Data loss prevention (DLP) on outgoing mails with attachments

%3CLINGO-SUB%20id%3D%22lingo-sub-1109503%22%20slang%3D%22en-US%22%3EData%20loss%20prevention%20(DLP)%20on%20outgoing%20mails%20with%20attachments%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1109503%22%20slang%3D%22en-US%22%3E%3CP%3EI'd%20like%20to%20check%20the%20attachments%20of%20outgoing%20mails%20from%20a%20certain%20mailbox.%3C%2FP%3E%3CUL%3E%3CLI%3ECheck%20whether%20the%20name%20of%20the%20attachment%20contains%20the%20contractnumber%20specified%20in%20the%20subject%3C%2FLI%3E%3CLI%3ECheck%20whether%20the%20contents%20of%20the%20attachments%20contain%20the%20contractnumber%20specified%20in%20the%20subject%3C%2FLI%3E%3CLI%3ECheck%20if%20the%20emailadres%20the%20mail%20is%20send%20to%20is%20linked%20to%20the%20contractnumber%20specified%2C%20by%20calling%20an%20API%20to%20our%20CRM%20application%3C%2FLI%3E%3C%2FUL%3E%3CP%3EIf%20one%20of%20these%20rules%20fail%2C%20the%20outgoing%20mail%20must%20be%20blocked%20or%20forwarded%20to%20a%20supervisor.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20now%20on%20Exchange%202013%2C%20but%20will%20be%20moving%20to%20Exchange%20Online%20probably%20this%20year.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance%20for%20your%20ideas%20on%20this.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1109503%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%20Server%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Occasional Visitor

I'd like to check the attachments of outgoing mails from a certain mailbox.

  • Check whether the name of the attachment contains the contractnumber specified in the subject
  • Check whether the contents of the attachments contain the contractnumber specified in the subject
  • Check if the emailadres the mail is send to is linked to the contractnumber specified, by calling an API to our CRM application

If one of these rules fail, the outgoing mail must be blocked or forwarded to a supervisor.

 

We are now on Exchange 2013, but will be moving to Exchange Online probably this year.

 

Thanks in advance for your ideas on this.

1 Reply
Highlighted

Hi @cjburki 

 

You can follow the below steps to Identify sensitive information across many locations, such as Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.

 

More Information can be found 

https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies

 

  • Login to 0365 Admin Center.
  • Click On the Security and Compliance button

DLP.PNG

 

  • On office 0365 Security and Compliance center, 
  • Click on Data loss Prevention, Policy and then Create a Policy. Provide name description and click next
  •  At the "location tab", you specify whether you want to include Teams, Onedrive and Sharepoint
  •  Policy settings Tab gives you the opportunity to set any policy. 
    • DLP4.PNG
  • Under "Use advanced settings" option, you can create many rules to suit your preference
    • DLP5.PNG

DLP6.PNG

 

below are some of the conditions that can be set for your DLP policy:

 

DLP7.PNG

 

Thanks, 

 

AB