Microsoft Ignite 2019 – Update – Best practises for Microsoft Information Protection

First of all. Want to get started right away with the Microsoft 365 E5 offerings for compliance? Then read this blog. It’s all about the new compliance score, insider threat detection and more.

An now: Microsoft Information Protection.  During this session we got to learn very cool worst- and best practices for deploying Microsoft Information Protection. Let’s go:

Worst practices

Worst 1: plan, plan, plan and after years of requirements, etc. roll-out. Start protecting after years of research means that all information is unprotected during this time.

Worst 2: deploy rapidly with strict controls. Only a tiny number of sensitive documents were protected, because the focus was only on the most secure documents. These were very strictly protected. Other documents were disregarded – and in the end: hacked….

Worst 3: deploy based solely on regulatory compliance. Only the documents based on this regulation were strictly protected. Other documents were disregarded – and in the end: hacked….

Best-practices Crawl – Walk – Run

These do depend on the license model!!

• Try crawling first: deploy the client (until it becomes available as integrated solution). Configure MCAS and the scanner to scan repositories. Configure DLP rules to prevent data leakage. Create the label taxonomy. Don’t apply protection, just classify!
• Then start walking: Protect your information by configuring the labels. Start with basic protection (No protection, all employees Full Control), configure recommendations;
• After some walking time, start to run: look at the most advanced functions and roadmap. Create specific labels based on departments, projects, etc. Integrate with other platforms.

Using this model, you get rapid results. More advanced functions can be evaluated and tested parallel to the initial crawl phase.

Use a model for applying the right tools.  For example, visual markings don’t have to apply to all scenario’s and protecting also is not always the solution. This model contains threats and options. For example: “Accidental sharing”.