.

Across all sites, admins can identify any document containing a health record that’s shared with people outside the organization, and then automatically block access to that document for everyone except the site owner, document owner, and the person who last modified the content.

  • Monitor and protect sensitive information in the desktop versions of Excel 2016, PowerPoint 2016, and Word 2016.

Just like in SharePoint Online and OneDrive for Business, these Office 2016 desktop programs include the same capabilities to identify sensitive information and apply DLP policies. DLP provides continuous monitoring when people share content in these Office 2016 programs.

  • Help users learn how to stay compliant without interrupting their workflow.

Admins can educate the users about DLP policies and help them remain compliant without blocking their work. For example, if a user tries to share a document containing sensitive information, a DLP policy can both send them an email notification and show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification. The same policy tips also appear in Excel 2016, PowerPoint 2016, and Word 2016.

  • View DLP reports showing content that matches your organization’s DLP policies.

To assess how the organization is complying with a DLP policy, one can see how many matches each policy and rule has over time.

Admins create and manage DLP policies on the Data loss prevention page in the Office 365 Compliance Center.

- Office 365 Help pages