Purview Exceptions

Question

I've found that if I create a DLP policy using one of the Enhanced built-in policies and I customise the rules there is an Exceptions section under Conditions that is not there if I create a custom DLP policy. It says "We won't apply this rule to content that matches any of these exceptions." and provides a drop down of exceptions to choose from.

If I used this to exclude email attachments with specific words in the filename, would it still detect sensitive data in the body of the same email or any other attachments? I want Purview to ignore an attachment that is sent to customers containing generic T&C's which triggers false positives.

patrickek · Answer

Greetings, To add an exception under a custom DLP policy, the approach is to edit or create a new rule and add group under condition. Then the admin can toggle the operator "NOT" to add the exclusion/ exception to the rule. You may need to start with EXO/SPO/ODB workloads prior adding multiple locations. Please let me know if this works for you.

cameron_stephens · Answer

Thanks for your reply. That's what I normally do, but in this case pilot user's testing the policies said that sample emails wouldn't trigger the policy. I'll review their results if this is the correct way for obtaining this outcome. Thanks.

Forum Discussion

Purview Exceptions

Share

Resources