03 Jun 2021 How you can enhance Data Loss Prevention in Microsoft 365
Protecting customer data from loss and leakage has become a top priority for enterprises over the past decade. Recent HelpSystems research with CISOs in global financial service organisations found that almost one-third believe data breaches have the potential to cause the most damage over the next 12 months. This has led to the rise of Data Loss Prevention (DLP) solutions that help organisations safeguard their customers’ critical data, both inside and outside the company.
Furthermore, data visibility was cited as the number one cybersecurity weakness, closely followed by an inability to meet regulatory challenges. DLP can be either network or endpoint-based and plays an important role in keeping data secure.
This is especially so when it comes to Data Loss Prevention in Microsoft 365, also known as M365. Microsoft 365 is deployed in organisations all over the world, a widely used and enjoyed tool for workplace collaboration. It has different levels of protection against certain threats and even comes with its own M365 DLP solution if customers select the right package.
But given the need for regulatory compliance and the ever-growing threat landscape, Microsoft 365 DLP does not offer the same levels of protection as other DLP solutions and many users seek to add additional layers to keep their data secure. What’s the best approach for Data Loss Prevention in Microsoft 365?
What to Look for in M365 DLP
Anyone that’s serious about M365 DLP has the same overarching objective – to keep data fully secure and protected when using Microsoft 365. This includes the prevention of data leaks and ensuring that any sensitive information found in emails, documents, images, and other files does not fall into the wrong hands, whether by accident or design.
But the needs run a little deeper than that. Many DLP solutions work on a ‘stop and block’ basis. This creates blockages in the natural flow of communications and makes collaboration that bit harder, with people waiting for files and documents to be “released” before they reach their inbox and being uncertain whether recipients have received mails they have sent.
Content inspection and the removal of sensitive data needs to take place but not at the expense of effective collaboration. Furthermore, any M365 DLP strategy will be more successful if policies are easy to create, monitor, and deploy. This helps keep costs under control and makes implementation much quicker, critical factors for most organisations.
Finally, Microsoft 365 DLP needs comprehensive tracking and reporting. Addressing regulatory compliance is vital for any organisation wishing to avoid onerous fines and the stigma of being cited as not taking sufficient care over customer data. Reporting functionality must also be customisable to specific requirements.
The Limitations of Microsoft 365 DLP
Microsoft 365 has its own Data Loss Prevention capability, but it is not as effective as it needs to be. For example, one of the biggest growing threats to an organisation is malicious content found within images, PDFs and embedded deep within Word and Excel files. M365 DLP provides only very limited protection against this threat and leaves an organisation vulnerable to data loss. Even with sandboxing to analyse attachments, protection against ransomware is limited.
The in-built policy definition, management, and controls in Microsoft 365 Data Loss Prevention are simply not granular enough to provide comprehensive DLP protection either. They need to be much more easily defined and replicated so users can reduce time on this activity. Also, for any organisation investigating potential data breaches, the reporting in M365 Data Loss Prevention provides nowhere enough detail to be of value.
Using Clearswift to Enhance M365 DLP
This lack of business critical DLP functionality in M365 means that many organisations seek additional layers of protection. The Clearswift DLP solution is a seamless fit, offering industry-leading protection that does not restrict the collaboration elements of Microsoft 365.
Most important is the Adaptive Redaction technology within the Clearswift DLP. This automatically detects and removes sensitive data such as PII or PCI data from emails and documents transferred to and from the cloud. The solution then reconstructs the files, allowing them to continue immediately onto their intended recipient, meaning there is no disruption to communication. Clearswift’s Optical Character Recognition (OCR) functionality even extracts text from image-based files, a highly valued DLP feature that is unavailable elsewhere.
DLP policies are highly flexible and granular, and can easily extend to scanned documents and images, while the Clearswift DLP also protects data from phishing or ransomware attacks via its unique Structural Sanitisation feature. Here, files are fully “cleansed” of any active malicious content including embedded macros and scripts, that would trigger when a document is opened, offering greater protection against ransomware.
How it Works – Clearswift and Microsoft 365
There’s no doubt that Microsoft 365 is a hugely useful collaboration tool that many could not work without. But organisations using it need to ensure that it keeps their data fully protected.
Deploying Clearswift DLP in conjunction with Microsoft 365 provides the best of both worlds – complete data protection without compromising on internal or external collaboration.
To see how Clearswift security products can be used alongside Microsoft 365, you can request a full demo from the team.