Microsoft has upgraded unified DLP policies to support the rich set of conditions, exceptions, and actions available for Exchange transport rule-based DLP policies. The upgrade means that organizations which have been forced to continue using ETR-based DLP policies can begin the process of moving over to unified DLP. This process won’t be easy, but it’s the right thing to do for the long term.
Data Loss Prevention (DLP) is a feature of Office 365 E3 and E5 plans. Most DLP policies focus on matching sensitive information types created by Microsoft, like credit card numbers, but it is relatively easy to create a custom sensitive information type for use in DLP policies to detect information specific to your organization. In this example, we create a sensitive information type for Azure AD passwords and explore its use in Teams DLP policies.