Forum Discussion

Robert Marshall's avatar
Robert Marshall
Copper Contributor
Mar 31, 2017

DLP Policy Slow to Screen New Files in OneDrive For Business and SharePoint Online

Hello Everyone,

 

I have enabled some DLP policies in Office 365 security center, and these apply to OneDrive for business and SharePoint Online.

 

So far these policies are working and preventing data from getting shared to un-authorized recipients. However, if I create/upload a new file in my OneDrive For Business, I can share the file with external people within the first 10 to 15 minutes of upload/create. After about 10-15 minutes the DLP policy kicks in and locks down the new file, but it's too late, the file is already shared!

 

Any idea how to force new files to get scanned by the DLP policy engine immediatly?

 

Thanks,

Robert

    • aniyahima's avatar
      aniyahima
      Copper Contributor
      Hi, I have the same issue but in this case it takes more than 24 hours and to scan new files it takes more than 3 days, that is crazy. The link you provide it has a 404 Not found. Any idea how can we force to scan all my tenant in search of a matched rule or policy?
    • Robert Marshall's avatar
      Robert Marshall
      Copper Contributor
      Hi Vasil,

      Thank you for your reply. This is unfortunate, as my organization is a financial institution. We value DLP over user productivity because the data we have simply can't get leaked. It seems the only way to guarantee that sensitive data won't get shared is to keep it on premise. Hopefully Microsoft will introduce a feature that can disallow sharing until DLP clears a document.
      • VasilMichev's avatar
        VasilMichev
        MVP

        Well if memory serves, the document will get locked upon detecting any DLP policy matches, so even if it was shared during that short interval, it will not be accessable by external users.

Resources