About Sanctioned DLP Policies

A Sanctioned Data Loss Prevention (DLP) policy defines the criteria for generating a violation for cloud services that are sanctioned for use by employers, and optionally sets specific actions that are triggered in response to the detected incidents for sanctioned services.

You can create or edit new Sanctioned and Shadow/Web DLP policies using the DLP Policy Wizard. 

To view and administer your DLP policies, go to Policy > DLP Policies. 

• Filters. Select options on the Filters tab to scope down your search. 
• Search. Search Policies via the Omnibar. 
• Actions. Click to perform the following actions. 
  • Sanctioned Policy. Sanctioned cloud services are services that are sanctioned or provided by your enterprise for employee use, like Microsoft Office 365. 
    • Create New Policy. Click to Create or Edit a Sanctioned DLP Policy using the DLP Policy Wizard.
    • Create Policy from Template. Click to Create a DLP policy from a Template. 
    • Export to Template
  • Shadow/Web Policy. Shadow cloud services, like Facebook, are accessed by employees but aren't specifically sanctioned for employee use.
    • Create New Policy. Click to Create a Shadow/Web DLP Policy.
  • Activate Policy
  • Deactivate Policy
  • Delete Policy
  • Settings
    • Edit Table Columns
  • Evaluate
    • Evaluate Policy. Test your policy to make sure it is detecting the correct incidents. For details, see Evaluate Policy. 
• Policy Name. Displays the name of the DLP Policy. Click the link to edit the policy. 
• Description. (Optional.) Display the description of the DLP Policy. 
• Status. Displays the status of the policy: active or inactive. 
• Deployment Type. Displays the type of deployment: API or Proxy. 
• Service Instances. Displays the number of instances of the policy used. 
• Last Updated. Displays the date and time that the policy was last updated. 
• Last Updated By. Displays the username that last updated the policy.