Comments on: How to Define Custom Sensitive Information Types for Use in DLP Policies

By: Tony Redmond

Tony Redmond — Mon, 30 Oct 2023 17:40:21 +0000

In reply to mansha. Well, I can't see your data or your information definitions, so I can't help. Microsoft Support can, so that's why you should ask for their assistance.

By: mansha

mansha — Mon, 30 Oct 2023 17:37:45 +0000

In reply to Tony Redmond. No, I have created a DLP policy (GDPR for exchange) where I encounter this issue. As mentioned above, the EU-related data sent through the exchange is not detected properly. I got alerts only for a few emails that detect SITs when a document has a proper heading written with numbers.

By: Tony Redmond

Tony Redmond — Mon, 30 Oct 2023 11:04:50 +0000

In reply to mansha. Have you asked Microsoft support for help?

By: mansha

mansha — Mon, 30 Oct 2023 09:03:00 +0000

Hi,
When I have to test a SIT in the compliance portal (SIT classifiers) eg. for an EU driver’s license, it does not detect only driving license (if tested with the driver’s license number only) as such when I write EU driver’s license as heading and then the driver’s license number related to it, that is detected as sensitive information. Why is it showing different behavior is this important to write in the heading what type of data is it? Below is the given format in which the type of data is mentioned in the heading (not able to detect numbers as SITs). So, is it necessary to write this along with SIT can’t only the driver’s license number be detected as SIT?

EU Driver’s License Number

97204831
44101073
23464488
86055639
90914933

By: Diego Maldonado

Diego Maldonado — Tue, 14 Mar 2023 20:27:44 +0000

In reply to Juan Jose de Leon. Hello Juan, I imagine you have already solved this issue. But I was having the same problem. Up to now (March 14, 2023), the role needed to have access to the Test button is "Data Loss Prevention" in the Exchange Admin Center, under: Roles > Admin Roles. It could be under the "Compliance Management" role group. We created a custom role group and assigned the role to that custom group.

By: Tony Redmond

Tony Redmond — Wed, 25 Jan 2023 17:02:40 +0000

In reply to Mayhew. This is the kind of question that's impossible for me to answer because I have no access to your data. I'd log a call with Microsoft support and ask them to have a look.

By: Mayhew

Mayhew — Wed, 25 Jan 2023 16:03:49 +0000

Hi Tony, I created a custom SIT to detect “All Data” using a basic Regex: [a-zA-Z 0-9]+ with the idea that I could use it to Auto-apply labels to documents in a Sharepoint site. When I test the SIT against a random document it seems to detect any data. However, when I created a Auto-apply policy using this SIT it doesnt seem to detect documents to apply labels. Im wondering if this is a limitation? Any ideas?

By: Tony Redmond

Tony Redmond — Mon, 19 Dec 2022 15:59:05 +0000

In reply to Benjamin G. Microsoft has their own credentials sensitive information type now. Have you tried that?

By: Benjamin G

Benjamin G — Mon, 19 Dec 2022 15:25:32 +0000

The solution to detect password sharing is fantastic. Only problem with the string, it looks like when you type a long text that contains the word password… it gets flagged. Someone has an idea how to improve the string ? Thanks

By: Juan Jose de Leon

Juan Jose de Leon — Mon, 26 Sep 2022 13:49:16 +0000

The test button only shows for Global Admin?
I’ve tried delegating many roles and the button doesn’t appear, Azure Roles and Compliance roles.