Do you have a strategy in place for protecting and managing your sensitive business information? Do you even know which information is considered sensitive? In our latest coffee break with Fuelled video, we go over the second part of our Microsoft data protection discussion.
Regardless of industry or size, keeping track of data that contains sensitive information can be a challenge for any organization. You need to ask yourself the following three questions:
If you are having trouble responding to these questions, chances are you have some way to go to secure your sensitive data. If so, Microsoft may be the perfect solution for your business. Watch the video below to discover Microsoft’s unique approach to information protection:
Once data is created, you need a system that can scan and discover sensitive data as it is transmitted across devices, apps, and services. Typically, only a small fraction of the entire volume of data contains sensitive information. Detecting and identifying sensitive information is vital. Once you’ve discovered the sensitive data, you need to classify and label it according to its sensitivity level. That’s because the protective action you apply depends on the information’s level of sensitivity.
Say a document contains employee ID numbers; you may label it as “confidential.” On the other hand, if a document contains social security numbers, a “highly confidential” label might be more suitable. Once the data has been appropriately labeled, you’ll be well placed to implement the necessary protection policies. Protection may be in the form of encryption, permissions, visual markings or watermarks, retention, deletion, or data loss prevention actions such as blocking or sharing.
Next, the sensitive data might move around. This means you need to continually monitor and respond quickly to potential abuse or threats through real-time alerts, emails, or a reporting dashboard. Finally, depending on the sensitivity level and business policy, the data is subject to expiration, retention, and deletion as it ages.
Microsoft’s comprehensive approach to information protection involves three essential phases:
To achieve complete protection across your organization, you need to discover sensitive information wherever it is created or lives. That includes on-premises file shares or data centers, individual devices, across cloud services, software apps, etc. Essentially, data needs to be protected at all times, both outside and inside your network.
This phase involves scanning and detecting sensitive data depending on your organization’s specific policies. You need to ask yourself the following questions:
Microsoft provides a default set of recommended sensitivity labels that can be customized to fit your needs. Classifying data will enable you to take appropriate protective actions.
Once you’ve discovered your sensitive information and assigned appropriate labels, this step is arguably the most significant. To apply the right policy-based action to sensitive information, you first need to ask yourself:
Our Fuelled Networks team is ready to help you leverage Microsoft’s solutions to secure all your sensitive business information. We serve businesses across Ottawa, Kingston, Brockville, Eastern Ontario, and throughout The National Capital Region.
Contact us now to get started.