Like all companies we at baseVISION need to protect personal data of our employees we save. In our company we have strict rules what we do with it and only save if we really need it. Office 365 has a lot of features to detect such high confidential data. One is Office 365 DLP which can inform me if sensitive data is for example shared with external people. This functionality I would like to use to get an information when somebody shares documents with social id’s, especially the swiss social id (AHV/AVS number). That one is not available as a predefined sensitivity type and my experiences can be beneficial for you.
To mention is, that already two days after my implementation I got the first alert e-mail, but luckily it was an allowed sharing.
In this blog I will show you how to set this up in your tenant.
How the swiss social id looks like
In this table you see an example and a regex pattern to detect it.
|Switzerland||AVS||Old AVS format with personal
|Switzerland||AVS 2008||New AVS format (16 digits with
constant prefix 756, which is ISO 3166-1 country code)
You can find the same information for other countries in the following blog: https://ipsec.pl/data-protection/2012/european-personal-data-regexp-patterns.html
Create the sensitive info types
Create DLP policy
That are the only steps you have to take care of. Now your environment is constantly monitored.
As mentioned at the beginning, the best thing was that after one day I already had the first alert. This time it was good action, but I saw that the DLP policy works and monitors our data.
Latest posts by Thomas Kurth (see all)
- Automatic environment cleanup with Intune Connector for AD Extender - June 24, 2019
- Extending the Intune Connector for Active Directory - June 10, 2019
- Ultimate guide to define device names in Windows Autopilot Hybrid Join Scenario - June 10, 2019