A Data Loss Prevention (DLP) policy defines the criteria for generating an incident and optionally sets specific actions that are triggered in response to the detected incident.
Use the following steps to create or edit a DLP policy for any MVISION Cloud Sanctioned IT Cloud Service Provider. You can apply a single DLP policy to multiple Cloud Service Providers, so long as all CSPs support the rules and responses in the policy.
IMPORTANT: MVISION Cloud does not support importing or exporting policies or policy templates that include more than 50 rule groups or that exceed 64 KB in size, whichever limit is reached earlier.
To create or edit a DLP Policy:
- Choose Policy > DLP Policies.
- Click Actions > Create New Policy to create a policy. (See Creating a DLP Policy from a Template for information about templates.)
- Name. Enter a descriptive name to help identify the policy from the policy selection screen in later steps.
- Description. (Optional) Enter a description for your DLP Policy.
- Services. Click the pencil icon to select the Services you want this policy to apply to. Click OK to continue.
- Type. Select an integration method. Some user actions and response actions depend on the Type you choose. Choose from:
- Forward Proxy
- Lightning Link
- Toggle On to enable the policy.
- Toggle OFF to disable the policy.
- Include Specific Users. Enter one or more emails or user IDs (wildcards are supported) to apply the policy only to specified users.
- Exclude Specific Users. Enter one or more emails or user IDs (wildcards are supported) to exclude specified users from the policy.
- Include User Groups. Enter a User Group to exclude it from the policy.
- Exclude User Groups. Enter a User Group to include it in the policy.
- Rules. Specify the rules that the policy will enforce. You can specify one or more rules or rule groups.
Click Add Rule Group to add more.
- Exceptions. Add one or more exceptions. A DLP policy ignores any exception group within the policy. An exception group is ignored when ALL exceptions within the group match.
Click Add Exception Group to add more.
- Response. Select one or more response actions that are triggered when the policy rules are matched. By default, all DLP policies create an incident.
Click Add Action to add more.
- Click Save.