Forum Discussion
Solved
DLP Exclusions
Hi,
We'd like to setup a DLP Policy to inform me when someone shares more than 10 credit card numbers via an email, except when it is sent from a specific internal email "clientservices@adatum.com".
We have created a new DLP Policy that does notify me when anyone sends more than 10 credit card numbers. We then created a Distribution Group, containing the account of "clientservices@adatum.com", and added this DL to the Exclusion List (as per screenshot).
However, I am still receiving notifications from all accounts that send more than 10 credit card numbers, including "clientservices@adatum.com".
What have we done wrong in the DLP Policy configuration?
Thank you
SK
- The list of available conditions/exceptions depends on the "workloads" selection for the DLP policy. To see the exceptions I was referring to, go back to the policy settings and only select Exchange as the workload.
- You need to add the exclusion in the DLP rule, not the policy. Do note that in order to be able to use such exceptions, the DLP policy must be using Exchange as the location (avoid adding other locations).
Thank you for replying.
Are you able to be more specific please?
If I look at the rule, and more specifically the "Exceptions" section, I can only set exceptions for:
- Except if content contains
- Except if content is shared from M365
- Except if attachment's file extension is
- Except if document property is
None of these exception options allow me to stipulate the source email address though?
Is there another rule setting I should be looking at?
Thank you,
SK
- The list of available conditions/exceptions depends on the "workloads" selection for the DLP policy. To see the exceptions I was referring to, go back to the policy settings and only select Exchange as the workload.
