This article gives information about Data Loss Prevention (DLP) and the way this system works in Office 365.
Data Loss Prevention (DLP) is a system used by organisations to help protect sensitive information. It helps reduce the risk of sharing sensitive, personal data with individuals who shouldn’t have access to the information.
As the University uses Office 365, the Microsoft Data Loss Prevention policy has been introduced to the following applications: Teams, OneDrive, SharePoint and emails.
Every organisation has the obligation to protect sensitive, personal data. To support the University’s commitment on data protection and following the recommendations received in the previous KPMG audit, we have introduced Data Loss Prevention to several Office 365 applications.
At the University, information is stored and shared every day and sometimes this may include sensitive, personal data. When sharing this type of data, there is a risk of unauthorised individuals gaining access to our information so it is important we protect it – this is where Data Loss Prevention can help.
To understand more on the University’s commitment to protecting data, please read the Data Protection Policy.
Data Loss Prevention is an automated scanning tool built into Office 365 which will look for specific patterns of sensitive data for example, bank account numbers, passport numbers or National Insurance numbers.
If the Data Loss Prevention tool detects sensitive data being shared, it will be logged within the Microsoft DLP system. Please note the University cannot see the actual content or monitor what you are doing.
If you share a file or information externally on Teams, OneDrive, SharePoint or via email that includes 10 or more occurrences of sensitive data, you may receive a warning message called a policy tip.
Anyone at the University (both staff and students) with a University IT account.
The policy tip message is just a warning to make you aware that the sharing of sensitive data has been detected. You don’t need to do anything; however, it is an opportunity to think carefully about sharing this type of content and whether it is required. Consider the following:
The policy tip message will appear once an external email address has been included and as soon as you include 10 or more instances of sensitive data within the email.
The message will appear at the top of the email and inform you what type of sensitive data has been included (for example: passport numbers or credit card numbers). It will include the words:
"PLEASE NOTE: Sensitive information has been detected. Please review whether this information should be shared externally. Sensitive information type: XXXXXXXX. For further information: go.soton.ac.uk/it/DLP"
The policy tip message will appear once you have sent 10 or more instances of sensitive data within a Teams chat or channel to an external contact.
A short policy tip message will appear and include the words "This message was flagged" in red text with a flag symbol:
The policy tip will appear once you have shared 10 or more instances of sensitive data with an external contact.
The message will appear at the top of the document and inform you what type of sensitive data has been included (e.g. passport numbers or credit card numbers). It will include the words:
"PLEASE NOTE: Sensitive information has been detected. Please review whether this information should be shared externally. Sensitive information type: XXXXXXXX. For further information: go.soton.ac.uk/it/DLP".
Data Loss Prevention SharePoint page
KPMG Audit Finding – Data Loss Prevention
Was this article helpful?
If you have any further comments, please put them below.
Please note that feedback is anonymous - if you require a reply or assistance, please raise a ticket via ServiceLine.
Thank you for your feedback, it is much appreciated.