Create a Data Loss Prevention Rule
This page helps you create a Data Loss Prevention (DLP) rule.
Restriction
These DLP rules are different from email data control policies. For information on email data control policies, see Data control policy.
Note
SophosLabs can independently control the file types included in DLP. They may add or remove certain file types to provide the best protection.
To create a DLP rule, the key steps are as follows:
- Create a DLP rule. See Create a DLP rule
- Configure a DLP rule. See Configure a Data Loss Prevention Rule.
Create a DLP rule
You must set up the rule type, the actions to take if the rule is triggered, and whether you want to be alerted to breaches of the rule.
To create a DLP rule, do as follows:
- Go to My Products > General Settings.
- Under Data Loss Prevention, click Rules.
- Click Create New Rule.
- Select New Content Rule or New File Rule.
- Enter the rule Name and Description.
-
(Optional) Turn on Send me email alerts if you want to be notified when the rule is breached.
Note
You won't get an alert in Sophos Central.
-
For a file rule, choose whether you want to match against a file name or a file type as the conditions for the rule.
Note
All conditions are required for a content rule. You can't configure the condition types.
-
Select whether you want to exclude by file name or file type.
-
Select the action for the rule. Choose from the following options:
- Allow file transfer
- Allow transfer if user confirms
- Block transfer
-
Click Next: Rule Configuration. For more information on configuring the new DLP rule, see Configure a Data Loss Prevention Rule.