Data Loss Prevention - Is there a way to do an escalation process or Quarantine it first before sending?

Question

Hi,

In Office 365's Data Loss Prevention Policy, Is there a way to do an escalation process or quarantine it first before sending or sharing the information? For example, if staff is sending credit card information via email, let the manager approve it first before the staff could send it? Or forward to a group of people first similar to how quarantine works in the Threat Management Protection of Office 365?

We don't want to completely block the email either encrypt it when sharing. We want someone else to review and approve those emails first.

Thank you.

Answer 1

@DoBongSoon

As this issue is more realted to Microsoft 365 compliance which is not supported on Q&A forum. To better help you, I would suggest you post a new thread with tag "Data Loss Prevention" on following forum.
Microsoft Tech Community

I find one of the Protective actions of DLP policies is "for data at rest, sensitive items can be locked and moved to a secure quarantine location".

According to "DLP policy configuration overview", you may choose what you want to monitor, set a rule that the action to take when the policy conditions are met, such as for On-premises file shares, they would be moved from where it is stored to a quarantine folder".

Please note, the actions depend on the location where the activity is happening.

Then admin can use the Microsoft 365 compliance center to search the unified audit log to view activity in your organization.

---

If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.