This article was originally posted in the Microsoft Security blog.
I am Security Operations’ (SecOps) worst nightmare. Or at least I used to be.
As an industrious product marketer, I often share intellectual property (think: details of new product capabilities) or spreadsheets that contain customer personal identifying information (PII) with colleagues and vendors. We need this information to create compelling marketing programs to sell our products, but if the data gets in the wrong hands, it could be devastating to the company. Like most of us in tech, my deadlines are tight and I work hard to get things done quickly.
At beginning of my career, this included finding ways around obstacles that slowed me down, even those designed to secure sensitive information. It wasn’t that I wanted to put my company at risk, but I couldn’t do my job without sharing information with the agencies and consultants I worked with.
Most organizations employ people like (the younger) me. They have the best of intentions but may inadvertently cause a data privacy violation. Leaked data can cause reputational damage and result in big fines levied against firms that don’t violate privacy regulations, like General Data Protection Regulation (GDPR). The Safeguard your most sensitive data e-book sheds light on how Microsoft 365 helps employees make the right decisions about data and comply with data privacy regulations. It provides a window into the various scenarios when employees come into contact with and share sensitive data. The e-book narrates the story of Enzo, a (fictitious) sales manager, who shares and works with private data. His organization uses Microsoft 365 products to label and protect information, wherever it travels.
Label and protect data easily
Azure Information Protection can be configured to detect sensitive data in files and automatically classify and apply protections, or it can suggest labels to the file owner. You decide how much responsibility you want to give to your users and which circumstances require automatic labeling. The Safeguard your most sensitive data e-book provides examples of the different data types that can be detected and the templates that can simplify the process for both you and the user.
Protect data even when it travels
Once a file is labeled, Microsoft Cloud App Security works with Azure Information Protection to enforce protections even as it travels through third-party cloud apps and partner organizations. Azure Information Protection lets document owners define user permissions, such as limiting a specific user or domain to view access only. You can even monitor files and revoke access after they leave the enterprise ecosystem. The Safeguard your most sensitive data e-book details several real-life scenarios, so you can visualize how different capabilities can be applied to your unique situation.
Apply security policies to historical, on-premises data
For companies in the beginning or middle phases of a cloud migration, one daunting roadblock is privileged data stored in on-premises repositories. It can be difficult to determine what sensitive data has accumulated over the years and where it is stored. The Azure Information Protection scanner can be configured to scan on-premises file servers to detect PII and other sensitive data. Once the data is detected, the scanner can automatically apply labels and protection.
In my first marketing role at a cybersecurity company years ago, I was lucky to work with an engaged chief information security officer (CISO) who took the time to help me understand the implications of sharing sensitive data. Microsoft 365 makes it even easier to do the right thing. Azure Information Protection, Microsoft Cloud App Security, and other Microsoft 365 products remind me when I’m handling sensitive data, so I can make sure that only the people who truly need it can view it.
For more details on how you can use Microsoft 365 Enterprise E5 to keep customer and enterprise data safe, download the Safeguard your most sensitive data e-book.
Read all six e-books
- Discover and manage shadow IT—Details on how you can discover cloud apps, detect and block risky apps, and securely manage apps and devices.
- Secure access to your enterprise—Learn how you can move your organization towards a password-less future.
- Defend your digital landscape—Tips for preventing, detecting, and responding to security threats.
- Understand & improve your security posture—Details on how you can evaluate and then build a strong, resilient security posture.
- Security beyond Microsoft products—More details on how you can successfully manage security with Microsoft 365 Enterprise E5 across your diverse digital ecosystem.
- Safeguard your most sensitive information—Learn how to keep privileged information protected and private.