Using Microsoft 365 Data Loss Prevention (DLP) Features to Minimize Risk

Whether your organization is subject to compliance regulations such as CMMC, or NIST or holds sensitive data, Data Loss Prevention (DLP) is an essential tool for organizations large and small to minimize and prevent the loss of critical, private information. 

Microsoft 365 provides an advanced DLP feature that can help organizations minimize risk and protect their data from unauthorized access, accidental or malicious deletion, or improper sharing.

In this paper, we will:

  • Discuss why organizations should consider using Microsoft 365’s DLP tools
  • Showcase specific data loss prevention scenarios
  • Provide a tutorial on how to set up a DLP policy 

What is Data Loss Prevention (DLP)?

Data Loss Prevention (DLP) refers to a set of strategies, processes, and tools designed to prevent sensitive data from being accessed, used, or disclosed in an unauthorized manner. The goal of DLP is to protect sensitive information such as personally identifiable information (PII), intellectual property, financial data, or other confidential data from getting lost or stolen from your business.

Microsoft 365’s Data Loss Prevention tools use tools such as data encryption, access controls, content filtering, and user monitoring to keep data secure. Together DLP tools identify, classify, and protect sensitive data by monitoring data use and alerting administrators if any attempts to send or upload confidential documents and data to external email addresses or cloud storage site.

Why Should your Organization use Microsoft 365 Data Loss Prevention?

Organizations deal with a significant amount of sensitive data, including financial records, customer information, employee records and organizational data. Protecting this data is essential to ensure business continuity and to avoid legal and financial consequences. DLP can help organizations protect their sensitive data by automatically identifying, monitoring, and preventing data breaches in real-time. 

Three key benefits of using Microsoft 365’s Data Loss Prevention include:

Protecting Sensitive Data

Organizations can protect their sensitive data by detecting and preventing unauthorized access, sharing or deletion. These policies can be customized to meet the organization’s specific needs and protect data from being compromised.

Keeping data Compliant

Many industries have strict regulatory compliances and legal requirements for data privacy and security (CMMC, NIST, HIPAA, PCI…). Data Loss Preventation with Microsoft 365 can help organizations comply with these regulations by identifying and preventing the unauthorized sharing of sensitive data.

Avoiding Financial and Legal Consequences

A data breach can result in significant financial and legal consequences for an organization. DLP creates peace of mind for organizations by helping to prevent these data breaches from ever occurring. 

What are Some Scenarios that Would Benefit from Using DLP?

For example, as an IT Services provider, Vortex holds important and sensitive data for each one of our customers. Because it’s crucial that we keep our customers’ data secure, we’ve implemented a customized DLP policy on every piece of client documentation that prevents them from being deleted, shared or accessed by anyone outside of the Vortex technology team within our organization. 

Applying similar thinking to the external world, there are multiple scenarios that could apply to almost any type of business, including:

  • Protecting Customer Data: Organizations that handle customer data (i.e., PII, credit cards, banking information) should use DLP to protect this information.
  • Legal Compliance: Industries that have strict regulatory requirements, such as finance, should use DLP to comply with data privacy and security regulations, of which eliminates the need for  expensive third-party products.
  • Intellectual Property: Organizations that work with intellectual property, like patents, copyrights, or trademarks, should use DLP to prevent unauthorized access or sharing of this information.
  • Health Information: Healthcare organizations should implement a DLP policy that detects and prevents the sharing of patient health information outside of their organizations.
  • Controlled Unclassified Information (CUI): Organizations that deal with confidential business information should implement a DLP policy that detects and prevents the sharing of this information with unauthorized individuals or entities. This policy should be applied across the organization and to every available location. 

How to Set Up a DLP Policy with microsoft 365

The following nine steps describe and illustrate how to set up a DLP policy using Microsoft Data Loss Prevention tools.  

  1. Navigate to the Microsoft Purview Compliance Center: Home – Microsoft Purview
  2. Select “Data Loss Prevention” and then “Policies” from the left-hand navigation pane: 
Creating a new Data Loss Prevention Policy under Microsoft Purview
  1. For illustration purposes, we’ve used one of Microsoft’s templates to create a DLP policy regarding financial information:
How to use one of Microsoft Purview's templates to create a DLP policy regarding financial information
  1. Provide a name for the policy. Try to be descriptive so that the next person who administers this policy can understand why it was created:
Provide a name for your DLP Microsoft Purview Policy
  1. If you have an E5 license, next you’ll create “admin agents”. This allows a policy to be applied to only a subset of users. For our purposes, we’re going to include everyone (Full directory) in this policy:
Learn how to Assign Admin Units on Microsoft Purview if you have an E5 license.
  1. Next, choose the locations that you’d like the policy to apply to. We’re going to choose all locations (the Power BI location is not currently available):
How to choose the locations that you’d like your DLP policy to apply to with Microsoft Purview.
  1. Here’s the fun part! Now, you can create the policy settings. For this demonstration, we used the default settings provided by the Microsoft template. However, these settings are editable, and any administrator can change whatever is necessary to best fit their organization. Feel free to scroll through the next few images as we select “next” through the settings:
Choosing Microsoft Purview Policy Settings: Info to Protect
How to Choose Microsoft Purview Policy Settings: Protection Actions
Choosing Microsoft Purview Policy Settings: Customize access and override settings
  1. As you can see, there are a lot of powerful options! In the words of Uncle Ben, “With great power, comes great responsibility.” Always remember to assess your policies before implementing them to understand what impact there will be to your end users. We recommend monitoring alerts for at least two weeks prior to implementation. 
Choosing Your Microsoft Purview Policy Mode- We recommend testing it out first.
  1. That’s it! We review our policy one last time then submit it:
Review your Microsoft Purview DLP policy one last time and then submit it.


Microsoft 365’s Data Loss Prevention feature is a powerful tool that can help organizations protect their sensitive data from unauthorized access, improper sharing or accidental / malicious deletion. By implementing customizable DLP policies, organizations can ensure compliance with regulatory requirements and avoid legal and financial consequences associated with data breaches. As organizations increasingly rely on digital technologies, the need for effective data protection measures like DLP becomes more critical than ever. 

To learn more about Microsoft 365’s Data Loss Prevention features, contact us at 202-602-6635 or

expand & Improve your IT Acuity

Sign up for IT knowledge straight to your inbox

Improve your overall IT acumen with Vortex Educational Content. Provided in multiple forms, Vortex Educational Content provides you with advanced IT expertise, training and tips to optimize your IT environment. Simply check the items below to let us know what content you are interested in receiving via email from us.

"*" indicates required fields

Please Inform Me Via Email About:*
This field is for validation purposes and should be left unchanged.