Overview of Microsoft Teams and Data Loss Prevention(DLP)
•Transferir como PPTX, PDF•
2 gostaram•6,975 visualizações
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Overview of Microsoft Teams and Data Loss Prevention(DLP)
Semelhante a Overview of Microsoft Teams and Data Loss Prevention(DLP) (20)
Último
Último (20)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
- 3. Data Loss Prevention in Microsoft Office Helps to • identify • monitor • protect sensitive data through deep content analysis Identify Protect Monitor End user education
- 4. Policy distribution Contextual policy education DLP policy configuration Backend policy evaluation Audit & incident data generation Admin Information workers DLP system walkthrough
- 5. Integrated into Exchange Transport Rule (ETR) engine • Runs in categorizer during OnResolvedMessage • Integrated as a new ETR predicate • Performs text extraction for body & attachments followed by classification • Can be combined with any existing predicates & actions Text extraction Transport rule agent Classification DLP content detection flow in Exchange
- 6. Classification Operator Document summary Property Mapping Document Parser Custom Entity Extraction Word breaking Ifilter sandbox Language Detection Delete item Delete Links Insert new orupdated item Runs in Content Processing Pipeline as an operator Invoked for search crawler as new content discovered and changed Classification results and counts stored in the content index Excel Format Handler
- 7. DLP Policy Enforcement Flexible tools for policy enforcement that provide the right level of control • Transport Rules • Rights Management • Data Loss Prevention ALERT CLASSIFY ENCRYPT APPEND OVERRIDE REVIEW REDIRECT BLOCK
- 8. DLP policy templates Built-in templates based on common regulations Import DLP policy templates from partners Build your own
- 10. Sensitive content detection Predefined rules targeted at sensitive data types Advanced content detection Combination of regular expressions, dictionaries, and internal functions (e.g. validate checksum on credit card numbers) Extensibility for customer and ISV defined data types
- 11. DLP Document Fingerprinting Advanced deep content analysis enabling new scenarios! Integrates with the existing DLP infrastructure as a custom sensitive information type Surfaced in Exchange, Outlook and OWA
- 12. Fabrikam Patent Form Tracking Number Author Date Invention Title Names of all authors... Get Template Content 1. Condensed representation of the template content 2. Document is not stored 3. Stored as a sensitive information type Create Fingerprint Fabrikam Patent Form Tracking Number 12345 Author Alex Date 1/28/2014 Invention Title Fabrikam Green Energy... Get Email Content 1. Temporary in memory representation 2. Used for comparson with source fingerprint created at config time Create Fingerprint 1. Compare the two fingerprints 2. Evaluate a ’containtment coefficient’ to declare template contained in email content Verdict CONFIGURATIONRUNTIME Document Fingerprinting CLASSIFICATION RULE with FINGERPRINT FINGERPRINT GENERATION Evaluation + verdict
- 13. DLP in SharePoint Online Search for sensitive data Built-in classifications Identification and export Extends to data in OneDrive
- 14. How DLP policies work Policies are stored in Central Policy store Policies are synced to then synced to all various Content Store O4B,SPO, EXO & Office Applications( Office 2016) It starts to evaluate content and enforce actions
- 15. Policy evaluation in O4B & SPO sites They’re continually being created, edited, shared, and so on Documents can conflict or become compliant with a DLP policy at any time DLP policies check documents for policy matches frequently in the background --- Asynchronous policy evaluation
- 16. Asynchronous DLP Policy evaluation Content’s Created or Changed Search Crawls new or Changed Content Search Index is Updated DLP Policies Query the Search index DLP Policies take action on any Results
- 17. User education Empower users to manage their compliance Contextual policy education Doesn’t disrupt user workflow Can work even when disconnected Admin customizable text and actions Outlook OWA
- 18. Policy Tips in OWA for devices
- 19. DLP reporting and auditing Comprehensive view of DLP policy application Drill into specific departures from policy to gain business insights Export to excel workbook & email incident reports
