Data loss prevention policies are a series of technologies and business policies designed and implemented by organizations to prevent users from inappropriately sharing sensitive data, such as financial records, customer data, credit card information, and other protected information. Effective DLP policies help organizations identify, monitor, and automatically protect sensitive items across software platforms.
In FY23, the Enterprise Technology & Services Cybersecurity Governance & Compliance (GRC) team developed and implemented a DLP policy for Microsoft Teams, Exchange (email), SharePoint, and OneDrive.
The DLP for all University System of New Hampshire (USNH) Emails comprises sensitivity labels to help users classify and protect email content. These labels ensure that email messages labeled as "Restricted - Encrypted" are automatically encrypted and not shareable outside the intended recipient list. Labeling emails as Public, Sensitive, and Protected makes the receiver aware of the level of sensitivity placed on the message by the sender, so they can act appropriately when forwarding the message or sharing its contents. With the latest updates to Microsoft 365, securing email messages to recipients inside or outside of USNH is seamless.
DLP for Microsoft Teams and SharePoint allows users to select security restrictions and templates for both applications and alerts GRC of files that may contain sensitive data. GRC worked with various USNH departments to test this policy.
DLP for End Systems and OneDrive allows users to select security restrictions and templates for Desktop/One Drive and alerts GRC with files that may contain sensitive data. This policy was also tested by various USNH departments that handle medical and financial data.
