I was tasked with backing up local and OneDrive data, which I've completed. Now, I'm looking for ways to stop a user from taking sensitive data with them to a competitor without completely locking them out of their Active Directory and Microsoft 365 accounts. What measures can I realistically implement under these circumstances?
4 Answers
It really comes down to whether you have access to Microsoft Purview. You should set up Data Loss Prevention (DLP) policies that safeguard your data across the board. Waiting until someone is leaving to react often leads to problems down the line. These policies should protect against accidental or malicious data leaks.
Right? DLP is definitely a must-have for every organization!
The unfortunate truth is that if someone’s already told you they’re leaving, they may have already made copies of sensitive files. Preventative measures like NDAs and DLP policies need to be established before potential issues arise. Once it's at this stage, you might be looking at legal avenues rather than technical fixes.
Exactly! Data should be considered at risk once someone is on their way out.
If you control their devices, you might consider changing their passwords and moving OneDrive data swiftly to clear any cached files. Monitor to ensure data's been synced down, then disable their accounts and remotely wipe any MDM devices. This helps limit what they can take with them.
That’s a solid plan! Definitely takes some proactive measures.
If you're concerned about insider threats, the best immediate action is locking them out. If it's clear that this person might take sensitive company information, cut their access now before it’s too late. Better safe than sorry!
Absolutely agree. If you can't control access to sensitive info, it's better to terminate access immediately.
For sure, getting access cut is crucial if there's a risk involved.
Absolutely! DLP should be in place for all employees to avoid knee-jerk reactions. It's a bummer to realize too late!