One of the hottest topics today in the world of Cybersecurity is that of Data Loss. To some degree or another, most companies have experienced this one way or another, whether it was intentional or not. But given that many employees are using their personal devices to do their daily job tasks, this has dramatically heightened this awareness.

But, if you are a user of Microsoft Azure, the good news is that there is a built-in tool already that you can use to mitigate this risk. It is known as the Microsoft Data Loss Prevention, or DLP for short.

Just What Is The DLP All About?

First, you can manage the Azure DLP in just one location in your Azure account. It is commonly referred to as the Microsoft 365 Compliance Center, and it is illustrated below:

(SOURCE: 1).

As can be seen above, your IT Security team can create many types of DLP policies and deploy them to the various components in your Private Cloud, which include the following:

  • The Exchange Server;
  • SharePoint;
  • OneDrive;
  • Microsoft Teams;
  • Other virtual devices that you may have created and deployed.

But there are also new features that have just recently been added that you need to be aware of, and these are as follows:

1. The Insider Risk:

This is probably one of the most complicated types of threat variants to detect because your IT Security team is so focused on combatting the attacks that are happening in the external environment to your business. With this new functionality with the DLP, you can easily keep track of any malicious or suspicious sort of behavior on the following:

  • Any tampering with Windows 10 devices that are located inside the physical premises of your business;
  • The endpoints in your IT and Network Infrastructure;
  • The tools and apps that are being used in M365 (which are most commonly Word, Excel, and PowerPoint);
  • SharePoint;
  • Microsoft Exchange.

Microsoft is also planning to implement more templates that can be custom created to the Data Security requirements in your Azure platform. More integration is being planned with other tools, such as the M365 Activity Management API, and Azure Sentinel, via the use of different connectors. This is illustrated in the diagram below:

(SOURCE: 1).

2. Safer Communications:

Ever since people started to work from home (WFH), the main choice of communication has been that of Video Conferencing, whether it is Microsoft Teams, Skype, WebEx, Zoom, etc. As these platforms started to get heavy usage, this became one of the primary targets for the Cyberattacker. Probably one of the most notorious of these threat variants was that of “Zoom Bombing,” in which the hacker would interrupt a video conference and post pictures and/or audio clips that were offensive in nature. But of equal concern was the interception of conversations, either written or spoken, by malicious third parties. To remedy all these vulnerabilities, Microsoft has added a new functionality in their DLP offering, known as “Communication Compliance.” With this, an IT Security team can quickly determine the origination point of any abusive language that may take place between your employees and make sure that the conversations that are recorded comply with the likes of GDPR, CMMC, and the CCPA. It is also expected that this tool will be implemented into Microsoft Teams. So, for example, if you are on a Video Conference using this platform, and a Cyberattacker were to enter it maliciously, the AI algorithms that have been created will be able to track the geophysical location of the intruder, as well as other information, namely the TCP/IP address. Also, this functionality will be made to interoperate with third-party tools that are commonly used in Video Conferencing.

3. Double Key Encryption:

Essentially, Encryption is the process in which any information or data you transmit across the network line communications remains in a garbled state from the sender’s point until it reaches the receiver, who can then decrypt the message. The DLP has taken this even one step further by introducing what is known as the “Double Key.” With this, two keys are used to Encrypt and Decrypt your message that is in transit. One key remains with you, and the second one remains in the hands of Microsoft. To make the message into a decipherable state, you must have access to both keys. By having one key in the hands of a reputable third party like Microsoft, you can be sure that your information and data will be safe, and even more importantly, its integrity will still be intact. But best of all, this new tool will also make you come into adherence with statutes of the GDPR and the CCPA as it relates to Encrypting your datasets.

Conclusions

As the DLP is being implemented into Microsoft Azure, there could be several questions popping in your mind as you start to use it. Do not hesitate to contact us today to help you answer those questions.

Sources

  1. https://www.microsoft.com/security/blog/2020/07/21/preventing-data-loss-mitigating-risk-remote-work-environment/