Office 365 OneDrive DLP
Data Loss Protection utilizes rules and approaches to figure out which records and information are viewed as confidential, necessary, or sensitive and secures those documents from being shared or transmitted. The objective of applying these principles, approaches, and defensive measures to Office 365 is to keep information misfortune from the Office 365 condition.
CloudCodes is a trusted platform for Onedrive DLP and DLP Onedrive for Business as the security measures required by the organization to overcome the security challenges are fulfilled. One such feature is One drive Data Loss Prevention that is provided by CloudCodes security solution for Office 365.
CloudCodes Office 365 One Drive DLP provides an easy and effective solution, configured within hours on Office 365. CloudCodes DLP framework ensures IT to configure various policies for different sets of users based on business and compliance requirements.
CloudCodes uses two different approaches to bring control to One Drive.
- Agent-based
- Agentless
Agent-Based Approach
An agent-based approach, CloudCodes agent, is installed on the end-user machine. The agent acts as a web proxy, i.e., the web traffic of applications that need to be monitored are passed through the agent. Other traffic can be redirected directly to the web without passing through the agent. The agent doesn’t store any content that it inspects. The following features are provided through the agent.
Download:
the IT can track/block the download of documents. This is one of the important aspects of security to ensure enterprise assets are not downloaded on unapproved devices.
Delete:
the IT can track/block the deletion of documents. There are times when the user tries to delete the records intentionally/unintentionally. The materials are the assets of the organization.
External Sharing of documents:
the IT can control in real-time track/block sharing of documents with blacklisted domains such as personal domains or competitor domains etc-etc.
Personal Outlookblock:
the IT can now block/access to personal mail within the enterprise network or on company-owned devices while allowing access to enterprise Email.
Agentless Approach
In the agentless approach, CloudCodes uses the API provided by OneDrive to poll on the events on an OneDrive document. IT can configure multiple policies for various sets of users to overcome the challenges of data loss prevention. The agentless approach allows the action to be taken in near real-time. The following rules can be configured.
Sharing to an external organization:
if a user tries to share documents outside the organization, such as to a competitor.
Sharing to personal ID's:
if a user tries to share documents with their email ids such as outlook.com, etc-etc.
Document contains keywords:
if a document contains a predefined keyword or regular expression.
The admin can configure the following actions as part of remedial measures.
Revoke permissions:
revoke permissions of all users except the owner. It ensures if a user tries to share a document with a personal email id or another domain, the document sharing permissions can be immediately revoked in near real-time.
Notify Reporting Manager:
a notification will be sent to the reporting manager of the sender on the DLP, as mentioned in the rules
Notify Super Admin:
a notification will be sent to the CloudCodes super admin.