If you have a ‘do not forward’ policy for email sent by your senior leadership team, you might want to give executives the ability to unprotect messages and then protect them, so they can share them with their own leadership team. “If that executive loses as thumbnail of documents no-one would be able to open them,” points out Plastina, “but it doesn’t become so oppressive that the executive doesn’t want to do it and tries to get around it.”
Protect now, get sophisticated later
Microsoft is also working on improving the experience of automatically classifying and protecting documents inside Office, to be more like the data leakage protection features it already has, using the Secure Islands technology it recently purchased. As you type in a credit card number, Office will suggest that the document needs to be marked as confidential – but there will also be an option for the user working on the document to say that’s a mistake and change the classification back to internal (the way you can with Exchange data leakage protection today). The Office integration will be available as a private preview in the near future, and the Secure Islands tool is shipping now.
Once you have data that’s labelled and rights managed, there are opportunities to get control beyond the usual file sharing and email. Microsoft recently bought Adallom; the technology is now called Cloud Application Security and Plastina suggests it will turn into a kind of data leakage protection for data going to cloud services. “It can sit in the network as proxy or squat on APIs, so it’s capable of working outside the classic productivity endpoint. Imagine a cloud access security broker capable of blocking the upload to Salesforce of something that’s secret.”
Rights managed documents will be a key area for machine learning, both for tracking misuse and automatically classifying documents. Another Microsoft acquisition, Equivio, can do classification for legal documents today, and Plastina says Microsoft has plans to build on that. “You feed it a bunch of documents and tell it ‘go find more like this. Imagine an organization has a petabyte of data and they have users actively classify some content.
Once you have say 100MB of well classified content, the concept is you could use Equivio to say ‘I know these are top secret M&A files, classified by label; now go find a bunch [of matching documents] with no tags and classify those in bulk’. If you have a petabyte of historical data you want that labelled; you can't just protect the new stuff or what’s being edited now.”
If you’re looking for those advanced features, you’ll still want to start using rights management today, he points out. “The best approach is to focus on the basics: classify, label and protect. Start there, and once that's done monitoring and responding are a lot easier. There's no ability to monitor and respond if you have no signals.”
Sign up for Computerworld eNewsletters.