Data loss prevention

Organisations have sensitive information under their control such as financial data, proprietary data, credit card numbers, health records, or social security numbers. To help protect this sensitive data and reduce risk, they need a way to prevent their users from inappropriately sharing it with people who shouldn't have it. This practice is called data loss prevention (DLP).

Organisations typically use DLP to:

Protect Personally Identifiable Information (PII) and comply with relevant regulations
Protect Intellectual Property critical for the organisation
Achieve data visibility in large organisations
Secure mobile workforce and enforce security in Bring Your Own Device (BYOD) environments
Secure data on remote cloud systems

With Microsoft’s DLP solution, you can identify, monitor, and automatically protect sensitive items/data that is in rest, use, or motion across:

Microsoft 365 services such as Teams, Exchange, SharePoint, and OneDrive
Office applications such as Word, Excel, and PowerPoint
Windows 10, Windows 11 and macOS endpoints
Non-Microsoft cloud apps
On-premises file shares and on-premises SharePoint
PowerBI sites

DLP detects sensitive items by using deep content analysis, not by just a simple text scan. Content is analysed for primary data matches to keywords, by the evaluation of regular expressions, by internal function validation, and by secondary data matches that are in proximity to the primary data match. Beyond that DLP also uses machine learning algorithms and other methods to detect content that matches organisation’s DLP policies.