Discovering and Managing Sensitive Information in Microsoft Repositories
If you use Microsoft SharePoint, OneDrive, or Exchange Online to store and share your business content, you may be wondering how to protect it from unauthorized access, data breaches, or compliance violations. That's where Egnyte comes in.
As a source-agnostic data governance and collaboration solution, Egnyte integrates with Microsoft Office Online, Office Mobile, and SharePoint Online to provide a seamless user experience and powerful workflows for opening, editing, sharing, and securing files.
In this blog post, we will show you how Egnyte can scan for sensitive information in Microsoft repositories and provide alerts when it is exposed.
Scanning for Sensitive Information
Egnyte can scan Microsoft content sources, including SharePoint Online, OneDrive for Business, and Exchange Online for sensitive information such as personal data, financial data, health data, intellectual property, etc.
To scan your Microsoft content sources, you need to add them as cloud content sources to Egnyte. You can do this in 3 easy steps:
- From the Egnyte home page, select Settings, click Add Cloud Source, and select Microsoft.
- Enter your OneDrive or Microsoft Office 365 login credentials. You must have Global Administrator credentials with OneDrive for Business to add it as a source.
- Specify a source name or use the default option. Now, your newly added source will appear in the Cloud Content Sources list.
Egnyte will immediately and automatically start scanning your Microsoft sources for access control and sensitive content issues. Any potential issues can be viewed in Egnyte’s Issues tab. You can also configure alerts to receive email notifications when new issues are detected or existing issues are updated.
Egnyte can also use advanced classification techniques to identify sensitive information in your files. You can customize the classification rules to suit your business needs and compliance requirements. You can also create custom policies to define what actions should be taken when sensitive information is found, such as quarantine, delete, move, copy, etc.
Applying and Customizing Pre-built Classification Policies
Egnyte offers dozens of pre-built classification policies that are targeted toward compliance with data security and privacy standards in regional and industry jurisdictions all over the world. For example, you can use the pre-built policies to detect personal data under GDPR, CCPA, GLBA, PCI-DSS, etc. An overview of the most common pre-built policies used can be found in this article.
To apply a pre-built classification policy to your Microsoft content sources, follow these 3 easy steps:
- From the settings page, select Content Classification and Policies
- Choose the countries that may apply to your organization. This will pre-select applicable policies to choose from.
- Check each of the policies that you want to apply from the list of available policies.
Egnyte will immediately start applying the policy to your files in the selected folders. You can view the policy details and status in the Policies tab. You can also edit or delete the policy at any time. You can add your own custom keyword lists as well as train the system on your custom document types.
Some organizations need to customize classification policies to suit their individual business needs, unique document types and/or compliance requirements. You can do this by following these 5 simple steps:
- From the bottom of the policy list, select Custom Policy.
- Specify a policy name or use the default option and click Next.
- Edit the policy criteria by adding or removing classification rules, changing the matching conditions, or modifying the confidence thresholds.
- Select the folders or subfolders that you want to apply the policy to. You can select folders from your Egnyte domain or from your Microsoft cloud content sources.
- Click Save Policy.
Egnyte will immediately start applying the customized policy to your files in the selected folders. You can view the policy details and status in the Policies tab, and you can also edit or delete the policy at any time.
Viewing Alerts and Permissions
Egnyte provides unified dashboards that help you monitor and manage all Microsoft sources for access control issues, sensitive content issues, and other issues. You can access these dashboards from the home page by selecting Issues or Permissions.
Issues Dashboard
The Issues dashboard shows you a summary of all issues detected in your Microsoft sources, such as overexposed files, files containing sensitive information, and files violating retention policies, to name a few. You can filter the issues by source, folder, issue type, severity, status, and owner, and you can take actions on the issues such as quarantine, delete, and move the exposed file.
Permissions Dashboard
The Permissions dashboard shows you a summary of all permissions granted to users and groups for your Microsoft sources. You can filter the permissions by source, folder, user/group name, and permission level. And you can take actions on the permissions to revoke, grant, and modify users as needed.
Egnyte is a powerful solution that helps you manage and protect your company’s most valuable content across multiple platforms and applications. By natively integrating with Microsoft SharePoint Online, OneDrive for Business, and Exchange Online, Egnyte enables you to scan these data sources for sensitive information and provide alerts when it is exposed. In addition Egnyte provides a single control panel to apply lifecycle management for files in these repositories by automating retention, deletion and archival policies automatically.