Compliance Center DLP Policy Tips

%3CLINGO-SUB%20id%3D%22lingo-sub-3407146%22%20slang%3D%22en-US%22%3ECompliance%20Center%20DLP%20Policy%20Tips%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3407146%22%20slang%3D%22en-US%22%3E%3CP%3EGreetings!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20in%20the%20middle%20of%20implementing%20the%20Compliance%20Center%20DLP%20solution%20using%20a%20variety%20of%20the%20advanced%20rules.%20We%20really%20love%20the%20idea%20of%20Policy%20Tips%20providing%20guidance%20to%20users%20on%20what%20they%20should%20do%20with%20their%20sensitive%20data.%20Our%20model%20is%20that%20we%20are%20allowed%20to%20send%20sensitive%20data%20to%20intended%20and%20verified%20recipients%20as%20long%20as%20it%20is%20encrypted.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20we%20have%20some%20rules%20that%20look%20for%20HIPAA%20and%20PII%20and%20inform%20the%20user%20that%20they%20should%20encrypt%20before%20sending.%20The%20selling%20point%20for%20us%20was%20the%20ability%20to%20provide%20users%20an%20override%20to%20the%20policy%20in%20cases%20where%20encryption%20wasn't%20necessary.%20It%20is%20less%20common%2C%20but%20makes%20up%20about%2010%25%20of%20our%20use-case.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EMinus%20the%20normal%20bumps%20and%20issues%2C%20we%20are%20mostly%20happy%20with%20the%20way%20the%20system%20works!%20Users%20can%20override%2C%20encrypt%2C%20and%20we%20get%20good%20visibility%20on%20why%20users%20are%20sending%20data%20unencrypted%20if%20they%20do%2C%20so%20we%20can%20retrain%20or%20tune%20the%20system.%20Our%20issue%20is%2C%20of%20course%2C%20the%20wonkyness%20of%20the%20PolicyTips%20and%20how%20it%20checks%20for%20certain%20conditions%20and%20may%20or%20may%20not%20clear%20when%20a%20condition%20is%20met%2Fnot-met.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EIssue%3A%3C%2FSTRONG%3E%20A%20user%20composes%20an%20email%20headed%20out%20of%20our%20company%20that%20contains%20sensitive%20data.%20The%20system%20catches%20this%20and%20throws%20a%20Policy%20Tip%20requiring%20they%20encrypt%20or%20override.%20They%20say%2C%20%22oh%20ya!%20Thanks%20for%20reminding%20me%22%20and%20hit%20that%20encrypt%20button.%20This%20doesn't%20clear%20the%20Policy%20Tip%20or%20the%20block%20condition%20and%20they%20cannot%20send%20the%20email%2C%20even%20though%20it%20is%20encrypted.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EWhat%20I've%20Tried%3A%26nbsp%3B%3C%2FSTRONG%3EI%20added%20the%20exception%20onto%20the%20rules%20to%20exempt%20if%20the%20Message%20Type%20is%3A%20Permission%20Controlled.%20I%20tried%20Message%20Type%3A%20Encrypted%2C%20but%20it%20doesn't%20work%20correctly%20at%20all.%20With%20this%20setup%2C%20everything%20works%26nbsp%3B%3CEM%3E%3CSTRONG%3Eexcept%3C%2FSTRONG%3E%3C%2FEM%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3Ethe%20Policy%20Tip%2C%20which%20get%20stuck.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22jjboffy_0-1653067353205.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F373710i276798F6EDEEFCAD%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22jjboffy_0-1653067353205.png%22%20alt%3D%22jjboffy_0-1653067353205.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EExample%3A%20blue%20box%20is%20original%20PolicyTip.%20Red%20box%20is%20button%20encryption.%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22jjboffy_1-1653067517327.png%22%20style%3D%22width%3A%20738px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F373716iB287E0E0A427634C%2Fimage-dimensions%2F738x192%3Fv%3Dv2%22%20width%3D%22738%22%20height%3D%22192%22%20role%3D%22button%22%20title%3D%22jjboffy_1-1653067517327.png%22%20alt%3D%22jjboffy_1-1653067517327.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3ECurrent%20Work-Around%3A%3C%2FSTRONG%3E%20The%20users%20hate%20it%2C%20because%20the%20button%20is%20way%20easier%20than%20the%20subject%20tags.%20Our%20current%20work-around%20is%20to%20%22Clear%20the%20Policy%20Tip%22%20by%201)%20Remove%20encryption%20by%20clicking%20link%20in%20PolicyTip%2C%202)%20Remove%20Recipient%20using%20same%20method%20inside%20Policy%20Tip.%20This%20resets%20the%20Policy%20Tip%2C%20so%20then%20the%20user%20can%20push%20the%20Encrypt%20button%20first%2C%20then%20add%20recipients%2C%20without%20redrafting%20the%20whole%20email.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EHelp!!%3C%2FSTRONG%3E%20What%20sort%20of%20logic%20do%20I%20need%20to%20make%20the%20Encrypt%20button%20clear%20out%20the%20Policy%20Tips%3F%20Or%20is%20this%20just%20it%3F%20Workaround%20city!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20reading%20and%20I'd%20love%20any%20help%20or%20guidance.%20Trust%20me%2C%20I've%20read%20every%20docs.microsoft%20article%20I%20can%20find%20about%20Policy%20Tips%20and%20DLP.%20But%20I'll%20take%20some%20more%20if%20you%20have%20them%20if%20they%20are%20relevant.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3407146%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECompliance%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EData%20Loss%20Prevention%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3416812%22%20slang%3D%22en-US%22%3ERe%3A%20Compliance%20Center%20DLP%20Policy%20Tips%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3416812%22%20slang%3D%22en-US%22%3EBump!%20Do%20we%20still%20bump%20these%20days%3F%3C%2FLINGO-BODY%3E
Occasional Contributor

