Virtual work with M365 – how to protect your information?

Virtual work means that work happens anywhere, Corporate information is accessed from home offices, smartphones, and tablets. How do you protect this information?

Protect information with virtual workers

Below are some of the Microsoft tools available for you.

Data Protection

To apply flexible protection actions that include encryption, access restrictions, and visual markings, use the following capabilities:

Sensitivity labels – A single solution across apps, services, and devices to label and protect your data as it travels inside and outside your organization.

Azure Information Protection unified labeling client – For Windows computers, extends sensitivity labels for additional features and functionality that includes labeling and protecting all file types from File Explorer and PowerShell

Double Key Encryption – Under all circumstances, only you can ever decrypt protected content, or for regulatory requirements, you must hold encryption keys within a geographical boundary

Office 365 Message Encryption (OME) – Encrypts email messages and attached documents that are sent to any user on any device, so only authorized recipients can read emailed information

Service encryption with Customer Key – Protects against viewing of data by unauthorized systems or personnel, and complements BitLocker disk encryption in Microsoft datacenters

SharePoint Information Rights Management (IRM) – Protects SharePoint lists and libraries so that when a user checks out a document, the downloaded file is protected so that only authorized people can view and use the file according to policies that you specify

Rights Management connector – Protection-only for existing on-premises deployments that use Exchange or SharePoint Server, or file servers that run Windows Server and File Classification Infrastructure (FCI)

Azure Information Protection unified labeling scanner – Discovers, labels, and protects sensitive information that resides in data stores that are on-premises

Microsoft Cloud App Security (MCAS) – Discovers, labels, and protects sensitive information that resides in data stores that are in the cloud

Microsoft Information Protection SDK – Extends sensitivity labels to third-party apps and services

Data Loss Prevention

To help prevent accidental oversharing of sensitive information, use the following capabilities:

Data Loss Prevention (DLP) – Helps prevent unintentional sharing of sensitive items (Sensitive Information Types)

Microsoft Data Loss Prevention
Endpoint data loss prevention (preview) – Extends DLP capabilities to items that are used and shared on Windows 10 computers

Insider Risk Management

Many risks are driven by internal events and user activities that can be minimized and avoided.

Insider risk management is centered around the following principles:

You can select from the following policy templates to quickly get started with insider risk management:

This table shows triggering events for the policies and prerequisites.

Microsoft Insider Risk Management

Communication Compliance

Communication compliance is an insider risk solution in Microsoft 365 that helps minimize communication risks by helping you detect, capture, and act on inappropriate messages in your organization. Pre-defined and custom policies allow you to scan internal and external communications for policy matches so they can be examined by designated reviewers.

Features include:

Microsoft Communication Compliance

Information Barriers

Information Barriers restrict communication and collaboration between two internal groups to avoid a conflict of interest. In Microsoft Teams, information barrier policies determine and prevent the following kinds of unauthorized communications:

Microsoft Information Barriers

Next Step

A 30-day Infotechtion proof-of-concept for Microsoft Information Protection allows you to test:

Visit Infotechtion proof-of-concept for more information.