🙍♀️ K: Welcome back to our Tech Newsletter! Last month, we introduced the concept of Information protection and Data Loss Prevention (DLP). Its importance in safeguarding our sensitive information. This month, we’re talking about sensitivity labels and Data Loss Prevention (DLP) with Ko Aung Thura, a key member of our team who’s been leading the implementation of these tools. Ko Aung Thura, thanks for joining us.
🙍♂️ ATR: Thanks, K! I’m excited to share what we’ve been working on. We’re currently testing these tools in our Group Technology Department.
🙍♀️ K: Let’s start with sensitivity labels. Can you explain what they are in plain English?
🙍♂️ ATR: Sure, think of sensitivity labels as digital traffic lights for your data. They help us classify information based on how sensitive it is. We’ve created three main labels:
- General: This is for everyday staff, like a company event invite or a marketing flyer. It’s like sharing a public document.
- Internal Use Only: This is for information that should stay within our organization, like internal reports or project plans. It’s like a document with a “For Official Use Only” stamp.
- Confidential: This is for highly sensitive information, like financial data or confidential strategies. It’s like a document locked in a safe.
🙍♀️ K: Where can we use these sensitivity labels?
🙍♂️ ATR: You can apply sensitivity labels to Microsoft Office documents like Word, Excel, and PowerPoint.
🙍♀️ K: So, how do users know which label to use?
🙍♂️ ATR: Users need to think about how sensitive the information is. If it’s something anyone can see, they use the “General” label. If it’s only for people within our company, they use “Internal Use Only.” And if it’s super-secret, they use “Confidential.”
🙍♀️ K: What happens if someone tries to share something that’s labeled “Internal Use Only” with someone outside the company?
🙍♂️ ATR: Our system will stop them and ask them to either change the label or explain why they need to share it. This helps us prevent accidental leaks of sensitive information.
🙍♀️ K: What about DLP? How does that fit in?
🙍♂️ ATR: DLP acts as a security guard for our data, preventing leaks by blocking unauthorized sharing of sensitive information. For example, it stops attempts to send ‘Confidential’ documents to external or personal email accounts and monitors data usage to identify and mitigate potential risks.
🙍♀️ K: How do these labels affect how people work?
🙍♂️ ATR: For most users, it’s pretty seamless. The “Internal Use Only” label is the default, so they don’t have to think about it much. But when they want to share something externally, they’ll get a notification reminding them to check the label. Sometimes, this can be a bit of a hassle, but it’s necessary to protect our sensitive information.
🙍♀️ K: What challenges have you faced in implementing these tools?
🙍♂️ ATR: One of the biggest challenges is getting everyone to understand the importance of these tools and how to use them correctly. We’re working on training programs and clear guidelines to help users make the right choices.
🙍♀️ K: What’s next for sensitivity labels and DLP at our organization?
🙍♂️ ATR: We’re expanding the use of DLP to more departments and adding more features to our system. We want to create a culture where everyone is aware of data security and takes it seriously.
🙍♀️ K: Any final advice for our readers?
🙍♂️ ATR: Remember, we all have a role to play in keeping our data safe. Pay attention to the labels, follow the guidelines, and don’t hesitate to ask questions if you’re unsure. Together, we can build a strong defense against cyber threats.
🙍♀️ K: Thanks, ATR, for sharing your insights. Stay tuned for more updates in our next newsletter.