Everything You Need to Know About Data Loss Prevention

Let’s take a trip back to the 1990s and early 2000s. In those days, vehicle manufacturers didn’t always do a great job of protecting vehicles from getting stolen. Many people, with a desire to secure their vehicles, purchased aftermarket security alarms. While these alarms were great, in theory, to reduce the risk of vehicle theft, two key things ended up happening. Many of the products ended up being overly sensitive, which resulted in a plethora of false alarms. In fact, it was not unusual to hear a loud and annoying car alarm going off while walking through a parking lot during this timeframe. Soon after, cue a confused car owner running over and fumbling with their remote, trying to figure out how to turn off the alarm. Generally speaking, these after-market alarm products didn’t offer a great user experience. Too many false alerts left people ignoring the issue, and it was complicated to silence a false alarm if you were one of the unlucky ones in that position. This highlights the fundamental need for security to be intentional and user friendly, which improves compliance and reduces false alarms.

What is Data Loss Prevention, and why does it matter?

Microsoft Purview is an important tool in your tool belt for helping to protect and secure the data in your Microsoft 365 environment. One of the key tools inside Purview is Data Loss Prevention (or DLP) rules and policies, which help to protect bad actors from taking data outside of the bounds of your Microsoft 365 environment. At its core, DLP policies can be thought of as putting up a fence around the boundary of your environment to prevent data from leaving "unexpectedly." It is important to note that the unexpectedly component of that last sentence leaves the door open for certain people in certain cases to remove data in a controlled manner. It is important, and ultimately pivotal, to ensure policies are tailored carefully to achieve your protection goals without hampering the user experience.

Essential Best Practices for Effective Data Loss Prevention

With this general advice in mind, we suggest you set up DLP policies and best practices in your environment . As you do, consider the following guidelines:

1. Data or user targeting: unless you have a very specific, highly regulated need, it is generally best practice to apply DLP policies selectively throughout your environment, either based on users (who may work with highly sensitive data) or based on data type (identified via content or metadata).

2. Target actions intelligently: after segregating and targeting data and/or users, think about how different actions can be used to apply different levels of restrictions to each class. It may not be helpful to apply the same actions to every group of data or users, but on the flip side it may be exceedingly necessary to apply more harsh restrictions on certain groups of data or users depending on the importance.

3. Alerting is turned on: DLP works best when admins are notified of breaches and or of people acting improperly so that they can not only be aware of what's happening but can adjust the actions and policies as necessary to give the right level of protection without, again, impeding user experience.

4. Consider endpoint: if you are properly set up within two non windows endpoints that are controlled by the organization, extend the DLP policies into your endpoints to provide extra protection and additional layers of security when people have data on their hard drives

Data loss prevention is a very complex topic and while we're attempting to express a high-level point of view about some best practices and general recommendations for user experience, this article is not a replacement for in-depth training on how to set up and how to structure DLP in an intelligent way.

Implementing DLP in Your Organization

We highly recommend that you take time to do some training on how to properly use data loss prevention before you start down the process of setting up DLP in your organization. As you consider the different training options, ensure the course offers:

• Theoretical foundations of how DLP should operate

• Hands-on experience with setting up DLP

• Best practices on how to structure DLP

While data loss prevention is not necessarily dangerous to set up on your own, you do run the risk of significantly restricting your users’ ability to do their work effectively if data loss prevention is not set up properly. Hence, training is pivotal to make sure you can truly balance the protection that data loss prevention offers while maintaining the core of the user experience.

Expert-Backed Training to Master DLP- Approved by ARMA International

If you are interested in learning more about data loss prevention, Cadence Solutions is the ARMA International approved data loss prevention training provider. We would be more than happy to welcome you into our courses, which are offered once per quarter and include the following features:

• Access to a full-featured test environment for working with DLP settings

• Best practices and lessons learned from our experiences

• End-to-end learning by experienced facilitators who actively implement DLP on projects

Protecting your organization's data starts with the right strategy. Ready to strengthen your DLP approach? Reach out to us today.