Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog

How Can You Protect Yourself from Data Leaks?

Home
Industry Insights
How Can You Protect Yourself from Data Leaks?

Blog Article Published: 11/03/2021

Written by Romain Coussement, Cloud security expert at Fortica

Leaks of sensitive data were prominent in the news in the summer of 2019 and the months that followed. One after the other, large companies saw their customers’ sensitive data exposed on the Internet. How can you mitigate the threat of data leakage? Solutions are specifically designed to ensure that data stays inside your organization.

If you’ve recently migrated to a cloud computing environment such as Office 365 to adapt to the new reality of remote work, you may be fearful that sensitive data could be disclosed outside your organization. This is when a data loss prevention (DLP) solution comes into play.

Data Loss Prevention (DLP)

There are various products for data loss prevention (DLP), some of which are more effective than others. On the other hand, an effective, properly configured DLP solution will allow you to identify sensitive data in your documents and prevent it from being copied, even on USB sticks. A DLP solution is integrated with Microsoft 365 and offers several features:

  • Labelling sensitive information
  • Preventing accidentally sharing confidential information
  • Monitoring and protecting information even on users’ workstations
  • Educating employees by notifying them that they have misused the information
  • Investigating potential data breaches

Azure Information Protection (DLP) for Microsoft 365

Azure Information Protection (AIP) is software that allows you to categorize information by using labels that are applied (automatically or manually) to your documents and emails. Before labelling the information in AIP, the administrator must define which information is sensitive and how sensitive it is. That way, documents that have a sensitivity label, for example, would only be accessible to the organization’s members, making it impossible for any other person to view them. Moreover, if an email containing confidential information leaves your cloud computing environment through Outlook, it could be automatically encrypted to prevent data leakage. Azure Information Protection also provides the ability to apply retention labels that will help you prevent important documents from being accidentally deleted. Documents that must be kept in archives for a number of years can thus avoid being deleted. Similarly, retention labels can block changes to documents that are considered final, such as signed contracts. This feature therefore guarantees your documents’ long-term integrity. If some documents do not need to be kept for the long term, AIP also makes it possible to delete them automatically when the retention period has expired. The Office 365 DLP solution is limited to Microsoft 365 apps. For an overview of all the information that users send over the Internet, it is necessary to acquire a solution such as a CASB (cloud access security broker).

The CASB

A cloud access security broker (CASB) is software located between cloud computing service users and cloud computing applications. It monitors all activities and applies security policies in the cloud. A CASB can offer various services, such as monitoring user activity, warning administrators of potentially dangerous actions, preventing data leaks, and preventing the operation of malware. Microsoft offers a CASB-type solution: Microsoft Cloud App Security (MCAS). This solution dovetails with Azure Information Protection and provides the following features:

  • Visibility: Detect all cloud services used by your organization; assign a risk level to each; identify all third-party users and applications that can log in to your environments.
  • Data security: Identify and control sensitive information (DLP); manage data based on classification labels.
  • Protection against threats: Provide access control that can be adapted to users and their context; provide an analysis of user and entity behaviour (UEBA); limit the risks of malware.
  • Compliance: Provide reports and dashboards to support cloud governance; support efforts to comply with data residency and regulatory compliance requirements.

By making proper use of data categorization and DLP and CASB features, you will achieve a high level of security for your cloud-hosted information.

AzureCASB

Share this content on your favorite social network today!

Latest from CSA
Virtual Cloud Trust Summit 2024
Three New Papers for Successful AI Implementation
This Year’s Zero Trust Opportunity for Security Professionals
Trending This Week
#1 CCSK vs CCSP: Unbiased Comparison
#2 Demystifying Secure Architecture: Review of Generative AI Based Products and Services
#3 Managing Cloud Misconfiguration Risks
#4 Five Approaches for Securing Identity in Cloud Infrastructure
#5 Clarifying 10 Cybersecurity Terms
Enhance your cloud security skills with CSA's online training options.
Related Articles:
Detecting Compromised Accounts in Microsoft 365

Published: 04/04/2024

Powerful Cloud Permissions You Should Know: Part 1

Published: 03/26/2024

Defend Against Azure Cross-Tenant Synchronization Attacks

Published: 03/15/2024

Phishing in Azure Cloud: A Targeted Campaign on Executive Accounts

Published: 03/11/2024