Categories Articles

Microsoft Yammer content monitoring using keywords and match patterns

Most organizations have a legal obligation to make sure that certain types of content are not posted to Microsoft Yammer, Microsoft's intra-organization social networking tool. At its simplest, this might mean taking steps to ensure that employees are not harassing one another or posting defamatory content within Yammer or similar tools. More often, though, organizations use filtering within Yammer to prevent data leakage. For instance, an organization might put into place policies to prevent users from posting sensitive information such as credit card numbers or Social Security numbers to Yammer.

Looking for specific keywords

Although there are a variety of ways to implement content monitoring within Yammer, data leakage prevention is often based on simple keyword monitoring. The idea is that the IT staff can configure Yammer to look for specific keywords and then alert the appropriate person if those particular keywords are used. Keep in mind, however, that Yammer does not block the use of the keywords that you specify. It simply creates an alert when it detects that someone has used one of the designated keywords. That way, the appropriate person can look into it.

The important thing to keep in mind is that even though the keywords you enter can be literal, they don’t have to be. If, for example, your goal is to police the use of profanity and other objectionable content posted to Yammer, then your keyword list would be quite literal. It would be a list of the swear words that don't want your users posting to Yammer. If, on the other hand, you wanted to prevent users from posting credit card numbers to Yammer, then you would need to use a match pattern rather than a literal keyword.

A match pattern is used to detect strings of text that match a predetermined format. Credit card numbers, (at least in the United States), typically consist of four sets of four numbers, separated by spaces. Therefore, if you wanted to screen for credit card numbers, then you would need to create a match pattern that looks for four numbers, a space, four more numbers, another space, four additional numbers, one more space, and then four more numbers. I will come back to this in a moment.

Implementing keyword monitoring within Microsoft Yammer is a relatively easy process. To get started, open the Microsoft 365 admin center, and then launch the Yammer admin center. Upon doing so, select the Monitoring Keywords option found in the Content and Security section. You can see what this looks like in the figure below.


All you have to do now is enter a list of the keywords you want to monitor. Just make sure that you put each keyword on a separate line.

As previously noted, keyword monitoring can be used for a variety of purposes. If your goal is to watch for the use of profanity or other objectionable phrases, you could simply begin making a list of every swear word that you can think of. If that’s your objective, however, Microsoft recommends paying a visit to this site. This site (which is not operated by Microsoft) contains free, downloadable swear word lists for your use. Out of curiosity, I took a quick look at the list contents. From what I was able to tell, the list seems to include both American and British swear words.

Creating Microsoft Yammer match patterns

Conversely, creating a match pattern that can be used to spot data that should not be posted to Yammer takes a little bit more work. Creating match patterns is not overly difficult, but you do have to have a basic understanding of the syntax that is used.

The most basic element of a matching pattern is the \b that must appear at the beginning and the end of your match pattern. Suppose for a moment that you needed to create a match pattern that would spot the use of three-digit numbers (there probably isn’t a real-world use for this, but it makes for an easy example to follow). Here is what the pattern would look like:

\b\d{3}\b

Notice that the match pattern begins and ends with \b. This simply tells Yammer where the match pattern begins and ends. The \d portion of this match pattern indicates that the pattern is looking for numerical digits, while the {3} indicates that the number that in order for a keyword to fit the pattern, there must be three digits in a row.

So, what about something a bit more advanced, like a Social Security number? In America, Social Security numbers consist of three digits, a dash, two digits, a dash, and four more digits (000-00-0000). Here is an example of what a match pattern designed to spot Social Security numbers might look like:

\b\d{3}[ -]\d{2}[ -]\d{4}\b

At least part of this match pattern should look familiar. Like any other match pattern, it starts and ends with \b. Since Social Security numbers start with three digits, the match pattern includes \d{3} just as I discussed a moment ago.

The first three digits in a Social Security number are usually separated from the next two digits by a dash. Hence, the match pattern includes [ -]. Notice, however, that there is a space before the dash. This is a way of telling the match pattern that this position could include either a dash or a space.

The rest of the match pattern includes a similar structure to what you have already seen. The \d{2} indicates that there should be two digits. Next, we see [ -] again, indicating that the position will be filled by a dash or space. Finally, the match pattern includes \d{4} indicating that there will be four more digits.

Match patterns are based on regular expressions and can be far more complex than what I just showed you. In fact, you can even build conditionals into a match pattern. I will likely write about that at some point in the future. For now, though, you can learn more about regular expressions by visiting this Microsoft docs site.

Microsoft Yammer content monitoring: Don't limit yourself

Throughout this article, I have tried to make the point that Yammer keyword monitoring can be used for a variety of purposes. An important takeaway, however, is that you do not have to limit yourself to using the keyword monitoring feature for just one purpose. You could conceivably populate the keyword list with swear words, objectionable phrases, and matching patterns for credit card numbers and other sensitive types of information.

Featured image: Shutterstock

Brien Posey

Brien Posey is a freelance technology author and speaker with over two decades of IT experience. Prior to going freelance, Brien was a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network engineer for the United States Department of Defense at Fort Knox. In addition, Brien has worked as a network administrator for some of the largest insurance companies in America. To date, Brien has received Microsoft’s MVP award numerous times in categories including Windows Server, IIS, Exchange Server, and File Systems / Storage. You can visit Brien’s Website at: www.brienposey.com.

Share
Published by
Brien Posey

Recent Posts

Cybersecurity dangers when an employee goes on leave

While going on leave is good for both organization and employee, there are cybersecurity dangers…

10 hours ago

Top five complaints from remote workers — and how to respond

While many work-from-home employees enjoy the new normal, it is not without its hurdles. These…

17 hours ago

Azure AD administrative units: A go-to tool for Microsoft 365 administration

Limiting administrative scope is surprisingly difficult in Microsoft 365. Luckily, Azure AD administrative units can…

1 day ago

Data privacy regulations: Walking safely through the compliance jungle

Can businesses have a sustainable data privacy policy in a world where ever-changing compliance requirements…

2 days ago

Placing Hyper-V virtual machines on remote storage

We’ve previously showed you how to add a Windows file server to VMM. In this…

4 days ago