How to Implement Microsoft Office 365 Data Loss Prevention (DLP) Policy / Rule?

Written By Chirag Arora
Anuraag Singh
Approved By Anuraag Singh  
Published On December 19th, 2023
Reading Time 5 Minutes Reading

Summary: Learn all about Office 365 Data Loss Prevention Policy, how it works and its significance. Go through this guide to know how to implement Microsoft Office 365 DLP policies and best practices to follow. 

Security leaks, data breaches are the common reasons that can harm sensitive data residing in Microsoft Office 365 of a company. This thing arises the biggest question – what steps can organizations take for data protection from potential online threats? No need to worry! Office 365 introduces a service named Microsoft Office 365 Data Loss Prevention. Therefore, in this article, we are going to discuss what is O365 Security and Compliance DLP policy and how to set up data loss prevention (DLP) in Office 365.

Understand the Prime Aim of Microsoft Office 365 Data Loss Prevention Policy

To meet up business security standards, organizations require to guard sensitive information records like credit card numbers, financial reports, health records, and much more from unauthorized access. It is a crucial aspect of the platform’s security strategy. 

For this, Office 365 data loss prevention policies come into play. Its significance lies in several key areas, some of which are mentioned below:

  • DLP protects crucial and sensitive data from various cyber attacks
  • It helps in adhering to compliance and Regulatory requirements.
  • DLP further reduces the risk of data breaches, leaks, or accidental data deletion by human errors.
  • It also offers various measures such as content inspection, policy enforcement, and actions (like encryption or blocking).
  • Microsoft 365 Data Loss Prevention (DLP) allows administrators to create custom policies tailored to the organization’s specific needs. Which makes sure that critical data remains protected in accordance with the company’s policies.
  • DLP provides insights into how data is being used, shared, or accessed in real-time, which allows administrators to take immediate action against any suspicious activity.
  • Last but not least, it seamlessly integrates with other security features of Microsoft 365, such as Azure Information Protection and
  • Advanced Threat Protection, and comprehensively it creates a strong security environment.

The prime aim of this Data Loss Prevention Security Policy is to provide transparency by in-depth monitoring of each activity taking place in the Office 365 account. This analysis further helps the organization to prevent crucial data from inadvertent disclosure.

Let’s understand how to set up DLP Policy in Office 365!

How to Create Data Loss Prevention Policy in Office 365 – Full Guide

For an organization that has lots of sensitive information to store, this feature certainly provides benefits. The two components required to create a DLP policy – Location (like OneDrive for Business, Exchange Online) and Conditions. In the following section, the readers will know how to set up DLP in Office 365 along with pictorial representation.

Steps to Setup DLP Policy in Office 365

  1. First of all, you need to login into Office 365 as an administrator.
  2. After that, click on Admin under the Apps section as shown in the screenshot.
  3. Now, you have to click on Security & Compliance option under the Admin Center.
  4. In the next window, you need to opt for Data loss prevention and select Policy.
  5. From Microsoft Office 365 Data loss prevention section, just click on Create a Policy to generate a new DLP.
  6. In the New DLP Policy template, you have to select information to protect like credit card details, and UK financial data, and click Next.
  7. Under Name, your policy, provide a suitable name for the policy & description, and click on Next.
  8. You have to opt for a location as per the requirement from the Choose Locations page. This step signifies that on which part of DLP will be used. Here, you can see the following two options.
    • All locations are in Office 365. Includes content in Exchange email and OneDrive and SharePoint documents.
    • Let me choose specific locations.
  9. Select one option and click on Next to proceed further.
  10. Once you are done with the above steps, opt for the Simple or Advanced settings option. In Advance settings, you have the rule editor that offers total control over the policy setting. On the other hand, simple settings include the common one.
  11. click on Save to setup DLP in Office 365.

This is all about how to set up data loss prevention in Office 365.

Also ReadHow to Download Office 365 Emails with 3 Best Methods

How to View DLP Reports in Office 365?

It is very easy to check the DLP status in O365. For this, you need to go into Security & Compliance Center and opt for Data Loss Prevention >> Policy page. By doing this, you can easily access the status of policies. It includes information like whether the policy is turned On or Off, Policy is in test mode or not, deletion, testing without notifications, etc.

How to Disable Data Loss Prevention Security Policy in Microsoft Office 365?

In such a situation when a user wants to switch off a policy, then go to the Policy page. After that, you need to opt for Select the policy option and then Edit policy. This is the process to disable Office 365 Data Loss Prevention policy.

Final Say!

We do not know when a disaster might occur in our Office 365 data. So, it is always advised to keep a local backup of Office 365 data using a reliable software such as SysTools Office 365 Backup Software in PST or EML file format.

  • Step 1. Download, Install & Run the Tool.
  • Step 2. Opt Office 365 & Outlook from Workload.
  • Step 3. Choose Mailbox Items to Keep Locally.
  • Step 4. Login with O365 Admin Credentials. 
  • Step 5. Create Mapping, Chose Users & Hit Start. 

As of now, we can use a DLP policy that always has an eye on all the activities that take place in Microsoft Office 365. With the feature to set a Microsoft Office 365 data loss prevention policy, Organizations can prevent their sensitive data from potential internal and external threats.


By Chirag Arora

Having around 9+ years of experience in technical writing. Knows about the core technical areas. Also, provides easy and reliable solutions to resolve difficulties faced by users while working with different platforms.