Skip to main content

Welcome to our updated site!

Skyhigh Security

Include or Exclude a User Group from a DLP Policy

Including or excluding a User Group is a powerful way to apply a policy to your deployment. For example, you could do this when you need to include or exclude a finance group from attaching financial information.

In policies, Exclude always takes precedence over Include. If you accidentally try to add a User Group to both Include and Exclude, you will see a message asking you to choose one or the other.

To include or exclude a User Group from a DLP policy:

  1. Choose Policy > DLP Policies.
  2. Click Actions > Sanctioned Policy > Create New Policy, or click the name of an existing policy to edit it.
  3. In the Descriptions page:
    • Enter a Name for the policy, and an optional Description.
    • Select Classifications to use: Skyhigh Security Cloud or Security Service Edge.
    • Deployment Type: API, Lightning Link, or Reverse Proxy.
    • Select Service Instances the policy should apply to. 
  4. Under User Groups, for Include All User Groups, click Edit and select from the list. 
  5. Click Done
  6. To exclude User Groups, click Add Exclusions and select from the list. 
  7. Click Done
  8. Follow the wizard to enter selections for the Rules and Exceptions page, then Review and save your policy. For details see, Create or Edit a Sanctioned DLP Policy
  • Was this article helpful?