Jan 24 2017 02:25 PM
We have O365 E5. I have enabled DLP with the standard PCI rules for Exchange, OneDrive and SharePoint, using Test with Policy tips, but we are not not seeing any entries in the policy matches report, nor any ToolTips. Any suggestions for troubleshooting? Thank you for any insights.
Jan 25 2017 11:14 AM
Feb 07 2017 09:24 AM
Thank you for the link. That doesn't address our issue, unfortunately.
Mar 13 2017 08:06 AM
Jan 19 2018 08:51 AM
It's all about Match Accuracy and Instance Count. That's where your policy tuning happens. Microsoft doesn't do a great job describing how the percentages in Match Accuracy increase or decrease the alerting/blocking threshold, so you'll have to test it out and tune it yourself before it goes into prod.
That being said, take a look at my screen grab and look where I dropped the minimum match threshold to 10% on IP Addresses and SSNs. Try it yourself and you should see the alerting and blocking actions occur. From there, increase until you've met your desired threshold.
Cheers!