Guide To Data Loss Prevention with Microsoft 365 for Canadian SMBs
by TUCU Managed IT Services in Toronto
Every small business from the local restaurant, to the dental office, to the hedge fund to the design studio, trades in sensitive information. But the value of our data and IT systems attracts a breed of malicious actors that can stop our business it its tracks - even when attackers are not even on the same continent as us.
The frequency with which cyber attacks happen is increasing exponentially, especially in Canada. Thankfully, the fight is far from lost, and even small businesses without an army of IT staff can take preventive measures to avoid losing data.
Why and How Data Loss Happens?
In recent years and especially with the pandemic, various team members access company data at will (often remotely). As a result, there has been an increase in accidental file deletion, edits, and overwrites. If it's a single file or a folder of files, it can be somewhat simple to recover. It's not as simple to recover full data sets.
Some small businesses try to cut costs with manual backups, usually to an external hard drive. This approach is riddled with problems, including:
- forgetting to consistently create backups
- overwriting the most recent backup and then needing it
- never testing a restore of data from backup - so there is no certainty it will work when it is really needed post-disaster
- having the backup hard drive fail
- not backing up cloud based files
Going deeper into the network, inexperienced technicians can make grave errors. To anyone who doesn’t have a background in IT, virtual servers and cloud computers seem to work almost as if magic. But these complex systems do require skilled human input to instruct the technology on how to behave. The learning curve can be steep - and costly.
For instance, a support engineer may accidentally overwrite the backup in a moment if they forget to power off the replication software prior to formatting volumes on the primary site. This is where experience counts. Hiring an experienced IT service provider to support your small business will be a good use of your budget.
Other causes of data losses include:
Read Write File Corruption
Every time we use our computer to save or edit a file, both software and hardware have to perform flawlessly. And they almost always do. However, from time to time, a system may hang, or send or receive a command at just that moment, or the power or internet may fluctuate. The result can be a read or write error. In some cases, this can corrupt a file or make it unreadable. If it's an important file, or due that day, you will not be a happy camper. Skip the stress and be sure to have great backup solutions in place.
Virus or Malware Deleting Files
If you don't have great antivirus software with active filtering for new attack vectors, then it’s easy to find yourself with a computer virus or malware infection that deletes or encrypts your files (for a ransom). Since prevention is the best cure, in this case, we recommend upgrading your antivirus to a business-grade product such as BitDefender.
Hard Drive Failure
Hard drive failure happens fairly often and thus over 40% of all data loss is caused by a dead hard drive - and they die without notice or warning.
In addition to dead drives, drives can also be damaged by fire, flood, lightning, power spikes, and rolling power brownouts.
Hard drives can also be shut down by malicious code from hackers and computer viruses. Oftentimes, the only way to get rid of the virus is to reformat the drive - losing the entire data in the process.
No Redundant Backup Plan In Place
Do not just back up to a single external hard drive or USB key as it’s important to choose multi-layered data backup. An additional copy of your data should reside offsite, preferably in the cloud.
We also recommend mirrored hard drives or RAID arrays to duplicate your data. This way, if one drive fails, the mirrored drive can keep your business going until the dead drive is replaced.
Cyber Attacks - Fighting An Invisble Threat
Unfortunately, worrying about human incompetence and hardware failure aren’t the only things business owners need to worry about because there’s another way data loss happens - cyberattacks.
According to IBM, the average cost of a breach in 2021 was $4.24 million. Not only is that a nearly 10% increase in the space of one year, but it's also the highest average total cost in 17 years. Most businesses cannot take such a financial hit and survive, which is why, regardless of size, every business needs a data loss prevention (DLP) strategy to prevent data from being improperly accessed.
Fortunately, SMBs now have the technology to protect their own information and that of their clients. Through security awareness, culture, and secure systems, businesses can mitigate the risks of cyber threats. There is an entire dedicated to this and it’s called data loss prevention.
What is Data Loss Prevention?
Every business today requires data loss prevention in some form to take reasonable precautions to protect their information, meet business standards, pass most vendor security screenings, and comply with data and information regulations.
But while remote work and working from home have led to a considerable increase in productivity among other benefits, it also poses some serious security concerns.
