Created: 8-30-21
Updated: 8-30-21
Use the following PowerShell commands to create a DLP Policy and Associate DLP Policy Rule, also please note you need to be connect to Office 365 Security & Compliance via PowerShell prior to executing this script, how to do that can be found: here
Note: this information was acquired from a video series by Adam Gordon, and with this being replaced by a new exam revision, this is merely a repository of this information for future use.
In This example, we create DLP Policy and Rule for words that contain “SSN”:
# Create DLP Policy
New-DlpCompliancePolicy -Name “PHI Policy” -ExchangeLocation All -SharepointLocation All -OneDriveLocation All -Mode enable
# Create the DLP Rule for the aforementioned Policy
New-DlpComplianceRule -Name “Block SSN” -Policy “PHI Policy” -AccessScope NotInOrganization -BlockAccess $true -ContentPropertyContainsWords “Property1:SSN ” -Disabled $false
# Find DLP Policy in O365
Get-DlpCompliancePolicy | select Name,DistributionStatus,DistributionResults -ExpandProperty DistributionResults
=================================================
Special Note (1): – “-TeamsLocation -All” in DLP Policy
New-DlpCompliancePolicy -Name “PHI Policy” -ExchangeLocation All -SharepointLocation All -OneDriveLocation All -TeamsLocation All -Mode enable
# Note: “-TeamsLocation -All” Currently doesn’t work (~Credit: Adam Gordon)
Special Note (2): – “-ContentPropertyContainsWords” in DLP Rule
# URL: https://docs.microsoft.com/en-us/powershell/module/exchange/new-dlpcompliancerule?view=exchange-ps
# Note: “-ContentPropertyContainsWords” on MS Docs page
# Note: “-ContentPropertyContainsWords” is only supported for Exchange, Sharepoint, & OneDrive but NOT Teams