About Active Sync Mobile device mailbox policies ABQs
• About Active. Sync • Mobile device mailbox policies • ABQs
What’s Active. Sync? • • •
Active. Sync Clients • i. OS Mail app • Android Mail app (depending on each manufacturer) • Windows Phone Mail • Outlook for i. OS/Android
Basic Operations § § §
Management § §
Mobile device mailbox policies • Common set of policies or security settings to a collection of users. • A default mobile device mailbox policy is created in every Office 365 organization.
Mobile device mailbox policies • • •
ABQ: Allow, Block, Quarantine § §
O 365 as MDM § § §
Data Loss Prevention in Exchange Online
Agenda • Introduction to Data Loss Prevention in EXO • Content Analysis Process • Document Fingerprinting • DLP Reporting & Customization • Demo
Identify Monitor Protect End user education Helps to • identify • monitor • protect sensitive data through deep content analysis
DLP Policy Enforcement Flexible tools for policy enforcement that provide the right level of control Transport Rules • Rights Management • Data Loss Prevention • APPEND ENCRYPT CLASSIFY OVERRIDE REVIEW REDIRECT ALERT BLOCK
Content Analysis Process
Get Content Joseph F. Foster Visa: 4485 3647 3952 7352 Expires: 2/2015 Reg. Ex Analysis 4485 3647 3952 7352 a 16 digit number is detected Function Analysis 1. 4485 3647 3952 7352 matches checksum 2. 1234 does NOT match Additional Evidence 1. Keyword Visa is near the number 2. A regular expression for date (2/2015) is near the number Verdict 1. There is a regular expression that matches a check sum 2. Additional evidence increases confidence Matches Does not Match
DLP Document Fingerprinting
§ Matching derivative documents from a previously defined template • A tax firm needs to detect and encrypt standard tax forms, like the 1040 EZ, W 2, etc. • A Law firm can fingerprint legal forms, and have them detected automatically for policy application § Integrates with the existing DLP infrastructure as a custom sensitive information type § Surfaced in Exchange, Outlook and OWA
CONFIGURATIO N § § § Get Template Content Create Fingerprint Get Email Content Fabrikam Patent Form Tracking Number Author Date Invention Title Names of all authors. . . 1. Condensed representation of the hashed template content 2. Stored as a sensitive information type 1. Add fingerprint to policy rules together with other conditions 2. Mapped to desired actions CLASSIFICATION RULE with FINGERPRINT
§ § § RUNTIME Get Email Content Fabrikam Patent Form Tracking Number 12345 Author Alex Date 1/28/2014 Invention Title Fabrikam Green Energy. . . POLICY RULES REFERENCES TO PREVIOUSLY GENERATED FINGERPRINTS Evaluation Create Fingerprint 1. Temporary in memory representation 2. Used for comparson with source fingerprint created at config time + verdict FINGERPRINT GENERATION Verdict 1. Compare the two fingerprints 2. Evaluate a ’containtment coefficient’ to declare a match
Reporting and Customization
§ Comprehensive view of DLP policy application § Drill into specific departures from policy to gain business insights § Request detailed reporting data up to 90 days § Export to excel workbook & email incident reports
Demo
- Slides: 27