Microsoft Unifies Office 365 Data Loss Prevention Policy Management

Instead of juggling multiple dashboards in Office 365, administrators will soon be able to set and monitor their Data Loss Prevention policies in one place.

Office 365 Data Policies

Microsoft is streamlining the Data Loss Prevention (DLP) management experience for Office 365 customers.

The DLP capabilities in Office 365 help businesses keep a lid on sensitive information by controlling how files and content are stored and shared. It automatically classifies data and depending on the policies set by an organization controls the flow of information by blocking access to authorized users or preventing an email containing sensitive content from being sent, among other actions.

In the near future, administrators that are tasked with keeping their Office 365 environments from leaking sensitive data will have an easier time of managing and monitoring their DLP setups.

Microsoft this week announced that the company is unifying its DLP policy creation capabilities under the Office 365 Security and Compliance Center's banner. Formerly managing DLP on Exchange Online required administrators to log in to the Exchange Admin Center (EAC). Office 365 Security and Compliance Center was used to configure DLP on SharePoint Online and OneDrive for Business.

"The unified DLP platform allows organizations to manage multiple workloads from a single management experience, reducing the time required to set up and maintain security and compliance within your organization," wrote the company's bloggers in a Jan. 9 post. "These changes do not impact any existing policies created via the EAC, and you will still be able to create new email DLP policies in the EAC."

Similarly, users will be able to view DLP reports pertaining to Exchange Online, SharePoint Online and OneDrive for Business using the Office 365 Security and Compliance Center dashboard. "This makes it easier to understand the business impact of your DLP polices and uncover actions that violate policies across multiple workloads," continued the Microsoft staffers.

Finally, Microsoft has published more information on its Activity Management API (application programming interface) related to DLP events. The API enables third-party event management and security information tools to use Office 365's DLP event data. Microsoft's Activity Management API now supplies the same information as Office 365 alerts, allowing third-party tools to notify IT personnel when DLP alerts are triggered.

DLP can be helpful in avoiding damaging leaks of information, inadvertent and otherwise.

Last summer, a study from the Ponemon Institute, backed by file and email security firm Varonis Systems, found that 88 percent of end users require access to proprietary information like customer data or employee records to conduct their jobs. Many also reported that they have access to data they probably shouldn't be looking at, raising the possibility of a data breach.

"The most valuable data featured in most breaches is unstructured data such as emails and documents. This is the data that most organizations have the most of, and know the least about," concluded the report. "When emails and files are surfaced publicly, they tend to cause scandal, forcing the breach to have a lasting effect on the company's reputation."

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...