{"id":20460,"date":"2022-10-25T08:00:52","date_gmt":"2022-10-25T16:00:52","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/10\/25\/news-14193\/"},"modified":"2022-10-25T08:00:52","modified_gmt":"2022-10-25T16:00:52","slug":"news-14193","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/10\/25\/news-14193\/","title":{"rendered":"How businesses are gaining integrated data protection with Microsoft Purview"},"content":{"rendered":"

Credit to Author: Christine Barrett| Date: Tue, 25 Oct 2022 16:00:00 +0000<\/strong><\/p>\n

Currently, our interconnected world is creating 2.5 quintillion bytes of data every day.1<\/sup> Every purchase made, every email sent, every contract signed: all of it gets shared, accessed, and stored. We take it on faith that organizations are doing all this safely; however, data loss is becoming a distressingly common occurrence. A data breach that affected a major cellular provider in 2021 ended up costing the company USD350 million\u2014and that’s just the customer settlement.2<\/sup> On top of risks to your finances and reputation, tighter regulatory requirements like General Data Protection Regulation3<\/sup> (GDPR) and the Health Insurance Portability and Accountability Act of 19964<\/sup> (HIPAA) demand updated processes and controls that show proof of compliance.<\/p>\n

Your data protection strategy needs to be accurate, comprehensive, and scalable without hindering productivity. Traditional data protection solutions have typically taken a patchwork approach, often requiring resource-intensive custom integrations that don\u2019t scale well. Worse, this kind of ad hoc solution can expose infrastructure gaps that attackers seek to exploit. In contrast, an integrated approach to data protection provides automated, customizable classification, as well as pre-built regulatory templates and flexible data loss prevention (DLP) policy controls. Microsoft Purview<\/a> has the added benefit of being already integrated across many industry-standard applications and services, workloads, and digital estates\u2014on-premises, software-as-a-service (SaaS), and in multicloud, multiplatform environments. In this blog post, we\u2019ll hear from some of Microsoft\u2019s customers about their experiences implementing Microsoft Purview Information Protection<\/a> and Microsoft Purview Data Loss Prevention<\/a> and how these cloud-based solutions streamlined their security. To experience what holistic data protection can do for your organization, you\u2019re invited to sign up for a free trial<\/a>.<\/p>\n

Rabobank balances data security with employee access<\/h2>\n

Protecting data confidentiality for 8.9 million private and corporate customers worldwide is no easy task, but Netherlands-based Rabobank is committed to balancing data protection<\/a> with customer privacy. To get there, the company\u2019s small security team needed a DLP solution that could help secure the bank\u2019s assets across 42,000 endpoints spread over 23 countries. Their previous solution was oriented to siloed rule sets, meaning it assessed data in terms of a given department. This made it difficult for a multinational organization like Rabobank to maintain rules across multiple areas. \u201dOne of our significant issues is how to stay current with policies that change frequently across multiple regions,\u201d says Edo Immink, IT Lead for Office 365, Rabobank. Without that global view, the security team was left dealing with a complicated rule set in aging infrastructure. \u201cThat meant people would have to drop other priorities and rush in to fix things,\u201d Immink explains.<\/p>\n

Rabobank was concerned about potential data leakage from USB drives, browsers, and printers. When it was first available in 2020, Microsoft Purview Data Loss Prevention<\/strong> offered a cloud-based solution with built-in controls for managing sensitive information across endpoints and applications\u2014covering Microsoft 365, SharePoint Online, OneDrive for Business, Exchange Online, and Microsoft Teams. This built-in connection with Microsoft apps provided the bank\u2019s security team with the advantage of managing all data policies from one place\u2014the Microsoft Purview compliance portal<\/a>. Seeing the benefits of pre-integration, Rabobank moved to get maximum value from its Microsoft 365 E5<\/a> license by rolling out Microsoft Purview Data Loss Prevention companywide.<\/p>\n

Adopting Microsoft Purview Data Loss Prevention also helped Rabobank increase its agility by decreasing the overall number of DLP policies it had to manage. And having an encompassing view of apps and endpoints helped curtail inappropriate data sharing across the company\u2019s global workforce of more than 40,000 employees, many of whom rely heavily on mobile devices. The bank\u2019s security team worked with Rabobank regional security officers to deploy policies that protect data while making it easier for employees to access everything they need. In turn, this freed up time for Rabobank\u2019s IT teams to focus on more high-value activities.<\/p>\n

\u201cWe benefit from getting our business apps, security, and DLP tooling from the same source because they all work together seamlessly,\u201d says Jacob Kralt, Product Owner for Office 365 Compliance, Rabobank. \u201cAnd by combining Microsoft Sentinel with Microsoft Purview Data Loss Prevention and the Microsoft 365 platform, we have a holistic view of our ecosystem and can manage it more easily.\u201d<\/p>\n

Fannie Mae protects privacy while boosting productivity<\/h2>\n

As a leading source of financing in the housing market, Fannie Mae provided USD1.4 trillion in liquidity<\/a> to the United States mortgage market in 2021. That success wouldn\u2019t be possible without reliably securing millions of customers\u2019 personally identifiable information (PII). And that requires understanding how data is used internally to help prevent exfiltration. Fannie Mae needed a data loss prevention solution that would enable productivity while complying with their strict security protocols and Federal Housing Administration (FHA) regulations. The company\u2019s objective was to create a trust model that helps protect its data from both internal and external risks, all while keeping pace with evolving cybersecurity demands.<\/p>\n

