For any queries regarding our merger, please read boxxe & Total Computers – A Powerful Merger or contact our Customer Services Team on 0330 236 9429 or via email at letschat@boxxe.com.
Better information protection
Information Protection allows organisations to discover, classify, label, and protect sensitive documents and emails whether stored in the data centre or cloud
Protecting your data is business-critical
Unfortunately, in this age the risks to your organisation's data are many. Whether that is external from hackers, malware or specifically ransomware, or internal such as intentional or un-intentional data exfiltration from your own employees, protecting your data is critical to ensuring you stay in business and out of the spotlight for the wrong reasons.
The last thing any CIO needs is a data breach and the fines, damage to reputation and loss of intellectual property that comes with it. The worst part of this is that it affects every organisation from the most highly regulated banks to the small retail business. After all, we all have important information now, and we all have to adhere to data protection compliance regulations such as GDPR.
- Firstly it is important to know your data. What data you have, where it is stored and the type of data that it is
- You need to classify it test
- Apply protection including encryption, access restrictions and visual markings
- Prevent accidental oversharing of sensitive information whether intentional or un-intentional
- Automatically retain, delete, and store data and records in a compliant manner
This all sounds like a lot of work already; a rock you may wish you'd never looked under. Luckily for us, Microsoft 365 gives us a wealth of technologies that can help to protect our data whether it is held on-premises in our data centre or in the cloud. Let's explore the various data protection products that are available within Microsoft 365.
Microsoft information protection (MIP)
Information protection allows organisations to discover, classify, label, and protect sensitive documents and emails whether stored in the data centre or cloud. Once you have configured your labels such as 'General', 'Confidential' and 'Highly Confidential' you can associate protection rules to those classifications. For example, preventing a 'Highly Confidential' document from being sent external to your organisation or from being printed or forwarded beyond its intended recipient.
- SharePoint
- OneDrive
- Exchange
- Teams
- Plan 1 (E3) which allows you to classify and protect documents as stated above, but there is also a higher tier
- Plan 2 (E5) which gives you auto-classification. Auto-classification removes the possibility of a user intentionally or un-intentionally classifying data incorrectly.
Data loss prevention
Data loss prevention allows you to prevent certain types of data from leaving the organisation. These types of data may include national insurance numbers or credit card numbers. It can be setup to prevent data from leaving or setup to notify of data that has left. DLP can work standalone or arm-in-arm with Information Protection. There is also a higher tier plan with DLP called “Communication DLP for Teams” which blocks chats and channel messages that contain sensitive information.
Insider risk management
Insider risk management is a solution that helps minimise and prevent internal risks. It enables you to detect, investigate and act upon risky activities happening within your organisation. Analysts can quickly review detections and implement actions to ensure users are compliant against your standards and data is protected accordingly.
Microsoft cloud app security
Microsoft Cloud App Security (MCAS) is a Cloud Access Security Broker (CASB) solution that gives your organisation visibility into their use of cloud apps and services, and provides analytics to identify and protect against cyber threats. It also allows you to control how your data travels across cloud applications. MCAS is a powerful tool when connected into your existing estate. It can use the data from your firewalls or web proxies to understand exactly what your users are doing and especially what they are doing with your data, and what shadow applications or services they maybe using without your knowledge.
Microsoft information governance
The last of our favourites of the Microsoft 365 data protection products is Information Governance. Retention is hugely important in the GDPR age and Information Governance allows you to control data across your applications, looking beyond Microsoft and into third party applications such as Facebook, Twitter, LinkedIn, and WhatsApp. There are many third-party connectors which work to control your data in several ways: Retention, Litigation hold eDiscovery, Records management, Communications Compliance
What licensing options do I have?
There are a lot of different licensing plans and add-ons that you can choose from so it can be confusing. We have created the following table to help explain the options available.
Product | EMS E3 / A3 | EMS E5 * / A5 | Microsoft 365 E5* / A5 | Microsoft 365 E3 / A3 | Microsoft 365 E5** / A5 Compliance | Microsoft 365 E5 * / A5 Info Protection and Governance | Microsoft 365 E5 * / A5 Insider Risk Management * |
Information Protection Plan 1 | Y | Y | Y | Y | Y | Y | X |
Information Protection Plan 2 (Auto classification) | X | Y | Y | X | Y | Y | X |
DLP | X | X | Y | Y | Y | Y | X |
Communication DLP for Teams | X | X | Y | X | Y | Y | X |
Microsoft Cloud App Security | X | Y | Y | X | Y | Y | X |
Insider Risk Management | X | X | Y | X | Y | Y | Y |
Microsoft Information Governance | X | X | Y | X | Y | Y | X |
This article was written by Matt Fooks, boxxe's Workplace Pre-Sales Solutions Architect. Contact us to book a free consultation with Matt.
Interested?
Call the number below or complete this form to book your free consultation with Matt Fooks.
* Microsoft 365 Insider Risk Management also licenses several other compliance products not mentioned in this post such as Communication Compliance, Information Barriers, Customer Lockbox and Privileged Identity Management
** Microsoft 365 E5 Compliance licenses everything in the table plus the Insider Risk Management and other great compliance features