The Latest

10 Nov 2020: Microsoft has announced the general availability of its Data Loss Prevention (DLP) services. The DLP services are being rolled out to Office 365 customers with E3 and E5 licensing (see details on licensing below). Microsoft also introduced additional features for its DLP service, including: 

  • Sensitivity labels for DLP policies
  • Dashboard within Microsoft 365 compliance center to manage DLP alerts 
  • New conditions and exceptions for mail flow rules

Why it’s Important

The rapid introduction of collaboration tools has opened new vectors for data leakage. This was a particular worry of participants in IBRS’s recent Teams Governance Peer Roundtable, with 67% of executives having data leakage concerns. The current approach to reducing data leakage from products such as Teams is to block sharing and collaboration with external parties. While this does limit data leakage, it also eliminates one of the key benefits of new collaboration tools: the ability to create borderless work environments. 

What’s covered

E3 licensing provides DLP for Exchange Online, SharePoint Online and OneDrive. However, organistions will need E5 licensing for access DLP for Teams Chat and Devices/ Endpoint.

Who’s Impacted

Organisations with Office 365 or Microsoft 365 investments. 

  • Desktop / digital workplace lead
  • Office 365 deployment leads / administrators
  • Information management teams
  • CISO

What’s Next?

Microsoft’s general release of DLP, under existing E3 and E5 licensing levels, is a potent step to addressing collaboration’s woes. While Microsoft’s DLP is not as feature laden as dedicated competitive offerings, it requires no additional budget. Effectively, Microsoft is pushing DLP down into the broader market, to organisations that may not have previously considered such solutions. Along with Microsoft Information Protection (MIP),  Microsoft DLP should be investigated as a priority feature for Office 365 deployments, especially where Microsoft Teams is being deployed with guest access enabled.

Related IBRS Advisory