How to create Sensitive Information Types to match all words in keyword list instead of only match any of it?

Marcus Wong Theen Nam 1,086 Reputation points

I need to create DLP policy with sensitive information types as below:

"abc" AND "def" AND "efg" AND "abo"

I have tried to include all these into the SIT keyword list, but then the DLP policy will detect only any of the words within the list. I do not want this to be detected in this way, I want it to match all the words instead of only 1. May I know how can I set the keyword list or DLP policy to match all words instead of any words within it? Tried to look through the guide or documentation but didn't find any information.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
2,711 questions
Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
769 questions
{count} votes

1 answer

Sort by: Most helpful
  1. PRADEEPCHEEKATLA-MSFT 70,656 Reputation points Microsoft Employee

    @Marcus Wong Theen Nam - Thanks for the question and using MS Q&A platform.

    To create a sensitive information type that matches all words in a keyword list, you can use the "All" condition instead of the default "Any" condition. Here are the steps to create such a sensitive information type:

    1. Go to the Microsoft 365 compliance center and navigate to the "Sensitive information types" page.
    2. Click on "Create a sensitive information type".
    3. Choose "Keyword dictionary" as the type of sensitive information you want to create.
    4. Enter a name and description for the sensitive information type.
    5. In the "Keywords" section, enter all the words you want to match separated by commas.
    6. Click on "Add condition" and choose "All" as the condition type.
    7. Click on "Create" to create the sensitive information type.

    With this configuration, the DLP policy will only detect the sensitive information if all the words in the keyword list are present in the content being scanned.

    For more details, refer to Create custom sensitive information types in the compliance portal.

    I hope this helps! Let me know if you have any further questions.