Forum Discussion

Cameron_Stephens's avatar
Cameron_Stephens
Copper Contributor
Jan 03, 2024

Ignoring the contents of an email attachment

I have an insurance customer who sends emails to clients that have PDS documents attached.  These  documents aren't sensitive but they do contain terms that trigger medical related DLP policies which they don't want.  I can configure the policy conditions to ignore files with the word 'PDS' in them, but then the policy wont trigger if it has sensitive content in the body of the email or other attachments. Is there a way to ignore the PDS attachment while still triggering for sensitive content found in other parts of the email?

 

Thanks.

  • msmithseattle's avatar
    msmithseattle
    Copper Contributor

    One thought, you could consider using sensitivity label encryption instead of DLP to allow different permissions for different groups when PDS documents are identified.

    • Cameron_Stephens's avatar
      Cameron_Stephens
      Copper Contributor

      Thanks for your reply, we ended up coming up with the following possible solutions.

      1. Create a custom medical SIT and have it ignore instances if they are near the word 'PDS'.

      2. Create an additional, higher precedence rule in the policy with the condition that a document with the word 'PDS' in it exists, but increase the medical term instance count. Subsequent rules would look for just the medical terms with the standard number of instances.

      3. Change the business process and link to a hosted version of the PDS rather than attaching it to the email.