- Kick-off workshop
- Requirements gathering
Current environment assessment
- Onsite/remote review of client systems to gather and capture information about existing infrastructure.
- Identify potential challenges in these solutions.
- Pre-requisites checking.
- License requirement
- Network requirement
Work with Cafe De Carol for the prerequisite preparation
- Prepare an Enterprise Admin Account for the Data Protection related features deployment.
- Suggestion on Firewall Ports and internal route requirement
- Suggestion on how to enable DLP/MIP integration design between M365 Services and Endpoint devices.
- Sharing on Common Best Practices DLP/MIP configuration
Work with Cafe De Carol to define data protection polices and use cases
- Conduct Workshop(s) with IT / Compliance team.
- Review existing business use cases and compliance requirements for Hong Kong end users
- Demonstrate different MIP/DLP use cases.
- Design and recommend related MIP/DLP policies and use cases based on collected information.
- Define MIP/DLP data protection polices for Cafe De Coral
Enable O365 + Endpoint Security Configuration
- Enable DLP for Microsoft 365
- Configure DLP for Office 365 (MS Teams / SharePoint Online / Exchange Online / OneDrive for Business)
- Configure DLP for Endpoint (Windows Desktop)
- Configure sensitive info types based on default PII information
- Configure DLP policies, notifications, and actions in multiple of channel including MS Teams / Sharepoint Online / Exchange Online / OneDrive for Business / Windows Desktop. Limit up to 5 DLP policies and 10 rules per policy.
- Install Endpoint DLP to PC/Notebook (e.g. through Microsoft GPO/Intune or other software deployment tool), limit up to 500 endpoints
- For the one-by-one endpoint installation situation, limit up to 30 devices manual installation and provide the installation procedure with screenshot to customer
- Deploy to Pilot users to cover pilot Departments
- Dashboard and Reporting configuration
- Configure email alert
- Configure admin notification
- Configure role-based account and user assignment
- Enable MIP for Microsoft 365
- Setup up to MIP Manual Label policy and Integration with MS Teams / Sharepoint Online / Exchange Online / OneDrive for Business / Windows Desktop
- Setup up to MIP Auto Label policy and Integration with MS Teams / Sharepoint Online / Exchange Online / OneDrive for Business / Windows Desktop
- Configure different label / classification for different actions (e.g. Block OneDrive Sharing with sensitive label)
- User Acceptance Test
Project handover
- Configuration document for DLP/MIP
- One day skill transfer to cover M365 DLP/MIP Administration
- Half day end user training session to cover M365 Data Protection use cases
- Project closure workshop