Microsoft 365 E5 Compliance: Bring Data Risk Management Into Focus

Jeremy Wittkop, CTO

02.15.2021

As we move into 2021, your business is likely still adapting to an accelerated digital transformation to cloud-based operations. Along with that rapid change, you’re realizing that your data is growing faster than you can track it. And it’s not going to slow down; data volumes are expected to grow 4.5x every 2 years.

At the same time, the challenges of data security compliance also continue to evolve and grow. The regulatory landscape is exploding, with 220 daily updates from over 1000 regulators worldwide.

Many information security teams are looking for ways to approach these issues in a more comprehensive way. And with the proliferation of Microsoft applications throughout enterprises, they are naturally looking to Microsoft for answers.

Microsoft has responded, building a robust suite of data security tools and technologies that address a range of data protection needs including compliance, collaboration, and productivity. Together, they fall under the umbrella of your Microsoft E5 license.

Subsets of the E5 license allow you to focus on specific use cases. For example, Microsoft 365 E5 Compliance neatly packages their data loss prevention (DLP), data classification, and information rights management tools along with complementary tools that help organizations achieve and maintain compliance with a wide variety of regulations.

Will this big-picture, big-data solution work for your organization? 

Data Security Compliance in a World of Dark Data

Corporate data is growing, and more than 80% of it is dark—that is, you don’t know what it is, where it is stored, or how it’s used.

Consider the reach of your data across your business landscape. Your organization handles data:

  • On premises and on your internal network
  • In Microsoft Office apps—and in the Microsoft 365 cloud
  • On all types of endpoint devices: desktop, laptop, and mobile
  • In email—on servers and in transit
  • In collaboration apps such as SharePoint, Teams, and Groups
  • And through an endless string of third-party apps and sites

To manage data security compliance effectively, you must get your arms around all that data—whether you know about it or not. You’re asking questions about how to:

  • Know Your Data—Where does our critical intellectual property, sensitive information (SI), and personally identifiable information (PII) reside? What is being done with it?
  • Protect Your Data—How can we classify, label, and protect our data through classification policies? How can we balance security and productivity? How can we customize policies for specific data types and conditions?
  • Prevent Data Loss—How can we restrict access and monitor for inappropriate sharing, data exposure, and theft? How can we protect different environments and workflows?

In addition, you recognize that not all data is created equal. You must apply a basic level of protection across the board. But you need to enable greater protections for the most sensitive information. How can you apply a high level of protection to a financial report and apply lower-level restrictions on a document that contains information about the company picnic?

Microsoft Security and Compliance Center—A Hub for Data Security Compliance Management

With flexible protection options, customers can effectively balance their data security requirements without inhibiting end-user productivity. However, the proliferation of single-function security point products can create a chaotic environment for the people managing your compliance efforts. You’re likely looking for a better way to create a unified, intelligent, and extensible data protection foundation.

Microsoft Information Protection (MIP) is a data classification product that aims to deliver a foundational data identity that can be extended throughout the Microsoft ecosystem and beyond. If you’ve been following iterations of Microsoft’s DLP technologies, you’ll want to understand that MIP is not simply a rebranding of Azure Information Protection (AIP). MIP is a built-in product in the Microsoft 365 Compliance suite geared toward providing that unified data classification framework.

Consider the sheer scope of applications and solutions that are in use just in your daily business operations:

Microsoft Information Protection Data Classification

 

MIP sits at the center of that ecosystem, providing a single unified labeling structure to tie many disparate data security technologies together. It uses machine learning and artificial intelligence to make decisions about data based on the categories the data falls into. It enables you to use unified classification rules that work across all policies (e.g., protection, retention, DLP). And it provides unified audit and analytics experience across workloads.

InteliSecure has further enabled centralization and visibility across the Microsoft ecosystem with the Aperture platform. Aperture unifies the consoles and workflows of the widely disparate systems across the Microsoft 365 Compliance landscape.

Hundreds of Apps, One Goal: Protect Sensitive Data Wherever It Lives

When you look at that illustration above, you may think it still looks extremely complex. All those apps…all those possible connections, endpoints, and data sources. Is Microsoft 365 E5 Compliance really going to help you get your arms around your compliance and data risk issues?

At InteliSecure, we’ve been helping enterprises reduce data protection complexity for nearly two decades. We can say with confidence: Yes. You can build a data protection program that’s:

  • Comprehensive enough to be effective AND
  • Flexible enough to support your business objectives

Microsoft 365 Compliance provides a roadmap for information protection and governance that incorporates four key components:

 

Microsoft 365 Compliance Roadmap

  • The journey starts with knowing your data. Perform a comprehensive analysis to understand your data landscape and discover what kinds of sensitive data your organization has, where it lives, and how it is being processed and shared.

 

  • Once you understand your data estate, you can leverage a unified approach to protect your data by classifying information and determining protection and governance policies.

 

  • Data protection policies prevent data loss by applying data loss prevention (DLP) and encryption technologies, restricting data access, or applying watermarks.

 

 

 

  • Finally, you must govern your data by monitoring classification and policy enforcement over time. Under governance policies, you can create archiving rules, enforce retention and deletion policy, manage business-critical information as records, and trigger disposition reviews.

 

Is Aperture Your Key to E5 Compliance? InteliSecure Can Help You Find Out

As a qualified Microsoft Partner that specializes in data security, InteliSecure offers unparalleled expertise with data security technologies, solutions, and programs. We create practical compliance and risk management solutions that simplify data protection—and help you maximize the value of the Microsoft tools you already have.

We can get started by addressing the most critical need first: uncovering dark data. Through the Microsoft Compliance Workshop: Data Risk Management, we’ll reveal where your data resides, how it is being used and shared, and what your associated compliance risks are.

Beyond the workshop, InteliSecure provides a comprehensive suite of services including data protection program design, configuration assistance, and Managed Data Protection Services powered by InteliSecure’s proprietary Aperture platform—all designed to optimize your Microsoft investment.

Learn more about our Microsoft Compliance Workshop here. Still have questions? Contact us anytime.