RebelAdmin.com - The Tech Blog You Need
RebelAdmin.com - The Tech Blog You Need
  • Active Directory
  • Azure Active Directory
  • Azure
  • Windows Server
  • Contact us
Browsing Tag
data loss prevention
Azure

Step-by-Step Guide: Protects files with azure cloud app security admin quarantine

January 14, 2019 No Comments

Azure Cloud App Security is a great service to gain visibility in to your cloud apps and its data. It helps to identify security threats and take relevant actions to mitigate those based on policies. 

Using File Policies in cloud app security, we can scan and find sensitive information stored in cloud apps. Once these information are found we can associate different actions to it such as send alert, apply classification, change permissions etc.… . It also allows to move data found by a file policy in to a separated folder with limited access. This called as Admin Quarantine. When this is enabled under a policy,

• File will move to the admin quarantine folder

• system will delete original file

• System will place a tombstone file in original location. This file includes data which will help to releases the file. 

Prerequisites 

• In order to use cloud app security, we need E5 licenses. More details about licenses available here https://www.microsoft.com/en-gb/cloud-platform/enterprise-mobility-security-pricing

• Before start with polices, we need to get cloud apps connected. You can find more details under https://docs.microsoft.com/en-us/cloud-app-security/enable-instant-visibility-protection-and-governance-actions-for-your-apps . In this demo I am going to use Office 365 and I already got it configured as connected app. 

In this demo I am going to setup file policy to recognize files with credit card details. If policy finds a matching file it will automatically move it to admin quarantine. 

Cloud app security also have a pre-built policy to detect files with credit card details. If you only looking for credit card details, I recommend to use that existing policy. purpose of this demo to show how to create custom file policy with admin quarantine.

To configure,

1) Log in to cloud app security portal on https://portal.cloudappsecurity.com as Global Administrator 

2) Then go to Control | Policies

3) To create new policy, click on Create policy and from drop down list select File Policy

Continue reading
Reading time: 3 min
Written by: Dishan M. Francis
Active Directory

Step-by-Step Guide: Prevent Sensitive Data Leaks using Office 365 Data loss prevention (DLP) Policies

January 4, 2019 No Comments

In my previous blog post I explained how to protect sensitive email data using Azure information protection. Using data classifications and policies we can prevent users from sharing sensitive information via email. You can read more about it using http://www.rebeladmin.com/2019/01/step-step-guide-protect-confidential-emails-using-azure-information-protection/. Azure information protection can do many things to protect sensitive data in an organization. Email protection is just one feature of it. it even can protect data in hybrid environments. 

Data loss prevention (DLP) policies also capable of preventing sensitive data sharing via email. But it is only applying to office 365 services. Also, it doesn’t include classification, it only works with real-time data. let’s see some of the capabilities of DLP policies. 

• Support pre-defined data patterns on custom data patterns – Organizations can use pre-defined data patterns comes with DLP policies such as U.S Financial Data, HIPPA or create custom patterns to identify different type of data across different locations such as Exchange Online, OneDrive etc.  

• Educate Users – Using DLP policies we can send notifications to senders in a policy breach. These notifications will include, data types, reason for block etc. So next time users can prevent doing it. 

• Reporting – DLP policy can send detailed email report to administrators in a policy breach. 

• Support Office Apps – DLP policies supports Office 2016 and later desktop clients. 

In today demo I am going to setup a DLP policy to detect credit card details in emails. Also, if someone try to send it to external user via email, policy should block it. in policy breach it will send notification to sender and a detailed report to administrator. 

1. To start, log in to https://portal.office.com as Global Administrator & open Admin Center 

2. Then go to Admin Centers | Security and Compliances 

3. It will open up a new window, in there go to Data loss prevention | Policy

4. Then click on Create a policy

Continue reading
Reading time: 3 min
Written by: Dishan M. Francis

Search

Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages

Microsoft MVP

MVP for Last 5 Years!

July 19, 2018

I am glad to announce that I have been awarded with MVP award by Microsoft for 5th consecutive time. It is a true honor to be a part of such a great community. I got my first award back in 2014 under Active Directory category. […]

Mastering Active Directory

Mastering Active Directory

July 2, 2017

Mastering Active Directory

This is my 14th year in IT. During that time, I was working with different companies. I was working on different positions. […]

Follow Us

Twitter
LinkedIn

© 2018 copyright Dishan Francis // All rights reserved