Skip to content

Exchange Online Data Loss Prevention in Microsoft 365 Business Premium

Nino Vales 2022-10-13

Did you know that Microsoft 365 Business Premium comes with a Data Loss Prevention solution? 

Data Loss Prevention (DLP) will help protect and monitor sensitive information by applying actions like blocking or encryption before it leaves your Microsoft 365 environment.  

Enabling the DLP policy in your emails is also less complicated than we initially thought. If you have Microsoft 365 Business Premium subscription, DLP is ready to be configured and create policies under the Microsoft Purview compliance portal. 

Some pre-built templates ready to be used by Canadian organizations are: 

  • Canadian Financial Data 
  • Canada Personal Health Information Act (PHIA) for Manitoba 
  • Canada Privacy Act 
  • Personally Identifiable Information (PII) Data 
  • Personal Information Protection Act (PIPA) 
  • Personal Information Protection Act (PIPEDA) 

There’s also an option to build a custom policy based on the ruleset you define for your organization.  


The Flow

Here’s a basic Exchange Online DLP configuration using the Canadian Financial Data template. 

David from the Accounting department attempted to send a list of credit card numbers to an external contact. 

DLP policy will inspect the message content and apply the necessary action. 

David will receive a warning saying the DLP rule detected matching content in his email. The notice will indicate which conditions were present in his email. 

Depending on the DLP actions, the email will either: 

  • go through with a warning to Hong that the content matches sensitive information 
  • will be blocked
  • will be encrypted automatically 

Site administrators will also receive a notification that Bill attempted to send out sensitive information outside the organization. 

DLP can also apply to chats sent from Microsoft Teams to external contacts. 



Enabling DLP in your organization gives business owners control over what information leaves their Microsoft 365 environment. 

The built-in templates provide a starting point in adding a DLP solution that administrators can customize or test out.  

Note that DLP needs fine-tuning to decrease false positives and increase accuracy. To make it more efficient, test the policies before applying any actions. Test mode will notify administrators and the author of the content.  

Test mode previews how DLP catches content matching the defined conditions. Use the test mode to monitor and review matching alerts before turning on the policy. 


Enabling DLP policies is a step toward safeguarding your data against unauthorized disclosure.  

It is part of layered protection against accidental or malicious threats threatening to leak sensitive information. 

Make sure to check out the rest of the features available in Microsoft 365 Business Premium. 

Contact Clear Concepts if you need any assistance with implementing Data Loss Prevention in Microsoft 365 Business Premium.