What Is Data Loss Prevention Policy (DLP) In Exchange 2016
Data loss prevention policy is a mechanism to protect sensitive information leaking out from organization via email.
Such as credit card info, phone number, bank account number, etc.
Though transport rule can also filter the content sent outside from organization via email.
But DLP uses deep content checking through dictionary matches, keyword matches, and other content.
It is very important to configure DLP in an organization where an organization deals with such information.
Therefore, there are three methods to configure Data loss prevention policy in exchange 2016
They are as follow
- Microsoft Predefined Templates
- Policies Provided By Non-Microsoft Vendor
- Custom Policy
The fastest way to get started with the DLP policy is Microsoft Templates.
An individual can use Microsoft predefine template and can create Policy.
Later on, an individual can edit the policy accordingly to meet business compliance.
Non-Microsoft Vendor Policy
A third party vendor may sell the DLP policy and you can implement it.
Or it can be a part of service from a third-party vendor.
However, It depends on the third-party vendor expertise to meet your business compliance.
Therefore, the exchange has the feature to import these policies from a policy file as well.
Custom DLP Policy
You can create your own DLP policy if, predefine policy does not meet your requirement.
Sensitive information is not based on the typical method.
Exchange server uses its own formula to calculate and judge the sensitive information.
For example: If you type 1234 5678 9100 in your email.
Therefore, It will not calculate it as a credit card number format.
The exchange matches the checksum for the correct credit card number to identify it as a credit card number.
How To Configure DLP Policy In Exchange 2016
In order to configure DLP in Exchange Server 2016
Login to Exchange Admin Center as an Administrator
Navigate to Compliance Management and click on Data Loss Prevention
You can try to create dlp policy form Microsoft template or create a custom.
In this example, we will create a custom dlp policy to restrict sending internal ip address to internal emails.
Click on custom policy and name the policy and make sure enforce is selected and click on save.
As you click on save, at this time policy is empty and has no rule.
To apply the rule to this policy, edit newly create policy by click on edit sign.
Now apply the rule accordingly.
For More details Please watch the following video for configuring Data loss prevention policy in exchange server 2016
Complete Exchange Training & Support, Email: email@example.com