Forum Discussion
Inconsistent application of DLP policies
Trying to test the application of DLP policies on our tenant and seeing very inconsistent results. I have testing files, and am also testing in the email body. The only SIT that the policy seems...
Prathista Ilango
Microsoft
MicrosoftHello BillT,
I am testing the scenario as well and would like to share what I am noticing. Alerting could be missed if the actual words like "credit card" is not present in the message or attachment but it should still block from sending to the external user.
Could you share more details on if there is a scenario where it is not alerting as well as not blocking any of these sensitive info types and external user was able to receive the message? If yes, what is the specific sensitive info type that is not blocked?
Another thing you can check is, for the respective sensitive info type, was there any matches reported? You can check this from DLP -> Classifiers -> Sensitive Info Types -> click on the respective SIT, for example, Credit Card Number -> Matched Items.
Please note that you should have the below role group access in purview to view this,
- Content Explorer List Viewer. This role group allows you to view the list of locations and list of items in those locations.
- Content Explorer Content Viewer. This role group allows you to view the source content for each item.
