O365con14 - information protection and control in office 365
1.
2.
3.
4.
5.
6.
7.
8.
9. LESS RESTRICTIVE MORE RESTRICTIVE
• Apply the right level of control based on the sensitivity of the data
• Maximize control and minimize unnecessary user disruptions
Alert
“Allow delivery
but add a
warning.”
Append
“Allow delivery
but add a
disclaimer.”
Protect
“Allow delivery
but prevent
forwarding.”
Redirect
“Block
delivery
and redirect.”
Review
“Block delivery
until
reviewed.”
Block
“Do not
deliver.”
Modify
“Allow delivery
but modify
message.”
Classify
“Allow delivery
but apply
classification.”
12. Conditions
Actions
Exceptions
Conditions
Actions
Exceptions
12
New options
• Rules can be configured to run for a specific time
period
• Rules can be run in Test Mode
New filters
• Total message size
• Attachment extension keyword matching
• Sender IP address
New actions
• Criteria-based routing
• Forced TLS routing
• Halt processing of remaining rules on a message (“Stop
processing rules”)
17. • Content to monitor
• User action
• Mail flow actions
contains
• Credit cards
• EU debit cards
Defines the policy objectives
to help meet regulatory requirements
for identified content
Contains data type definitions
to help identify sensitive content
17
18. Predefined rules targeted at
sensitive data types
Advanced content detection
Combination of regular expressions,
dictionaries, and internal functions
(e.g., validate checksum on credit
card numbers)
Extensibility for customer and ISV-
defined data types
20. Empower users to manage their
compliance
Contextual policy education
Doesn’t disrupt user workflow
Can work even when disconnected
Admin-customizable text and actions
20
26. Use Windows Azure AD Right Management
Out-of the box
Integrate natively with Exchange online and SharePoint online
Integrate Office 365 with existing on-premises AD RMS
infrastructure
27.
28.
29.
30.
31.
32.
33.
34. NwTraders Contoso
1. NwTraders
exports private
key and SLC
2. Contoso
imports
private key
and SLC
4. Ilse sends PL
and RAC with
request for UL
from local
licensing server
5. Contoso
uses imported
private key to
decrypt PL and
issues UL
3. Robin send IRM-Protected
message to Ilse
47. Exchange Online
Policy detection and
Enforcement
Tenant
configuration
O365 User Internet User
Microsoft
account/Organization
Account
Mail Reading Portal