Great video. can you do a deep dive into Insider risk management , Looks like one of those topics that Most Data security professionals are struggling to connect :) thank you very much
So the built in SITs will be fine for many use cases. If you want more dynamic conditions where the classifier can learn based on samples you provide to teach it - then use Trainable classifiers. EDM allows you to define very specific and exact conditions to be matched. 3 great options.
I would also add custom SITs are a great way to identify, protect and govern potential dark data, niche high value or sensitive content not defined by MS, but if a data breach occurred would be damaging to the organisation etc. As you will know these can be RegEx, keywords list/dictionary, primary/secondary to help influence accuracy on matches. Enjoy
Also, if this is to allow DLP to pick up on specifics, why not just have the custom sits, out of the box sits within the policy AND OR, then also using count, 1-10 or more.... If we have to go through the process of creating a number of custom types because of partial matches and this is only being used to auto label/apply DLP it seems it still the same but instead of calling the SITs within the Labels or DLP policy you just call the EDM that has the SITS defined in it...
Im onboarding to a client that uses MS Purview DLP. These videos helped me upskill. Thank you
You are so welcome. Glad I could help. 😀
great video! Thank you Peter
Thank you so much for the kind words again!! 😊
Great video. can you do a deep dive into Insider risk management , Looks like one of those topics that Most Data security professionals are struggling to connect :)
thank you very much
Hey, thanks for the kind words. I've done a vid on Insider Risk Mgt. You can find it here. ua-cam.com/video/_C9D-3qmHms/v-deo.html
Thanks Peter,
Can you please explain when to use EDM, OOTB SIT, Trainable classifier.
Thanks.
So the built in SITs will be fine for many use cases. If you want more dynamic conditions where the classifier can learn based on samples you provide to teach it - then use Trainable classifiers. EDM allows you to define very specific and exact conditions to be matched. 3 great options.
I would also add custom SITs are a great way to identify, protect and govern potential dark data, niche high value or sensitive content not defined by MS, but if a data breach occurred would be damaging to the organisation etc. As you will know these can be RegEx, keywords list/dictionary, primary/secondary to help influence accuracy on matches. Enjoy
Also, if this is to allow DLP to pick up on specifics, why not just have the custom sits, out of the box sits within the policy AND OR, then also using count, 1-10 or more.... If we have to go through the process of creating a number of custom types because of partial matches and this is only being used to auto label/apply DLP it seems it still the same but instead of calling the SITs within the Labels or DLP policy you just call the EDM that has the SITS defined in it...