Forum Discussion

Dreamsat's avatar
Dreamsat
Brass Contributor
Aug 21, 2019

Data Loss Prevention send me as global admin alot of emails but the hit is incorrect

We are using O365 with SharePoint, OneDrive for Business, Exchange, Teams, Skype for Business etc..I created a new DLP policy for "Exchange email, Teams chats and channel messages and OneDrive and SharePoint documents" and selected the privacy GDPR template for EU. I disabled the tooltip and notification settings for the endusers. I only enabled to send an email to my own emailaddress to test it first.

 

I receive now alot of emails from DLP hits. But I investigate the hit and it is false possitive. For example the sensitive info type "EU National Identification Number" gives a hit if the email contains a number like "0611133218". But this number is a phonenumber in an email! How can I finetune the rules so it will send only an email if it is a real hit?

Resources