Microsoft Adds Data Loss Prevention Alerts to Compliance Toolbox
- By Kurt Mackie
- April 13, 2021
The latest part of Microsoft's overall compliance tooling is its Data Loss Prevention Alerts Dashboard, now generally available.
The dashboard is used for viewing data loss prevention (DLP) policy violations in organizations. It checks for information labeled as sensitive in some way, such as credit card numbers. Organizations can devise their own labels, as well, to protect information that might get sent out to others.
"Microsoft's DLP solution is part of a broader set of Information Protection and Governance solutions that are part of the Microsoft 365 Compliance Suite," the announcement explained.
The new dashboard can show DLP alerts across various Microsoft and non-Microsoft services, as well as local file shares and devices. Here's Microsoft list of products where DLP alerts can be generated:
- SharePoint Online
- Cloud apps
- On-premises file shares
The Data Loss Prevention Alerts Dashboard lets IT pros drill down into details. It'll show the "sensitive terms in the content" that were associated with the DLP policy violation for Exchange, OneDrive, SharePoint Online and Teams. IT pros can see the policy violation and can change the alert status to "Active, Investigating, Dismissed or Resolved."
If organizations have E5 licensing, then they can configure "aggregated alerts," which might send an alert, for instance, when a certain volume threshold of incidents is reached. Organizations with E1 or E3 types of licensing can only generate "single-event alerts," according to a Microsoft document, which means that IT pros get alerted every time an incident matches a policy rule.
Microsoft also has a "source view" DLP feature for Exchange, OneDrive and SharePoint Online, which requires having an E5 subscription. The source view feature shows the actual e-mail or file associated with the policy violation.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.