O365 DLP Policy Setup

%3CLINGO-SUB%20id%3D%22lingo-sub-2566344%22%20slang%3D%22en-US%22%3EO365%20DLP%20Policy%20Setup%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2566344%22%20slang%3D%22en-US%22%3E%3CP%3EI%20setup%20a%20custom%20DLP%20policy%20for%20US%20PII%20data%20that%20generates%20incident%20reports%20if%20a%20sensitive%20information%20was%20present%20in%20the%20email.%20Is%20there%20a%20configuration%20where%20if%20an%20email%20is%20encrypted%20as%20an%20exception%20to%20the%20rule%2C%20it%20will%20not%20trigger%20the%20report.%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3EThe%20idea%20is%20if%20an%20email%20message%20is%20encrypted%2C%20it%20will%20not%20generate%20an%20incident%20report.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ECurrent%20setup%3A%3C%2FP%3E%3CP%3ERule%20consists%20of%3C%2FP%3E%3CP%3E%26nbsp%3Bif%20message%20contains%20sensitive%20information%20and%20shared%20outside%20organization%3C%2FP%3E%3CP%3Eexcept%20if%20message%20type%20is%20encrypted%3C%2FP%3E%3CP%3Estop%20processing%20additional%20dlp%20policies%20and%20rules%20if%20there's%20a%20match%20for%20this%20rule.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22kengab_0-1626793248934.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F297073iC381E4A153B39B78%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22kengab_0-1626793248934.png%22%20alt%3D%22kengab_0-1626793248934.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EBut%20it%20appears%20the%20exception%20is%20not%20working.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENote%3A%20Testing%20the%20%22Encrypt%20only%22%20feature.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EKennie%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2566344%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdmin%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECompliance%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

I setup a custom DLP policy for US PII data that generates incident reports if a sensitive information was present in the email. Is there a configuration where if an email is encrypted as an exception to the rule, it will not trigger the report. 

The idea is if an email message is encrypted, it will not generate an incident report.


Current setup:

Rule consists of

 if message contains sensitive information and shared outside organization

except if message type is encrypted

stop processing additional dlp policies and rules if there's a match for this rule.

kengab_0-1626793248934.png

But it appears the exception is not working.

 

Note: Testing the "Encrypt only" feature.

 

Thanks,

Kennie

 

 

0 Replies