Unlocking the Future of AI Agents with Large Language Models
Overview of Microsoft Teams and Data Loss Prevention(DLP)
1.
2.
3. Data Loss Prevention in Microsoft Office
Helps to
• identify
• monitor
• protect
sensitive data through deep
content analysis
Identify
Protect
Monitor
End user
education
5. Integrated into Exchange
Transport Rule (ETR) engine
• Runs in categorizer during
OnResolvedMessage
• Integrated as a new ETR predicate
• Performs text extraction for body &
attachments followed by classification
• Can be combined with any existing
predicates & actions
Text extraction
Transport rule agent
Classification
DLP content detection flow in Exchange
7. DLP Policy Enforcement
Flexible tools for policy enforcement that
provide the right level of control
• Transport Rules
• Rights Management
• Data Loss Prevention
ALERT
CLASSIFY
ENCRYPT
APPEND OVERRIDE
REVIEW
REDIRECT
BLOCK
8. DLP policy templates
Built-in templates based on common
regulations
Import DLP policy templates from partners
Build your own
9.
10. Sensitive content detection
Predefined rules targeted at sensitive data types
Advanced content detection
Combination of regular expressions, dictionaries,
and internal functions (e.g. validate checksum on
credit card numbers)
Extensibility for customer and ISV defined data
types
11. DLP Document Fingerprinting
Advanced deep content analysis enabling new scenarios!
Integrates with the existing DLP infrastructure
as a custom sensitive information type
Surfaced in Exchange, Outlook and OWA
12. Fabrikam Patent Form Tracking Number
Author Date Invention Title Names of all
authors...
Get
Template
Content
1. Condensed representation of the template
content
2. Document is not stored
3. Stored as a sensitive information type
Create
Fingerprint
Fabrikam Patent Form Tracking Number 12345
Author Alex Date 1/28/2014 Invention Title
Fabrikam Green Energy...
Get Email
Content
1. Temporary in memory representation
2. Used for comparson with source
fingerprint created at config time
Create
Fingerprint
1. Compare the two fingerprints
2. Evaluate a ’containtment coefficient’ to
declare template contained in email
content
Verdict
CONFIGURATIONRUNTIME
Document Fingerprinting
CLASSIFICATION RULE with
FINGERPRINT
FINGERPRINT
GENERATION
Evaluation
+ verdict
13. DLP in SharePoint Online
Search for sensitive data
Built-in classifications
Identification and export
Extends to data in OneDrive
14. How DLP policies work
Policies are stored in Central Policy store
Policies are synced to then synced to all various Content
Store
O4B,SPO, EXO & Office Applications( Office 2016)
It starts to evaluate content and enforce actions
15. Policy evaluation in O4B & SPO sites
They’re continually being created, edited, shared, and so
on
Documents can conflict or become compliant with a DLP
policy at any time
DLP policies check documents for policy matches
frequently in the background --- Asynchronous policy
evaluation
16. Asynchronous DLP Policy evaluation
Content’s
Created or
Changed
Search Crawls
new or
Changed
Content
Search Index
is Updated
DLP Policies
Query the
Search index
DLP Policies
take action
on any
Results
17. User education
Empower users to manage their compliance
Contextual policy education
Doesn’t disrupt user workflow
Can work even when disconnected
Admin customizable text and actions
Outlook
OWA
19. DLP reporting and auditing
Comprehensive view of DLP policy application
Drill into specific departures from policy to gain
business insights
Export to excel workbook & email incident
reports
22. Deep content analysis
engine
46 OOB sensitive
information types
40 OOB DLP Templates
Support for 3rd party
defined DLP policy
templates
Policy Tips in OWA and
Mobile OWA
Advanced Document
Fingerprinting in Exchange,
Outlook, and OWA
5 new OOB sensitive
information types
Policy Tips in Outlook 2013
Contextual user education
and empowerment
Incident management
Rich reporting
DLP in SharePoint coming soon
25. Chat for today’s
teams
Communicate in the moment and
keep everyone in the know
Customizable for
each team
Tailor your workspace to include
content and capabilities your team
needs every day.
A hub for
teamwork
Give your team quick access to
information they need right in
Office 365
Chat-based workspace in Office 365
Security teams
trust
Get the enterprise-level security
and compliance features you
expect from Office 365.
26. Chat for today’s teams
People can see content and chat history anytime
Team chats and activities are visible to the entire team
Use private chats for small group conversations
Mobile access on Android, iOS and Windows Phone
27. A hub for teamwork
Chat, content, people, and tools live in a team workspace
Voice and video meetings right within Microsoft Teams
Built-in access to SharePoint, OneNote and Planner
Work with Office and other documents right in the app
Audio calling on mobile
28. Customizable for each team
Create different channels for work streams and topics
Add tabs to frequently used files and cloud services
Get updates from the apps your team uses every day
Customize notifications so you don’t miss important info
Build integrations with developer preview APIs
29. Security teams trust
Broad compliance standards support: Accessibility,
ISO27018/01, SOC 1 and 2, HIPAA, EU Model Clauses &
more
Information protection with Archive, eDisovery, Legal
Hold, Compliance Content Search, Auditing and
Reporting1
Tier-C Compliant
Data encryption at all times, at-rest and in-transit.
