Setting up a DLP inspection mailbox

This guide will take you through the process of setting up a mailbox in your Office365 or G-Suite mail system that will enable scanning incoming and outgoing mail for sensitive information.

 

Office365

  1. Creat a new mailbox account to be used for DLP inspection (e.g. dlp@foo.com)
  2. Login to Office365 as an admin, and go to Exchange Admin center: https://outlook.office365.com/ecp 
  3. Select "mail flow" from the menu



  4. Click the Plus icon and select "Create a new rule"



  5. Click the "More options..." link

     

  6. Fill the dialog box:
    • Provide a name for the rule (e.g. DLP)
    • Select “Apply this rule if...” / "The sender..." (click the drop-down-list icon on the right-hand side of the line) / "is external/internal" / "Inside the organization"





    • Select “*Do the following...” / "Add recipients..." / "to the Bcc box"


    • In the dialog box that opens, search the DLP mailbox you have created and add it, then click "OK"



    • Save the new rule

 

 

G-Suite

  1. Creat a new mailbox account to be used for DLP inspection (e.g. dlp@foo.com)
  2. Login to G-Suite as an admin, and go to your Google Admin Console  https://admin.google.com
  3. In the Admin console, go to "Apps" / "G-Suite" / "Gmail" / "Advanced settings" (scroll down to see it)







  4. Scroll to the Routing setting in the Routing section, hover over the setting, and click Configure (or "Edit or Add another" if the setting is already configured)



  5. Fill the dialog box:
    • Enter a unique name for the setting (e.g. "DLP")
    • In "Messages to affect" check all boxes

    • Optional - use the "Envelop filter" to limit the scan to specific user accounts or groups.
    • Select "For the above types of messages, do the following" / "Modify message" and check the first two items ("Add X-Gm-Original-To header" and "Add X-Gm-Spam and X=Gm-Phishy headers")



    • Scroll down to “Also deliver to” and select "Add more recipients", click "Add" and select "Basic" and add the DLP mailbox you have configured in step 1, then "Save"





    • Click "Add settings" and "save" the configuration



 

 

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.