Data Loss Prevention helps protect users by safeguarding sensitive data across key university storage platforms

To further strengthen data security controls and align with the Center for Internet Security (CIS) Implementation Group 3 (IG3) standards, Collaborative Computing Solutions (CCS) developed a three-year plan to deploy data loss prevention (DLP) workflows for data stored in Microsoft 365, Google Workspace, and on endpoints managed by Microsoft Intune. 

This plan implements a set of policies and tools designed to safeguard users as they work with sensitive data, helping to prevent unauthorized disclosure, transfer, or deletion of university data. DLP is also intended to guide university users in complying with various regulations and standards regarding data privacy and security. It provides a comprehensive and actionable roadmap for enhancing data security and governance at the university. 

It also aligns with two goals from Virginia Tech’s IT Transformation Program: 

• Deploy an endpoint DLP solution for Virginia Tech-owned desktops and laptops. 
• Strengthen security controls to comply with CIS’s Critical Security Controls IG3 standards. 

The plan aims to achieve the following benefits for the university:

• To reduce the risk of data breaches and data leakage, which can result in legal liability, regulatory fines, reputational damage, or security issues
• To enhance transparency and control over the data lifecycle, improving data governance, quality, and security
• To increase awareness and accountability among users and stakeholders regarding data protection, fostering a culture of trust and responsibility
• To protect existing sensitive data stored in Virginia Tech’s Microsoft 365 environment

This work fostered successful collaboration among departments and stakeholders. The plan paves the way for Virginia Tech to ensure that data security measures are effectively implemented and maintained, creating a unified and secure environment for all users.