Multi-factor authentication for enhanced identity
protection.
1 Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting are in E3 and above suites.
30. Architecture
• Microsoft Teams is built on existing Microsoft technologies woven
together by Office 365 Groups.
• Powered by Microsoft’s cloud, organizations can expect excellent
performance and reliability when leveraging Microsoft Teams as
part of their collaboration story.
How DLP policies work
DLP detects sensitive information by using deep content analysis (not just a simple text scan). This deep content analysis uses keyword matches, dictionary matches, the evaluation of regular expressions, internal functions, and other methods to detect content that matches your DLP policies. Potentially only a small percentage of your data is considered sensitive. A DLP policy can identify, monitor, and automatically protect just that data, without impeding or affecting people who work with the rest of your content.
Policies are synced
After you create a DLP policy in the Security & Compliance Center, it’s stored in a central policy store, and then synced to the various content sources, including:
Exchange Online, and from there to Outlook on the web and Outlook 2013 and later
OneDrive for Business sites
SharePoint Online sites
Office 2016 desktop programs (Excel 2016, PowerPoint 2016, and Word 2016)
After the policy’s synced to the right locations, it starts to evaluate content and enforce actions.
Policy evaluation in OneDrive for Business and SharePoint Online sites
Across all of your SharePoint Online sites and OneDrive for Business sites, documents are constantly changing — they’re continually being created, edited, shared, and so on. This means documents can conflict or become compliant with a DLP policy at any time. For example, a person can upload a document that contains no sensitive information to their team site, but later, a different person can edit the same document and add sensitive information to it.
For this reason, DLP policies check documents for policy matches frequently in the background. You can think of this as asynchronous policy evaluation.
Here’s how it works. As people add or change documents in their sites, the search engine scans the content, so that you can search for it later. While this is happening, the content’s also scanned for sensitive information and to check if it’s shared. Any sensitive information that’s found is stored securely in the search index, so that only the compliance team can access it, but not typical users. Each DLP policy that you’ve turned on runs in the background (asynchronously), checking search frequently for any content that matches a policy, and applying actions to protect it from inadvertent leaks.
Finally, documents can conflict with a DLP policy, but they can also become compliant with a DLP policy. For example, if a person adds credit card numbers to a document, it might cause a DLP policy to block access to the document automatically. But if the person later removes the sensitive information, the action (in this case, blocking) is automatically undone the next time the document is evaluated against the policy.
DLP evaluates any content that can be indexed. For more information on what file types are crawled by default, see Default crawled file name extensions and parsed file types in SharePoint Server 2013.
Now that all attendees have had a chance to experience Microsoft Teams for themselves, take them quickly through a formal introduction into what Microsoft Teams is, and continue to land the messaging around what it can be for their organization. Do not bog down on details, but let the attendees participate in a discussion blending their first experience and messaging from the introduction to Microsoft Teams. The speaker notes in the following slides need to customized for the audience based on their prior knowledge with Microsoft Teams.
Slide Objective: Introduce Microsoft Teams as part of the Office 365 collaboration portfolio
Talking points:
Microsoft Teams fits in the Office 365 collaboration portfolio by giving teams easy access to the information they need in a dedicated hub for teamwork. Here, people find their team chat, content, people and tools living together in Office 365.
There are four key attributes of Microsoft Teams that help close-knit teams to perform at their best:
First, it’s modern day chat that keeps everyone in the know with chat history, whether across the team or in a private chat.
It is a dedicated hub for teamwork where people have easy access to the everyday apps such as Word, Excel, PowerPoint, websites, and OneNote, which teams rely on daily for getting work done.
Microsoft Teams is customizable for the way different teams work, including publicly available APIs and bot frameworks
Lastly, Microsoft Teams is designed to provide a great collaboration experience while upholding our commitments to safeguard customer and user data, to protect their right to make decisions about that data, and to be transparent about what happens to that data.
Objective: Land first what Microsoft Teams is: chat based collaboration for teams
Talking points:
Microsoft Teams allows team to communicate in real time and keep everyone in the know at the same time. All team members can see and contribute to the team chat, seeing chat history at any time to recall past discussions and decisions.
You have the flexibility to create private chats for small group conversations with one or many people for when a conversation needs to be taken offline. You stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of.
You can also receive Skype for Business chat messages on Microsoft Teams so that you have one place for your team communications.
