Protecting customer data from loss and leakage has become a top priority for organizations. Recent Fortra research with CISOs in global financial service organizations found that almost one-third believe data breaches have the potential to cause the most damage over the upcoming year.
Furthermore, data visibility was cited as the number one cybersecurity weakness, closely followed by an inability to meet regulatory challenges. This has led to the rise of Data Loss Prevention (DLP) solutions that help organizations safeguard their customers’ data and their own business critical information. DLP can be either network- or endpoint-based and plays an important role in keeping data secure.
What Is Data Loss Prevention?
DLP typically refers to the methods used to protect data from breaches, unauthorized access, and misuse. DLP tools in technology apply the organization’s data security policies consistently over all egress points, identify possible violations, and take the appropriate remedial actions.
DLP can block an end user from sending sensitive information to an email address outside of the company domain or to a cloud storage service. Malicious or accidental attempts to send sensitive data out of the network are blocked and recorded.
Is DLP Included with Microsoft 365?
DLP is included in M365 for SharePoint Online, OneDrive, and Exchange Online, but for data protection in Microsoft Teams chats, the E5 tier or higher is required. However, anyone who’s serious about M365's DLP has the same overarching objective – to keep data fully secure and protected when using M365. This includes the prevention of data leaks and ensuring that any sensitive information found in emails, documents, images, and other files does not fall into the wrong hands, whether by accident or design.
But the needs run a little deeper than that. Many DLP solutions work on a "stop and block" basis. This creates blockages in the natural flow of communications and makes collaboration that bit harder, with people waiting for files and documents to be “released” before they reach their inbox and being uncertain whether recipients have received mails they have sent.
Content inspection and the removal of sensitive data needs to take place but not at the expense of effective collaboration. Furthermore, any M365 DLP strategy will be more successful if policies are easy to create, monitor, and deploy. This helps keep costs under control and makes implementation much quicker, critical factors for most organizations.
Finally, M365 DLP needs comprehensive tracking and reporting. Addressing regulatory compliance is vital for any organization wishing to avoid onerous fines and the stigma of being cited as not taking sufficient care over customer data. Reporting functionality must also be customizable to specific requirements.
The Limitations of M365 DLP
M365 has its own DLP capability, but it is not as effective as it needs to be depending on the enterprise tier bought. For example, one of the biggest growing threats to an organization is malicious content found within images, PDFs, and embedded deep within Word and Excel documents. M365 DLP provides only very limited protection against this threat and leaves an organization vulnerable to data loss. Even with sandboxing to analyze attachments, protection against ransomware is limited.
The in-built policy definition, management, and controls in M365 DLP are simply not granular enough to provide comprehensive DLP protection either. They need to be much more easily defined and replicated so users can reduce time on this activity. Also, for any organization investigating potential data breaches, the reporting in M365 DLP provides nowhere enough detail to be of value.
Using Clearswift to Enhance DLP for M365
This lack of business critical DLP functionality in various M365 packages means that many organizations seek an additional layer of protection. The Clearswift DLP solution is a seamless fit, offering industry-leading protection that doesn't restrict the collaborative elements of M365.
Most important is the Adaptive Redaction technology within the Clearswift DLP. This automatically detects and removes sensitive data, such as PII or PCI data from emails and documents transferred to and from the cloud. The solution then reconstructs the files, allowing them to continue immediately onto their intended recipient, meaning there is no disruption to communication. Clearswift’s Optical Character Recognition (OCR) functionality even extracts text from image-based files, a highly valued DLP feature that is unavailable elsewhere.
DLP for M365 policies are highly flexible and granular, and can easily extend to scanned documents and images, while the Clearswift DLP also protects data from phishing or ransomware attacks via its unique Structural Sanitization feature. Here, files are fully “cleansed" of any active malicious content including embedded macros and scripts, that would trigger when a document is opened, offering greater protection against ransomware.
How It Works: DLP & M365
There’s no doubt that M365 is a hugely useful collaboration tool that many could not work without. But organizations using it need to ensure that it keeps their data fully protected.
Deploying Clearswift DLP in conjunction with M365 provides the best of both worlds – complete data protection without compromising on internal or external collaboration.