Forum Discussion
Odenkaz
Jun 04, 2020Brass Contributor
DLP policies take too long to tag new files uploaded to OneDrive
I work at a financial institution (Bank) and securing information is critical. We are trying to apply DLP policies for when employees begin sharing with external users. We are running tests to s...
Odenkaz
Jun 05, 2020Brass Contributor
Well we are using a default DLP that Office 365 offers which is the GLBA DLP. That one has two rules. one for low volume and one for high volume. They work fine.
The issue here is that it just take too long for the DLP policy to identify a newly uploaded sensitive document in order to tag it and restrict external access to it.
This means that if I (as employee) uploaded a list of 50 SSNs in an Excel to my OneDrive, then shared it to an external user (my own gmail for example) then I can access that content from my gmail within the time limit before the DLP finally tags the document.
I can have within seconds lists of SSNs from the bank's customers which is a big deal in terms of cybersecurity!
So I don't know what can be done to lower the speed at which the DLP goes in identifying sensitive documents.
This is just with 1 external user, imagine if hundreds of users were doing this at the same time, I don't know how long the DLP can last before tagging
aniyahima
Aug 17, 2023Copper Contributor
I have the same issue in August 2023 and I cant find any recommendation or troubleshooting online.