DLP Policy

By default, the DLP policy scans the messages and files for potentially leaked information, such as credit card number and Social Security Number (SSN).

Supported Actions

Microsoft Teams DLP policy supports these actions:

  • Tombstone of files and text messages that contain sensitive information.

    • If sensitive information is found, the sender will get the tombstoned message.

      For information about unblocking the tombstoned message, see Unblocking Messages.

    • If sensitive information is found, the recipient(s) will get the tombstoned message.

  • Alert sender: Sends an email notification to the sender of a file or message that contains sensitive information.

  • Alert admin(s): Sends an email notification to the admin(s) about the files or messages that contain sensitive information.

Configuring DLP Policy for Microsoft Teams

To configure DLP policy:

  1. Click Policy on the left panel of the Avanan Administrator Portal.
  2. Click Add a New Policy Rule.
  3. From the Choose SaaS drop-down list, select Microsoft Teams.
  4. From the Choose Security drop-down list, select DLP and click Next.
  5. Select the desired protection mode (Detect and Remediate or Detect).

    If required, you can change the Rule Name.

  6. Under DLP Criteria, select the DLP categories required for the policy.

    For more details about the DLP Data Types and categories, see Appendix E: DLP Built-in Data Types and Categories.

  7. Select the sensitivity level required for the policy.
    • Very high (hit count > 0)

    • High (hit count > 2)

    • Medium (hit count > 5)

    • Low (hit count > 10)

    • Very Low (hit count > 20)

  8. To exclude DLP policy for the messages and files shared only with the internal users, enable the Skip Internal items checkbox.
  9. Configure Actions required from the policy.
    • To tombstone messages, enable the Tombstone Message checkbox.

      Note:

      This option will be available only when Detect and Remediate protection mode is enabled.

    • To tombstone files, enable the Tombstone File checkbox.

      Note:

      This option will be available only when Detect and Remediate protection mode is enabled.

    • To send email alerts to the sender about DLP in messages and files, enable the Alert sender - messages and Alert sender - files checkbox.

    • To send email alerts to admins about DLP in messages and files, enable the Alert admin(s) - messages and Alert admin(s) - files checkbox.

    Note:
    • To customize the email alert templates, click on the gear icon to the right of the alert.

  10. Click Save and Apply.