I have created 2 DLP SSN policies…1 external, the other internal. Policy sync status says its applied and active.
I am able to send/receive ssn via email without issue.
i have tested with emailing xxx-xx-xxxx and xxxxxxxxxx
I am not the best at this, so I will be including screenshots…and also hopefully someone can point out to me what i need to change.
5 Spice ups
Have you ran the policy in simulation mode yet?
No i have not…I can do that without issue…would that tell me anything helpful though?
1 Spice up
It should tell you what the policy (as written currently) will do on your system before you make it live, so you can see what email would and would not be blocked, under what circumstances it activates, or in your case, why it isn’t activating.
Just found out what the issue is/was… in my testing I was not saying SSN, or social…i was just sending numbers. and my policy just has Medium and High confidence
This issue is solved now.----thank all that looking into it
Blockquote
- Confidence Level and Keyword Requirements By default, Microsoft Purview’s sensitive information type (SIT) detection for SSNs requires a certain confidence level before triggering a policy. Generally, SSNs are often detected at a Medium or High confidence setting, which includes requirements such as the presence of specific keywords like “SSN” or “Social Security” near the number to increase accuracy and reduce false positives. If your SSNs appear as just digits (e.g., 123-45-6789) without these keywords, the policy might not detect them. You can consider adjusting the confidence level for SSN detection to a Low setting in your DLP rule, which will make the policy more sensitive to number patterns alone.
1 Spice up
Great! Glad you could figure it out! Let us know if you need further assistance!
![\"DLP1\"](\"https://us1.discourse-cdn.com/spiceworks/original/4X/c/4/d/c4d27c993f32b4e3fabdb1679da9449d69c56215.jpeg\")