Here
Here
Here
and
Here
Now we have an exciting development where you can finally! create custom sensitive information types in a GUI. Prior to this you had to use PowerShell. This means you don’t necessarily have to create an XML in order to create a new Sensitive Information Type. So what is this new process in the GUI like?
Creating your own in the Security and Compliance Center
First we need to log into the Security and Compliance Center with an account that has the correct rights in order to log in as well create these new objects. Once logged in, click on ‘Classifications’ and then on ‘Sensitive Infor Types’:
Then we see the ‘Create’ button that has begun to appear in the Security and Compliance Center:
In the new Sensitive Information Type creation, we need to provide a name, but a description should also be entered so that it can be referenced after the new information type is created:
Once the initial name and description is give, we can now proceed to adding the items that the criteria for the sensitive information type.
Create the Sensitive Information Type with a Matching criteria (Elements), but there can also be one or more Supporting elements to help support the detection method. Supporting elements can be a regular expression, keyword list, or dictionary.
“Requirements for matching: You must add a matching element, which is the sensitive info that this type will look for in content. To increase the accuracy of detection, you can optionally add multiple supporting elements. When the matching element is detected, at least one supporting element you add must be found within your specified proximity of the matching element for this type to be matched.”
In addition to a main element to match, supporting or collaborating elements can also be defined:
Supporting elements can be added and deleted:
Additionally we can change the default confidence level of 60%:
We can also adjust the character proximity of the matching elements and the supportive elements.
If there are no supporting elements, this value can just be left at the default of 300 as it won’t be taken into account when finding the Matching Element. Once all of the settings are in place, we can review our new Sensitive Information type.
After the new type is created, it now shows in your list of available types:
We can also go back to the same type and change its characteristics if we want to:
The new type can also be tested, which is a great new feature. In the below sample, a keyword sensitive information type was created for testing:
For a sample test, I put the keywords into the file and then filled the rest of the doc with junk:
For the test, I browsed and selected the file. Then clicked Test:
Test then performs an analysis and generates this:
Notice that both Matching and Supporting elements could be called out, depending on the match. Very useful for testing before going into production.
Conclusion
So my feeling is that this is a great feature added to the Security and Compliance Center. Much easier than generating your own XML either by hand or by script. So if you were looking to create your own sensitive data typed, then this will save you the effort of creating an XML file.
Now we just need the fingerprint feature added to the Security and Compliance Center since it was removed from the Exchange Admin console in Office 365.
