08-02-2017 05:52 PM
08-02-2017 05:52 PM
Cross-posting from the Security/Compliance Community as I'm hoping to get some answers ASAP:
I'm trying to roll out Office Message Encryption (OME) in EOL (E5 org). Having a major problem in my testing with the ICD 9/10 Sensitive Info types catching WAY too much (i.e. the word 'system'), not to mention the inability to combine and use logical (AND/OR) operators to be able to focus my Transport Rules. I also need to be able to easily tune the lexicon and/or Sensitive Info types in response to false positives, org needs, etc.
I ran across a 'New Feature' announcement on the O365 Admin portal just now, which seems to indicate that some of the exact needs I'm working on with Premier Support are now (as of Jul 31) available.
New features: Office 365 Data Loss Prevention MC111748 July 31
Included features of note:
There's also the 'Create A Keyword Dictionary" document that may be helpful, but I'm having problems with some of the commands:
Ideally, I'd like to export the ICD 9/10 dictionaries, make some edits, and then import them as NEW custom keyword dictionaries for use in a custom info type and (ideally) DLP policy. I also need to be able to create and have an ongoing management process for my dictionaries, which the above KB indicates is possible.
Is this actually available across all tenants? If not, is there a way to check and get it pushed to ours ASAP?
Finally, is this only doable in the Sec/Compliance center? Is there any way to link things up with the Transport Rules I need to create to protect PII in Exchange Online? It appears that the EOL and SCC DLP environments can't even see each other and thus things set up in one can't be used in the other. I know there is a plan to move everything into SCC, but right now I need this in EOL for usage in OME.
Alternatively, can I create these same dictionaries, custom info types, and policies in Exchange with EOL Powershell?