Modern Security Baby Step: Data Loss Prevention

Data Loss Prevention for all

Written by Dom Kirby

Former MSP Owner, CyberSec Practitioner, Modern Work Pro, Evangelist, Husband & Father

February 14, 2022

After my previous Modern Security Baby Step, I posted a poll on LinkedIn so that you could decide the next topic! Surprisingly, you voted on Data Loss Prevention Rules I recommend for all!

So, let’s talk about DLP! Data Loss Prevention is a simple concept. Hunt the environment for data within certain parameters, typically sensitive in nature, and act on it if someone tries to share it in a way that could create loss. Thus, preventing said loss.

Commentary on the post was pretty on point, how is DLP a baby step? And those folks are right. In general, DLP is considered a “more advanced” technology to implement. However, Microsoft has come a very long way in simplifying the DLP process! As a baby step, I look to implement DLP policies that work to reduce risks in electronic communications, mostly from a liability perspective. Here’s what I recommend for every client:

  • Financial Data
    It’s never a good idea to email credit card numbers and the like. I always create policies that prevent external sending of financial data.
  • Country Appropriate PII
    In the US, this is summed up with Social Security Numbers etc. This isn’t stuff you should be emailing either.

The point is straightforward, create simple policies that cover data nobody should be emailing or otherwise sharing externally. As you get beyond baby steps, you’ll refine your policy stack to cover compliance, trade secrets, etc.

Check out the video below where we create basic DLP policies you can use at every customer:

You May Also Like…

AI is not a Red Pill

AI is not a Red Pill

Listen, I'm just as excited about artificial intelligence as everyone else. However, like with many things, I am...

Electronic vs Digital Signatures

Electronic vs Digital Signatures

Some time ago, I posted about certificate authentication, and certificates themselves. In those articles, I mentioned...