Data is the stuff of the modern digitized business, but it is also its Achilles’ Heel unless adequately controlled. Data is stored and shared across a disparate series of apps and devices, resulting in data sprawl, which results in files with sensitive information exchanging hands and becoming potentially accessible to unauthorized parties. Data that leaks can cause reputational damage to brands and result in eye-watering fines for non-compliance with regulations.
Scam-proofing your data is now Business 101, Cyberhaven Data Loss Prevention (DLP) tools offering a way through the data security minefield. Microsoft provides a way to prevent data loss via its Office 365 suite using Microsoft Purview. Here is a look at the pros and cons of using this DLP solution.
How is data lost?
When you think about data loss, you might imagine a cybercriminal hacking into a database or sending sophisticated phishing emails. External cyber-attacks are one such way that data is lost, but internal threats also result in data loss and damage. The Ponemon Institute found that the most sensitive data resided in employee emails, with 65% of respondents saying that employees store the most sensitive data, such as personally identifiable information (PII) and intellectual property (IP), in those emails. If emails are exposed, even accidentally, the result can be devastating. Slip-ups, such as the accidental sharing of almost 400 Social Security Numbers in a group email by an employee at New Philadelphia City Schools, USA, is a case in point.
Data Loss Prevention solutions, such as Microsoft Purview, can stop sensitive data from leaving the corporate network, even if an accident happens.
What is Microsoft Purview for Office 365?
Microsoft Purview is a suite of tools that help an organization discover, classify, and protect data across its entire IT environment. Purview is designed to utilize machine learning to identify sensitive data for classification and protection. Purview’s security and governance components focus on insider risk management, compliance, and Data Loss Prevention (DLP). Microsoft Purview’s design remit is to facilitate a holistic overview of data across an organization and, in doing so, provide a governance layer for that data. Using Purview, users can drill deeply into their data real estate and use governance controls to protect data. The DLP component of Microsoft Purview covers data in core locations:
Email: stops sensitive data from being sent out via email. Purview DLP policies look for patterns and specific keywords or phrases in emails and attachments. The DLP component stops this sensitive information from leaving the organization if triggered.
Cloud-based: DLP is applied to cloud-based apps such as Microsoft Teams and SharePoint.
Endpoints: DLP is used to prevent data loss via devices.
Pros and Cons of Microsoft Purview for Office 365?
Productivity suites like Microsoft Office have seen buoyant growth year-on-year; in early 2023, Office 365 had over 3.5 million companies worldwide using the suite for business communications and documentation. This widespread use of Office 365 has led to the suite being targeted by cybercriminals intent on stealing data. Microsoft Purview is integrated directly into Office 365, and its DLP component can help mitigate the risk of data theft and accidental data loss. Some of the pros and cons of using Purview for DLP include the following:
Integrated into Office 365
Deeply integrated into Office 365, Purview becomes a seamless part of your security stack. This can help with configuration and reduce human error. Integration can help reduce software costs by removing the need for third-party products.
Intelligent analysis and classification:
Data protection needs a solid foundation. The Microsoft Purview DLP leverages a Microsoft classification service that classifies sensitive content like PII and PHI. Once classified, DLP policies can identify and protect files in Office 365. Microsoft Purview also uses trainable classifiers, leveraging machine learning, to protect data.
Helps to meet regulatory compliance
Having an overarching governance layer across all data assets that applies data protection policies to classified data helps to meet data protection regulations.
Scales to your business
Purview is scalable and can adapt as your business changes. However, this may involve additional license fees.
Pre-defined policy templates
Purview provides pre-designed policy templates that can help speed up implementation.
Implementation can be costly
Purview is a suite of tools that requires skill and expertise to implement effectively. This can result in pressures on time, money, and human resources.
Deployment and management of Purview requires skilled individuals, and the maintenance of Purview is an ongoing commitment that needs fine-tuning as your enterprise needs change.
Limited data scope
Purview is designed to work with Microsoft files and documents, and the API has some limitations in connecting with non-API data sources. Although there is some custom file type support, handling Apple native files, CAD, etc. may result in limitations when using Purview. This limitation can result in data security gaps.
Purview provides eDiscovery, but it is not a dedicated solution, so it can be slow, especially when used at scale; this can cause performance issues. Microsoft recommends splitting large searches up to improve speed and handle scalability.
Should you or shouldn’t you use Microsoft Purview for DLP?
Purview is a powerful Data Loss Prevention solution, but deciding if this data protection suite suits your DLP needs comes down to which of the pros and cons impact your organization, says Gartner. For example, they may not be covered if your company uses non-Microsoft file types. Your organization size may also come into play in your choice. Whatever choice you make, having a robust, effective, and adaptable data protection solution is vital in the current threat landscape.