Forum Discussion

Afsar_Shariff's avatar
Afsar_Shariff
Brass Contributor
Jun 14, 2023

Does Microsoft DLP has a condition to check mail is encrypted or not?

Hello Everyone

 

Please let me know if this use case is possible?

 

Does DLP has the condition available to check whether mail is encrypted or not, based on that I want to allow or block

 

I understand it is not possible, if there is Microsoft reference article to prove that. It will be great help. Thank you

 

 

  • Hi Afsar_Shariff 

     

    You have a couple different options here. You could look for "message type is" and select Encrypted or Permission Controlled. Encrypted would look for S/MIME encryption and Permission Controlled would look for RMS templates like Encrypt only, Do Not Forward (DNF) etc. 

     

     

    Frome there you could alternatively use the condition "Content is not labeled" if you're leveraging sensitivity labels and block the message from sending if it is not labeled.

     

    Are you looking to control inbound or outbound messages based on encryption? This will change the actions you would need to use.

     

    • Afsar_Shariff's avatar
      Afsar_Shariff
      Brass Contributor
      I am looking for outbound, if any mail is going outside which is encrypted should be allowed.
      • miller34mike's avatar
        miller34mike
        Icon for Microsoft rankMicrosoft

        Hi Afsar_Shariff 

         

        So, if you want all outbound emails encrypted, regardless of content, you could just use the conditions of:

        Content is shared from Microsoft 365 - with people outside my organization

         

        and then set the action of:

         

        Restrict access or encrypt the content in Microsoft 365 locations - Encrypt email messages (applies only to content in Exchange) and choose a protection template like "Encrypt".

         

        The protection template "Encrypt" as well as "Do Not Forward" are pre-built templates but you may see other options if you're leveraging sensitivity labels that apply encryption settings.

         

         

         

        Alternatively, you could block any email that is not labeled and the message type is not Encrypted or Permission Controlled.

         

         

        To build the conditions above, start with content is not labeled, then hit "Add group" > change the toggle to OR and then the group toggle to NOT then set the message type is Encrypted OR Permission Controlled

         

         

         

         

         

Resources