You should test and tune the behavior of your Microsoft Purview Data Loss Prevention (DLP) policies as part of your DLP policy deployment. This article introduces you to two of the basic methods you can use to test policies in your DLP environment.
Simulation mode
When you deploy a new policy or need to modify an existing one, you should run it in simulation mode, and then review the alerts to assess its accuracy. Simulation mode allows you to see how an individual policy affects all the items that are in the policies scope without actual enforcement. You use it to find out what items match a policy.
Get Insights with Security Copilot
Poznámka
The Get insights with Copilot feature is in preview.
Get insights with Copilot is a Security Copilot skill that is embedded in the Microsoft Purview Data Loss Prevention policy page. It can help you understand what you policies are doing in your organization, and where they're active.
Select one or multiple policies, then select the Get insights with Copilot. Copilot then generates a response that gives you information about the selected policies like:
Where your policies are looking for sensitive information.
What kind of sensitive information your policies are looking for.
Your organization must be licensed for Security Copilot.
The account you use to access the Get insights with Copilot feature must be in the Information protection admin role.
Test-DlpPolicies
Test-DlpPolicies is a cmdlet that allows you to see which DLP policies scoped to SharePoint and OneDrive match (or don't match) an individual item in SharePoint or OneDrive.
The report is sent to the SMTP address that you passed the Test-DlpPolicies PowerShell command to. There are multiple fields. Here are explanations of the most important ones.
Field name
Means
Classification ID
The sensitive information type (SIT) the item is categorized as
Microsoft Purview Data Loss Prevention (DLP) helps safeguard sensitive information by monitoring and preventing accidental data leaks across your organization's digital platforms. In this module, you'll learn how to plan, deploy, and adjust DLP policies to protect sensitive data in your organization, ensuring security without disrupting daily work.