As it turned out, the solution was already in their hands\u2014the data protection and governance solutions in the company\u2019s Microsoft 365 E5 license. \u201cWe adopted Microsoft Purview Data Loss Prevention<\/strong> because we\u2019re hyper-focused on helping secure data end-to-end,\u201c says Kiran Ramineni, Vice President of Single-Family Architecture and Cloud, Data, AI\/ML, and Infrastructure Architecture, Fannie Mae. Because the company also uses cloud-native Microsoft Azure and Microsoft Defender for Cloud, they gain a full suite of detection controls that prevent sensitive data from being exfiltrated. Fannie Mae\u2019s on-premises environment is also connected to Defender for Cloud.<\/p>\n

Ramineni praises the seamless interaction between Microsoft Purview Data Loss Prevention and Microsoft 365 productivity apps, such as OneDrive, noting that the seamless connectivity empowers Fannie Mae\u2019s data scientists to access queries on OneDrive while automatically blocking PII from being moved back to the user\u2019s OneDrive folders. Even better, the integration enhances productivity by allowing non-PII data to be saved back to employees\u2019 shared folders. \u201cMerging Microsoft Purview Data Loss Prevention and Defender for Cloud Apps with our Microsoft 365 apps gives us both sides of the coin,\u201d says Ramineni. \u201cWe make it easy for data scientists to do their work, be more productive, and collaborate as necessary with those who are outside of the containment environment, and yet, we help keep data secure.\u201d<\/p>\n

Ramineni\u2019s team is looking forward to deepening the company\u2019s security infrastructure by adding Microsoft Purview Information Protection<\/strong> enterprise-wide\u2014across cloud apps, on-premises data repositories, and infrastructure clouds. \u201cWe work to evolve as the threat landscape evolves, defending our environment from internal and external actors,\u201d says Ramineni. \u201cThe best security is never done.\u201d<\/p>\n

Ernst & Young protects a global data estate by managing user permissions<\/h2>\n

Ernst & Young<\/a> (EY) is one of the largest professional services networks in the world and is considered one of the \u201cBig Four\u201d accounting firms. Operating as a network of partner firms, EY has more than 300,000 employees in 700 offices spread across more than 150 countries. For that reason, the company decided to get the maximum benefit from their Microsoft 365 license by deploying Microsoft Purview Information Protection<\/strong>\u2014safeguarding their worldwide data estate with automatic classification, sensitivity labels, and rights management. \u00a0<\/p>\n

Microsoft Purview\u2019s sensitivity labels include content and container types. Content labels are typically applied to data (such as files and emails) and include protections such as encryption and visual marking. Container labels are applied to repositories (such as SharePoint sites) and include protections such as multifactor authentication and privacy settings. Because Microsoft Purview Information Protection provides controls around the behavior of these labels\u2014how they\u2019re applied and changed, what the defaults are, and who can see them\u2014admins can gain a complete picture of the company\u2019s data using the Microsoft Purview compliance portal.<\/p>\n

\u201cUsing a container label to differentiate permissions meant users could access a single document and prevent the same users from accidentally stumbling upon confidential documents; a key element of the Microsoft Purview Information Protection solution that we couldn\u2019t get from any other solution on the market,\u201d\u00a0says Usman Abubakar, Assistant Director of Messaging Foundation Services, Ernst & Young.<\/p>\n

The best data-protection tools you already own<\/h2>\n

Microsoft Purview Information Protection<\/a> and Microsoft Purview Data Loss Protection<\/a> provide holistic data protection as part of your Microsoft 365<\/strong> E5 <\/strong>license, integrating seamlessly with Microsoft productivity apps <\/strong>as well as a broad third-party and partner ecosystem<\/strong>. When integrated with Microsoft Sentinel<\/strong> and Microsoft Defender for Cloud<\/strong>, your business can gain breadth and depth in controlling internal and external threats across your entire digital estate. To experience how Microsoft Purview can start protecting your organization\u2019s precious data today, remember to sign up for a free trial<\/a>.<\/p>\n

To learn more about Microsoft Security solutions, visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity<\/a> for the latest news and updates on cybersecurity.<\/a><\/p>\n

<\/div>\n
\n

1<\/sup>How Much Data is Created Every Day in 2022?<\/a> Jason Wise. October 12, 2022.<\/p>\n

2<\/sup>T-Mobile reaches $350M settlement in 2021 cyberattack and data breach impacting 76M people<\/a>, Todd Bishop. July 22, 2022.<\/p>\n

3<\/sup>General Data Protection Regulation<\/a>, Intersoft Consulting. May 25th, 2018.<\/p>\n

4<\/sup>Health Insurance Portability and Accountability Act of 1996 (HIPAA)<\/a>, Centers for Disease Control.<\/p>\n

The post How businesses are gaining integrated data protection with Microsoft Purview<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n

https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Christine Barrett| Date: Tue, 25 Oct 2022 16:00:00 +0000<\/strong><\/p>\n

Learn how Rabobank, Fannie Mae, and Ernst & Young maximized their existing Microsoft 365 subscriptions to gain integrated data loss prevention and information protection.<\/p>\n

The post How businesses are gaining integrated data protection with Microsoft Purview<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[4500,11671,21533],"class_list":["post-20460","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security","tag-cybersecurity","tag-data-loss-prevention","tag-information-data-protection"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=20460"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/20460\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=20460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=20460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=20460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}