Azure Information Protection (Day 3)

This is the third in a series of posts documenting our experiences and impressions with Azure Information Protection. Today we wanted to use Office 365 Data Loss Prevention (DLP) to map AIP classification labels applied within an external domain to labels defined within our domain. The use case for this is a customer or partner […]

Read More

Azure Information Protection (Day 2)

This is the second in a series of posts documenting our experiences and impressions with Azure Information Protection. Here are a few things we learned today: The Policy setting “All documents and emails must have a label (applied automatically or by users)” should be disabled. When doing manual classification of emails and files, forcing users […]

Read More

Azure Information Protection (Day 1)

Azure Information Protection is Microsoft’s suite of advanced security capabilities for Office 365 (and, sometimes, legacy on-premises environments). The concept is simple: manually or automatically classify files and emails and then have security templates apply to those objects based on the classification. However, you quickly get into a dizzying array of licensing combinations, administrative portals, […]

Read More

5 Best Practices for Employee Data Privacy

As a member of your Human Resources department, no doubt you already have a clear idea of the importance of the privacy of employees’ personal information. If scam artists can wreak havoc with a single voided check or credit card number, it’s not hard to imagine the harm they can do with the motherlode of […]

Read More

Discovering and Identifying Sensitive Data

The exposure of sensitive data in documents can create serious problems. Some types of information, such as Tax File Numbers (or other national identification number) and credit card numbers, are inherently sensitive. They always need to be kept out of public documents, and any internal documents that hold them need protection. Regulations and contractual obligations […]

Read More

What if your data could talk?

Digital transformation and how to listen to your data It is estimated that 80% of organisations are currently undertaking or planning some form of business or digital transformation, with the aim of increasing revenues, improving efficiency, managing risks and reducing costs. While these efforts can be absolute game-changers for businesses and many of the strategies […]

Read More

Encrypt Everything!? Maybe not.

I was working as a Security Architect when the Director of Strategy and Architecture made the announcement that our latest strategy was to “Encrypt Everything”. This was a telecoms company with a distributed IT infrastructure, thousands of staff, and a huge number of networks. The volume of confidential documents created daily numbered in the thousands, […]

Read More