cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Data Loss Prevention send me as global admin alot of emails but the hit is incorrect

Dreamsat
Brass Contributor

‎Aug 21 2019 02:45 AM - last edited on ‎Feb 19 2021 05:01 AM by

‎Aug 21 2019 02:45 AM - last edited on ‎Feb 19 2021 05:01 AM by

Data Loss Prevention send me as global admin alot of emails but the hit is incorrect

We are using O365 with SharePoint, OneDrive for Business, Exchange, Teams, Skype for Business etc..I created a new DLP policy for "Exchange email, Teams chats and channel messages and OneDrive and SharePoint documents" and selected the privacy GDPR template for EU. I disabled the tooltip and notification settings for the endusers. I only enabled to send an email to my own emailaddress to test it first.

 

I receive now alot of emails from DLP hits. But I investigate the hit and it is false possitive. For example the sensitive info type "EU National Identification Number" gives a hit if the email contains a number like "0611133218". But this number is a phonenumber in an email! How can I finetune the rules so it will send only an email if it is a real hit?dlp policy eu.png

Labels:
1,425 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Aug 21 2019 11:00 AM

‎Aug 21 2019 11:00 AM

Re: Data Loss Prevention send me as global admin alot of emails but the hit is incorrect

You can fine tune the match criteria under the Policy settings section and the rules therein. Notifications will be generated for every match though, it's a simple on/off switch.

0 Likes
Reply
Dreamsat

‎Aug 26 2019 02:37 AM

‎Aug 26 2019 02:37 AM

Re: Data Loss Prevention send me as global admin alot of emails but the hit is incorrect

@Vasil Michev can I find somewhere some tips about how to reduce the false possitives?

0 Likes
Reply