Data Leak Protection (DLP)
is the name of several policies in Office 365, setting up what data can, and can’t be, shared and with whom.
Imagine being able to automatically identify private information like passport numbers, Health IDs or bank account details and make sure that those are only being shared with people that are authorised to see them.
The good news is that you can do this with 365, provided you turn on the policies and set them up correctly, and monitor when data is shared.
Under the NZ Privacy Act, we’re all expected to take care of personal data entrusted to us and to make sure it’s only used for the purpose for which is being obtained.
With Office 365, there’s no excuse for that to be breached provided that we understand what data should be kept, what might be kept incorrectly, and how its being shared. With this we can set up rules to monitor your Office 365 system and report on how records are shared.
We include a basic set up of DLP in our KARE for Security S2 plan to get you started.
Webinar Replay: Decoding SMB1001. Understanding Your Cybersecurity Maturity
Cybersecurity certification doesn't have to be complex or overwhelming. Understanding SMB1001: What is SMB1001 and why it was created specifically for organisations like yours The five certification levels (Bronze to Diamond) and what each means for your organisation...
Beyond Endpoint Protection – What is ITDR?
Your Microsoft 365 environment is where your business happens. It's also where attackers want to be. Most New Zealand businesses have invested in endpoint protection such as antivirus, EDR, or even MDR, but are they leaving a critical attack surface completely...
Manage My Health Data Breach – What We’ve Heard
What New Zealand Businesses Need to Learn from 126,000 Compromised Patient Records New Zealand's largest patient information portal confirmed a major cyber security breach on New Year's Eve, with up to 126,000 users potentially affected. The Manage My Health incident...
URGENT ADVISORY: We’re seeing a significant increase in authentication attacks this Christmas
Significant Hacking Trend Over this 2025/26 Christmas and New Year period, our Kinetics KARE security monitoring has detected a significant increase in sophisticated authentication attacks targeting New Zealand businesses. KARE Foundation clients are protected and...
Your Customers Need to Trust Your Emails: Here’s How DMARC 2.0 Helps
Yet another IT acronym: "DMARC" DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It's an email authentication protocol that helps protect your domain from being used in email spoofing, phishing attacks, and other cyber...
Christmas is coming. But will you get a visit from Santa or from a grinchy hacker?
Protecting Yourself from Cyber Threats While on Holiday We're more vulnerable than normal to hackers at this time of year. Unfortunately, the hackers know it and tend to be more aggressive.In the rush up to Christmas, there's normally so much to do that we're all that...
Understanding Your Microsoft Secure Score: Why Your Percentage May Drop (While Your Security Improves)
Important Update for KARE Foundation Subscribers If you've noticed your Microsoft Secure Score percentage decreasing recently, don't be alarmed. Your security hasn't weakened. In fact, Microsoft is making significant enhancements that will ultimately make your...
2025 Q4: Cyber Landscape Update (are you still feeling lucky? New Zealand’s Cyber-threat landscape demands action)
Why This Brief Matters A cybercriminal only has to be lucky once. You have to be lucky every minute of every day. That remains the stark reality for kiwi businesses in Q4 2025. This isn't another dry technical report filled with acronyms and alerts. Kinetics has...
SpamGPT: When AI Becomes a Phishing Playbook—And How to Protect Your Business
For years, we've told businesses to watch for telltale phishing signs: poor grammar, suspicious sender addresses, generic greetings. But what happens when cybercriminals have access to the same sophisticated AI tools your marketing team uses—except weaponised...
The Rise of AI-Powered Ransomware
Unveiling a dark future: The First AI-Powered Ransomware In a groundbreaking discovery, researchers at ESET have uncovered what they believe to be the first known AI-powered ransomware strain, aptly named PromptLock. This sophisticated malware is not just a step...