- 20. Real Time Notifications Audit dataClassificationRule detailsMatch details
- 21. DLP extensibility points Custom DLP content Supplemental DLP policy rules Supplemental DLP classification rules Incident reports integration with custom workflows Custom reporting solutions Remote PowerShell management
- 22. Deep content analysis engine 46 OOB sensitive information types 40 OOB DLP Templates Support for 3rd party defined DLP policy templates Policy Tips in OWA and Mobile OWA Advanced Document Fingerprinting in Exchange, Outlook, and OWA 5 new OOB sensitive information types Policy Tips in Outlook 2013 Contextual user education and empowerment Incident management Rich reporting DLP in SharePoint coming soon
- 23. Exchange 2016 DLP introduction https://technet.microsoft.com/en-us/library/jj150527%28v=exchg.160%29.aspx?f=255&MSPPError=-2147217396 DLP policy templates http://technet.microsoft.com/en-us/library/jj657730 Managing DLP policies http://technet.microsoft.com/en-us/library/jj673559 OOB DLP policy templates http://technet.microsoft.com/en-us/library/jj150530 Policy tips in Exchange 2013 http://technet.microsoft.com/en-us/library/jj150512 Supported file types http://technet.microsoft.com/en-us/library/jj674307 MessageStats Quick Guide http://mbidemo.quest.com/Insights/#page/home
- 25. Chat for today’s teams Communicate in the moment and keep everyone in the know Customizable for each team Tailor your workspace to include content and capabilities your team needs every day. A hub for teamwork Give your team quick access to information they need right in Office 365 Chat-based workspace in Office 365 Security teams trust Get the enterprise-level security and compliance features you expect from Office 365.
- 26. Chat for today’s teams People can see content and chat history anytime Team chats and activities are visible to the entire team Use private chats for small group conversations Mobile access on Android, iOS and Windows Phone
- 27. A hub for teamwork Chat, content, people, and tools live in a team workspace Voice and video meetings right within Microsoft Teams Built-in access to SharePoint, OneNote and Planner Work with Office and other documents right in the app Audio calling on mobile
- 28. Customizable for each team Create different channels for work streams and topics Add tabs to frequently used files and cloud services Get updates from the apps your team uses every day Customize notifications so you don’t miss important info Build integrations with developer preview APIs
- 29. Security teams trust Broad compliance standards support: Accessibility, ISO27018/01, SOC 1 and 2, HIPAA, EU Model Clauses & more Information protection with Archive, eDisovery, Legal Hold, Compliance Content Search, Auditing and Reporting1 Tier-C Compliant Data encryption at all times, at-rest and in-transit. Multi-factor authentication for enhanced identity protection. 1 Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting are in E3 and above suites.
- 30. Architecture • Microsoft Teams is built on existing Microsoft technologies woven together by Office 365 Groups. • Powered by Microsoft’s cloud, organizations can expect excellent performance and reliability when leveraging Microsoft Teams as part of their collaboration story.
Notas do Editor
- How DLP policies work DLP detects sensitive information by using deep content analysis (not just a simple text scan). This deep content analysis uses keyword matches, dictionary matches, the evaluation of regular expressions, internal functions, and other methods to detect content that matches your DLP policies. Potentially only a small percentage of your data is considered sensitive. A DLP policy can identify, monitor, and automatically protect just that data, without impeding or affecting people who work with the rest of your content. Policies are synced After you create a DLP policy in the Security & Compliance Center, it’s stored in a central policy store, and then synced to the various content sources, including: Exchange Online, and from there to Outlook on the web and Outlook 2013 and later OneDrive for Business sites SharePoint Online sites Office 2016 desktop programs (Excel 2016, PowerPoint 2016, and Word 2016) After the policy’s synced to the right locations, it starts to evaluate content and enforce actions.
