Adding custom sensitive information types just got a whole lot easier. Just use the Security & Compliance center.
Sometime ago I did a short presentation on advanced data governance. Part of the presentation was about adding new sensitive information types. As you might know, you are not restricted by the information types provided by Microsoft. But adding your own types involved a lot of work.

First of all, you needed to understand the workings of a sensitive information type. Well, this hasn’t changed. You need to know stuff like regular expressions, proximity, confidence levels and the like.

XML file

Then you can create a specific XML file, which contains specifics of the information type. The XML would contain a rule package, entity, patterns, regular expressions and much more. In the end – this would become a very complex file.

XML

 

XML2

When the XML file was completed and correct, you needed PowerShell to import it into the Office 365 environment. PowerShell was also used to update the information type.

Security and compliance center

I was delighted to see that Microsoft has now added a GUI for adding these sensitive information types. Like I mentioned before, you still need to understand the basics of these information types, but creating one is much simpler.

You can add an information type from the Classifications section. Go to New sensitive information type. Choose a name and description.

sens_info_1

In the next screen you’ll add the specifics. Let’s say we need to find content which contains information on the badge or employee number of the organisation. This employee number has a specific layout. For example: 425 555-0100 (yep, just like the US phone-numbers).

In this example I’m adding three keywords to the information type. But I also want to filter on the employee number as-well, so I add a regular expression for this.

sens_info_2

By the way. A regular expression works like this.

425(\s|.)\d\d\d(-|.)\d\d\d\d

\s = white space
| = OR
\d =number

This results in 425 555-0100 or 425.555.0100 (for example).

 

Testing

You might want to know if your information type works. And this is possible. After creating the information type, Office 365 asks you to test it out. You can do this by creating a txt-file and uploading it to the portal. I’ve tested mine, of-course.

sens_info_3

Txt-file created here.

test

Just upload it. Easy….

test2

And…. results! The information type detects my content.

test3

So now I can use this information type to automatically detect sensitive information.

Just to check, I opened the list of all information types.

result

Nice!

In the end

Sensitive types and the automatic detecting and labeling of content is very powerful. With this addition, the creation of custom sensitive information types has become much and much easier. If you want more information on these types, then this can be found here: https://go.microsoft.com/fwlink/?linkid=2006348

Posted by Albert Hoitingh

I'm an Office 365 businessconsultant/architect. My focus is on Office 365, information-management, security and governance. I'm honored to be a Microsoft MVP. I like to present and share information, most recently @ SharePoint Saturday London, Cambridge and Lisbon.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s