Microsoft Teams added to its capabilities the DLP feature, which can prevent data breaches and loss

The main concern for businesses when using applications for remote work is related to data breaches and potential data losses. Microsoft recently added its data loss prevention capabilities to Microsoft Teams chat and channel messages for users licensed for Office 365 Advanced Compliance. The new capability adds one more layer of protection for companies’ data and more safety for Microsoft Teams users. We gathered below some information from Microsoft, which can help to set up the option.

How it Works

If the organization has DLP, it’s possible now to define policies that prevent people from sharing sensitive information in a Microsoft Teams channel or chat session. Check below some examples.

Protecting Sensitive Information in Messages

Suppose that someone attempts to share sensitive information in a Teams chat or channel with guests (external users). If you have a DLP policy defined to prevent this, messages with sensitive information that are sent to external users are deleted. This happens automatically, and within seconds, according to how your DLP policy is configured.

DLP for Microsoft Teams blocks sensitive content when shared with Microsoft Teams users who have - guest access in teams and channels or external access in meetings and chat sessions.

Protecting Sensitive Information in Documents

If a user attempts to share a document with guests in a Microsoft Teams channel or chat, and the document contains sensitive information, the document won't open for those users considering that you have a DLP policy defined to prevent this. Note that in this case, your DLP policy must include SharePoint and OneDrive for protection to be in place. (This is an example of DLP for SharePoint that shows up in Microsoft Teams, and therefore requires that users are licensed for Office 365 DLP (included in Office 365 E3) but does not require users to be licensed for Office 365 Advanced Compliance.)

Policy Tips can Help to Educate Users

More than just block and prevent users from doing something wrong, it’s important to educate them and learn how simple and small actions can affect the company’s sensitive data. Similar to how DLP works in Exchange, Outlook, Outlook on the web, SharePoint Online, OneDrive for Business sites, and Office desktop clients, policy tips appear when an action conflicts with a DLP policy. Below an example of a policy tip:

Add Microsoft Teams as a Location to Existing DLP policies

To perform this task, you must be assigned a role that has permissions to edit DLP policies. To check it out you will need to access Permissions.

1 - Go to the Office 365 Security & Compliance Centre (https://protection.office.com) and sign in.

2 - Choose Data loss prevention > Policy.

3 - Select a policy, and look at the values under Locations. If you see Teams chat and channel messages, you're all set. If you don't, click Edit.

4 - In the Status column, turn the policy on for Teams chat and channel messages.

5 - Keep the default settings of all accounts or specify which accounts to include or exclude.

6 - Click Save.

Allow approximately one hour for your changes to work their way through your data centre and sync to user accounts.

How to Define a new DLP policy for Microsoft Teams

To perform this task, you must be assigned a role that has permissions to edit DLP policies. To learn more, see Permissions.

1 - Go to the Office 365 Security & Compliance Centre (https://protection.office.com) and sign in.

2 - Choose Data loss prevention > Policy > + Create a policy.

3 - Choose a template, and then choose Next.
In this example, we are using the U.S. Personally Identifiable Information Data template.

4 - On the Name your policy tab, specify a name and description for the policy, and then choose Next.

5 - On the Choose locations tab, keep the default setting of all locations, or select Let me choose specific locations, and then choose Next.
If you chose specific locations, select them for your DLP policy, and then choose Next.

Additional Information

To make sure documents that contain sensitive information are not shared inappropriately, make sure SharePoint sites and OneDrive accounts are turned on, along with Teams chat and channel messages. Channels in Microsoft Teams are strongly dependent on Exchange Online functionality. Make sure that Exchange email location is also enabled for the policies that should be applied for the content of the channels.

* The article above is based on the information provided by Microsoft, click here to know more.

Microsoft Technical Training at New Horizons Ireland

As one of the biggest Microsoft partner worldwide, New Horizons Ireland provides a wide range of Microsoft Technical courses, including Microsoft Teams. At New Horizons Ireland you can choose the best option for you, online, online live or instructor-led. Check out our full list of courses.