New Data Loss Prevention documentation
I don't typically write about TechNet updates, but in this article I'm making an exception. Data Loss Prevention (DLP) is a technology that can detect and prevent sensitive information types from being sent outside of an organization. For example, an organization that stores customer credit card numbers would not want those numbers sent through email outside of their organization.
Exchange Online has great out of the box DLP rules, but these often will need to be tweaked a little to better match your organization which in turn will lower false positive detections. When troubleshooting false positive detections, you will often want to know exactly what a particular DLP policy is matching on. In the past this information was either very difficult to get, or not possible without opening up a support ticket.
Well my friends, I’m happy to say that those days are now in the past. Earlier this month a large TechNet article was published which covers all the different DLP Sensitive Information types (all 80 of them!) and exactly how Exchange Online DLP matches them.
This article also documents what qualifies for difference confidence levels. For example, if we are looking at the U.S. Social Security Number type, we can see what type of match would be considered 85% confident, 75% confident, 65% confident, and 55% confident.
If you use Data Loss Prevention in Exchange Online, I would highly recommend checking out the above link and bookmarking it for future use.
Have a great weekend!
Resources
Sensitive information types inventory
Comments
- Anonymous
August 10, 2015
Nice post. These are also helpful in knowing major causes of data loss http://bit.ly/1HLp7tO.