Skip to content

Create a Data Loss Prevention Rule

This page helps you create a Data Loss Prevention (DLP) rule.

Restriction

These DLP rules are different from email data control policies. For information on email data control policies, see Data control policy.

Note

SophosLabs can independently control the file types included in DLP. They may add or remove certain file types to provide the best protection.

To create a DLP rule, the key steps are as follows:

Create a DLP rule

You must set up the rule type, the actions to take if the rule is triggered, and whether you want to be alerted to breaches of the rule.

To create a DLP rule, do as follows:

  1. Go to My Products > General Settings.
  2. Under Data Loss Prevention, click Rules.
  3. Click Create New Rule.
  4. Select New Content Rule or New File Rule.
  5. Enter the rule Name and Description.
  6. (Optional) Turn on Send me email alerts if you want to be notified when the rule is breached.

    Note

    You won't get an alert in Sophos Central.

  7. For a file rule, choose whether you want to match against a file name or a file type as the conditions for the rule.

    Note

    All conditions are required for a content rule. You can't configure the condition types.

  8. Select whether you want to exclude by file name or file type.

  9. Select the action for the rule. Choose from the following options:

    • Allow file transfer
    • Allow transfer if user confirms
    • Block transfer
  10. Click Next: Rule Configuration. For more information on configuring the new DLP rule, see Configure a Data Loss Prevention Rule.