Create an email data loss prevention rule

Add email Data Loss Prevention (DLP) rules to control information allowed in emails.

To create a new rule, you must edit an existing policy, or create a new policy.

Email Data Loss Prevention policies contain rules that describe what information to look for in emails and the action to take when matched. To create a rule:

  1. Click Settings.
  2. Click either Inbound or Outbound to set the direction of emails this rule checks.
  3. Click Add rule.
  4. Give the rule a Name and Description.
  5. Choose the rule type.

    You can use templates provided by Sophos to protect your data. Templates protect common types of sensitive information. You can also customize rules using content control lists (CCLs), keywords or phrases.

    Choose from:

    • Protect financial information (FI)
    • Protect confidential information (CI)
    • Protect health information (HI)
    • Protect personally identifiable information (PII)
    • Protect using attachment file types
    • Protect using Sophos content control lists (CCLs)
    • Protect using keywords.
  6. Click Next.
  7. Choose the lists for the rule.

    For most rule types you can use lists provided by Sophos or build custom lists specific to your needs.

    1. If you chose Protect using attachment file types, we recommend you use the default Sophos list. You can also use a custom list, and select the file types you want to filter emails by.
    2. If you chose Protect using keywords, enter strings to search for. You can also import keywords.
  8. Click Next.
  9. Choose the actions to take when the rule is triggered, who to notify and additional options.

    Options change depending on the rule type and direction (Inbound or Outbound).

    For example, if you select Inbound the Bounce action doesn't appear in the list of actions.

  10. Turn the rule on or off.
  11. Click Save.