1 / 44

Tim Beamer, Plus Consulting tim.beamer@plusconsulting

Tim Beamer, Plus Consulting tim.beamer@plusconsulting.com. Security in SharePoint and Teams with DLP, IRM, and AIP. Thanks to our Sponsors!. Platinum: Silver:. More Fun Stuff.

lancee
Download Presentation

Tim Beamer, Plus Consulting tim.beamer@plusconsulting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tim Beamer, Plus Consulting tim.beamer@plusconsulting.com Security in SharePoint and Teams with DLP, IRM, and AIP

  2. Thanks to our Sponsors! • Platinum: • Silver:

  3. More Fun Stuff • Raffle: Please join us in the Atrium at 5:15 PM for the raffle. We are raffling some exciting prizes (need to be present to win)!!! • SharePint will be held at Beerhead Bar (110 Federal St, Pittsburgh, PA 15212). While it starts at 5:45 PM, there’s no end time!!!!  • Pittsburgh Area SharePoint User Group • Meets at the Microsoft office on the North Shore • More Info: https://www.linkedin.com/groups/Pittsburgh-Area-SharePoint-User-Group-3769745/about

  4. We do Request that… • You fill out the Session Evals. These will also be your Raffle tickets. Print your name clearly if you intend to participate in the Raffle and drop the forms at the registration desk after the last session. • You visit the sponsors. The event is possible due to their generous support and we request that you visit them and inquire about their products & services. • Cell phones be kept on silent as a courtesy to other attendees and speakers

  5. Agenda • Introduction • DLP vs IRM vs AIP • Identify • Engine • Setup • Emails • Policies • Monitor • DLP Queries • DLP Policies • Block • Permissions • End User Education • Policy Tips • Limitations • IRM • AIP • Q&A

  6. The “good old days”…NOT • Files in file shares (NTFS permissions) • Move the file? Lose the permissions! • E-mail the file? Lose the permissions! • SharePoint • “Secure” the doc library with permissions • No notification of sensitive information • Policies • “I didn’t know…” • A policy with no enforcement mechanism is useless!

  7. What’s in the toolbox? • DLP • Inspect – Detect – Act • Tooltips • IRM • Define permissions • Encrypt – regardless of destination • AIP • Define data classification • Inspect content and act based on classification • May include modifications of permissions

  8. What is data loss prevention? Introduction

  9. What is DLP? • Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside your organization • DLP software products use business rules to classify and protect confidential and critical information so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk

  10. Data Loss Prevention in SharePointFind that information before it’s too late! • Search for sensitive content in your existing eDiscovery Center, keeping content in place and enabling you to search in real time. • Credit Card Numbers, SSN, Bank Account Numbers, Passports (Over 80 total information types!) • Define once and protect across Exchange, SharePoint and OneDrive! • NOTE: If you have document libraries with Search disabled, DLP will NOT work in them

  11. Data Loss Prevention in SharePoint • Identify • Monitor • Protect • End User Education

  12. Identify How does SharePoint find this information?

  13. DLP Processing in Sharepoint 2016 • Content Sources Content Processing Index Crawler Query Unified Policy Processing Tasks Policy Definitions

  14. Sensitive Information Evaluation • 16 digits • dddd-dddd-dddd-dddd • dddddddddddddddd • CVN, CVV2, CID • Visa, MasterCard, Amex • Expiration Date • Card Holder

  15. Sensitive Information Evaluation • A DLP policy is 85% confident that it's detected this type of sensitive information if, within a proximity of 300 characters: • The functionFunc_credit_cardfinds content that matches the pattern. • One of the following is true: • A keyword fromKeyword_cc_verificationis found. • A keyword fromKeyword_cc_nameis found. • The functionFunc_expiration_datefinds a date in the right date format. • A DLP policy is 65% confident that it's detected this type of sensitive information if, within a proximity of 300 characters: • The functionFunc_credit_cardfinds content that matches the pattern.

  16. Sensitive Information Evaluation

  17. Requirements to make it work! Setup

  18. Prerequisites • Configure the search service application • Crawl the location of the conflicting documents • Configure outgoing email • Your users need to have an email address in their profile

  19. Site Collections • EDiscovery Center: • A site to manage the preservation, search, and export of content for legal matters and investigations • Compliance Policy Center: • A site to manage compliance and deletion policies

  20. Monitor

  21. EDiscovery Center

  22. EDiscovery Center

  23. Found it!

  24. EDiscovery CenterExcel Reports

  25. Minimize the Damage Block

  26. Block Sensitive Information • Create policy in policy center • Assign policy to site collection • Repeat for every site collection

  27. Select the template of the information you want to find! Description of the template Select the number of occurrences before an alert is triggered. Also select who the alert gets sent to! Do they want to notify the user that they did something wrong? Do you want to block that document?

  28. End User Education

  29. In Context Information • Blocked documents are visible directly in the document library

  30. Policy Information • Policy tips appear directly in the document library informing the users what they did wrong

  31. Email Notification • Users receive emails to know what they did wrong

  32. Perfection doesn’t exist! Limitations

  33. InformationRights Management IRM allow enterprises to define, implement & track information usage “policies”. A “policy” defines : • WHO can use the information • People & groups within and outside of the organization can be defined as rightful users of the information • WHAT can each person do • Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled • WHEN can they use it • Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days • WHERE can they use it from • Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses

  34. Configure RMS for Office 365

  35. Configure RMS for Office 365

  36. Configure RMS for Office 365

  37. RMS Templates

  38. Enable in SharePoint Online

  39. Enable in a Document Library

  40. Secure a document

  41. Azure Information Protection

  42. AIP • AIP – P1 • USER is responsible for applying the correct label • AIP – P2 • Combine the capabilities of DLP and IRM • Content inspection can apply the label automatically

  43. DEMO

  44. Call to action • Schedule a Security Focused CIE • Hands-on session • We can deliver at our house or yours (need Wi-Fi and Power) • Engage with Security to define data classification, labels, risk, and required protections • Come see more at Workplace Wednesday!

More Related