Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Purview Exceptions

Copper Contributor

I've found that if I create a DLP policy using one of the Enhanced built-in policies and I customise the rules there is an Exceptions section under Conditions that is not there if I create a custom DLP policy. It says "We won't apply this rule to content that matches any of these exceptions." and provides a drop down of exceptions to choose from.

 

If I used this to exclude email attachments with specific words in the filename, would it still detect sensitive data in the body of the same email or any other attachments? I want Purview to ignore an attachment that is sent to customers containing generic T&C's which triggers false positives.

2 Replies
Greetings, To add an exception under a custom DLP policy, the approach is to edit or create a new rule and add group under condition. Then the admin can toggle the operator "NOT" to add the exclusion/ exception to the rule. You may need to start with EXO/SPO/ODB workloads prior adding multiple locations. Please let me know if this works for you.

Thanks for your reply. That's what I normally do, but in this case pilot user's testing the policies said that sample emails wouldn't trigger the policy. I'll review their results if this is the correct way for obtaining this outcome. Thanks.