Data Loss Prevention (DLP) is used by organisations to define and enforce data protection policies that identify and prevent risky or inappropriate sharing, transfer or use of sensitive information across cloud, on-premise and endpoints within an organisation or establishment.
Until now it was possible to configure alerts, as a part of the DLP policy authoring experience which provide an effective way for admins or compliance officers to get notified whenever a DLP policy is breached.
Microsoft has now announced the General Availability (GA) of their Data Loss Prevention “Alerts Dashboard” . This latest enhancement provides organisations with the ability to easily and holistically visualise and then investigate DLP policy violations across their entire infrastructure including:
New Alerts Dashboard enhances DLP experience
- On-premises file shares
- Exchange / Exchange Online
- Other non msft cloud apps and SaaS apps
- Devices (where endpoint DLP is used).
The alerts dashboard provides a list view of all of the DLP alerts. The relevant details can then be investigated by simply clicking on an alert. APIs of course exist to allow you to call these alerts from other event management platforms and SEIM products like Azure Sentinel for example.
Microsoft DLP is of course just part of the comprehensive set of Gartner Magic Quadrant leading Information Protection, Compliance and Governance solutions that are part of the Microsoft 365 E5 (and Microsoft 365 Compliance stack).
Customers can easily sign up for a trial of Microsoft 365 E5 via the admin centre, or by speaking to your Microsoft Partner (like the company I work for at https://www.cisilion.com/microsoft) to get more information, arrange a demo or run a PoC.
More information on this with can be found on the Microsoft 365 blogs here.