I'm trying to determine if it's possible to create a custom action for a DLP policy. For example, if an email is determined to have personally identifiable information (SSN, Account Num, Date of Birth), can I append a word to the subject line of that email before sending it out? The compliance center doesn't seem to have this available, however perhaps there is somewhere else this can be accomplished.
The reasoning behind this is we are currently utilizing another vendor for secure mail. Sometimes that vendor doesn't auto-detect PII on items that Microsoft does. However, I want to continue using that secure mail solution. I have the solution configured to send anything with the word "Secured" in the subject line as a secure message.
Any guidance on this would be greatly appreciated.
This is actually a lot easier than I thought it was! I had to modify the locations to apply my DLP policy to only include Exchange. Once that was completed, more actions became available to me to choose from. One of those included prepending an email subject. Very happy about this!