Protecting customer data from loss and leakage has become a top priority for organizations. Recent HelpSystems research with CISOs in global financial service organizations found that almost one-third believe data breaches have the potential to cause the most damage over the next 12 months.
Furthermore, data visibility was cited as the number one cybersecurity weakness, closely followed by an inability to meet regulatory challenges. This has led to the rise of Data Loss Prevention (DLP) solutions that help organizations safeguard their customers’ data and their own business critical information. DLP can be either network or endpoint-based and plays an important role in keeping data secure.
What Is Data Loss Prevention?
DLP typically refers to the methods used to protect data from breaches, unauthorized access, and misuse. DLP tools in technology apply the organization’s data security policies consistently over all egress points, identify possible violations, and take the appropriate remedial actions.
DLP can block an end user from sending sensitive information to an email address outside of the company domain or to a cloud storage service. Malicious or accidental attempts to send sensitive data out of the network are blocked and recorded.
Is DLP Included with Microsoft 365?
DLP is included in Microsoft 365 for SharePoint Online, OneDrive, and Exchange Online, but for data protection in Teams Chats, E5 is required. However, anyone who’s serious about Microsoft 365 DLP has the same overarching objective – to keep data fully secure and protected when using Microsoft 365. This includes the prevention of data leaks and ensuring that any sensitive information found in emails, documents, images, and other files does not fall into the wrong hands, whether by accident or design.
But the needs run a little deeper than that. Many DLP solutions work on a ‘stop and block’ basis. This creates blockages in the natural flow of communications and makes collaboration that bit harder, with people waiting for files and documents to be “released” before they reach their inbox and being uncertain whether recipients have received mails they have sent.
Content inspection and the removal of sensitive data needs to take place but not at the expense of effective collaboration. Furthermore, any Microsoft 365 DLP strategy will be more successful if policies are easy to create, monitor, and deploy. This helps keep costs under control and makes implementation much quicker, critical factors for most organizations.
Finally, Microsoft 365 DLP needs comprehensive tracking and reporting. Addressing regulatory compliance is vital for any organization wishing to avoid onerous fines and the stigma of being cited as not taking sufficient care over customer data. Reporting functionality must also be customizable to specific requirements.
The Limitations of Microsoft 365 DLP
Microsoft 365 has its own DLP capability, but it is not as effective as it needs to be depending on the Microsoft package used. For example, one of the biggest growing threats to an organization is malicious content found within images, PDFs and embedded deep within Word and Excel files. Microsoft 365 DLP provides only very limited protection against this threat and leaves an organization vulnerable to data loss. Even with sandboxing to analyze attachments, protection against ransomware is limited.
The in-built policy definition, management, and controls in Microsoft 365 DLP are simply not granular enough to provide comprehensive DLP protection either. They need to be much more easily defined and replicated so users can reduce time on this activity. Also, for any organization investigating potential data breaches, the reporting in Microsoft 365 DLP provides nowhere enough detail to be of value.
Using Clearswift to Enhance Microsoft 365 DLP
This lack of business critical DLP functionality in common packages of Microsoft 365 means that many organizations seek additional layers of protection. The Clearswift DLP solution is a seamless fit, offering industry-leading protection that does not restrict the collaboration elements of Microsoft 365.
Most important is the Adaptive Redaction technology within the Clearswift DLP. This automatically detects and removes sensitive data such as PII or PCI data from emails and documents transferred to and from the cloud. The solution then reconstructs the files, allowing them to continue immediately onto their intended recipient, meaning there is no disruption to communication. Clearswift’s Optical Character Recognition (OCR) functionality even extracts text from image-based files, a highly valued DLP feature that is unavailable elsewhere.
DLP policies are highly flexible and granular, and can easily extend to scanned documents and images, while the Clearswift DLP also protects data from phishing or ransomware attacks via its unique Structural Sanitization feature. Here, files are fully “cleansed" of any active malicious content including embedded macros and scripts, that would trigger when a document is opened, offering greater protection against ransomware.
How It Works - Clearswift and Microsoft 365
There’s no doubt that Microsoft 365 is a hugely useful collaboration tool that many could not work without. But organizations using it need to ensure that it keeps their data fully protected.
Deploying Clearswift DLP in conjunction with Microsoft 365 provides the best of both worlds – complete data protection without compromising on internal or external collaboration.