How can you configure advanced DLP (Data Loss Prevention) rules in Microsoft 365 to prevent data leakage between two internal tenants using custom regex patterns and exclusions?

Janny Rose 0 Reputation points
2024-10-05T19:12:43.0366667+00:00

How can you configure advanced DLP (Data Loss Prevention) rules in Microsoft 365 to prevent data leakage between two internal tenants using custom regex patterns and exclusions?

Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft Security | Intune | Configuration Manager | Other
{count} votes

1 answer

Sort by: Most helpful
  1. Michael Wiederhold 0 Reputation points
    2024-10-06T02:38:17.6033333+00:00
    Thanks for the question!
    
    To configure advanced DLP rules in M365:
    
    **Create DLP Policy**
    •	At the source, go to **Microsoft 365 Compliance Center > Data Loss Prevention > Create a policy**.
    •	Select **Custom policy** and choose locations (Exchange, SharePoint, etc.).
    
    **Define Sensitive Info Type with Regex**
    •	In the policy, create a **Custom Sensitive Info Type**.
    •	Use the regex pattern to define what data you want to detect (e.g., AB\d{8} for account numbers).
    •	Set **Confidence Levels** for accuracy.
    
    **Set Exclusions**
    •	Under **Except when**, define exclusions like:
    o	**Recipient domain** (e.g., exclude certain domains within internal tenants).
    o	**Sender domain** or specific users/groups.
    
    **Configure Actions**
    •	Choose actions such as **block**, **restrict**, or **notify** based on the policy triggers.
    
    **Test and Deploy**
    •	Test the policy using **simulation mode** to ensure accuracy.
    •	Review **DLP reports**, fine-tune if needed, then deploy.
    
    Tuned policy will block or monitor sensitive data transmission between internal tenants, with necessary exclusions applied.
    
    DLP policies will need to be deployed within **both** source tenants.
    
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.