The M365 Security Deployment planning Services (DPS) engagement is designed to create an awareness, build a strategy to improve TIU National Bank’s* Office 365 adoption through deployment of security capabilities included in Office 365 and EMS.
(AIP) is a cloud-based solution that enables organizations to classify data (Files & Emails) by applying labels
Solution
Now, to improve TIU National Bank’s* O365 Adoption and improve their security deployment, the following technologies were used:
Azure Information Protection (AIP)- A cloud-based solution that enables organizations to classify data (Files & Emails) by applying labels & uses the Azure Rights Management service (Azure RMS) to protect same. AIP is part of the Microsoft Information Protection (MIP) solution and extends the labeling and classification functionality provided by Microsoft 365.
The following image shows the Azure Information Protection additions to MIP, including the unified labeling client, scanner, and Azure Rights Management Services.
Because an Azure Information Protection (AIP) label is stored in metadata, mail flow rules in Exchange Online can read this information for messages and Office document attachments.
As a pre-requisite to configure mail flow rules to identify messages and documents that are labeled, the GUID of the Azure Information Protection Sensitivity label was captured from AIP Portal.
- This data protection service from Azure Information Protection, does not see or store data as part of the protection process & simply makes the data in a document unread able to anyone other than authorized users and services:
- The data is encrypted at the application level and includes a policy that defines the authorized use for that document.
When a protected document is used by a legitimate user or it is processed by an authorized service, the data in the document is decrypted and the rights that are defined in the policy are enforced.
Technologies Used
Accomplishment
As part of this M365 Security DPS engagement there are three Discoverycum Design workshops delivered with key focus on:
- Giving an overview of the security & compliance features capabilities of Office 365 & EMS (Enterprise Mobility + Security) Module along with protecting and managing corporate data regardless of wherever it resides.
- Understanding your environment and identifying areas where the capabilities demonstrated could be used to solve a business problem or scenario.
- Helping you create an appropriate Office 365 Security & Compliance features deployment plan based on identified business requirements.
- Also, an O365 Security demo was presented to TIU National Bank’s* IT Team showcasing data protection capabilities of M365 platform using sensitivity labels & Policies configuration.
