Applies to: Exchange Server 2013, Exchange Online
Topic Last Modified: 2012-09-26
A custom data loss prevention (DLP) policy allows you to establish conditions, rules, and actions that can help meet the specific needs of your organization, and which may not be covered in one of the pre-existing DLP templates.
The rule conditions that are available to you in a single policy include all the traditional transport rules in addition to the sensitive information types presented in Sensitive Information Types Inventory. For more information about transport rules in Exchange 2013, see Transport Rules.
 Caution: |
|---|
| You should enable your DLP policies in test mode before running them in your production environment. During such tests, it is recommended that you configure sample user mailboxes and send test messages that invoke your test policies in order to confirm the results. |
For additional management tasks related to creating a custom DLP policy, see DLP Procedures.
What do you need to know before you begin?
- Estimated time to complete: 60 minutes
- You need to be assigned permissions before you can perform this
procedure or procedures. To see what permissions you need, see the
“Data loss prevention (DLP)” entry in the Messaging Policy and
Compliance Permissions topic.
- In order to create a new custom DLP policy, you must follow the
installation instructions for Exchange 2013. For more information
about deployment, see Planning and
Deployment.
- For information about keyboard shortcuts that may apply to the
procedures in this topic, see Keyboard Shortcuts in
the Exchange Admin Center.
 Tip: |
|---|
| Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection |
Use the EAC to create a custom DLP policy without any existing rules
- In the EAC, navigate to Compliance management >
Data loss prevention. Any existing policies that you have
configured are shown in a list.
- Click the arrow that is beside the Add
icon, and select New custom policy.
Important:If you click Add
icon instead of the arrow, you will create a new policy based on a
template. For more information about using templates, see Create a DLP Policy From
a Template. - On the New custom policy page, complete the following
fields:
- Name Add a name that will distinguish
this policy from others.
- Description Add an optional description
that summarizes this policy.
- Choose a state Select the mode or state
for this policy. The new policy is not fully enabled until you
specify that it should be. The default mode for a policy is test
without notifications.
- Name Add a name that will distinguish
this policy from others.
- Click Save to finish creating the new policy reference
information. The policy is added to the list of all policies that
you have configured, although there are not yet any rules or
actions associated with this new custom policy.
- Double-click the policy that you just created or select it and
click Edit
.
- On the Edit DLP policy page, click Rules.
Click Add
to add a new blank rule. You can establish conditions using all the
traditional transport rules in addition to the sensitive
information types.
In order to avoid confusion, supply a unique name for each part of your policy or rule when you have the option to provide your own character string. There are several options additional options available to you:
- Click the arrow that is beside the Add
icon to add a rule about sender notification or allowing
overrides.
- To remove a rule, highlight the rule and click Delete
.
- Click More options
to add additional conditions and actions for
this rule including time-bound limits of enforcement or effects on
other rules in this policy.
- Click the arrow that is beside the Add
- Click Save to finish modifying the policy and save your
changes.
DLP policy templates are one type of feature Microsoft Exchange that can help you design and apply a robust policy and compliance system for your messaging environment. For more information about compliance features, see Messaging Policy and Compliance.