Skip to content
Last update: 2022-06-28

Create a Data Loss Prevention Rule

Follow these instructions to create a DLP rule.


You can't use this option to create email data loss prevention (DLP) rules. See Data Loss Prevention policy.

There are two stages to creating a DLP rule; creation and configuration.

This stage sets up the rule type, the actions taken if the rule is triggered and whether you want to be alerted to the breaches of the rule.

To create a DLP rule, do as follows:

  1. Go to Global Settings > Manage Data Loss Prevention Rules.
  2. Click Create New Rule.
  3. Choose from New Content Rule or New File Rule.
  4. Give the rule a Name and a Description.
  5. Click Send me email alerts if you want notifying when the rule is breached.


    You will not get an alert in Sophos Central.

  6. For a File rule, choose whether you want to match against a file name or a file type as the conditions for the rule. You will give the details when you configure the rule.


    Conditions are required for a Content rule and you cannot set the condition type.

  7. Specify if you want to exclude by a file name or by file type. You will give the details when you configure the rule.

  8. Specify the actions for the rule. Choose from:
    • Allow file transfer.
    • Allow transfer if user confirms.
    • Block transfer.
  9. Click Next: Rule Configuration.

    For help on configuring rules see Configure a Data Loss Prevention Rule.

Back to top