Configuring data loss prevention for policy precedence
When data loss prevention policies and rules contained within a policy are processed, that process is referred to as policy precedence. The order in which the rule is evaluated can be manually configured, with the lowest priority number being processed first. The default rule is that the first rule is configured as priority 0
, while the one after that is configured as priority 1
; this continues in sequence.
Although only one DLP policy is enforced, all potential policy matches are in the logs, and you can also see this information in reports.
Specific condition matches can have configured actions that contradict each other. An example of this is that you can configure a DLP policy that blocks personal data from being shared externally, without an override allowed. You can then have another policy for financial data, which does allow end users to perform overrides. In this scenario, if only the final matching policy is applied...