Forum Discussion

Afsar_Shariff's avatar
Afsar_Shariff
Brass Contributor
Jun 14, 2023

Does Microsoft DLP has a condition to check mail is encrypted or not?

Hello Everyone   Please let me know if this use case is possible?   Does DLP has the condition available to check whether mail is encrypted or not, based on that I want to allow or block   I un...
Afsar_Shariff's avatar
Afsar_Shariff
Brass Contributor
Jun 15, 2023
I am looking for outbound, if any mail is going outside which is encrypted should be allowed.
miller34mike's avatar
miller34mike
Iron Contributor
Jun 15, 2023

Hi Afsar_Shariff 

 

So, if you want all outbound emails encrypted, regardless of content, you could just use the conditions of:

Content is shared from Microsoft 365 - with people outside my organization

 

and then set the action of:

 

Restrict access or encrypt the content in Microsoft 365 locations - Encrypt email messages (applies only to content in Exchange) and choose a protection template like "Encrypt".

 

The protection template "Encrypt" as well as "Do Not Forward" are pre-built templates but you may see other options if you're leveraging sensitivity labels that apply encryption settings.

 

 

 

Alternatively, you could block any email that is not labeled and the message type is not Encrypted or Permission Controlled.

 

 

To build the conditions above, start with content is not labeled, then hit "Add group" > change the toggle to OR and then the group toggle to NOT then set the message type is Encrypted OR Permission Controlled

 

 

 

 

 

Resources