Windows 10 is now able to better protect your business data on Microsoft 365

Magnifying Glass Data
(Image credit: Alexskopje / Shutterstock)

Protecting sensitive business data in documents and emails in Windows 10 is about to get a whole lot easier as Microsoft has updated its Microsoft Information Protection (MIP) solution with new capabilities.

MIP is built-in to Windows 10 and it provides a unified set of capabilities to know and protect business data and prevent data loss across Microsoft 365 apps, services, on-premises locations, devices and even third-party apps and services.

Understanding what sensitive data resides in an organization is the first step to protecting it and preventing data loss. This is why MIP includes both out-of-the-box sensitive information types (SITs) and well as Exact Data Match (EDM).

Out-of-the-box SITs use pattern matching to find data such as credit card numbers, account numbers and Social Security Numbers that need to be protected. MIP currently offers over 150 out-of-the-box SITs that are mapped to various regulations worldwide. EDM on the other hand is a classification method that enables users to create custom sensitive information types that use exact data values.

Knowing and protecting business data

To begin protecting your data using EDM, you first need to configure the EDM custom SIT and upload a CSV table of the specific data to be protected which may include employee, patient or other customer-specific information. From here you can then use the EDM custom SIT with policies such as data loss prevention (DLP) to protect your sensitive data.

Microsoft has continued to invest in and enhance its EDM service by increasing its service scale by a factor of 10 to support data files containing up to 100m rows while also decreasing the time it takes for data to be uploaded and indexed by 50 percent. The company has also added salting to the hashing process to better protect sensitive data uploaded to its EDM cloud service.

Another core component of MIP is sensitivity labels which can not only be applied to documents and emails but also to protect entire Teams and sites. Earlier this year, Microsoft allowed organizations to apply a sensitivity label to a Team or site and associate that label with policies related to privacy and device access. This allows users to secure sensitive data whether it is in a file or in a chat by managing access to a specific team or site.

Now Microsoft has announced that users can also associate external sharing policies with labels to achieve secure external collaboration. This capability further helps ensure only authorized users can get access to sensitive data in Teams and SharePoint sites.

Principal group program manager at Microsoft Maithili Dandige provided further insight on the importance of protecting business data in a blog post announcing the new capabilities in MIP, saying:

“Data is the currency of today’s economy. Data is being created faster than ever in more locations than organizations can track. To secure your data and meet compliance requirements like the General Data Protection Requirement (GDPR) – you need to know what data you have, where it resides, and have capabilities to protect it. The above new capabilities are part of the built-in, intelligent, unified, and extensible solution that Microsoft Information Protection offers to enable both administrators and users to protect organization data while staying productive.” 

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.