- Policy evaluation in OneDrive for Business and SharePoint Online sites Across all of your SharePoint Online sites and OneDrive for Business sites, documents are constantly changing — they’re continually being created, edited, shared, and so on. This means documents can conflict or become compliant with a DLP policy at any time. For example, a person can upload a document that contains no sensitive information to their team site, but later, a different person can edit the same document and add sensitive information to it. For this reason, DLP policies check documents for policy matches frequently in the background. You can think of this as asynchronous policy evaluation.
- Here’s how it works. As people add or change documents in their sites, the search engine scans the content, so that you can search for it later. While this is happening, the content’s also scanned for sensitive information and to check if it’s shared. Any sensitive information that’s found is stored securely in the search index, so that only the compliance team can access it, but not typical users. Each DLP policy that you’ve turned on runs in the background (asynchronously), checking search frequently for any content that matches a policy, and applying actions to protect it from inadvertent leaks. Finally, documents can conflict with a DLP policy, but they can also become compliant with a DLP policy. For example, if a person adds credit card numbers to a document, it might cause a DLP policy to block access to the document automatically. But if the person later removes the sensitive information, the action (in this case, blocking) is automatically undone the next time the document is evaluated against the policy. DLP evaluates any content that can be indexed. For more information on what file types are crawled by default, see Default crawled file name extensions and parsed file types in SharePoint Server 2013.
- Now that all attendees have had a chance to experience Microsoft Teams for themselves, take them quickly through a formal introduction into what Microsoft Teams is, and continue to land the messaging around what it can be for their organization. Do not bog down on details, but let the attendees participate in a discussion blending their first experience and messaging from the introduction to Microsoft Teams. The speaker notes in the following slides need to customized for the audience based on their prior knowledge with Microsoft Teams.
- Slide Objective: Introduce Microsoft Teams as part of the Office 365 collaboration portfolio Talking points: Microsoft Teams fits in the Office 365 collaboration portfolio by giving teams easy access to the information they need in a dedicated hub for teamwork. Here, people find their team chat, content, people and tools living together in Office 365. There are four key attributes of Microsoft Teams that help close-knit teams to perform at their best: First, it’s modern day chat that keeps everyone in the know with chat history, whether across the team or in a private chat. It is a dedicated hub for teamwork where people have easy access to the everyday apps such as Word, Excel, PowerPoint, websites, and OneNote, which teams rely on daily for getting work done. Microsoft Teams is customizable for the way different teams work, including publicly available APIs and bot frameworks Lastly, Microsoft Teams is designed to provide a great collaboration experience while upholding our commitments to safeguard customer and user data, to protect their right to make decisions about that data, and to be transparent about what happens to that data.
- Objective: Land first what Microsoft Teams is: chat based collaboration for teams Talking points: Microsoft Teams allows team to communicate in real time and keep everyone in the know at the same time. All team members can see and contribute to the team chat, seeing chat history at any time to recall past discussions and decisions. You have the flexibility to create private chats for small group conversations with one or many people for when a conversation needs to be taken offline. You stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of. You can also receive Skype for Business chat messages on Microsoft Teams so that you have one place for your team communications. And of course, you can use Microsoft Teams across all your devices as we support Microsoft Teams on Windows, Mac, iOS, Android, Windows Phone and on web
- Objective: Expand Microsoft Teams value: differentiated with power of Office 365 integration Talking points: Not only is Microsoft Teams the place for your team chat communications, it’s also a hub for your team’s collaboration. You find in a single place the chat conversations with your team, files, team members, and everyday tools. When you need to talk face to face, you can start a video call from a team chat or private chat. Turn off video if you just want an audio call. You can also join scheduled meetings from Microsoft Teams to meet within a channel or privately outside of one. Because Microsoft Teams is integrated with Office 365, teams have quick access to the information they need whether they are files shared through SharePoint, notes in OneNote or tasks in Planner. Excel, PowerPoint, Word, PDFs and other documents can be shared and opened right in the app. If you can’t immediately find what you need you can search in Microsoft Teams for people, files, chats and links. You can move easily between multiple Microsoft Teams so it’s easy to see what’s going on across teams, across channels, across chats. It’s also easy to set up and manage, whether you’re IT or an end user. Because it’s part of Office 365, all of your team members are instantly there
- Objective: Show Microsoft Teams is also flexible to meet the individual needs of different organizations Talking points: Microsoft Teams gives you the flexibility to create a workspace that fits your teams’ needs. Create different channels for the team based on work streams or topics. Add new tabs to a channel for quick access to frequently used documents and cloud services like PowerPoint and Planner. Teams also includes integrations from partners like Zendesk, Asana, and Hootsuite. Tabs are used to surface content in its native format, allowing for rich collaboration in the right context. Explore data and take quick actions with bots like T-bot. or 3rd party bots like Polly, Meekan and many others. With more than 70 Office 365 Connectors from services like Twitter, Dynamics CRM Online, VSTS or GitHub, available now, you can send rich notifications right into a channel. These are great for notifying a team about required actions, completed transactions, breaking news, and other real-time updates. You can stay on top of all of the activity with notifications which alert you to when you’ve been @mentioned or when someone’s replied to a conversation you’re a part of.
