File hash exception lists

You can create an exception list with the hashes of files that you don’t want scanned by data loss prevention (DLP). In a file hash exception list, make sure you provide SHA-256 hashes that are formatted with 64 hexadecimal characters. Like any custom list, you can assign these lists to policies. File hash exception lists are assigned the bypass policy action.

You can use this feature to allow users to upload files that contain sensitive information and would otherwise be detected by DLP. You can enter file hashes that you have or if this file was previously downloaded or scanned by ETP Proxy, file hashes are provided in the Proxy Activity report. You can copy the hash values from the report and use them in this configuration. If you want to generate a hash value for a file, see Generate a hash value.

When DLP is set up and the file hash exception list is assigned to a policy, ETP checks the list to determine whether the file should be bypassed. If a user uploads a file that is in this list, the upload is allowed.