Microsoft Purview part 3: This is part 3 of several parts that deal with Microsoft Purview and which tools are available there.
In this blog post, we dive into how to identify and process sensitive information types (SITs) in Microsoft Purview.
What are Sensitive Information Types (SITs)?
Sensitive Information Types (SITs) are pattern-based classifiers used to identify and protect sensitive information in the organization's data. Examples of sensitive information include social security numbers, credit card numbers, bank account numbers and other types of information. In Microsoft Purview, you get a number of pre-defined SITs that you can choose to use as is, copy and/or adapt. Here is an example of a Norwegian social security number.
How do SITs work?
SITs use patterns that can include regular expressions, keyword lists, and functions to detect specific types of sensitive information. Each SIT consists of several components:
Primary elements : The main pattern that SIT looks for, which can be a regular expression or a list of keywords.
Support elements : Additional patterns that increase the accuracy of the detection.
Confidence Level : Indicates how confident the SIT is that it has found the correct information, based on the amount of supporting elements found near the primary element.
Uses for SITs in Microsoft Purview
Microsoft Purview uses SITs in several security and compliance functions:
Data Loss Prevention (DLP) Policies : To prevent the loss of sensitive information by monitoring and controlling data transfers.
Sensitivity Labels : To classify and protect documents and emails based on the sensitivity of their content.
Retention Labels : To manage how long data should be retained before it is deleted.
Insider Risk Management : To detect and manage risks arising from internal users.
Communication Compliance : To monitor and ensure that communications comply with the organization's policies.
Example of the use of SIT (Norwegian social security number) in a DLP rule. This rule responds to the use of Norwegian social security numbers in these locations:
The DLP policy sends a notification to the end user that you are now processing information that contains social security numbers
Creation of custom SITs
If the preconfigured SITs do not meet your needs, you can create custom SITs. This can be done by defining new patterns or by copying and adapting existing SITs. This gives organizations the flexibility to adapt security and compliance strategies to their specific requirements.
Here is an example of a keyword list.
The key to success with SITs is to know the organization, jargon and internal conditions in order to fine-tune the types of information you want to smoke out. 🥸🏷️
Bjørnar & AI
Comments