During the 24th of October CollabDays BeNeLux, I did a session on the current and new functions for Information Protection. Including endpoint DLP. These are the slides for this session.
3. Code of Conduct
As event and experience organizers, we seek to provide a respectful, friendly, professional experience for
everyone, regardless of gender, sexual orientation, physical appearance, disability, age, race or religion.
We do not tolerate any behavior that is degrading to any gender, race, sexual orientation, or disability, or any
behavior that would be deemed harassment or discrimination.
Individuals are responsible for knowing and abiding by our standards and we encourage everyone to assist in
creating a welcoming and safe environment. Please report any concerns, suspicious or disruptive activity or
behavior to the organizing team, so that we can address the issue immediately.
More information can be found on the CollabDays Benelux website at
https://www.collabdays.org/2020-benelux-online/about/
6. Let’s take a little journey
From AIP to MIP and UL
7. 7
Azure Information Protection
• Detection, classification & protection
• Add-in client for Office
• Client for Windows Explorer
• Viewer client (also mobile)
• Version: 1.x (classic)
Deprecated March 31st 2021
1
8. Azure Information Protection
• More content sources
• On-premises scanner
• Cloud App Security integration
• Adobe integration
21
9. Unified Labeling
• One approach for sensitive
information
• New clients: 2.x
• Native client for Office Mac, iOS and
Android
• Managed from S&C center
• Windows Information Protection
• Two types of labels in Microsoft 365!
321
10. Ignite previews for 2020
• Office Online integration
• Office Pro Plus integration
• Site classifications
• Auto-classification in SharePoint
Online and OneDrive
• Info panel in Office
4321
12. Online integration
• Sensitivity Office Online
• Sensitivity label as column
Note:
• You cannot change a label within
a library;
• There’s no default label option;
• Co-authoring is disabled when a
classification label is used…..
13. Sensitivity labels for sites/groups
• Label a Team, Office Group and
SharePoint site
• Effects privacy, external access
and device access
• Does not effect documents in the
Team, Group or site!
• Does require an Azure AD
conditional access rule
14.
15. Data classification at rest
• Uses the Microsoft 365 DLP
engine
• No need for MCAS anymore
• Nice “Simulation mode”
• Will take some time to become
active
16. Trainable classifiers
• Use Machine Teaching
• Complementary to current
sensitive information types
• Several classifiers out of the box
20. Endpoint data loss prevention
• Uses Microsoft Defender ATP
• Includes options to block access
• Information visible in activity
explorer
21.
22. • Use a sensitivity label in a DLP policy
• Double key encryption
• Additional sensitive information types
• DLP for non-Microsoft cloud platforms
• On-premises network discovery via scanner
• Sensitive data information pane in Office