Forum Discussion
A_AronL
Jun 02, 2020Copper Contributor
DLP Policy, overriding and false positives
Hey guys,
We have a DLP policy in our environment to disallow our users from sending SSN numbers, HIPAA info, drivers license numbers, etc outside of our environment. If something is picked up and flagged is there any way to override and allow it through as an Admin or are we pretty much stuck letting the users report it as a false positive and letting it through on their end?
I've looked through the reports, and security and compliance area and haven't found anything but wanted to check and see if anyone here knew of alternatives.
You can configure end-user override as part of the rule configuration, via the "Let people who see the tip override the policy and share the content." setting. If you want only admins to be able to override, you need to use a mail flow rule with "moderate" action, meaning you are limited to the "legacy" DLP experience and only Exchange Online content.
You can configure end-user override as part of the rule configuration, via the "Let people who see the tip override the policy and share the content." setting. If you want only admins to be able to override, you need to use a mail flow rule with "moderate" action, meaning you are limited to the "legacy" DLP experience and only Exchange Online content.
- A_AronLCopper ContributorAwesome, thanks man! I've ran into a few options we want that are only available with mailflow rules.