“Our data got stolen!”
The Importance of Data Protection and Labelling Policies in Microsoft Azure
Breaches, ransomware, data theft … All the above are incidents we’re often confronted with as a cybersecurity company. But what could you do to prevent these kinds of incidents from happening? And how do they occur at all? To illustrate the importance of data protection and labelling policies in Microsoft Azure, we’ll tell you a story about a data breach in a fictional company called Fictico.
It was a typical Monday morning at Fictico. Employees filed into the office, booted up their computers, and settled in for the workday ahead. But something was off. Files in their OneDrive folders had strange, unrecognizable names, and were missing from where they were supposed to be.
“We’ve been hacked!”
One of the employees contacted IT immediately. The IT team launched an investigation and quickly discovered that they had been hacked. Someone had gained unauthorized access to their Microsoft Azure cloud storage and had managed to extract and exfiltrate sensitive documents containing financial data, customer information, and trade secrets.
The IT team scrambled to contain the breach, but it was clear that the damage had been done. The attackers had stolen a significant amount of sensitive data, and Fictico’s reputation was at risk. Would their stakeholders, customers, employees… ever trust them again?
So, what could they have done to prevent this?
Implement Data protection and labelling policies.
Many companies these days focus on antivirus solutions, firewalls, identity protection… and while these are all important (and must-have) tools, you should always assume the worst possible scenario.
What if you’ve put all these things in place, but you still lose data? Losing data isn’t even always caused by an attack, it can be caused by many things:
- Unintentional sharing of documents with wrong people or posting them to wrong places
- Downloading documents to personal devices or edit them for personal gain or other puposes
- Forwarding emails with sensitive attachments
- (former) employees stealing company data (intentionally) or trying to do damage after being fired
- …
As you can see, there are a lot of ways you can lose your data – and hence many reasons to protect it.
Let’s talk about data protection
All fine, but what does data protection in Azure actually mean?
Simply said, it means you will be encrypting your data to prevent unauthorized access, implementing access controls to restrict who can access data, and monitoring access attempts to detect any suspicious activity.
Data protection is mainly based on a thing called ‘labels’. For example, some documents get the label ’confidential’ and others might be ‘public’. The trick is to assign the correct labels to the correct documents.
Unfortunately, it’s more complicated than this, but that is where SecWise comes to the rescue!
What if Fictico had protected their data?
Let’s say the attackers are able to steal a number of documents from Fictico’s systems, but this time, data protection and labelling policies were put in place. Attackers then have the documents, yes, but will be unable to open or read them due to the data protection that has been implemented.
This is because the policies restrict access to sensitive data to authorized personnel only (depending on the settings of course). Sensitive documents have been labeled as confidential, and can only be opened by Fictico’s employees, on secure, managed, and compliant devices.
As a result, the attackers cannot use the stolen data for any nefarious purposes. They are left with a collection of encrypted files that are useless without the encryption keys.
But that’s not all!
It’s important to note that there are many more possibilities within the Compliance & Data protection section of Microsoft.
- Data Classification: Categorize your data based on its sensitivity level. This can include labels such as highly confidential, confidential, and public, for example. By classifying your data in this way, you can implement access controls and permissions that restrict who can access the data based on their job role or level of clearance.
- Access Controls: Restrict access to sensitive data. This can include implementing multi-factor authentication (MFA) to ensure that only authorized personnel can access the data, and using conditional access policies that restrict access based on the user’s location, device type, or other factors.
- Encryption: By encrypting your data, you can ensure that even if it is stolen or accessed by unauthorized parties, it will be unreadable without the encryption key.
- Data Loss Prevention (DLP): These are capabilities that allow you to monitor and protect sensitive data as it is shared within your organization or with external parties. This can include setting up rules that prevent certain types of data from being shared externally, or monitoring data in real-time to detect potential data breaches.
- Compliance: Finally, Microsoft Azure offers a range of compliance certifications and tools that can help you stay compliant with industry standards and regulations. This can include certifications such as ISO 27001, SOC 2, and HIPAA, as well as tools for managing compliance requirements and reporting on compliance activities.
Let’s assess how secure your data is!
More than ever before, companies should take steps to protect their sensitive data from cyber-attacks. In today’s world, you can never be certain enough, and it’s always better to “prevent than to cure”.
The implementation of data protection and labelling policies in Microsoft Azure is an important step towards ensuring the security and privacy of your company’s sensitive data.
By partnering with Secwise, companies can take important steps to protect their data against unauthorized access or theft, preventing devastating consequences like the ones experienced by Fictico.
Contact us for more information or a personalized data protection assessment.