Greetings!

 

We are in the middle of implementing the Compliance Center DLP solution using a variety of the advanced rules. We really love the idea of Policy Tips providing guidance to users on what they should do with their sensitive data. Our model is that we are allowed to send sensitive data to intended and verified recipients as long as it is encrypted.

 

So we have some rules that look for HIPAA and PII and inform the user that they should encrypt before sending. The selling point for us was the ability to provide users an override to the policy in cases where encryption wasn't necessary. It is less common, but makes up about 10% of our use-case.


Minus the normal bumps and issues, we are mostly happy with the way the system works! Users can override, encrypt, and we get good visibility on why users are sending data unencrypted if they do, so we can retrain or tune the system. Our issue is, of course, the wonkyness of the PolicyTips and how it checks for certain conditions and may or may not clear when a condition is met/not-met.

 

Issue: A user composes an email headed out of our company that contains sensitive data. The system catches this and throws a Policy Tip requiring they encrypt or override. They say, "oh ya! Thanks for reminding me" and hit that encrypt button. This doesn't clear the Policy Tip or the block condition and they cannot send the email, even though it is encrypted.

 

What I've Tried: I added the exception onto the rules to exempt if the Message Type is: Permission Controlled. I tried Message Type: Encrypted, but it doesn't work correctly at all. With this setup, everything works except the Policy Tip, which get stuck.

jjboffy_0-1653067353205.png

Example: blue box is original PolicyTip. Red box is button encryption. 

jjboffy_1-1653067517327.png

 

Current Work-Around: The users hate it, because the button is way easier than the subject tags. Our current work-around is to "Clear the Policy Tip" by 1) Remove encryption by clicking link in PolicyTip, 2) Remove Recipient using same method inside Policy Tip. This resets the Policy Tip, so then the user can push the Encrypt button first, then add recipients, without redrafting the whole email.

 

Help!! What sort of logic do I need to make the Encrypt button clear out the Policy Tips? Or is this just it? Workaround city!

 

Thanks for reading and I'd love any help or guidance. Trust me, I've read every docs.microsoft article I can find about Policy Tips and DLP. But I'll take some more if you have them if they are relevant.

 

 

 

0 Replies