Information Protection and Governance Flashcards
What are the four key pillars of Microsoft Purview’s Information Protection and Governance?
The four key pillars are:
Know your data
Protect your data
Prevent data loss
Govern your data
How can Microsoft Purview help you understand your data landscape?
Microsoft Purview helps you understand your data landscape by using tools like Trainable Classifiers and Sensitive Information Types (SITs), which enable better understanding and classification of your data across its various locations and formats.
How do Sensitivity Labels help protect your data in Microsoft Purview?
Sensitivity Labels allow you to classify, label, and protect data across your data residencies. They control the protection of your data through measures like encryption, watermarking, headers and footers, and requiring justification for downgrading labels. These labels can also enforce access controls based on classification.
Can admins monitor and respond to label usage activities in Microsoft Purview? If yes, how?
Yes, admins can monitor and respond to label usage activities through the Purview Portal, where reports and analytics are available for tracking label application and other security activities.
How do Data Loss Prevention (DLP) policies help prevent data leakage?
DLP policies prevent intentional or unintentional data leakage by identifying, monitoring, and protecting sensitive data across different data environments. Pre-built policies, aligned with geographical regulations like UKFP or HIPAA, help enforce these protections.
Can you create custom DLP policies in Microsoft Purview?
Yes, you can create custom DLP policies using Sensitive Information Types (SITs), Sensitivity Labels, and Retention Labels to tailor data loss prevention to your organization’s specific needs.
How does Microsoft Purview help in governing data across an organisation’s data estate?
Microsoft Purview enables governance across an organisation’s data estate by using Retention Policies to manage data over time. This includes defining how long data is retained in systems like Exchange and SharePoint. For more granular control, Retention Labels can be used to manage exceptions to broader retention policies.
What is the role of Sensitive Information Types (SITs) in data classification?
Sensitive Information Types (SITs) use pattern matching via regular expressions (RegEx) to detect and classify sensitive information, such as credit card numbers or personal identification numbers. You can use pre-built SITs or create custom ones tailored to your organisation’s specific data.
What are Trainable Classifiers, and how do they work?
Trainable Classifiers use machine learning models to categorise data objects. They can be pre-built classifiers trained by Microsoft (e.g., to recognise resumes or invoices) or custom classifiers that you train to recognise specific types of data relevant to your organisation.
What is the purpose of the Content Explorer in Microsoft Purview?
The Content Explorer in the Compliance Portal allows you to deep dive into the content of labeled documents and review data that has been flagged or highlighted in compliance dashboards for further investigation.
How does the Activity Explorer help manage labels and data?
The Activity Explorer tracks and manages label activity across your data landscape, helping you make data-driven decisions about the effectiveness of policies. For example, you can monitor how many “Highly Confidential” labels have been downgraded to “Public” and adjust policies if needed.
Can Sensitivity Labels be published without Label Policies?
No, Sensitivity Labels can only be published through Label Policies. These policies define who can access and apply specific labels and can enforce default labels for particular groups, such as Payroll or Sales.
What additional settings can Label Policies configure?
Label Policies can also configure settings like who has access to certain labels, default labels for different user groups, and can even include links to custom help pages for label guidance.
Which environments can Microsoft Purview DLP policies cover?
Microsoft Purview DLP policies can identify, monitor, and protect sensitive data across a variety of environments, including on-premises systems, 3rd party systems, OneDrive, SharePoint, Exchange, Teams, Power BI, Office, and the cloud.
What role does the Compliance Manager play in DLP?
The Compliance Manager provides assessments and recommendations on your organisation’s compliance posture, helping you ensure that your data loss prevention policies are aligned with regulatory requirements.
