Interlink Cloud Blog

facebooktwitterlinkedin

Matt Scherocman

Data Loss Prevention (DLP) in New Office 2016, SharePoint Online, and OneDrive for Business

Data Loss Prevention (DLP) in New Office 2016, SharePoint Online, and OneDrive for Business

Clients have benefited from Data Loss Prevention (DLP) technology within Exchange Online for years. Microsoft is now expanding the functionality to cover data and documents that may be in Office, SharePoint, and OneDrive. Plus they are enhancing the console where the policy rules are managed so that the policy rules for all of the services are controlled in a single location.

Client can continue to use the templates that Microsoft builds to help them stay compliant with regulations like PCI and HIPPA. Severity levels can also be set – so administrators, for example, could have one set of actions that happen if a user tries to send a credit card number externally and another if they are trying to send a file that contains ten or more credit card numbers in it.

DLP not only is for people who are actively trying to share content that they shouldn’t, it is also for people who didn’t notice that there was a company credit card contained 10 emails down in a thread before they forward it to a new distribution list.

Matt Scherocman

Office 365 Security Overview

Matt Scherocman

Is Office 365 HIPAA Compliant?

Yes. Microsoft® Office 365 provides all the capabilities you need to satisfy the technology requirements for HIPAA and HITECH compliance. These regulations require that organizations establish and document procedures that govern:hipaa compliant2

  • Restrict access to patient data.
  • How patient data is handled.
  • How stored patient data is kept secure.
  • How to secure patient data when it’s transmitted.

Meeting these general guidelines requires lots of time and attention to detail. Office 365 helps you meet these requirements with less time and cost than you might think.

Eric

What is the HeartBleed Vulnerability?

In recent days we have had a lot of questions from clients who were concerned their information may have been compromised in Office 365 by the HeartBleed vulnerability.  This flaw allows intruders to read server memory which would contain usernames, passwords, credit cards, or any other confidential information that may be on the server running OpenSSL.  We wanted to take a minute to reassure you that Office 365 and out of the box Microsoft configurations are not affected. 

 

The Heartbleed vulnerability is specific to OpenSSL which is not being used for any Microsoft Office 365 services.  In fact, all Microsoft servers (Windows Server 2003 through Windows Server 2012 R2) do not utilize OpenSSL out of the box and use their own encryption component called Secure Channel (or SChannel which you may have seen errors in your event log for).  Unless you have installed Apache or some other third-party application that uses OpenSSL on your Windows Server, you should be fine.  Microsoft will continue actively monitor the security of Office 365 with threat modeling and attack surface analysis.  We continue to believe security is a benefit of the Microsoft cloud services that goes above and beyond what a typical business can do and it is not a weakness. 

 

For additional information please reference this article from Microsoft

Welcome to the Interlink Cloud Blog

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations or warranties regarding the information from our partners or other external sources.

Blog Categories

Interlink Cloud
Interlink Cloud
5 post(s)
Tips and Tricks
Tips and Tricks
1 post(s)
Outlook
Outlook
2 post(s)
Reporting
Reporting
1 post(s)
Cloud Storage
Cloud Storage
1 post(s)
Webinars
Webinars
9 post(s)
OneDrive
OneDrive
5 post(s)
Yammer
Yammer
3 post(s)
Azure
Azure
11 post(s)
SharePoint
SharePoint
9 post(s)
Microsoft
Microsoft
5 post(s)
Lync
Lync
8 post(s)
Office 365
Office 365
47 post(s)

Blog Archive