Assign a DLP dictionary to a policy

Before you begin

  1. Create a DLP dictionary
  2. Make sure you enable ETP Proxy and inline payload analysis. For more information, see Enable inline payload analysis.

Complete this procedure to assign a data loss prevention (DLP) dictionary to a policy. Steps are provided for editing an existing policy. If you want to create a policy, see Create a policy.

How to

  1. In the navigation menu, select Configuration > Policies.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Policies > Policies.
  2. Click the name of the policy that you want to modify.
  3. Click the Access Control tab.
  4. Click the DLP tab.
  5. To assign DLP dictionaries to the Uploaded Documents and Uploaded Text areas:
    1. Click the link icon.
    2. Find the DLP dictionary or dictionaries that you want to assign. If necessary, you can use the search field to enter the name of the dictionary.
    3. Select the dictionary or dictionaries.
      Note: You can assign a maximum of 10 dictionaries.
    4. By default, the Monitor action is associated with the dictionary. If you want to change the action click in the Action column and select Block.
    5. Click Associate.
  6. To define users and groups that are exempt from DLP scanning, see Select user and group exceptions for DLP scanning.
  7. Click Save.

Next steps

  1. Expand the Uploaded Documents or Uploaded Text rows and review the assigned action and change it if necessary. You can also toggle the Aggressive field to apply more sensitive industry-recommended thresholds (not recommended when the action is Blocked).
  2. Deploy the policy update to the ETP network. For more information, see Deploy configuration changes.