Outlook: Customizable Oversharing dialog for DLP in New Outlook

🚨 The Signal: New Outlook for Windows now supports customizable Data Loss Prevention (DLP) oversharing dialogs. This enhances user education and policy enforcement, reducing accidental data exposure by providing tailored warnings and justification options.

The Impact

Security teams and end-users are affected, reducing the risk of accidental sensitive data exposure.

• Security Teams: Enhanced ability to enforce data protection policies and educate users.
• End-Users: Improved awareness of data sharing risks and clearer guidance on policy compliance.
• Compliance Officers: Better audit trails for data sharing justifications and policy adherence.
• Data Owners: Reduced risk of unauthorised disclosure of sensitive information.

The Action

1. Navigate to Microsoft Purview compliance portal > Data loss prevention > Policies.
2. Edit an existing DLP policy or create a new one targeting Outlook.
3. Under 'Policy settings' > 'DLP rules', configure the 'User notifications' action.
4. Select 'Notify users in Office 365' and customize the 'Oversharing dialog' content, including title, body, and business justification options.
5. Utilise dynamic variables for recipients, attachment names, and labels to provide context-specific warnings.

Domain: Purview · Impact: medium · Workload: Microsoft Purview