Data Loss Prevention Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7
Video Transcription
00:00
welcome Siberians to the M s 3 65 Security Administration course. I'm your structure, Jim Daniels.
00:07
We're a model for industry C C. Five in fact Protection Lesson three
00:12
Data loss prevention,
00:15
Part one. Data loss prevention
00:18
In this lesson, we're going to go over you guess it. Data loss prevention.
00:23
How sensitive information Times are determined and DLP policy usage,
00:28
data loss prevention, GOP and a mystery 65 Identifies Monitors reports and protect sensitive data like Social Security credit card information. Bank information through deep content analysis. Were helping users understand and manage data risk
00:45
deal peaking and be configured to identify sensitive information.
00:49
Because, frankly, if it couldn't it will be worthless. It wouldn't be Deal t will be something totally different.
00:54
It's a deal. Be
00:56
identifies sensitive information.
00:58
GOP policies protect content by enforcing rules comprised of conditions and actions. If this, then that
01:07
policies are typically based
01:08
when 10 place provided in the DLP service.
01:14
A sensitive information type is defined by a pattern that can be identified by regular expression or function.
01:21
Think of a Social Security number three numbers dashed to numbers. Dash four numbers.
01:26
Their credit card information
01:29
drivers license the state has her own format.
01:33
Data loss prevention in M s 3 65 includes definitions for many common sensitive information types.
01:38
Each information type is defined in detected by using a combination off
01:45
format
01:46
keywords, internal functions that validate check sums and composition,
01:49
evaluations of expressions to find pattern matches and other content examination.
01:56
Here's an example of some of this sensitive info types
02:00
we're going to secure and compliant center. Go to classification.
02:02
There's a whole slew have sense of information times from individual countries,
02:09
for instance, U S bank account driver's license,
02:13
tax identifications of security information,
02:16
dozens and dozens of pre defying, sensitive information types.
02:21
So you don't have to give in and create the will
02:24
and define what a security number is.
02:29
You don't have to go in until Microsoft
02:30
what a driver's license. A loose life in the state of Alabama.
02:35
It already knows,
02:37
and they add to this. So as new information comes out
02:42
as new sensitive
02:44
type information comes out, they into it. They add one toe. That's part of the advantage of the Microsoft cloud.
02:51
After creating a GOP policy,
02:53
you can activate those policies to examine different locations, so you can run that policy against exchange. Email. SharePoint one drive
03:01
SharePoint Remember, includes one draft teams.
03:05
You can find groups, all of that.
03:07
You can also create a deal P policy and choose non activated. But running in test mode
03:14
to monitor and auto deal P policies there to pre defined reports available, showed a DLP matches
03:20
and false positive and overrides
03:23
conditions and actions. If this condition action did that,
03:28
conditions focused not only on the content,
03:30
such as what type of information you're looking for, but else in the context.
03:36
So just who is shared with
03:38
conditions can determine if the content contains any of the 80 plus build in sensitive information. Times.
03:45
Continents share what people outside or inside your organization
03:49
as the document properties containing specific values. Content masters a condition In a rule,
03:54
the action comes in
03:57
conditions. Match action comes in. You perform actions such as blocking access to the content.
04:02
We're sitting in a notification
04:05
when you create a deal P policy
04:08
in configure a user notification to form users and educate them. Win. They're in violation of the policy.
04:15
You just be notified through email on policy tips.
04:17
This is recommended strategy organizations that are trying
04:23
to get a GOP policy started.
04:26
If you have zero data classification and your users or uses just sending whatever
04:32
help them understand,
04:35
the policies helped him.
04:38
That's what this does.
04:40
Don't bring the hammer down immediately
04:43
because it would just cause frustration, chaos and your services will literally want to kill you.
04:48
Remember
04:49
Documentations Key that goes for your service desk as well as your in users?
04:56
If in users have been doing something for 20 years and all of a sudden they can't, there's no explanation or documentation as to why they can't
05:03
during me pretty pissed off,
05:05
rightfully, son.
05:08
So don't be that person who causes the whole organization to be in upheaval
05:13
over being overzealous
05:15
with the security policy.
05:16
Remember,
05:18
it's that balance you want to get there, but there's a right way to get there.
05:23
Policy Tip is a notification or warning
05:27
that appears when someone is working with content that conflicts with the deal. Be policy.
05:30
You can be Internet email
05:32
sites, and in 2016 and beyond APS.
05:38
I already settled Power point right here. We have an example of that look
05:44
where says it contains sensitive content, credit card number
05:47
you can report this message doesn't contain sensitive content. Report that goes into the false positive reports that we touched on a few salons ago.
05:58
Quiz
05:59
sensitive information types or define and detected by format
06:03
keywords, internal functions,
06:05
An evaluation of regular expressions.
06:15
Your second to read that comic
06:18
well as determined. Your answer.
06:23
And the answer is true. Yes,
06:27
that is how it is defined
06:30
policy templates. The quickest way to start using the Opie policies and Demonstrate 65 is to create a new policy for my template.
06:38
Templates are supposed to make things easy.
06:41
A pre configure deal P Policies in play can help you detect specific types of sensitive information.
06:46
Three methods exists for you to begin creating Deal P policies by using the security compliance center
06:54
with out of the box
06:56
out of the box template from Microsoft. The easiest and quickest way to get going
07:00
pre existing custom policy with pre existing conditions
07:04
or custom
07:05
custom policy without preexisting conditions. Maybe you need to create a sense of information type
07:13
that isn't included in the 80 plus pre defined ones. You can do that
07:17
so you have this possibility and creating a deal P policy.
07:23
To recap
07:24
this lesson
07:25
D, L, p and M s. 3 65 identifies monitors reports and protect sensitive data through deep content analysis
07:32
by helping users understand and manage data risk.
07:36
That's the key.
07:38
Helps users understand
07:41
the toe tip. The justification mechanisms. All of this helps users understand what you as security compliance are trying to accomplish.
07:53
GOP policies protect content by enforcing rules comprised of conditions and actions.
07:59
If it means that this condition this action occurs,
08:01
conditions focused not only on the content,
08:05
such as type of sensitive information you're looking for, but also in context, since there's who the document is sure with
08:11
a policy tip is a notification or warning that appears when someone is working with content that conflicts with a GOP policy.
08:22
Thank you for joining me in this lesson.
08:24
I hope to see you for the next one. Take care
Up Next
MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By