SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


o365dlp
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
o365dlp [2018/11/27 13:42]
sjoerd
o365dlp [2018/11/27 13:58] (current)
sjoerd
Line 54: Line 54:
 *** Click Next *** Click Next
 ** Click Create ** Click Create
- 
  
 +== Troubleshooting and Testing ==
 +To test the policy you need to send an email with a credit card number. You can use [[https://​www.paypalobjects.com/​en_AU/​vhelp/​paypalmanager_help/​credit_card_numbers.htm|these creditcard numbers]] to test. \\
 +\\
 +Sometimes the tooltips do not work. Most common cause is that outlook [[https://​support.office.com/​en-us/​article/​outlook-mailtips-options-7839a4ac-e45f-4289-a127-4ce702bedcc2|tooltips are not enabled]]. You can also test the tooltips in https://​outlook.office.com. It could also take some time for the tooltips to show. I also experiences the tooltips to randomly work for users. ​
  
 += GDPR Policy =
  
 +The GDPR policy needs a little tweaking. By default only the EU confidential data is protected, but not the Dutch BSN Number. ​
  
-NB. In exchange online stond er ook een DLP policy ​aan, net als twee oude in security en compliance portal. Deze zijn allemaal disabled. ​+All the steps are the same as above except for the following parts (and naming and description of course): 
 +* Choose the template to start with: 
 +** Adjust the region to European Union and select Privacy -General Data Protection Regulation (GDPR) 
 +* To add the BSN do the following steps in the Rule of the policy
 +** Go to conditions -> Sensitive Info Types 
 +*** Add -> Sensitive info types  
 +*** Add 
 +*** Scroll down in the list and select Netherlands Citizen'​s Service (BSN) Number 
 +*** Done
  
-> https://​www.blackforce.co.uk/​2017/​04/​11/​outlook-2016-policy-tips-not-updating ​ +== Troubleshooting and Testing == 
-> https://​community.spiceworks.com/​topic/​2175283-o365-dlp-tooltips-not-working  +In my experience the EU GDPR data results ​in a large number of false positives. You could set the match percentage higher (see resources for what the sensitive types match on) or delete ​the info type from the sensitive ​info type list. That is a valid option if your company doesn't store these numbers from their customers.  ​
-> https://​www.paypalobjects.com/​en_AU/​vhelp/​paypalmanager_help/​credit_card_numbers.htm  +
- +
-DLP - GDPR +
-Name: NL - Privacy Data - General Data Protection Regulation (GDPR) +
-Description:​ DLP voor persoonsgegevens +
- +
-Edit rule +
- *  +
-Name: Any volume of EU Sensitive content found +
- *  +
-Description:​ Trigger policy if any personal ​data is found +
- *  +
-Conditions:​ +
- +
- +
- * Content is shared with people outside my organization +
- +
- +
- +
-LET OP; AANPASSINGEN GEMAAKT.  +
-De email wordt mee verzonden, dus om datalekken te voorkomen heb ik de volgende aanpassingen gemaakt ​in beide regels: +
-Email notifications:​ Alleen: Notify the user who sent, shared, or last modified the content. +
-Verstuur alleen naar mailbox iv soc (dus niet mailbox werken in de cloud) +
-En vink de volgende informatie uit in het rapport: The item containing the contect that matched the rule, resultaat van het laatste stukje: +
- +
-You can also include ​the following information in the report: +
-The name of the person who last modified ​the content: On +
-The types of sensitive ​content that matched the rule: On +
-The rule's severity level: On +
-The content that matched the rule, including the surrounding text: On +
-The item containing the content that matched the rule: Off+
  
  
o365dlp.txt · Last modified: 2018/11/27 13:58 by sjoerd