Skip to main content

E8-IBP-Australia Financial Data

This policy aims to identify and manage sensitive financial information within the organisation, ensuring compliance with data protection standards.

How does this align with Essential Eight?

  • πŸ” Restrict Administrative Privileges

    • This policy enforces access boundaries by detecting when sensitive financial data is shared externally.

    • This supports the principle of least privilege and help prevent unauthorised data exposure.
      ​

🧾 Policy Overview

  • 🧭 Name: E8-IBP-Australia Financial Data

  • πŸ” Type: Data Loss Prevention (DLP) Simulation Policy

  • πŸ“ Scope: Exchange, SharePoint, OneDrive for Business, Teams, On-Premises Scanner

  • πŸ§ͺ Mode: TestWithoutNotifications (Audit)

  • πŸ› οΈ Status: Distribution Pending (Sync Successful)

  • πŸ“¦ Target Locations: All Exchange, OneDrive, SharePoint, Teams, On-Premises Scanner

  • πŸ”‘ Minimum Licensing Requirement: Microsoft 365 Business Premium

🧠 Detection Logic

This policy helps detect high volumes of sensitive financial data in Australia, including:

  • πŸ’³ Credit Card Numbers

  • 🏦 Australia Bank Account Numbers

  • 🧾 Australia Tax File Numbers

  • 🌐 SWIFT Codes

Detection is based on confidence levels and minimum counts:

  • High volume rule triggers on β‰₯10 instances

  • Low volume rule triggers on 1–9 instance

πŸ“£ Notifications & Alerts

  • πŸ”” Alerts generated for Site Admin

  • πŸ“§ Notifications sent to Site Admin, Last Modifier, and Owner

  • πŸ“Ž Email attachments included in notifications

  • 🚫 No quarantine or access blocking (simulation mode only)

Related Articles
E8-IBP-PCI Data Security Standard (PCI DSS)
E8-IBP-Australia Privacy Act
E8-IBP-Australia Health Records Act (HRIP Act)
Did this answer your question?