Employees using multiple communication channels to send, access, and store data has led to poor visibility regarding what data is leaving the organization, which complicates data loss prevention.
A DLP program that implements effective DLP best practices can help safeguard your organization from a data breach or data getting into the wrong hands. The following DLP best practices will help you protect your sensitive data from internal and external threats:
- Identify and classify sensitive data
- Use data encryption
- Harden your systems
- Implement a rigorous patch management strategy
- Allocate roles
- Use anomaly detection
- Educate stakeholders
- Establish metrics
- Don't save unnecessary data
An effective DLP strategy combines technology, process controls, knowledgeable staff, and employee awareness. By using the best practices outlined here, SMBs get a fundamentally sound foundation to build their DLP policies on.
Using Microsoft 365 for Data Loss Prevention
Microsoft 365 has solutions to help organizations apply some of the best practices mentioned in the previous section. With these solutions, your organization will be able to identify, monitor, report, and protect sensitive data.
The Microsoft Information Protection (MIP) helps you discover, classify, and protect sensitive information wherever it lives or travels. MIP is not a single product but a suite of technologies supported by many aspects of the Microsoft 365 ecosystem. Its capabilities are included with Microsoft 365 Compliance.
For an organization, sensitive information can be anything from financial data to personally identifiable information (PII) such as credit card numbers, social security numbers, or health records. With a data loss prevention (DLP) policy in the M365 SCC, you can identify, monitor, and automatically protect sensitive information across multiple Microsoft 365 workloads.
App connectors use the APIs of app providers to enable greater visibility and control by the Microsoft Defender for Cloud Apps over the apps you connect to. Also, all communication between Defender for Cloud Apps and connected apps is encrypted using HTTPS.
This is an end-to-end information compliance management solution in the Microsoft 365 compliance center that helps you understand your organization's compliance position. The Compliance Manager uses the inventory of data protection risk, allowing you to manage the complexities of controls, adhering to regulations and certifications along with reporting needed for auditors.
A diagnostic tool that generates reports to help M365 customers understand their current consumption of E5 compliance offerings. It searches for improvement areas within compliance configurations to meet data protection guidelines and recommends best practices to follow.
These Microsoft 365 solutions give you the ability to deploy effective DLP practices across your organization. Some of these solutions are already inbuilt into Microsoft products. So all you need is to deploy them in line with your DLP strategy.
Microsoft 365 tools help small businesses with hundreds of specific use cases dedicated to preventing data loss including email encryption, data restriction and protection, and data archiving.
For instance, did you know that Microsoft 365 can automatically detect when you email sensitive information such as credit cards or social insurance numbers and stops the email to protect your company? Similarly, when you want to send an encrypted email, you simply click the Encrypt button before you send your email (after your IT provider has configured these settings for you one time). The recipient will receive simple instructions for obtaining a PIN to open the encrypted email.
Another common use case is protecting and retaining business records and emails intact for years. Microsoft 365 offers compliance and retention tools that your IT services provider can set up for you.
How TUCU Helps
We are presenting this information in a light-hearted way to help you adopt it. It is not light-hearted when we get a call from a new client who was swindled by an employee, hacked by a criminal, or infected with ransomware. We can help restore things after the fact, but in most cases, the damage is preventable.
In fact, the majority of automated attacks like phishing and ransomware infections can be defended against the security measures we’ve outlined in this guide.
Of course, no system is 100% and an employee intent on stealing info can find ways around some of these security protocols. Employing these measures means that you greatly reduce risk and demonstrate that you are taking reasonable measures to protect data, and that is good for business.
Most SMBs today partner with managed services providers like TUCU to get things done, securely and on time.
If you’d like to learn more about IT security policies or are ready to establish tools and policies for data loss prevention, reach out to us here at TUCU for a free consultation.
TUCU is a top-rated IT provider in Toronto, serving all of Ontario via remote work solutions and the cloud. Schedule a Discovery Call today.
Say goodbye to techaches!
We understand that you need a reliable IT company you can trust. Join our long list of happy clients dating back to 2003.
Reach out now to schedule your Discovery Call to learn how we can help you.