Forum Discussion

Sean O'Farrell's avatar
Sean O'Farrell
Copper Contributor
Jan 28, 2019

Office365 Sensitive Information Types

Hi , In the Office365 portal, It is possible to add a custom sensitive information type via the GUI. It is possible to specify a minimum count for keywords but not for regex.   In reference to this...
compliance
ediscovery
security
ChrisHoardMVP's avatar
ChrisHoardMVP
MVP
Jan 28, 2019
Hi Sean O'Farrell,

Yes, you can build custom sensitive information types in the GUI via the Security and Compliance centre

See this great article by Joanne Klein -

https://joannecklein.com/2018/08/07/build-and-use-custom-sensitive-information-types-in-office-365/

But also here for official documentation which confirms it can be built in the GUI.

https://docs.microsoft.com/en-gb/office365/securitycompliance/create-a-custom-sensitive-information-type?redirectSourcePath=%252fsl-si%252farticle%252fCreate-a-custom-sensitive-information-type-82c382a5-b6db-44fd-995d-b333b3c7fc30

Best, Chris
  • Sean O'Farrell's avatar
    Sean O'Farrell
    Copper Contributor
    Jan 28, 2019

    Hi Chris, I know I can build custom information types in the GUI. The GUI does not allow the minimum count for regex,  only keywords. That is why I am creating them in xml and then importing them via powershell.

    • ChrisHoardMVP's avatar
      ChrisHoardMVP
      MVP
      Jan 28, 2019

      Hi Sean,

      Thanks - I read it as is it as opposed to it is!

      I have raised a uservoice for you on the GUI.

      https://office365.uservoice.com/forums/289138-office-365-security-compliance/suggestions/36648940-custom-sensitive-information-type-allow-minimum

      I am going to raise this to the Sec and Compliance Microsoft Team to see if we can get an answer -

      Ryan Heffernan - see above string from Sean. With regards custom sensitive information types how do we specify a minimum count for a regex defined in the xml? It would be great to get an answer on this.

      Best, Chris

      • Adam Jung's avatar
        Adam Jung
        Former Employee
        Jan 30, 2019

        Posting this on behalf of the DLP product team:

         

        In custom sensitive type is defined by patterns with 2 elements – idMatch and Match. Both these elements could take Regex, Keyword or Dictionary or built-in functions.

         

        There are key differences between idMatch and Match.

        1. idMatch –enables detecting the sensitive content in document (like a credit card number)
        2. match – enables detection of supporting evidence in the proximity of idMatch (like words like “CVV”, “Credit Card”, “VISA” etc..,)

         

        Min Matches

        For a match element, min match count allows setting requirement to minimum number of supporting evidence to found to match pattern. As mentioned match could be a keyword list or a Regex.

         

        Single match of idMatch along with required matches will identify a sensitive content found in document. In DLP Policy, the customer could configure the min and max number of sensitive type (like Credit cards) required to be found.

Resources