A Closer Look At Microsoft Purview Information Protection

A Closer Look at Microsoft Purview Information Protection

Arraya Insights | June 28, 2022

Data compliance continues to challenge businesses of all sizes and across all industries. With more data real estate than ever, it’s becoming more difficult to govern our data.

At Arraya, we’re continuing our focus on compliance and Microsoft Purview. This is Microsoft’s comprehensive set of solutions that help businesses govern, protect, and manage their entire data estate to stay in compliance with ever-changing regulations.

With Microsoft Purview Information Protection (formerly known as Azure Information Protection or AIP), businesses can control their data wherever it lives or travels. Here, we outline how to easily discover, classify, and protect sensitive information using this solution.

Know Your Data

Each business has an individual level of risk, depending on the amount and type of data they gather. This can vary widely between different industries and types of businesses. Without understanding what data you’re collecting; your business can’t adequately protect it.

Here’s how you can get started in discovering your data:

  1. Define your sensitive data: Your business must first determine what data is most vital to your organization and requires extra protection. This can be done manually, with automated pattern recognition, or by machine learning. Sensitive information types (SIT) are available pre-configured, or you can define your own.
  2. Discover and classify your sensitive data: Marking your sensitive data allows your business to control where it goes within your organization and beyond. This can be done through sensitivity labels, retention labels, and sensitive information type classifications.
  3. View your sensitive items: Get an overall view of your business’s sensitive data with the content explorer to monitor how this information is being used, by who, and where it’s going.

Protect Your Data

Based on the rising frequency of cyber attacks, specifically ransomware, your business shouldn’t wait to bolster your data protections. Once your sensitive data is appropriately labeled, your business should act immediately in protecting that data.

Here’s how you can get started in protecting your data:

  1. Define your policies and sensitivity labels: A sensitivity label is like a stamp. It will be customizable, stored in clear text within the metadata, and will roam with the content no matter where it’s moved or stored. You can configure specific label settings to publish those labels as you’ve designated.
  2. Apply labels using Microsoft 365 apps and services: Sensitivity labels can be applied through manual labeling, automatic labeling, default labeling, or mandatory labeling. These can be applied within Word, Excel, PowerPoint, Outlook, and within containers such as SharePoint, OneDrive, Microsoft 365 groups.
  3. Discover, label, and protect sensitive data in the cloud: Using Microsoft Defender for Cloud Apps, users can access improved visibility and control of data travel and analytics and identify and combat cyber threats across Microsoft and third-party cloud services.
  4. Discover, label, and protect sensitive data on premises: The Azure Information Protection unified labeling scanner provides your business with the ability discover, classify, and protect files on UNC paths for network shares that use the SMB or NFS protocols and SharePoint document libraries and folders.  
  5. Extend your sensitivity labels to Azure: The Microsoft Purview Data Map is a cloud native PaaS service that captures metadata about enterprise data present in analytics and operation systems on-premises and in the cloud.

Prevent Data Loss

The practice of data loss prevention (DLP) protects sensitive data by prohibiting users from inappropriately sharing that information with people who shouldn’t have it. With a DLP policy in place, your business can identify, monitor, and protect your sensitive information.

As many industries face increased threats, here’s how you can prevent data loss:

  1. Plan your DLP implementation: Every company or organization will require an individual data loss prevention plan as every business has a unique level of risk and must adhere to different regulations, depending on their industry.
  2. Design and create a DLP policy: Putting extra thought into the design of your DLP policy before you implement it will help you achieve more desirable results in the end. Your policy should clearly define your business needs and then map those needs to policy configuration.
  3. Fine tune your DLP policies: Once your DLP policy has been deployed, some fine tuning may be needed to ensure your policy is as effective as possible.

Next Steps: Focus on Your Security & Compliance

As businesses gather more data than ever, appropriately managing it has become too complex for many organizations to keep up with. When we add today’s volatile cyber landscape to the mix, along with the growing data protection regulations that businesses face, data governance must be a priority.

Take control of your business’s security, compliance, and overall data governance. To learn more about Purview Information Protection or Microsoft Purview overall, contact an Arraya expert today.

Visithttps://www.arrayasolutions.com/contact-us/ to connect with our team now.    

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.    

Follow us to stay up to date on our industry insights and unique IT learning opportunities.