Information Protection and Governance with Microsoft 365

What? Me, Worry?

Why do we need to worry about our data? There’s probably a large portion of it that is confidential!

Why do we feel the need to protect it, and to manage it? Perhaps, we don’t want it to grow and overcome our ability to manage it?

While there are a number of common challenges that most organizations have with data, it is also dangerously clear that each organization will have its own requirements and needs to govern (manage) their own unique types of data.

With Microsoft 365 Advanced Compliance, you can manage your data and care for it to the level that makes the most business sense for your organization. This article will describe a few simple steps you can take today to get started.

Avoid Unnecessary Risk with Data Retention Labels

Often, companies are exposing themselves to risk and extra expenses by keeping every document, file, and piece of data that passes through their doors and routers. By setting a company-wide general retention policy, and then modifying that as necessary for more important data, you can limit the management tax on your systems to back up and review all the data, while still being at peace that you are meeting required retention requirements for the important data.

Protect Confidential Content with Sensitivity Labels

Content within an organization comes in all flavors and types. Most content should probably be available to groups of employees who can work with the content and expand upon it to maximize their production.  Some content needs to be kept restricted to certain groups of employees. Other content needs to be siloed within a specific organization, or at a specific management level. And while some content can be shared publicly, most probably should not.

So, how does an organization protect sensitive content with different levels of sensitivity and permitted exposure? Until now, that answer has often been – lock it up! With Sensitivity Labels, an organization can, by applying the correct label to a piece of content, and changing that label if appropriate, can dynamically have protection policies applied to protect the visibility, storage, and exposure of individual pieces of content.

Corporate Espionage?

When a Director of Sales is communicating to the sales team, she may place content available for public consumption, confidential employee only content, and content that needs to be limited to specific partners, and other sensitive content, all within the same document library or Team site, simply by applying the appropriate data sensitivity label to the content.

Typical sensitivity labels may have names such as Personal, Public, General, Confidential, or Highly Confidential, for example. When a sensitivity label is applied to content, the content protection capabilities of the Microsoft 365 online service, including Windows 10 Endpoint protection, Data Loss Prevention (DLP), document and email message encryption, etc., all respond appropriately and protect the content. This can include encrypting the content, preventing it from being copied to non-company devices, keeping it from being printed, or copy-pasted into other applications, the application of automatic archiving and document retention policies, or document and message expiration, etc.

Sensitivity labels can also be applied automatically, based on content source or destination, based on a business process or approval, etc.

Records Management Capabilities

The Data Governance features within the Microsoft 365 E5 license also include advanced Records Management capabilities. An organization that needs more complexity than a simple collection of content retention policies may establish a file plan for company records and significant content that enables the tiering or structuring of protection as a document ages and can enable the automatic disposition and destruction of content at the appropriate time.

Happy Records Managers

Microsoft Advanced Compliance

There are four pillars of functionality within the Microsoft 365 Advanced Compliance feature area. In this article, we have only introduced the flexibility and capability of the Information Protection and Governance pillar, or collection of capabilities. Please watch this space for related articles.

This article, Information Protection and Governance with Microsoft 365, was originally published on

Categories: Compliance, Microsoft 365

%d bloggers like this: