Case Study: Enhancing Data Security with Microsoft Purview and ML
A study of the importance of tailored solutions in data security and the benefits of leveraging advanced technological tools for organizational data protection.
Summary
Overview
Founded in 1960 and headquartered in Romeoville, Illinois, Christian Brothers Services is a nonprofit, Catholic organization that administers cooperative programs in the areas of health, retirement, property/casualty, and technology as well as financial, administrative and Catholic school consulting to church congregations, organizations and dioceses internationally. As a strategic solutions partner, CBS eases the administrative burdens of more than 5,000 Catholic entities.
Ensuring the protection of Personally Identifiable Information (PII) and Protected Health Information (PHI) emerged as a top priority for CBS during their migration to Microsoft 365. While transitioning from the outdated Lotus Notes to Microsoft’s Cloud platform, the focus was on leveraging cloud-based applications, collaboration tools, and advanced security features. However, the paramount importance lay in efficiently identifying and securely handling sensitive data to fulfill regulatory compliance requirements and mitigate potential risk such as financial penalties, legal entanglements, and reputational impact.
Business Challenge
The core challenge for CBS was the accurate identification and classification of PII and PHI in their digital communications and data storage. This was particularly vital in outbound data, where ensuring encryption was mandatory. Targeting various formats of sensitive data, notably U.S. Social Security Numbers (SSNs) presented in unconventional formats like “123.45.6789” or “123/45/6789”. The failure of Microsoft’s default sensitive information types to detect these variations resulted in potential risks of data misclassification and unsecured data transmission.
Solution
In response, Oakwood Systems Group partnered with CBS to deploy a comprehensive data security solution. Utilizing Microsoft Purview’s AI and machine learning capabilities, Oakwood introduced a sophisticated data classification system within CBS’s digital environment. This system included:
- Custom Sensitive Information Type: Oakwood created a custom information type to identify SSNs in various formats. By employing Regular Expressions, the system could accurately recognize and categorize SSNs, overcoming the limitations of Microsoft’s default settings.
- Enhanced Data Classification: Beyond PII and PHI, this system also classified additional sensitive data, adapting to the diverse and dynamic data environment of CBS. This customization ensured comprehensive coverage and minimized the risk of misclassification.
- Data Loss Prevention Policy: To secure the transmission of sensitive data, a data loss prevention (DLP) policy was implemented, ensuring encryption of classified data before external sharing.
Conclusion
The collaborative efforts of Oakwood and CBS led to the successful deployment of a robust and precise DLP solution. Regular monitoring and testing ensured the effectiveness of the data classification system, significantly reducing the risks associated with data mismanagement. This not only ensured compliance with regulations but also fortified the trust and reputation of CBS in managing sensitive information. The case exemplifies the importance of tailored solutions in data security and the benefits of leveraging advanced technological tools for organizational data protection.
If you have any questions about your next technology initiative, please leave a note below for our Team.