Great job here, really. Clear and conscise, used this to setup basic rules in our environment. Thank you! Microsoft documentation is horrible and changes all the time, this is exactly what I needed.
@@DougDoesTech I agree with Ant. A series on this would great because MS have added so much into this admin centre since it was the original Security & Compliance Centre. As a Global Admin it's impossible to keep up to date with all the capabilities. Great video, and thank you.
Fantastic video. I watched first video only so far, and learned enough to be confident to start working on DLP. Awesome presentation and wonderful content. Thank you.
Glad I could help! I have had too many customer that tried to implement DLP all the way too fast. So I made this flow to help customers see a practical way to ease into there DLP journey.
Hi Doug your videos are awesome bro. I've learned a great deal watching this over and over. What would an exchange DLP policy look like that would be in compliance with a SOC 2 audit? Any help or references are greatly appreciated 🙏
Anything in the works for the new purview portal? How about the purview scanner, on-prem file shares, azure blob storage, azure sql server, and what dlp features will work with all of that. Thanks!
Hi, i have a question that i am strugeling with, is it possible to set a minimum unique count, so that the rule doesn't activate when there is the same world of a sensitive info type that is repeated multiple times, but when there is three diffrent worlds for example. Thank you in advance
I don’t believe that is something we can do. But I haven’t tested that scenario. The documentation mentions unique instances but i don’t think it works how you want it. docs.microsoft.com/en-us/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-worldwide#instance-count-supported-values-for-sit
I have set up policies in DLP and they don't seem to work the information just goes right through i do get the reporting was hoping this video will help with that but this was a different focus
Great video, it just helped us get started. One problem I was hoping you can help with. We don't see the "Exceptions" section in the Policy rules. I went Googling and some forum posts are saying MS removed that function. A Microsoft article alludes to using tenant-level configs somehow. But now I'm also wondering if it's a permissions issue maybe, but that would be a little odd since we can see everything else. The exceptions specifically we want to do is outbound domains (don't alert on specific domains) and specific email addresses. Do you have any insight into this by any chance? Thank you!
Yeah I just realized that the other day. When they updated the rule builder they removed the exclude. So now if you want to do it you need to add a group then you can toggle a not on it which becomes your exclude, but i think it will work a little differently.
@@DougDoesTech Wow, thanks for the quick response! Don't want to bother you too much but when you say group, are you referring to the DG group selection when choosing the Exchange mail location? I don't see a section to add a NOT qualifier. Under Conditions I see AND/OR but no NOT.
All good, I am on mobile so I can’t 100% confirm in the portal but I think this is what you are looking for. learn.microsoft.com/en-us/microsoft-365/compliance/dlp-policy-design?view=o365-worldwide#complex-rule-design
@@DougDoesTech Once again, thank you for your time. I think I just figured it out and posting here for future visitors (your statement above clued me in). It appears I don't get to add a huge load of conditions unless the Locations is set to just Exchange. If I choose any other options than Exchange, it appears that it constricts the level of options/conditions allowed in the rules. I'm sure this applies to other Locations as well. Also, the NOT operator only appears for an OR statement...logical but when trying to learn the system it may not be straight-forward for people. I appreciate your help, you're guidance helped me figure this beast out. Very much appreciated!
Hey Doug! Nice meeting you and glad you started this channel.
Great job here, really. Clear and conscise, used this to setup basic rules in our environment. Thank you! Microsoft documentation is horrible and changes all the time, this is exactly what I needed.
Hey so glad it helped!
This was a great vid, well done. Would love to see more in this series - basically 'DLP for dummies' :)
Thanks! I appreciate the note, planning on making more as I go. let me know if there are any topics you want to see in more depth.
@@DougDoesTech I agree with Ant.
A series on this would great because MS have added so much into this admin centre since it was the original Security & Compliance Centre. As a Global Admin it's impossible to keep up to date with all the capabilities.
Great video, and thank you.
Love you videos, you explain things in a way that anyone can understand still at a fast pace. Ty
I am glad you found it helpful!
Fantastic video. I watched first video only so far, and learned enough to be confident to start working on DLP. Awesome presentation and wonderful content. Thank you.
I am subscribing to keep an eye on your content. Please it's been 3 weeks so waiting to see the next video foe this Microsoft Purview DLP series
Thanks, i plan on recording a follow up / next steps on Friday.
Great video - this will help us create some sort of a journey for our customers/partners.
Glad I could help! I have had too many customer that tried to implement DLP all the way too fast. So I made this flow to help customers see a practical way to ease into there DLP journey.
Great video. Thank you.
Glad you liked it!
Really nice video
Glad you liked it!
Thanks man, very helpful video
Glad it helped
Hi Doug your videos are awesome bro. I've learned a great deal watching this over and over. What would an exchange DLP policy look like that would be in compliance with a SOC 2 audit? Any help or references are greatly appreciated 🙏
Anything in the works for the new purview portal?
How about the purview scanner, on-prem file shares, azure blob storage, azure sql server, and what dlp features will work with all of that. Thanks!
Great Video, How can I get lab for testing
Hi, i have a question that i am strugeling with, is it possible to set a minimum unique count, so that the rule doesn't activate when there is the same world of a sensitive info type that is repeated multiple times, but when there is three diffrent worlds for example.
Thank you in advance
I don’t believe that is something we can do. But I haven’t tested that scenario. The documentation mentions unique instances but i don’t think it works how you want it. docs.microsoft.com/en-us/microsoft-365/compliance/create-a-custom-sensitive-information-type?view=o365-worldwide#instance-count-supported-values-for-sit
I have set up policies in DLP and they don't seem to work the information just goes right through i do get the reporting was hoping this video will help with that but this was a different focus
Hey Dwayne, I have a couple of other videos about next steps and moving to block or notification mode.
Great video, it just helped us get started. One problem I was hoping you can help with. We don't see the "Exceptions" section in the Policy rules. I went Googling and some forum posts are saying MS removed that function. A Microsoft article alludes to using tenant-level configs somehow. But now I'm also wondering if it's a permissions issue maybe, but that would be a little odd since we can see everything else.
The exceptions specifically we want to do is outbound domains (don't alert on specific domains) and specific email addresses.
Do you have any insight into this by any chance? Thank you!
Yeah I just realized that the other day. When they updated the rule builder they removed the exclude. So now if you want to do it you need to add a group then you can toggle a not on it which becomes your exclude, but i think it will work a little differently.
@@DougDoesTech Wow, thanks for the quick response! Don't want to bother you too much but when you say group, are you referring to the DG group selection when choosing the Exchange mail location? I don't see a section to add a NOT qualifier. Under Conditions I see AND/OR but no NOT.
All good, I am on mobile so I can’t 100% confirm in the portal but I think this is what you are looking for. learn.microsoft.com/en-us/microsoft-365/compliance/dlp-policy-design?view=o365-worldwide#complex-rule-design
Oh and then make sure to build a exchange only policy so all the options for excluding on domain show up
@@DougDoesTech Once again, thank you for your time. I think I just figured it out and posting here for future visitors (your statement above clued me in). It appears I don't get to add a huge load of conditions unless the Locations is set to just Exchange. If I choose any other options than Exchange, it appears that it constricts the level of options/conditions allowed in the rules. I'm sure this applies to other Locations as well. Also, the NOT operator only appears for an OR statement...logical but when trying to learn the system it may not be straight-forward for people.
I appreciate your help, you're guidance helped me figure this beast out. Very much appreciated!
HELP
Hi Mark, what do you need help with?