Data Leak Protection (DLP)
is the name of several policies in Office 365, setting up what data can, and can’t be, shared and with whom.
Imagine being able to automatically identify private information like passport numbers, Health IDs or bank account details and make sure that those are only being shared with people that are authorised to see them.
The good news is that you can do this with 365, provided you turn on the policies and set them up correctly, and monitor when data is shared.
Under the NZ Privacy Act, we’re all expected to take care of personal data entrusted to us and to make sure it’s only used for the purpose for which is being obtained.
With Office 365, there’s no excuse for that to be breached provided that we understand what data should be kept, what might be kept incorrectly, and how its being shared. With this we can set up rules to monitor your Office 365 system and report on how records are shared.
We include a basic set up of DLP in our KARE for Security S2 plan to get you started.
Urgent Security Advisory (from Microsoft)
We have been alerted to an issue with some Microsoft Office products. The vulnerability is reported to be actively exploited and we expect Microsoft will expedite the release of fixes. Zero-day means that this is an immediate high risk and we are advised that it is...
Free resource: Business Cloud Security Checklist
Essential Business Cloud Security Checklist for 2024 In today’s digital age, securing your business’s cloud environment is more critical than ever. With cyber threats evolving rapidly, it’s essential to have a robust cloud security strategy. Here’s a checklist to help...
When not being able to access a website is a good thing.
We know it can be incredibly frustrating when you can’t access a website that you need. That happened for a number of a number of our clients last week, (and, counter-intuitively, it’s a good thing) Many websites are built on common components. One of those is...
TeamViewer Compromise
TeamViewer is a common piece for software that allows IT businesses to remotely access, control, manage, monitor, and repair devices – from laptops and mobile phones to industrial machines and robots. Many software vendors include it to allow them to remotely support...
Cert NZ Business online security assessment tool
A Personal Encounter with Cert NZ's Assessment Tool. Have you recently received an email about cyber-security that set off your system's alarms? It's ironic isn't it? That was my recent experience with an email from Cert NZ. Despite the initial warning, the email...
Avoid the IT Travel Woes
Free Webinar Replay : Avoid the IT Travel WoesBusiness travel is fraught enough. It's a nightmare to balance tight connections, and tough time zones with work colleagues that are accustomed to being able to link you into Teams meetings and urgent chats.How can you...
Lessons from the Change Healthcare attack. Why MFA Matters
By now, regular readers know how important MFA is. Unbelievably, there are still some people who think this is for someone else, and they don't need it themselves. Unfortunately, we are seeing some of these people fall victim to the very scams we've been writing...
What happened when we got told we’d been hacked?
“We’ve been hacked”. When you hear that the world stops. What does this mean? How bad is it? How can we manage that? That was the news earlier this week. It was quite confronting! Suddenly your careful plans for the day are thrown aside as your priorities have...
Can VPNs be defeated?
We’re reading about a flaw called ‘TunnelVision’ that could give hackers access to overcome virtually any VPN security solutions. It works by manipulating routing in DHCP, which is the mechanism networks use to hand out IP addresses to devices. DHCP has been around...
Will some of your emails stop?
Microsoft Exchange Online to retire Basic authentication We are going to face a big change coming in September 2025, Microsoft is going to be disabling SMTP Basic Authentication. This continues work they commenced a couple years ago to disable other protocols such as...