Under Inspection method, select Data Classification Service (DCS) and under Select type select the type of sensitive information you want DCS to inspect. The governance actions available vary between services.ĭetect and encrypt sensitive data at restĭetect files containing personally identifying information and other sensitive data that is share in a cloud app and apply sensitivity labels to limit access only to employees in your company.
Optional: Set the Governance actions to be taken on files when a violation is detected. Set the filter Sensitivity label to Microsoft Purview Information Protection equals the Confidential label, or your company's equivalent. You must have at least one app connected using app connectors.Įnable Microsoft Purview Information Protection integration. For example, you can create a governance action that runs on detected file violations in Google Workspace in which you select the option to Remove external users and Remove public access.ĭetect externally shared confidential dataĭetect when files that are labeled Confidential and are stored in a cloud service are shared with external users, violating company policies. Under Inspection method, select Data Classification Service (DCS), and under Select type select the type of sensitive information you want DCS to inspect.Ĭonfigure the Governance actions to be taken when an alert is triggered. Set the filter Access Level equals Public (Internet) / Public / External. In the Microsoft 365 Defender portal, under Cloud Apps, go to Policies -> Policy management. You must have at least one app connected using app connectors. Detect and prevent external sharing of sensitive dataĭetect when files with personally identifying information or other sensitive data are stored in a Cloud service and shared with users who are external to your organization that violates your company's security policy and creates a potential compliance breach.
Policies can be set to provide information protection, including continuous compliance scans, legal eDiscovery tasks, and DLP for sensitive content shared publicly.ĭefender for Cloud Apps can monitor any file type based on more than 20 metadata filters, for example, access level, and file type. For more information, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.ĭefender for Cloud Apps file policies allow you to enforce a wide range of automated processes. Microsoft Defender for Cloud Apps is now part of Microsoft 365 Defender, which correlates signals from across the Microsoft Defender suite and provides incident-level detection, investigation, and powerful response capabilities.
0 kommentar(er)
