Skip to content

Configure a Data Loss Prevention Rule


SophosLabs can independently control the file types included in Data Loss Prevention (DLP). They may add or remove certain file types to provide the best protection.

You can set up the conditions for monitored files, file types or destinations and the exclusions for a DLP rule.

You must have created a DLP rule.

The conditions you set depend on whether you are creating a File or Content rule.


These DLP rules are different than email data control policies. For information on email data control policies, see Data control policy.

  1. Set up the rule conditions.

    1. To set up conditions for a content rule, click File Contains and select the CCLs you want to use.

      You can search the list of CCLs. You can filter the CCLs by Type, Source (choose from SophosLabs or Custom), and Region. You can also create a new CCL.

    2. To set up conditions for a file rule, specify the file names or file types for the rule.

  2. Click Destination is and set the destinations that the rule monitors.

    Destinations include devices (for example, removable storage devices, such as USB flash drives) and applications (for example, internet browsers and email clients).

  3. Set the exclusion details for the rule.

  4. Click Finish to create the rule.