Data Loss Prevention (DLP) Campus Email Automatic Scanning Tool

Overview

As announced in a CSULB CIO message titled Preventing Accidental Exposure of Sensitive Information via Campus Email, this new email security data loss prevention tool goes into effect on November 18, 2019.

Scope

The automatic scan tool will display a warning message ("Policy Tip") on the following programs:

  • Microsoft Outlook desktop client for both Windows and Mac computers
  • Outlook on the web / Office 365 (mail.csulb.edu) 

The Policy Tip does not display on the following programs, but users will receive the automatic warning email from Microsoft:

  • Microsoft Outlook app for iPhone and Android phones/devices (downloadable from Apple and Google Play Stores)
  • MacMail connected to campus email

The automatic scan tool does not work with Apple/Mac or Google native email clients.  

Example (Outlook on a Desktop)

This is the message that will show up if an email is sent to an external recipient that Microsoft deems as having sensitive information (SSN, CC or Passport info).  This information can be in the body of the message or in an attachment.

Display of the Policy Tip as it appears on the desktop Outlook client email application

Note:  DLP will work on the Outlook desktop client for Windows and Mac as long as the user has the policy tip notifications enabled (which is the default).  The message can be sent without clicking the override link.  (Override link shown in the screenshot.)

Examples (Outlook on the web / O365)

This is the message that will show up if an email is sent to an external recipient that Microsoft deems as having sensitive information (SSN, CC or Passport info).  This information can be in the body of the message or in an attachment.  Note: There is no override option in OWA and OWA has additional viewing options the desktop client does not.

Screenshot of Policy tip stating "This message may contain sensitive information. Review and remove sensitive data.  Messages sent with sensitive appearing data prompt the email system to log the action. For guidance, consult your manager.

This is the expanded message that shows if a user clicks on the ‘show details’ link in the first screen shot above.

Screenshot showing expanded details, which states, "This recipient isn't authorized to receive this type of information. Remove recipient. View details about the information that appears sensitive."

This is the message that shows up if someone hovers over the ‘Learn more’ link after expanding the message.

Screenshot shows the Learn more details, which states "This message appears to contain the following sensitive information SSN Number. If you don't think this information is sensitive, please click Report."

If the user chooses to send the email anyway (ignoring the warnings), he/she will receive this message:

Screenshot shows the text stating: "You've chosen to send a message without removing information that appears sensitive.  The email system has logged the activity and the message is attached to your reference.  Message information that appears to be sensitive includes: Message is sent to people outside your organization, and Message contains the following sensitive information: SSN Number"

Outlook Mobile App

The Policy Tip does not display, but if the user sends an email that fits the senstive information criteria, they will receive a message by Microsoft indicating so.

Screenshot shows the text stating: "You've chosen to send a message without removing information that appears sensitive.  The email system has logged the activity and the message is attached to your reference.  Message information that appears to be sensitive includes: Message is sent to people outside your organization, and Message contains the following sensitive information: SSN Number" 

Details

Article ID: 90953
Created
Wed 10/30/19 2:25 PM
Modified
Thu 10/31/19 5:04 PM