Information
Data Loss Prevention (DLP) policies allow Exchange Online and SharePoint Online content to be scanned for specific types of data like social security numbers, credit card numbers, or passwords.
Rationale:
Enabling DLP policies alerts users and administrators that specific types of data should not be exposed, helping to protect the data from accidental exposure.
Impact:
Enabling a Teams DLP policy will allow sensitive data in Exchange Online and SharePoint Online to be detected or blocked. Always ensure to follow appropriate procedures during testing and implementation of DLP policies based on organizational standards.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
To enable DLP policies:
Navigate to Microsoft Purview https://compliance.microsoft.com.
Under Solutions select Data loss prevention then Policies.
Click Create policy.