Planning and implementing DLP
In order to effectively plan for your Microsoft 365 DLP deployment, you need to understand any existing or potential data leakage within your organization. DLP can initially be configured with policies that run in test mode only. This is a good starting point for acquiring the information you need to determine your DLP strategy.
Before you go ahead and create your test policies, it is important that you understand how DLP works, what sort of information can be detected, and which Microsoft 365 services can be protected.
A good starting point is to examine the Sensitive info types that are used by DLP policies. There are a number of built-in sensitive information types available in Microsoft 365. These can be viewed from the Microsoft 365 Security and Compliance Center, which can be accessed by administrators at https://protection.office.com, or by navigating to Classification | Sensitive info types, as shown in the following screenshot: