Forum Discussion
Bring back old DLP actions
We're working to ensure best practice across clients and protect sensitive information from being shared in unencrypted messages, but rather than having to trust that users will remember to encrypt all of their emails that may contain sensitive data it would be nice to be able to set up a DLP policy to auto encrypt messages that breach DLP. We used to be able to, and it guaranteed moderate protection with minimal impact. Why was this option removed from DLP? Now the only action that we can take is to completely block the messages from being sent. How does that make sense? Many agencies have to communicate sensitive information back and forth, and it should be encrypted. The only current work around I see is to set up a mail flow rule to encrypt all messages, which would cause a larger potential impact on end users outside of the organization, leading to complaints to the company and potential loss of clients and/or profits. Which is not ideal.
Microsoft, please stop rolling out half finished platforms and retiring in place and perfectly functional ones before you have a fully working replacement!
4 Replies
AakashMalhotraMicrosoft
Encrypt action is still available in DLP. Do note that this is a supported action for Exchange only policies
It isn't on mine. See attached.
I had a Microsoft agent on the phone when I was looking at them and he confirmed that DLP encryption wasn't available.
Is there a specific configuration that will make it available in policies, and if it isn't just right it won't be?
- AakashMalhotra
Do you have RMS templates created and appropriate RBAC roles to read them?
