Forum Discussion

Pekka Karppinen's avatar
Pekka Karppinen
Copper Contributor
Sep 20, 2018
Solved

Whitelisting domain in DLP policy

Does anyone know, if there is any way to whitelist a domain in DLP policy? The problem is that we are sharing documents from SPO site to a trusted partner domain and don't want to get the DLP warnin...
data loss prevention
microsoft 365
  • VasilMichev's avatar
    VasilMichev
    Sep 21, 2018

    The article shows you how to configure conditions/exceptions, it doesn't list them all...

Shikhar Raj's avatar
Shikhar Raj
Icon for Microsoft rankMicrosoft
Dec 09, 2021

Please try creating a separate DLP Policy just for exchange Online and then you can have all the different exclusions you will need.

Jean-Christophe_VD1070's avatar
Jean-Christophe_VD1070
Copper Contributor
Sep 01, 2022
Are there new updates on this topic ? In large companies, the option to manage whitelists by exceptions can lead to management nightmares. Large companies work with hundreds or thousands of external partners. Ideal situation would be to be able to automate feeding of whitelisted domains with external consolidated list and just have a role in the organization completing a mapping between some sensitive info type and the associated vendors. Management of such thing in each rule /policy individually is not a sustainable model in large organsiations.
  • sbonn's avatar
    sbonn
    Copper Contributor
    Oct 31, 2024
    we too concluded that the administrativve overhead, plus the high amount of whitelisted domain to dept exclusions would lead to failure (a DLP policy has a size limit)

    so we end up without a solution for now and let everything out and a 1FTE monitoring everything that gets out.... not ideal

Resources