Dlp policy to block un labeled files

Question

Hello there, we want to Create a Data Loss Prevention (DLP) policy to block or reject files without a a sensitive label. We are able to do so in office 356 app, but in files like pdf, text..etc, we want to force our employees yo label all files and a policy that check if the file has label or not , if not reject with a message saying , plz label the file and try again

Answer 1

@Mohammed Alsahabi - Thanks for the question and using MS Q&A platform.

To create a DLP policy to block or reject files without a sensitive label, you can follow the steps below:

Create or modify an existing sensitivity label in the Microsoft Purview compliance portal. You can define autolabeling rules for files and schematized data assets to apply your labels automatically with each scan.

Once you have created your labels with autolabeling rules, you can register and scan your assets in the Microsoft Purview Data Map. Microsoft Purview will apply classifications and labels automatically based on the autolabeling rules you have defined.

After you have extended labeling to assets in the Microsoft Purview Data Map, all published sensitivity labels are available for use in the data map.

To create a DLP policy to block or reject files without a sensitive label, you can use Microsoft Information Protection (MIP) and Azure Information Protection (AIP) to apply sensitivity labels to your files. You can then create a DLP policy in Microsoft 365 Compliance Center to block or reject files without a sensitive label.

However, please note that this DLP policy will only work for files that are supported by MIP and AIP, such as Office documents. For files like PDFs and text files, you may need to use a third-party solution to enforce labeling.

For more details, refer to How to automatically apply sensitivity labels to your data in the Microsoft Purview Data Map (Preview)

I hope this helps! Let me know if you have any further questions.