And of course, you can use Microsoft Teams across all your devices as we support Microsoft Teams on Windows, Mac, iOS, Android, Windows Phone and on web
Objective: Expand Microsoft Teams value: differentiated with power of Office 365 integration
Talking points:
Not only is Microsoft Teams the place for your team chat communications, it’s also a hub for your team’s collaboration. You find in a single place the chat conversations with your team, files, team members, and everyday tools.
When you need to talk face to face, you can start a video call from a team chat or private chat. Turn off video if you just want an audio call. You can also join scheduled meetings from Microsoft Teams to meet within a channel or privately outside of one.
Because Microsoft Teams is integrated with Office 365, teams have quick access to the information they need whether they are files shared through SharePoint, notes in OneNote or tasks in Planner. Excel, PowerPoint, Word, PDFs and other documents can be shared and opened right in the app.
If you can’t immediately find what you need you can search in Microsoft Teams for people, files, chats and links. You can move easily between multiple Microsoft Teams so it’s easy to see what’s going on across teams, across channels, across chats. It’s also easy to set up and manage, whether you’re IT or an end user. Because it’s part of Office 365, all of your team members are instantly there
Objective: Show Microsoft Teams is also flexible to meet the individual needs of different organizations
Talking points:
Microsoft Teams gives you the flexibility to create a workspace that fits your teams’ needs.
Create different channels for the team based on work streams or topics.
Add new tabs to a channel for quick access to frequently used documents and cloud services like PowerPoint and Planner. Teams also includes integrations from partners like Zendesk, Asana, and Hootsuite. Tabs are used to surface content in its native format, allowing for rich collaboration in the right context.
Explore data and take quick actions with bots like T-bot. or 3rd party bots like Polly, Meekan and many others.
With more than 70 Office 365 Connectors from services like Twitter, Dynamics CRM Online, VSTS or GitHub, available now, you can send rich notifications right into a channel. These are great for notifying a team about required actions, completed transactions, breaking news, and other real-time updates.
You can stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of.
Objective: Differentiate Microsoft Teams through Office 365 platform of security, privacy, transparency and global reach
Talking points:
Office 365 has strong commitments around security, compliance, privacy and transparency. Microsoft Teams was built using these same principles to deliver an enterprise grade platform.
From the start, Microsoft Teams was architected with compliance, authentication and privacy in mind. Microsoft Teams will have compliance built-in, with support for industry standards including grade b accessibility, ISO 27001 and 27018, SOC 1 and SOC 2, HIPAA, EU Model Clauses and more. We’ve recently added information features that you’ve come to expect from Office 365 apps and services– Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting. These features help you control sensitive information if your business has specific security requirements for content security and data use.
Microsoft Teams protects team data securely using strong security measures including two factor authentication, hard passwords and access policies. Your data is always encrypted, whether it is chat, notes or files.
It’s your data, you own it, you control it. Microsoft does not mine customer data for advertising purposes and we safeguard customer data with strong contractual commitments.
In keeping with our commitment to provide customers the utmost transparency, customers can see uptime, the location of their data, and detailed reports of how Office 365 controls map to the security, privacy, compliance and risk management controls defined in the Cloud Security Alliance Cloud Control Matrix (CSA CCM).
Microsoft Teams is enterprise grade, with support in 18 languages across 181 markets and 6 data centers worldwide, a 99.9% financially backed SLA and 24/7 support.
Speaker Notes:
The important piece of information to land with the attendees is that Microsoft Teams lives on existing Office 365 workloads, enhancing end users collaborative capabilities while leveraging existing services they are already (likely) very familiar with. Microsoft Teams is built on the reliability and performance of Office 365.
From an IT Pro perspective, there is no infrastructure to manage for Microsoft Teams.
Speaker Notes:
The workshop leader should stop the presentation at this point.
Request a volunteer from the attendees to share their screen and be the driver for the rest of the audience in the room.
Proceed to lead a conversation that walks the attendees through the checklist on the following slides. The audience should not see the checklist. They should just participate in actually using Microsoft Teams.
After the checklist is completed and the audience has had their first experience with Microsoft Teams, you can return to the workshop to complete a deeper dive.
Note: If the organization is brand new to O365 and has not enabled any other O365 workloads, some pre-work may need to be completed. This should be known to the presenter from the completed pre-engagement questionnaire and this workshop should have been modified to account for any prerequisites prior to delivery.
Please also ensure to understand the limitations the environment may have. Ensure to have run through the environmental checklist offline prior to doing a live walkthrough.
*****
Alternative Workshop Order:
If the attendees of the workshop are familiar with Microsoft Teams, it may be beneficial to hide slides 9-12.
This will allow you as the workshop lead to skip the introduction and engaging the attendees in a live working session with the product.
The decision on where to execute this portion of the workshop should be made prior to the workshop starting, if possible.