Paolo,
Welcome to the DLP world.
Yes you can do exceptions for specific URL's when it comes to any policy.
- When you are editting the PCI policy, look at the 2nd Tab of the policy (Group or Recpient).
- Under that section you can ADD an EXCEPTION. (bottom area)
- The Exception will be for the Recpient or Destination IP
- In that section you will see a field for the URL.
- Add the URL or a wildcard for it and Save. (when on that page look at the online help for more details)
Another idea that you can do with the policy is to increase the minimum match count for the PCI matching to 2 or more. This will remove a lot of the issues with flase positives.
I have explained this to all of my clients that you are more concerned about LOSS of data, and 1 single CCN is typically not how people will try to steal or send information out. SO 2 or more will take care of those personal sites and emails that are legitimate.
Check with your security team before makng the changes.
Hope this makes sense.
If this solves your questions please marked as solved.
Ronak