Data Loss Prevention (DLP)

Overview

Data Loss Prevention (DLP) helps prevent data breaches and unauthorized sharing by scanning content based on policies set by your administrator. DLP can scan emails, attachments, shared files, and text messages. It also uses Optical Character Recognition (OCR) to extract and analyze text from images.

The system detects potentially sensitive information such as:

• Credit card numbers

• Social Security Numbers (SSNs)

• Bank routing numbers

• Data protected under HIPAA

Impact of DLP Policies on You

Emails (Office 365 Mail and Google Gmail)

If your organization’s policy is configured to detect sensitive information in emails:

• The system may block the email from being sent.

• You will receive a notification explaining why the email was blocked.

File Sharing Applications (Office 365 OneDrive, SharePoint)

If your administrator has enabled DLP for file uploads:

• The system may block uploads that contain sensitive content.

• You will receive a notification explaining the reason for the block.

Messaging (Microsoft Teams)

If your organization’s policy includes scanning messages for sensitive content:

• The message will be blocked if sensitive data is detected.

• Both the sender and recipient will see a tombstoned message indicating the content was blocked due to the organization’s policy.

Example Scenario

Let’s say your organization has a DLP policy that prohibits sharing credit card information.

• Sender’s Experience:

  • You send a message in Microsoft Teams containing credit card details. The message is blocked, and you receive a tombstoned message stating the content was blocked due to policy.

    

• Recipient’s Experience:

  • The recipient sees a tombstoned message with the same notification, ensuring sensitive content is not shared.

  •