Summary
Responsible organizations today use various controls and policies to keep their data safe and secure. These controls become even more crucial if the data involved is sensitive information. Sensitive information can range from industry-wide data (such as credit card numbers, Social Security numbers, or customer information) to proprietary information (such as patents or confidential documents). Protecting this sensitive data is important because it enables organizations to comply with industry, government, and other regulations.
This module examined how Microsoft 365 protects sensitive data through the Data classification solution in the Microsoft Purview compliance portal. Data classification is a cybersecurity term that describes the process of identifying, categorizing, and protecting content according to its sensitivity or effect. In its most basic form, data classification is a means of protecting an organization's data from unauthorized disclosure, alteration, or destruction based on how sensitive or impactful it is.
This module introduced you to data classification. You began by learning how organizations codify their data classification policies within a formal structure known as a data classification framework. The basic principles for developing a strong data classification framework are universal. However, the details of an organization's framework depend on the nature of its industry and the unique compliance and security factors of its data. The module also introduced you to the best practices for creating a well-designed data classification framework. It also identified the pain points organizations can encounter when creating their framework. You then examined how to implement a data classification framework in Microsoft 365.
Microsoft 365 comes with an array of predefined, or pretrained data classifiers. Classifying and labeling content is the starting point for information protection. You can classify data multiple ways in Microsoft 365. These methods include manual classification, automated pattern-matching, and using trainable classifiers. This module examined trainable classifiers, which is an advanced classification feature of Microsoft 365. You learned how to create custom trainable classifiers, and how to retrain a classifier based on recent activity.
The module then examined how the Microsoft Purview compliance portal provides data classification analytics; specifically, through Content explorer and Activity explorer. You learned how Content explorer provides visibility into the amount and types of sensitive data in an organization. You also learned how Activity explorer displays the activities that are related to sensitive information that employees can access.
The module concluded by introducing you to Document Fingerprinting. This solution identifies unique word patterns in documents and forms containing sensitive data. The system stores these word patterns in documents known as document fingerprints. These fingerprints detect outbound documents in Exchange Online that contain the same pattern. You learned that through this process, Document Fingerprinting makes it easier for an organization to protect the sensitive information that it uses.