A technology company has recently migrated their internal services to Microsoft 365 as most employees work remotely due to changes in the company's overall work policies. Now that these services will be accessible on personal computer devices at home, the company wants to ensure that all company work remains online. However, all users' work items can also be fully accessible on company workstations in the office.
As the Microsoft 365 administrator, the company has tasked you with setting up some initial data loss prevention (DLP) policies that will apply to all available service location options (e.g. Exchange email) on the Microsoft 365 compliance web interface. These policies will monitor internal communication at first. You must create a DLP policy to prevent the sharing of sensitive information, such as U.S. passport information. You must be sure to verify that the policy works as expected before applying it to everyone.
User Expectations:
- Employees can access applicable company resources.
- Do NOT share personally identifiable information (PII) of self and others.
- Do NOT share bank account numbers of self and others.
DLP Policy Requirements:
- Policies will trigger when immediately violated.
- Notify the user who violated the policy and the DLP support team when a violation occurs.
Point of Contacts:
dlpsupport@abctech1234.comitsupport@abctech1234.comdavidsondb@abctech1234.com — IT Manager
To return this interactive to its initial state, click Reset.