The course is part of these learning paths
Data protection is probably the central area of concern regarding system security. The proliferation of online systems means tension between data privacy and usability. The key to a usable but safe data environment is knowing what level of protection needs to be applied to different data, that is, how to classify data. In the past, this has been a predominantly manual and subjective exercise. As data volumes have expanded exponentially, there is a need for automated data classification systems. This course looks at the data classification technologies available through the Microsoft 365 compliance portal.
Learning Objectives
- Overview document protection and data classification
- Learn how to create a sensitive information type
- Learn how to implement Exact Data Matching
- Learn about trainable classifiers
- See how to view classified data with Content Explorer
Intended Audience
- Students working towards the MS-101 Microsoft 365 Mobility and Security exam
- Those wanting to learn about data classification and how it's implemented in the Microsoft 365 compliance environment
Prerequisites
- Have taken the Introduction to Sensitivity Labels and A Practical Guide to Sensitivity Labels courses, or have an excellent grasp of sensitivity labels and how they are created and managed within the Microsoft Purview portal
Content Explorer lets you view files by labels, info types, or categories and can be found under data classification. Before we go in, let's take a quick look at the overview page. I'm not too surprised about IP address v4 being the most used sensitive info type, but international classification of diseases is surprising. 234 activities are about 232 more than I've manually carried out, so we can deduce that automated labeling is working in the background as expected.
Clicking the Content explorer tab takes us into the purview root encompassing Exchange, OneDrive, SharePoint, and Teams. I've got to say when I first went in here, I was surprised at some of the unexpected information types that are in my files. Slovakian personal number and Bulgaria Uniform Civil Number caught my eye, so let's drill down and see what one of those looks like – with the full expectation that it will look like something else and has been misclassified. Now I did not expect this, especially as I'm a global administrator. To explore the content, you need to belong to the Content Explorer list viewer group, and to view the content, you need to belong to the Content Explorer content viewer group.
Alternatively, you can be assigned the compliance administrator or the compliance data administrator role to explore the content. However, you will still need the Content Explorer Content viewer role to view the content. I'll assign the relevant roles through the compliance portal by selecting permissions from the main menu on the left. As you can see, there are many purview roles, so I'll use the search function to find the content explorer roles. Now I'll assign myself to those roles.
Role assignment is a familiar process, although it seems more involved in the compliance portal. With both roles assigned, let's go back and look at the Bulgarian uniform civil number. Ahhh. I see this info type and several more regionally specific types are related to automatically generated CSharp internationalization files from a Xamarin project. That makes sense. Unfortunately, New Zealand inland revenue number is not an unexpected info type.
I've found the content explorer interface a little sluggish, but you'll notice as I drill into the folders the info types displayed in the left column change. Microsoft purview pulls file stats from the purview data map to dynamically display relevant info types as you navigate content. This is not a trivial task and explains the lackluster performance. Having said that, it's unlikely many users will be browsing content explorer as you might file explorer.
Activity explorer enables you to drill into labeling activities. You can filter by sensitivity label, user, location, activity type, and date. Label applied is the most common activity due to a rule I set up on the Project BB label to have it automatically applied to relevant documents.
Hallam is a software architect with over 20 years experience across a wide range of industries. He began his software career as a Delphi/Interbase disciple but changed his allegiance to Microsoft with its deep and broad ecosystem. While Hallam has designed and crafted custom software utilizing web, mobile and desktop technologies, good quality reliable data is the key to a successful solution. The challenge of quickly turning data into useful information for digestion by humans and machines has led Hallam to specialize in database design and process automation. Showing customers how leverage new technology to change and improve their business processes is one of the key drivers keeping Hallam coming back to the keyboard.