📄️ Sensitive data discovery
Implementation Effort: High
📄️ Document / Identify all approved cross-boundary data sharing scenarios
Implementation Effort: Medium
📄️ Document / Identify approved sharing of sensitive information with external partners
Implementation Effort: Medium
📄️ Identify sharing with customers
Implementation Effort: Medium
📄️ Data governance regulatory needs
Implementation Effort: Medium
📄️ Define a data classification taxonomy for the organization based on data sensitivity
Implementation Effort: Medium - Definition of the taxonomy can be low effort and done quickly either when a taxonomy already exists for the company or the default taxonomy can be used.
📄️ Identify automatic classification cases
Implementation Effort: Low
📄️ Manually classify sensitive assets
Implementation Effort: Medium
📄️ Implement label recommendations
Implementation Effort: Medium
📄️ Monitor external sharing
Implementation Effort: High - Due to the ongoing monitoring.
📄️ Monitor sharing with customers
Implementation Effort: High - Ongoing attention needed to ensure all sharing channels are included.
📄️ Deploy Data Loss Prevention policies
Implementation Effort: Low
📄️ Manage DLP alerts & incidents
Implementation Effort: High - This requires ongoing effort.
📄️ Restrict and monitor sharing by employees
Implementation Effort: High - This requires ongoing monitoring.
📄️ Automatically label sensitive assets
Implementation Effort: Low
📄️ Identify sensitive data using trainable classifiers
Implementation Effort: Low
📄️ Implement SharePoint permission strategy
Implementation Effort: Low
📄️ Set Insider Risk Management policies
Implementation Effort: Low
📄️ Privileged Access Management for DLP/MIP/IRM admins
Implementation Effort: Low
📄️ Set RBAC for DLP/MIP/IRM admins
Implementation Effort: Low
📄️ Set minimum standards for trusted devices / accounts
Implementation Effort: High
📄️ Segment administration using administrative units and RBAC
Implementation Effort: Medium
📄️ Identify critical assets
Implementation Effort: Medium
📄️ Plan for the protection of critical assets
Implementation Effort: Medium
📄️ Protect critical assets
Implementation Effort: Medium
📄️ Evaluate and implement special cryptographic needs (BYOK, DKE)
Implementation Effort: Medium