Email is one of the easiest ways that information can leak out of your organization. Microsoft Office 365 has data loss prevention (DLP) policies for certain subscription levels that, if set up properly, can help prevent data leakage. If you have an E3 or E5 license, you can set policies and show tips reminding users that they shouldn’t be sending sensitive information.
Even though you can tell your users that they shouldn’t be emailing information that includes credit card numbers, social security numbers or other sensitive identity information, the reality is that people will forget and email this information regardless. By setting up a DLP policy that proactively looks for this sensitive information and blocks the transmission, you can make it safer for both your firm and the recipients of the email.
To set up DLP rules, first determine if you are under a specific preexisting rule set or if you need to make your own. Go to the Office 365 Security & Compliance page and sign in with administrator privileges. Go to “Data loss prevention” and then click on “Policy”.
From here you can set up a new policy: