Enhanced DLP Policy using Microsoft Purview Sensitivity Labels
DLP Workflows can now be triggered based on Microsoft Purview Sensitivity Labels.
Organizations often use Microsoft Purview Sensitivity Labels to tag data that is being shared internally and with authorized external parties.
These labels are used either directly by end users labeling files/emails they own or by 3rd party data classification solutions.
Harmony Email & Collaboration now allows administrators to define a DLP policy based not only on out of the box Check Point data types or custom data types, but also based on the Microsoft Sensitivity Labels that are attached to the email/attachment/shared file/message.
To do that, create/edit a DLP policy of any integrated Microsoft application, select Inline mode and under the DLP Criteria section, select Microsoft sensitivity labels and choose between:
- Any label
- Specific labels
- All labels except
- Without labels
The first time you enable enforcement by Sensitivity Labels, you might be requested to re-authorize the Check Point application. This is because reading the sensitivity labels requires an additional permission to be granted to the application.
Note – this feature is being deployed gradually. You should see it in your portal in the next 10 days.