Forum Discussion
US SSN DLP Policy
I have a Transport Rule set up to auto encrypt emails sent from our tenant to external users if they have an SSN in the body of the email or an attachment. It is hitting on some documents that do con...
I guess modifying the default/creating a new custom sensitive type for SSN is one way to do this: https://support.office.com/en-us/article/Create-a-custom-sensitive-information-type-82c382a5-b6db-44fd-995d-b333b3c7fc30
Raising the confidence level might help as well.
Yea I read over that document. I just dont know what to modify in the XML to exlude the xxx-xx-1234 pattern.
I have exported the xml file of our current rules and located the US SSN Section, but I do not understand it well enough to modify it properly.
Well it's based on regex, so you just need to find the correct syntax. For example, this will match any SSN and not match any xxx-xx-1234 pattern
^(?!xxx-xx-\d{4})\d{3}-(?!00)\d{2}-(?!0{4})\d{4}$