Data Loss Prevention with Microsoft 365

data security concept

Every small business – from the local food truck, to the dental office, to the hedge fund to the design studio – trades in sensitive information. We all use technology and we all have to protect our own information, and that of our clients.  We all need security awareness, culture and systems to limit risk, especially as it pertains to phishing. Phishing emails usually target sensitive information that needs extra protection. Is protecting information a part of your company culture yet?  Microsoft 365 tools help small business with data loss prevention, email encryption, data restriction and protection and data archiving.

Let’s talk about data loss prevention for a moment.

To take reasonable precautions to protect information, meet today’s business standards, pass most vendor security screenings, and to comply with data and information regulations, every business requires data loss prevention policies and tools in varying degrees. Did you know that Microsoft 365 can automatically detect when you email sensitive information such as credit cards or social insurance numbers and stops the email to protect your company? Very helpful, right? Your IT Provider can help you set up your policies and templates so that your team doesn’t accidentally send out sensitive information.

What if you need to send or receive sensitive information?

If you don’t have a secure portal, you can use encrypted email in Microsoft 365. It’s simple.

When you want to send an encrypted email, you simply click the Encrypt button before you send your email (after your IT provider has configured these settings for you one time). By clicking the ‘Encrypt’ button, your email will be encrypted end to end. The recipient will receive simple instructions for obtaining a PIN to open the encrypted email. And now you are safely sharing sensitive data. Yay!

Now what about email forwarding and copying?

You can take measures to limit this as well. Information Protection functions within Microsoft tools allow you to control who has access to company information. You can restrict forwarding, copying or printing. Sometimes I forget that my TUCU accounts on my mobile phone are secured, and I will try to copy something to send to my personal email to do later. The little security note pops up to remind me that I can’t copy company data. Safety first!

Now what if you want to keep records and emails intact for years?

Microsoft 365 offers compliance and retention tools and your IT services provider will set everything up for you.


I am presenting this information in a light hearted way to help you adopt it. It Is not light hearted when we get a call from a new client who was swindled by an employee, hacked by a criminal, or infected with ransomware. It’s incredibly painful for them. We can help restore things after the fact, however the damage is done. And most often, it is preventable.

In fact, the majority of automated attacks like phishing and ransomware infections can be defended against with the security measures we outline in these emails. They are all included in our Managed IT Services.

Of course, no system is 100% and an employee intent on stealing info can find ways around some of these security protocols, like taking photos of a computer screen if do not print is enabled. By employing these measures you greatly reduce risk and demonstrate that you are taking reasonable measures to protect data, and that is good for business.

I hope you enjoyed this read and if I made you scratch your head and ponder when you last reviewed your IT security policies, then please do reach out to us here at TUCU. We are a Toronto based IT Support Company serving all of Ontario via remote work solutions and the cloud.  I’ll be happy to schedule a Discovery Call with yourself and our lead consultant to go over your IT needs and how we can help you move to comprehensive IT security & IT management services including Microsoft 365 management.

Thank you for reading along – and please don’t be shy – forward this to a friend who might need some serious tech help.

Posted in