Create DLP Policy to Add Exception to Ignore Emails Send to Internal Users
We can configure DLP policy so that it doesn't monitor the emails that send to the internal users.
Think about such scenario: the confidential docs can be send to the internal users for reviewing, but, these docs cannot be send to the outside of the company, or, should be encrypted before hand out.
Here are the steps:
1. Open a existing policy that should not create incident for internal users.
2. Under 'Detection' tab, click 'Add Exception' button:
3. Select 'Protocol or Endpoint Monitoring' under 'Protocol':
4. Choose 'Email/SMTP' under 'Protocol', on the 'Also Match' list, choose 'Recipient Matches Pattern':
5. Under 'Matches Pattern' section, in the 'Recipient Pattern' box, input the name of the internal email domain:
Note: there should be an '@' added before the domain name.
6. Finally, the policy should be look like this:
Comments 3 Comments • Jump to latest comment
take care that with this policy if i send an email to myself (using my internal email address) and a gmail account, you wont raise any incident.
better to request ALL recipient to be in @internal.com domain. (checking right box in "recipient matches pattern" rules).
good example to use the DLP policy.
question, why do I need to out @before domain name...
Thanks
Mohammed Mazher
Would you like to reply?
Login or Register to post your comment.