Follow me on Twitter @AntonioMaio2

Thursday, May 19, 2016

Overcoming Threats and Vulnerabilities in Your SharePoint Environments

Thank you to everyone that came out to the Atlanta SharePoint User Group meeting on May 16th!  We had a great turnout and it was really nice to talk with everyone.

You can find my presentation here:

During the presentation I did a demonstration of the DLP capabilities within Office 365 SharePoint Online, and I discussed the DLP capabilities within SharePoint 2016 server.

We saw SharePoint Online DLP policies applied to documents containing sensitive data (credit card numbers in this case) to provide policy tips for some documents, and to block access to other documents.  We provided policy tips to documents containing between 1 and 4 credit card numbers, and we blocked access to documents containing more than 5 credit card numbers.  This worked very well - as discussed it took between 15 and 30 minutes for SharePoint Online policies to be applied to new documents that were uploaded to a small library in my tests. For SharePoint Server 2016, this same test took approximately 14 hours to discover the sensitive content and apply the same DLP policies.  If you're wondering, I did have a default continuous crawl configuration in place for the RTM version of SharePoint 2016 server during these tests.

A related question that came up was whether SharePoint Online DLP policies apply to list items which contain sensitive data as well.  Well, after running a couple of tests in the last few days unfortunately the DLP policies are not applied to list items containing credit card numbers.  I will continue to run tests and report back here any findings I hvae.

Although I didn't demo the new DLP policies within SharePoint Server 2016, you can find my presentation on DLP within SharePoint 2016 Server on my blog here:

...and you can find my webcast with a demonstration of DLP within SharePoint 2016 server here:


1 comment:

  1. Great insights! The demonstration of DLP capabilities within Office 365 SharePoint Online versus SharePoint 2016 server clearly highlights the significant advantage of faster policy application in the online version. Applying policy tips and access blocks for sensitive data worked seamlessly in SharePoint Online, while the same test took hours in SharePoint 2016. It's unfortunate that DLP policies don't apply to list items containing credit card numbers in SharePoint Online, but I appreciate your ongoing tests and look forward to your updates. For those interested, you can find a helpful presentation on DLP within SharePoint 2016 Server on the blog.
    By: Take My Statistics Class.