One form of data breach is data leakage. This results from the mishandling of information. It can also happen due to user mistakes that leave sensitive information exposed.
While many data breaches come from outside a company, data leakage comes from the inside. If a classified document is accidentally sent to an unauthorized recipient, that’s an example of data leakage.
Information security protections at the document level are an important safeguard. These help prevent data leakage and the resulting breaches.
Approximately 34% of data breaches involve internal actors.
Office 365 users have a powerful tool to prevent data compromise, called sensitivity labels.
Sensitivity labels allow organizations to label content according to its level of confidentiality. Once labeled, content can then have automatic security policies applied based on that label.
The following content can have sensitivity labels applied:
- Word documents
- Excel spreadsheets
- PowerPoint presentations
Microsoft is also expanding sensitivity labels. Team sites, SharePoint Online sites, and Office 365 groups, can also use their own sensitivity labels
How Can We Use Office 365 Sensitivity Labels?
Imagine being able to track all access to a sensitive internal memo. Or having the ability to automatically encrypt any emails containing R&D information.
These are the types of document handling controls that sensitivity labels make possible.
Three important features of Microsoft’s sensitivity labels are:
- They’re customizable
- They’re in clear text
- They follow the document across different apps
Here are several tips on using sensitivity labels. They can help with regulatory compliance, document tracking, and overall information security.
Set Up Labels Strategically
Sensitivity labels are completely customizable. This allows you to use them for document security, tracking, and organization.
For example, you might set up your labels by department:
You could also set both companywide and document specific labeling, such as:
- Internal Use Only
- Encrypted Content
- HR Training Documents
- HIPAA Protected
Consider all your document handling needs. Then use sensitivity labels to their fullest to help you implement those policies.
Use for Encrypting Content
If someone is sending protected health information about a client via email, how can you be sure that email isn’t leaked accidentally?
One security policy you can use with sensitivity labels is document encryption. This would allow you to apply a label to any emails with patient information to encrypt them.
The encryption feature is also useful for time-limited information. You can set encryption to make content unreadable after a certain timeframe.
Enable Labeling for All Documents
If you work to put a document labeling policy into place and no one uses it, it’s not going to do you much good.
You have many ways to ensure that all Word, Excel, PowerPoint files and emails receive a sensitivity label.
- Require that users apply a label upon content creation
- Apply a default sensitivity label to all documents
- Set up automatic labeling based upon the document contents
Other tools you have that help users properly apply sensitivity labels include:
- The ability to have the system suggest a sensitivity label
- A customizable help page with document labeling instructions
Clearly Mark Sensitive Content
You can customize a watermark, header, and/or footer based upon a document’s sensitivity label. This further helps users know how to handle a specific document.
For example, if you add a watermark that says “DO NOT COPY” across a confidential document, it’s going to be harder for the user to miss.
Extend Protection to Third-Party Apps
One of the most protective features of sensitivity labels is the persistence. The labels allow security policies to follow the content across app platforms.
Say you’ve created a document labeled for “internal use only” and added an email restriction. That restriction will remain embedded with the document across different applications.
Companies can use Microsoft Cloud App Security to detect, classify, label, and protect content in third-party apps. This includes apps like Dropbox and Salesforce. This feature gives you more document control over your entire cloud infrastructure.
Track Documents Simply
There are many analytics that you can use for labeled documents. This allows you to look deeper into document security across your organization. You can also apply sensitivity labels only for tracking alone.
One helpful view allows you to see a list of Exchange Online mailboxes. It provides a view of messages by sensitivity label contained in each mailbox. This can help you immediately identify locations of your highly sensitive information.
Require Justification to Change a Label
If a user can change a sensitivity label, it makes your document security less effective.
There is a safeguard against this. It requires anyone that tries to change a sensitivity label to provide justification. This is another way to ensure documents are being classified and secured properly.
Enhance Your Business Strategy with Smart Solutions
We help businesses in the Chesapeake, Norfolk, and Virginia Beach areas make the most of cloud solutions. ZZ Servers can help you explore sensitivity labels and other document security solutions.
Contact us today to schedule a free consultation. Call 800-796-3574 or reach out online.