Last November, Microsoft announced a lot of new enhancements to the Microsoft Information Protection portfolio. In a short series of blogs I will explain some of these. In this blog: exploring your sensitive and retainable content in Office 365.
Know your data
Knowing where your sensitive data is stored is very important for compliance and regulatory reasons. And although Azure Information Protection and Office 365 did provide us with several dashboards to get to that insight, it was quite a puzzle.
During Ignite 2019 Microsoft announced several enhancements and some are in preview right now. One of these is the new content explorer and it’s great. What’s so great about this?
Well, to be honest, the content explorer finally brings together sensitivity and retention labels and sensitive information types in one overview. And, it’s and explorer – which means I can just click through my storage locations and see what kind of (sensitive) data is stored. All discovered data will be presented and even the level of certainty. And (last but not least) it is fast.
You will need to have the correct permissions for this explorer to work. Microsoft added two new roles for this: Content Explorer List viewer and Content Explorer Content viewer. The names make it quite easy to understand the roles. A global admin is one of the roles which can assign these specifics roles.
Let’s take a look!
If your familiar with the data classification dashboard, you’ll know that this is where your label statistics can be found. Without the preview functions, you’ll only see the Sensitive info types displayed. With the preview enabled, your dashboard will look like this.
For the content explorer, your will go to the relevant option. What’s to see? At the left hand side, you will see a filter. You can use this filter to select either a sensitive information type, retention label or sensitivity label. You’ll see how many documents have been classified.
The main screen is the explorer itself. You’ll see the three most prominent Office 365 platforms: Exchange, SharePoint and OneDrive – including the number of documents found. You can simply double-click the location to down drill to the level you need. The lowest level is an overview of the documents themselves. If you’ve got a long list of sources, then you can use the Export function to get an CSV-file.
If you have the need to filter on a specific label or sensitive information type, then you can simply type it in. The information in the main screen will directly show the related documents. Very nice!
You can even open the relevant document and view its metadata. So you can check if the classification is correct or not.
Wrapping it up
The content explorer is a great addition to Microsoft 365. It enables your compliance, security and privacy officers to get a quick but comprehensive insight into the (sensitive) data in Office 365. And these roles should, by default, already have some sort of insight already 🙂 So this should just be an addition.
How often does the data in the Content Explorer refresh? I’ve had users delete sensitive info after it was discovered but it still shows in the count total.
This depends. I don’t think Microsoft gives any information on this. But based on my experiences with things like search, auto-labeling, DLP rules and more, it might take up to a week for this overview to be correct. Most of the time this depends on the indexing of information. And in my test-environment this takes time. But again – that’s not based on science of deep-knowledge or Microsoft information.