@PeterRising 

Well we are using a default DLP that Office 365 offers which is the GLBA DLP. That one has two rules. one for low volume and one for high volume. They work fine.

The issue here is that it just take too long for the DLP policy to identify a newly uploaded sensitive document in order to tag it and restrict external access to it.

This means that if I (as employee) uploaded a list of 50 SSNs in an Excel to my OneDrive, then shared it to an external user (my own gmail for example) then I can access that content from my gmail within the time limit before the DLP finally tags the document. 

I can have within seconds lists of SSNs from the bank's customers which is a big deal in terms of cybersecurity!

So I don't know what can be done to lower the speed at which the DLP goes in identifying sensitive documents. 

This is just with 1 external user, imagine if hundreds of users were doing this at the same time, I don't know how long the DLP can last before tagging 

@Odenkaz 

I don't know of any way that it is possible to manipulate DLP in the way you are suggesting I believe.  I am near enough certain that this is not something that is possible.

@Ben Stegink 

Oh now that it nice.  Not something I had heard of yet but will definitely be checking it out.

@Odenkaz - if this does what you are looking to achieve (which I think it will), please can you mark @Ben Steginks reply as the best response in order that others can easily find this solution. 

@Ben Stegink 

@PeterRising 

I tested it out and the external user was still able to see the contents of the document.

I ran this cmd from the linked documentation you posted: 

Set-SPOTenant -MarkNewFilesSensitiveByDefault BlockExternalSharing

Update: Re-read the documentation and this solution doesn't cover OneDrive yet.

"Note

This cmdlet applies to newly added files in all SharePoint sites. It doesn't block sharing if an existing file is changed.
The cmdlet doesn't cover files added to OneDrive. We're working to bring this functionality to OneDrive."

My issue is strictly with OneDrive external collaboration. We do not have SharePoint enabled for external sharing yet. 

Is there an estimate of how long this new cmd will be able to cover OneDrive? 

@Odenkazgot it. As for OneDrive, I'm not sure on a time frame there. I haven't seen anythign on this fucntionality being extedned into OneDrive as well unfortuantely. If I can get some information or can find a time frame I'll let you know.

@Ben Stegink 

Greatly appreciated! hopefully it's not far too long!

Will keep myself tuned in to this thread for any updates

Thanks!