Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome, Welcome. Welcome back, Cyber Into the M s 3 65 Security Administration course
00:08
I'm your structure, Jim Daniels.
00:11
And in this video, we're going to start module four in this 3 cc five information protection.
00:16
As you can see, the lesson and this particular part is all about the information protection.
00:22
In this lesson, we're going to learn how Microsoft Technologies can help protect sensitive data.
00:29
And we're gonna learn about the mess for 65 information protection lifecycle,
00:33
as well as labeling persistence,
00:37
the information protection life cycle. And then Mr 65 goes as follows.
00:42
If I was created,
00:44
said the
00:45
it's collaborated on,
00:47
maybe just open up on a mobile device
00:50
and it gets sent to other sharing services.
00:53
So we want to protect the information throughout all of these.
00:58
We want to protect it when it's created.
01:00
When it's edited,
01:02
other people come in even when it leaves our environment or ethically is our environment.
01:07
We want to apply intelligent protection
01:10
for all of those scenarios.
01:12
We've kind of seeing this little overlapping circle graph before when we talk about network security and
01:19
how it evolves out in the ire t well, this is the same thing. However, this is about content and data.
01:27
So one premises.
01:29
You have ultimate protection of your own data,
01:32
you know, so you can actually go and touch the server touched on as unit that resides on could figure out what directory you have. Total control. That is the equivalent of you having a moat.
01:45
After one premises,
01:47
it expands into the manage mobile environment.
01:49
So maybe we or using into policies conditional access.
01:55
We have various identity and the vice minister more present protection applied
02:00
after that is unregulated. It's unknown. It's the new normal
02:04
shadow. I t. There's new APS.
02:07
Yeah, being created on a daily basis.
02:09
We have to have protection
02:13
toe where it extends out past
02:15
are managed level environment.
02:19
Enter data classification.
02:21
When you classifying data,
02:23
it makes it easy to apply policies to, based on those classifications,
02:29
a general rule with, um, for planning data classification
02:32
to start with the most sensitive data.
02:37
That's what these protected.
02:38
And that's what needs to be labeled first and foremost.
02:43
You can create automatic rules,
02:45
and you should associate visual markings and protection actions.
02:50
So if you have something rolled out, organization wide,
02:53
see How below red is confidential blues public.
02:58
You've seen this before, smoky that there.
03:00
Fire danger, U. S. Homeland Security.
03:06
As the colors get warmer, it's more confidential, more restricted as it gets cooler.
03:12
Their internal war is public.
03:15
Visual markings
03:16
are key for your in users,
03:21
so that user experience for data classification is you have automatic toe where the policies were sent by T.
03:29
If a user types in something that triggers an automatic protection policy
03:32
is labeled that way.
03:35
Reclassification
03:37
users can override the classification
03:39
and be required for justification
03:43
so you can have automatic.
03:45
But you also can have
03:46
toward. Users can manually override that automatic classification and provide justification
03:53
recommended.
03:53
This is where it intelligently looks a loss in the document,
03:58
and it will recommend one that complies with your policies
04:02
or user. Set user has to apply to sensitivity and classifications labels themselves.
04:09
There is no right or wrong answer. My organization is a combination of all of them really depends when your user set
04:17
how sensitive and valuable the information is. You're trying to classify and protect
04:23
and
04:25
your culture again. We thought about
04:28
each organization's culture, especially and security and what they expect their in users to do is totally different. It varies across the board
04:35
by using metadata. Labels are clear text that can you read by other DLP engines?
04:42
Labels stay with a document regardless of location.
04:45
Where before we kind of mention toe where you had your one premise, you had your manners. But then you had unregulated of known.
04:53
The label stays with the content. It stays with the document. No matter whether that document goes with G drove, it goes,
05:01
Yeah, thumb drive. It goes wherever it stays with it.
05:04
His persistence
05:09
in this example.
05:11
We have a bomb.
05:13
Bob was super persistent.
05:15
The whole premise of the movie want about Bob Waas. It was just a major
05:19
in the persistence that Bob had
05:23
with Dr Leo Marvin.
05:25
Regardless of word out or more than went, Bob was there.
05:29
He was persistent.
05:30
The same applies to labels within M s 3 65 their persistent. They travel with the document
05:38
quis
05:39
inclining for data classification
05:42
watches. You start with
05:44
automatic rules and enforcement.
05:46
Public data sensitive data
05:48
told tips and override justification methods.
05:51
Which of those four areas should you first start with when planning
05:57
that a classification
06:00
survey says. See sensitive data.
06:04
Remember, start with sense of the data when you plan.
06:08
So that way you start with the most restrictive
06:11
and the ease up
06:14
to recap. Today's lesson planning for data classifications always start with the most sensitive data.
06:19
Persistent labels utilized metadata, which is clear text.
06:24
It could be read by other deal P engines for a unified, inconsistent experience.
06:29
Thank you for joining me for this lesson. I could just see for next one take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor