Azure Data, Services and Workloads DLP Assessment - NOT O365

Question

Azure Data, Services and Workloads DLP Assessment - NOT O365

Raju Golla 41

Hi,

Appreciate relevant resourcess and tools that can be used for

Assessing the Azure Data, Services and Workloads for DLP (Please note the request is for Azure PaaS services, Data and Workloads against DLP Controls, - NOT OFFICE 365

Identity and Access Management
Platform Protection
Security Operations
Data and Applications DLP

As part of the "Azure DLP Assessment" we want to assess the Azure PaaS services, Data and Workloads, - NOT OFFICE 365 against Azure DLP Benchmarks, summarise the gap, risk apetite with risk remediation report.

After multiple failed attemps of obtain the help via Twitter @AzureSupport like to seek help here.

Questions - Help sought

Please share Azure DLP resources that help in assessing Azure hosted Data, Serivces and Workloads for Data Loss Prevention.
What are Azure DLP benchmarks that can be used for the DLP Assessment?
Are there any tools to carryout the DLP Assessment in Azure for the above (1)? Please inform

Thanks

JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-25T00:28:59.367+00:00

@Raju Golla
Thank you for your post! I've reached out to my team regarding this issue and will follow up as soon as possible with our findings.

If you have any other questions in the meantime, please let me know.
Thank you for your time and patience throughout this issue.
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-25T22:37:30.997+00:00

@Raju Golla
Thank you for your time and patience throughout this issue! I found documentation that might help answer some of your questions, and I've also reached out to our engineering team regarding your questions and will update as soon as I hear back from their end.

Links:
Data loss prevention policies
Security Control V2: Data Protection

Please allow some time in our response since we are going into our Thanksgiving weekend starting tomorrow.
Thank you again for your time and patience throughout this issue.
Raju Golla 41 Reputation points

2020-11-28T10:24:48.64+00:00

Thanks James.

First link in your response is Power Platform related.
I await for your response from engineering team.

Happy Thanks Giving. Hope you had a nice one.
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-30T22:43:53.19+00:00

@Raju Golla
Thank you for the quick response! I've followed up with our engineering teams on this and will update as soon as receive anything from their end.

Thank you for your time and patience throughout this issue.

1 answer

Your answer

JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-25T00:28:59.367+00:00

@Raju Golla
Thank you for your post! I've reached out to my team regarding this issue and will follow up as soon as possible with our findings.

If you have any other questions in the meantime, please let me know.
Thank you for your time and patience throughout this issue.
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-25T22:37:30.997+00:00

@Raju Golla
Thank you for your time and patience throughout this issue! I found documentation that might help answer some of your questions, and I've also reached out to our engineering team regarding your questions and will update as soon as I hear back from their end.

Links:
Data loss prevention policies
Security Control V2: Data Protection

Please allow some time in our response since we are going into our Thanksgiving weekend starting tomorrow.
Thank you again for your time and patience throughout this issue.
Raju Golla 41 Reputation points

2020-11-28T10:24:48.64+00:00

Thanks James.

First link in your response is Power Platform related.
I await for your response from engineering team.

Happy Thanks Giving. Hope you had a nice one.
JamesTran-MSFT 36,911 Reputation points Microsoft Employee Moderator

2020-11-30T22:43:53.19+00:00

@Raju Golla
Thank you for the quick response! I've followed up with our engineering teams on this and will update as soon as receive anything from their end.

Thank you for your time and patience throughout this issue.

Answer 1

@Raju Golla
Thank you for your time and patience throughout this issue, I received a response from our engineering team and will post their update below.

Update:
For our benchmark recommendations we only recommend services/features/capabilities which are in GA, and we arrive on our guidance with partners who are subject matter experts in those areas. To my knowledge, there aren’t any first party Azure PaaS specific services that support DLP currently, most of our support for DLP is around O365 and office files. There is some functionality to monitor unauthorized transfer of data with Azure ATP for supported technologies like Azure SQL ATP or Azure Storage ATP, we also mention locking down storage resources with proper role-based access controls and tagging properly based on data classification. In the Azure Security Benchmark we recommend monitoring supported Azure services with Azure ATP, and AIP for your office files, otherwise to use host-based DLP solution where applicable.

Thank you again for your time and patience throughout this issue.

----------

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

Share via

Azure Data, Services and Workloads DLP Assessment - NOT O365

Data and Applications DLP

1 answer

Your answer