Data Loss Prevention in Microsoft Teams
Data Loss Prevention is even more important with the recent COVID-19 situation and resultant lockdown. Microsoft Teams supports the day-to-day collaboration activities for users across many organisations. Teams is now playing a pivotal role in keeping users connected as they work remotely. With more usage being made of Teams, coupled with the external access and guest access capabilities it has, organisations may need to consider what sensitive information is being sent via this service.
Office 365 Data Loss Prevention (DLP) policies help prevent sensitive information from being carelessly shared or otherwise leaked. For example, a DLP policy applied to Exchange Online mailboxes can help prevent sensitive information from being shared via email. Applied to Microsoft Teams, DLP policies help protect sensitive information in Teams chats and channel messages.
For licensing information on Data Loss Prevention, see the Microsoft 365 licensing guidance for security & compliance
Sensitive information types in Office 365
The foundation for DLP policies is sensitive information types. Office 365 includes approximately 100 built-in sensitive information types that can be used in DLP policies. These include types such as financial data and Personally Identifiable Information (PII), e.g. credit card numbers, bank account numbers, passport numbers and so on. Microsoft provides sensitive information types for different regions around the world. It is also possible to define custom sensitive information types too.