- Objective: Differentiate Microsoft Teams through Office 365 platform of security, privacy, transparency and global reach Talking points: Office 365 has strong commitments around security, compliance, privacy and transparency. Microsoft Teams was built using these same principles to deliver an enterprise grade platform. From the start, Microsoft Teams was architected with compliance, authentication and privacy in mind. Microsoft Teams will have compliance built-in, with support for industry standards including grade b accessibility, ISO 27001 and 27018, SOC 1 and SOC 2, HIPAA, EU Model Clauses and more. We’ve recently added information features that you’ve come to expect from Office 365 apps and services– Archive, eDiscovery, Legal Hold, Compliance Content Search, Auditing and Reporting. These features help you control sensitive information if your business has specific security requirements for content security and data use. Microsoft Teams protects team data securely using strong security measures including two factor authentication, hard passwords and access policies. Your data is always encrypted, whether it is chat, notes or files. It’s your data, you own it, you control it. Microsoft does not mine customer data for advertising purposes and we safeguard customer data with strong contractual commitments. In keeping with our commitment to provide customers the utmost transparency, customers can see uptime, the location of their data, and detailed reports of how Office 365 controls map to the security, privacy, compliance and risk management controls defined in the Cloud Security Alliance Cloud Control Matrix (CSA CCM). Microsoft Teams is enterprise grade, with support in 18 languages across 181 markets and 6 data centers worldwide, a 99.9% financially backed SLA and 24/7 support.
- Speaker Notes: The important piece of information to land with the attendees is that Microsoft Teams lives on existing Office 365 workloads, enhancing end users collaborative capabilities while leveraging existing services they are already (likely) very familiar with. Microsoft Teams is built on the reliability and performance of Office 365. From an IT Pro perspective, there is no infrastructure to manage for Microsoft Teams.
- Speaker Notes: The workshop leader should stop the presentation at this point. Request a volunteer from the attendees to share their screen and be the driver for the rest of the audience in the room. Proceed to lead a conversation that walks the attendees through the checklist on the following slides. The audience should not see the checklist. They should just participate in actually using Microsoft Teams. After the checklist is completed and the audience has had their first experience with Microsoft Teams, you can return to the workshop to complete a deeper dive. Note: If the organization is brand new to O365 and has not enabled any other O365 workloads, some pre-work may need to be completed. This should be known to the presenter from the completed pre-engagement questionnaire and this workshop should have been modified to account for any prerequisites prior to delivery. Please also ensure to understand the limitations the environment may have. Ensure to have run through the environmental checklist offline prior to doing a live walkthrough. ***** Alternative Workshop Order: If the attendees of the workshop are familiar with Microsoft Teams, it may be beneficial to hide slides 9-12. This will allow you as the workshop lead to skip the introduction and engaging the attendees in a live working session with the product. The decision on where to execute this portion of the workshop should be made prior to the workshop starting, if possible.