Did you know: you can enable Data Loss Prevention (DLP) to automatically block external access to new files in SharePoint Online and OneDrive for Business until those files have been fully scanned for sensitive information.

Did you know: you can enable Data Loss Prevention (DLP) to automatically block external access to new files in SharePoint Online and OneDrive for Business until those files have been fully scanned for sensitive information.

When this will happen

  • Microsoft will roll this out the end of June with an expected completion date by mid-July.

How this will affect your organization

This capability is available for all new files uploaded to both OneDrive and SharePoint.

When new files are added to SharePoint or OneDrive in Microsoft 365, it takes time for them to be crawled and indexed. It takes additional time for the DLP policy to scan the content and apply rules to protect sensitive content. Currently, if external sharing is turned on, sensitive content could be shared and accessed by guests before any Office DLP rule completes its processing.

By treating all new files as sensitive until they have been scanned, this feature gives a Global or SharePoint admin the ability to block guest accounts from accessing files until the DLP completes its scan.

  • If the file has no sensitive content based on the DLP policy, then guests can access the file.
  • If the policy identifies a file with sensitive content, then guests continue to be prohibited from accessing the file.

What you need to do to prepare

To mark new files sensitive by default:

  • You will need to change a tenant property using PowerShell and a cmdlet.
  • You need to enable least one DLP policy covering all SharePoint and OneDrive content.

There is no change to existing restrictions on guest user access to sensitive files.

If you’d like to schedule a free one hour consultation on Microsoft 365 roadmap planning with someone from our Microsoft 365 roadmap services team please contact us

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=