Endpoint DLP

In July 2020, a public preview for Windows Endpoint DLP has started. Endpoint DLP works with the DLP Policies you create in the Compliance Portal. This gives you the ability to use the same labels and sensitivity types in your DLP policies for all locations – Exchange Online, Teams, SharePoint, OneDrive for Business and Windows Endpoints.

In this video I show how to onboard your devices for Endpoint DLP and how to configure your policy. Of course we then take a look at the end user experience and finally I go through the reporting and alerting capabilities.

AIP and Exchange Online: Better Together

Azure Information Protection helps your users make the right choices when it comes to data classification and protection. Exchange Online adds the power of Mail Flow Rules. Imagine you’d be able to combine those two tools… Indeed: you can!

Exchange Online can read classification labels created by Azure Information Protection. In Mail Flow Rules, you can define which actions should follow when a certain classification is detected.

See for yourself how to set this up in a few easy steps. And of course you will also see what the user experience will be like.

Learn more here: https://docs.microsoft.com/en-us/azure/information-protection/configure-exo-rules

Intune App Protection Policies

Your employees use mobile devices for both personal and work tasks. While making sure your employees can be productive, you also want to prevent data loss, intentional and unintentional. In addition, you want to have the ability to protect company data accessed using devices even in the case where they are not managed by you.

You can use Intune app protection policies to help protect your company’s data. Because Intune app protection policies can be used independent of any mobile-device management (MDM) solution, you can use it to protect your company’s data with or without enrolling devices in a device management solution. By implementing app-level policies, you can restrict access to company resources and keep data within the purview of your IT department.

Control Cloud Apps with Microsoft CAS

Moving to the cloud increases flexibility for employees and reduces IT cost, but it also introduces new challenges and complexities for keeping your organization secure. To be able to get the full benefit of cloud applications, an IT team must find the right balance of supporting access while maintaining control, to protect critical data.

This video shows how you can combine Azure AD, Microsoft Cloud App Security and Azure Information Protection to protect your sensitive data. I’m showing how you can enrich a SaaS-application like Box with the capabilities of the Microsoft cloud platform, in order to make sure that sensitive files copied to Box, are automatically classified and protected (encrypted).

Azure Information Protection Scanner

Azure Information Protection is a great solution to classify, label and protect all files you create. But what to do with the files you already have on your on-premises file share or SharePoint environment?

The AIP Scanner offers you the possibility to scan those files and match the file contents with your AIP policies. AIP Scanner can run in reporting mode or in enforce mode – the latter being used to actually apply labels and protection to those files.

In this video, you will see how to install, configure and use the AIP Scanner.

Implement the scanner in your environment? Check this Doc on how to deploy.