“ “ Accidental email with attachment exposed hundreds of individuals’ names and Social...
-
Upload
theodora-miller -
Category
Documents
-
view
217 -
download
1
Transcript of “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social...
![Page 1: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/1.jpg)
![Page 2: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/2.jpg)
Data Loss Prevention (DLP) in Microsoft Office 365Asaf KashiGroup Program ManagerMicrosoft
OFC-B319
![Page 3: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/3.jpg)
Large Retailer Leaks
Payment Information
via Email…“ “
Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers…“ “
![Page 4: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/4.jpg)
Data Loss Prevention in Microsoft Office Helps to
• identify• monitor• protect sensitive data through deep content analysis
Identify
Protect
Monitor
End user education
![Page 5: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/5.jpg)
Demo
Outlook Policy Tips (or an IW’s view of Microsoft DLP)
![Page 6: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/6.jpg)
Policy distribution
Contextual policy education
DLP policy configuration
Backend policy evaluation
Audit & incident data generation
Admin
Information workers
DLP system walkthrough
![Page 7: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/7.jpg)
Integrated into Exchange Transport Rule (ETR) engine• Runs in categorizer during
OnResolvedMessage
• Integrated as a new ETR predicate
• Performs text extraction for body & attachments followed by classification
• Can be combined with any existing predicates & actions
SMTP receive
Categorizer
Queue management
Message delivery
Store driver
Text extraction
Transport rule agent
Classification
DLP content detection flow in Exchange
![Page 8: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/8.jpg)
Content Processing Component
DLP content detection flow in SharePoint
Classification
Operator
Document
summary
PropertyMappin
g
Document
Parser
Custom Entity
Extraction
Word breaking
Ifilter sandbox
Language
Detection
Deleteitem
Crawler
Index
Delete Links
Insert new or updateditem
Runs in Content Processing Pipeline as an operatorInvoked for search crawler as new content discovered and changedClassification results and counts stored in the content index
Excel Format Handler
![Page 9: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/9.jpg)
DLP Policy Enforcement
Flexible tools for policy enforcement that provide the right level of control
• Transport Rules• Rights Management• Data Loss Prevention
ALERT
CLASSIFY
ENCRYPT
APPEND OVERRIDE
REVIEW
REDIRECT
BLOCK
![Page 10: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/10.jpg)
DLP policy templatesBuilt-in templates based on common regulations
Import DLP policy templates from partners
Build your own
![Page 11: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/11.jpg)
Demo
DLP policy management
![Page 12: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/12.jpg)
Sensitive content detectionPredefined rules targeted at sensitive data types
Advanced content detection
Combination of regular expressions, dictionaries, and internal functions (e.g. validate checksum on credit card numbers)
Extensibility for customer and ISV defined data types
![Page 13: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/13.jpg)
Built-in DLP Content AreasCountry
PII Financial Health
US US State Security Breach Laws,US State Social Security Laws, COPPA
GLBA & PCI-DSS (Credit, Debit Card, Checking andSavings, ABA, Swift Code)
Limited Investment: US HIPPA, UK Health Service,Canada Health Insurance card
Rely on Partners and ISVs
GermanyEU data protection,Drivers License, Passport National Id
EU Credit, Debit Card,IBAN, VAT, BIC,Swift Code
UKData Protection Act,UK National Insurance, Tax Id, UK Driver License, Passport
EU Credit, Debit Card,IBAN, BIC, VAT,Swift Code
Canada PIPED Act,Social Insurance, Drivers License
Credit Card, Swift Code
France
EU data protection, Data Protection Act,National Id (INSEE),Drivers License, Passport
EU Credit, Debit Card,IBAN, BIC, VAT,Swift Code
JapanPIPA, Resident Registration, Social Insurance, Passport, Driving License
Credit Card,Bank Account,Swift Code
Australia Drivers License, Passport, Social Insurance Credit Card, Bank Account, Swift Code
![Page 14: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/14.jpg)
Examples:Joseph F. FosterVisa: 4485 3647 3952 7352Expires: 2/2015
Get Content
4485 3647 3952 7352 a 16 digit number is detected
RegEx Analysis
1. 4485 3647 3952 7352 matches checksum2. 1234 1234 1234 1234 does NOT match
Function Analysis
1. Keyword Visa is near the number2. A regular expression for date (2/2015)
is near the number
Additional Evidence
1. There is a regular expression that matches a check sum
2. Additional evidence increases confidenceVerdict
Content analysis process
![Page 15: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/15.jpg)
DLP Document FingerprintingAdvanced deep content analysis enabling new scenarios!
