Microsoft 365 has added new security features, which prevent data leakage more effectively

Microsoft has just announced that it has added the Data Loss Prevention (DLP) extension to Microsoft 365 users' Endpoint. This will help organizations easily prevent data leaks, sharing or transmitting data. wrong data or to an inappropriate address and other similar risks.

Microsoft 365 Endpoint DLP expands the DLP's surveillance and protection capabilities with sensitive objects and data on Windows 10. "Once the device is put into device management, user information What to do with sensitive data will be listed in the activity explorer, so administrators can take actions to protect data through DLP policies , " Microsoft said. .

Currently, Microsoft 365 services such as Microsoft Teams, SharePoint, Exchange and office suites including Word, PowerPoint, Excel and Outlook as well as third-party applications that have Microsoft Cloud App Security with built-in DLP through Microsoft Information Protection (MIP).

In fact, Microsoft's Endpoint DLP expands MIP protection for devices and allows customers to implement a common information protection strategy across all environments. For example, businesses can use Endpoint DLP to prevent employees from printing or copying to sensitive documents.

Currently, Endpoint DLP allows businesses to enforce a range of security policies for the following activities:

1. Copy sensitive files to USB
2. Copy sensitive files to a network share
3. Upload sensitive files to cloud services
4. Print out sensitive documents
5. Copy sensitive content to the clipboard
6. Accessing sensitive files by unlicensed applications

According to Microsoft, Endpoint DLP has been provided to customers using Microsoft 365 E5 / A5 (EDU), Microsoft 365 E5 / A5 Compliance and Microsoft 365 E5 / A5 Information Protection and Governance as of July 22.

To deploy Endpoint DLP, Windows 10 devices need to meet the following requirements:

1. Must be running Windows 10 version 1809 or higher
2. Must join Azure Active Directory (AAD)
3. Microsoft Edge Chromium browser must be installed

Besides, Microsoft is also deploying the security feature Double Key Encryption for Microsoft 365 E5 users. According to Microsoft, this feature is completely secure because users control a key and Microsoft keeps a key. Data can only be opened when there are two keys and only the user has access to both keys. Therefore, Microsoft also can not know what you are storing because they only have 1 key.