Data Loss Prevention(DLP) in Office 365 SharePoint Online

Office 365 has been providing Data Loss Prevention (DLP) support in Exchange Online for some time. DLP has now been extended to SharePoint online and provides a way to identify sensitive data like credit card number, IP address, SSN etc. stored in OneDrive documents and SharePoint Online sites.

Below are the steps for setting up DLP in SharePoint Online

Step 1. Create an eDiscovery Center

As DLP in SharePoint online is built into the eDiscovery Center we first need to setup an eDiscovery Center site. See Set up an eDiscovery Center in SharePoint Online to create an eDiscovery site.

Step 2. Create an eDiscovery Case

In order to create queries and search for sensitive information an eDiscovery Case should be created.

1.  Navigate to the eDiscovery Center site and click on Create new case button.

2.  On the new site creation page enter values for Title, Description and Web Site Address

3. Select the site template as eDiscovery Case.

4. Choose your preferred options for permissions and navigation and click Create button.

Step 3. Create Queries for Sensitive Information

1.  Navigate to the case site and click on new item link under Search and Export section

 

2.  On the new Query creation page

a) Give Name for the Query

b) Enter a query for sensitive information you want to search in SharePoint Online. You can leverage the 51 built in sensitive information types for forming the query. The format for the query is

SensitiveType:”< type>|<count range>|<confidence range>”

"<type>” is required, and both <count range> and <confidence range> are optional.  For example to search for documents that contain 10 or more IP Address you would use a query

SensitiveType=”IP Address|10..”

 

c) Optionally you can specify the start date and end date and author names to filter the search

d) To add a source for the search query click on Modify Query Scope and from the popup click add location and enter the URL of SharePoint site in which you want to search for sensitive information and click Ok to save the scope.

e) Click the Save button to save the query.

Step 4. Search for Sensitive Information

1.  After you have saved the query click on Search button to search for sensitive information.

2. Documents and pages in SharePoint Online site matching the sensitive information query will be displayed in the SharePoint tab in the results section.

3. Click Export button to export the search results to spread sheet.