A tax firm needs to detect and encrypt standard tax forms, like the 1040 EZ, W2, etc.
Company Confidential documents like Patents detected based on their template
A Law firm can fingerprint legal forms, and have them detected automatically for policy application
Integrates with the existing DLP infrastructure as a custom sensitive information type
Surfaced in Exchange, Outlook and OWA
![Page 16: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/16.jpg)
Fabrikam Patent Form Tracking Number Author Date Invention Title Names of all authors...
Get Template Content
1. Condensed representation of the template content
2. Document is not stored3. Stored as a sensitive information
type
Create Fingerprint
Fabrikam Patent Form Tracking Number 12345 Author Alex Date 1/28/2014 Invention Title Fabrikam Green Energy...
Get Email Content
1. Temporary in memory representation2. Used for comparson with source
fingerprint created at config time
Create Fingerprint
1. Compare the two fingerprints2. Evaluate a ’containtment coefficient’
to declare template contained in email content
Verdict
CO
NFI
GU
RATIO
NR
UN
TIM
EDocument Fingerprinting
CLASSIFICATION RULE with
FINGERPRINT
FINGERPRINTGENERATION
Evaluation
+ verdict
![Page 17: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/17.jpg)
Demo
Document Fingerprinting
![Page 18: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/18.jpg)
DLP in SharePoint Online
Search for sensitive data
Built-in classifications
Identification and export
Extends to data in OneDrive
![Page 19: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/19.jpg)
Demo
DLP in SharePoint Online
![Page 20: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/20.jpg)
User educationEmpower users to manage their compliance
Contextual policy education
Doesn’t disrupt user workflow
Can work even when disconnected
Admin customizable text and actions
Outlook
OWA
![Page 21: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/21.jpg)
Policy Tips in OWA for devices
![Page 22: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/22.jpg)
Demo
Tying it all together(Policy Tips and Document Fingerprints)
![Page 23: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/23.jpg)
DLP reporting and auditingComprehensive view of DLP policy application
Drill into specific departures from policy to gain business insights
Export to excel workbook & email incident reports
![Page 24: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/24.jpg)
Real Time Notifications
Audit dataClassificationRule detailsMatch details
![Page 25: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/25.jpg)
DLP extensibility pointsCustom DLP content
Supplemental DLP policy rulesSupplemental DLP classification rules
Incident reports integration with custom workflows
Custom reporting solutions
Remote PowerShell management
![Page 26: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/26.jpg)
NEW in SP1 – EXCHANGE and OUTLOOK 2013
DLP Feature Set in Office 365
Deep content analysis engine
46 OOB sensitive information types
40 OOB DLP Templates
Support for 3rd party defined DLP policy templates
Policy Tips in OWA and Mobile OWA
Advanced Document Fingerprinting in Exchange, Outlook, and OWA
5 new OOB sensitive information types
Policy Tips in Outlook 2013
Contextual user education and empowerment
Incident management Rich reporting
EXCHANGE and OUTLOOK 2013
DLP in SharePoint coming soon
![Page 27: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/27.jpg)
ResourcesExchange 2013 DLP introductionhttp://blogs.technet.com/b/exchange/archive/2012/09/28/introducing-data-loss-prevention-in-the-new-exchange.aspxhttp://technet.microsoft.com/en-us/library/jj150527.aspx
DLP policy templateshttp://technet.microsoft.com/en-us/library/jj657730
Managing DLP policieshttp://technet.microsoft.com/en-us/library/jj673559
OOB DLP policy templateshttp://technet.microsoft.com/en-us/library/jj150530
Policy tips in Exchange 2013http://technet.microsoft.com/en-us/library/jj150512
Supported file types http://technet.microsoft.com/en-us/library/jj674307
MessageStats Quick Guide http://mbidemo.quest.com/Insights/#page/home
![Page 28: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/28.jpg)
Q&A
![Page 29: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/29.jpg)
![Page 30: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/30.jpg)
Resources
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
msdn
Resources for Developers
http://microsoft.com/msdn
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Sessions on Demand
http://channel9.msdn.com/Events/TechEd
![Page 31: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/31.jpg)
Complete an evaluation and enter to win!
![Page 32: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/32.jpg)
Evaluate this session
Scan this QR code to evaluate this session.
![Page 33: “ “ Accidental email with attachment exposed hundreds of individuals’ names and Social Security Numbers… “ “](https://reader030.fdocuments.net/reader030/viewer/2022032703/56649d195503460f949eeb64/html5/thumbnails/33.jpg)
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.