Body
Overview
Microsoft Purview Data Loss Prevention (DLP) is configured in our Office 365 tenant to protect against the accidental or intentional sharing of sensitive information such as Credit Card Numbers (CCN) and U.S. Social Security Numbers (SSN).
When users attempt to send emails or attachments that contain sensitive data, they are presented with policy tip notifications and may be required to take further action before sending.
Policy Tip Appears in Outlook
When sensitive information is detected, a Policy Tip appears above the email. Screenshot below.
The tip shows:
o Which type of sensitive information was detected (e.g., Credit Card Number, SSN).
o Why the email cannot be sent immediately.
o An option to Report if the user believes it is not sensitive.
Example: “This message appears to contain Credit Card Numbers or SSNs.”
Override Prompt (Blocking Screen, Top right)
• If the user chooses to proceed despite the warning, a Confirm Override dialog is displayed. Screenshot below.
• The message is blocked until the user makes a decision.
• Two options are presented:
1. Report → Used if the user thinks the detection is a false positive.
2. Acknowledgement → User confirms they are intentionally sending sensitive data and that it complies with policies. Screenshot below.
Example: “Your organization won’t allow this message to be sent until the sensitive information is removed or you confirm compliance.”
Simplified Override Pop-up (Send Anyway)
In some cases, users instead see a simpler dialog:
o Learn more (policy details)
o Send anyway (override)
o Cancel
Example: “Your organization won’t allow this message to be sent until the sensitive information is removed.”