Is Office 365 DLP…Enough DLP?

Posted by | · | Data Loss Prevention · DLP False Positives · DLP Industry · DLP Products · DLP Technologies · DLP Vendors · Microsoft Office 365 · Pattern Matching · Regular Expression | No Comments on Is Office 365 DLP…Enough DLP?

Click here to request more information on O365 DLP capabilities and comparison

More and more companies are seriously considering the data loss prevention features of Office 365. And well they should. O365’s DLP features have come a long way and now provide strong capabilities. But, is Office 365 DLP really enough DLP for your needs? That depends.

DLP Coverage

Office 365 DLP is unique. It doesn’t cover the full enterprise DLP suite of network, endpoint and discovery. Instead, Microsoft breaks down DLP into pieces to cover its unique ecosystem comprised of: Office applications, email, cloud and collaboration tools. Microsoft has carved out a little DLP functionality from a cross-section of its ecosystem. So, what does O365 DLP cover?

Let’s start with Network.

• Email? Check.

• Web? Not so much.

• Other Network Traffic? Again, not so much.

What about Discovery DLP? This is the ability for DLP tools to scan stored data to find sensitive information in files or databases.

• Network Discovery? Yes, but limited to data stored in their ecosystem.

• Cloud Discovery? Yes, but limited to their cloud and cloud services.

• Database Discovery? Yes, but limited to SQL databases – in the Azure cloud.

Finally, Endpoint DLP. Traditional DLP endpoint agents cover local discovery of sensitive data, controlling the movement of sensitive data onto removable storage, controlling movement via network (email, other protocols) and copy/paste/print/printscreen. And endpoint DLP does all this whether connected to the corporate network or not – and even while not connected to the Internet at all.

Microsoft does not have similar endpoint DLP capabilities, but it can control some aspects of sensitive data via its Office Applications – Word, Excel, Powerpoint, etc. This doesn’t really fit the definition of data loss prevention, but it is certainly something DLP does not do.

Improving O365 DLP Effectiveness

How does O365 compare to enterprise DLP suites? Unfortunately, O365’s out-of-the-box detection capabilities are very limited – about on a par with the leading DLP technologies of…2005. (Yes, 2005.) That doesn’t necessarily mean that O365 will not meet your data protection requirements, especially if you’re open to getting help in custom policy configuration and fine-tuning. Expert policy tuning alone is often the difference between great DLP success – and utter DLP failure.

When is O365 the Right Choice for DLP?

For many companies, an enterprise DLP suite is simply beyond their reach based on budget constraints or due to lack of personnel to support and manage the solution. In these situations, some DLP coverage is always better than no DLP coverage. And if an organization is willing to take the time to properly (and professionally) configure policy, O365’s DLP capabilities can do the job within its scope of coverage.

Learn the differences between enterprise DLP and O365 DLP and request professional O365 guidance by completing the following form:

Click here to request more information on O365 DLP capabilities and comparison

No Comments

Leave a comment