PILOT: Restricted Data Notifications in Outlook
If you compose an email in Microsoft Outlook that includes potentially sensitive information (like a credit card or Social Security Number), you may receive a notification, and the message may be protected by the Microsoft Purview Data Loss Prevention (DLP) security feature.
Pilot members
The following groups will see the notifications when sending Category 1 Data:
- VPCIO staff
- Select Dental School staff
Category 1 Data being scanned
- General Password
- U.S. Social Security Number (SSN)
- Credit Card Number
- U.S. / U.K. Passport Number
- U.S. Bank Account Number
- U.S. Driver's License Number
- Azure AD User Credentials
- User Login Credentials
What you see if you send Category 1 Data with Microsoft Purview DLP enabled
Applies to: People using Windows Outlook desktop client
1. When using Outlook to compose a message with Category 1 Data, you will notice a policy tip above the header information.
.2. You will receive an acknowledgement window when you click send. Select Send Anyway
What a recipient sees if you send Category 1 Data
- If the recipient is using Exchange Online on an official Microsoft Outlook client, the message is decrypted automatically and displayed like any other email
- External recipients not using Exchange Online will receive a notification that they’ve been sent a protected message and will need to sign in to retrieve it:
1. Click Read the message
2. Sign in to view the message
Known issues
- When using a digital signature, you will receive Category 1 alerts, but the message will not send encrypted. We are working with Microsoft on this issue
False Positives
Submit false positives to ubit_M365_DLP_Alerts@ubitmail.buffalo.edu
See also
Need more help with technology at UB?
Contact the UBIT Help Center.