The Data Loss Prevention (DLP) feature in the new Exchange will help you identify, monitor, and protect sensitive information in your organization through deep content analysis. DLP is increasingly...
Updated Jul 01, 2019
Version 2.0
Blog Post
@Joe: it's more flexible than a simple regex, but despite that I think how false positives are addressed here is part of the beauty of this solution.
With typical DLP solutions, if you get a false positive you have significant overhead or loss of productivity when things don't reach their intended recipients. With Exchange's DLP integration you can involve the user in the decision (without the user having to take the initiative) in real time as the content is being written, so you can avoid making the wrong call without much overhead (the user doesn't even get to send the message before finding out what's going to happen, and can potentially ask for an exception in real time). And even if you are overzealous in protecting content and end up protecting lots of content that looks suspicious, IRM policies allow you to get the data to its intended destination with certain usage restrictions applied, which significantly reduces the impact of a false positive compared to blocking content altogether.