Secure Handling of Sensitive: Data Developing a DLP Standard for Data-Sensitive SMEs

SMEs that handle sensitive data face rising legal and security demands but often lack the resources to effectively protect against data loss. This thesis presents a practical Data Loss Prevention (DLP) framework for Microsoft-based SME environments, combining research findings with tool testing.

Nicole Kaufmann, 2025

Art der Arbeit Bachelor Thesis
Auftraggebende TCA Thomann IT Security + Services AG
Betreuende Dozierende Härer, Felix
Views: 5
TCA supports SMEs in industries such as legal services, finance and healthcare, where compliance with the GDPR and nFADP is essential. Many of these customers are seeking data loss prevention (DLP) solutions but have limited budgets, staff, and expertise. Existing tools are often too complex or resource intensive. TCA required a practical DLP framework that would address the limitations of SMEs while providing robust protection for sensitive data.
The work began with a literature review to define DLP concepts, identify threats and outline legal requirements. Additionally, a requirements analysis for SMEs and TCAs served as the basis for selecting the tools. Microsoft 365 Purview, Safetica and Forcepoint were evaluated, with Purview and Safetica being tested in practice. Their features, integration and usability were assessed, and the results were combined with research findings to create a step-by-step, risk-based framework for SME-friendly DLP implementation.
The analysis revealed that SMEs struggle with high costs, complexity and a lack of expertise in the field of DLP. Microsoft 365 Purview proved effective for protecting clouds and emails, especially in Microsoft-integrated environments, while Safetica offered simpler endpoint configuration and strong local protection. Forcepoint could not be practically tested but served as a reference. The framework developed includes modular steps for role definition, tool introduction and policy setup, starting with the most critical data types. The focus is on step-by-step implementation to reduce disruption, integration with existing infrastructure to reduce effort, and ongoing user training to ensure compliance. For TCA customers, the combination of Purview for Cloud/Email with Safetica for Endpoints offers a balanced approach. The framework enables SMEs to meet legal requirements, strengthen data protection, and maintain daily operations without excessive complexity or costs, providing TCA with a repeatable framework for future implementations.
Studiengang: Business Information Technology (Bachelor)
Keywords Data Loss Prevention (DLP), Small and Medium-Sized Enterprises (SMEs), Microsoft 365 Purview , Safetica , DLP Framework,
Vertraulichkeit: vertraulich
Art der Arbeit
Bachelor Thesis
Auftraggebende
TCA Thomann IT Security + Services AG, Muri
Autorinnen und Autoren
Nicole Kaufmann
Betreuende Dozierende
Härer, Felix
Publikationsjahr
2025
Sprache der Arbeit
Englisch
Vertraulichkeit
vertraulich
Studiengang
Business Information Technology (Bachelor)
Standort Studiengang
Brugg-Windisch
Keywords
Data Loss Prevention (DLP), Small and Medium-Sized Enterprises (SMEs), Microsoft 365 Purview , Safetica , DLP Framework,