Restricted Data Notifications in Outlook
If you compose an email in Microsoft Outlook that includes potentially sensitive information (like a credit card or Social Security Number), you may receive a notification, and the message may be protected by the Microsoft Purview Data Loss Prevention (DLP) security feature.
Category 1 Data being scanned
- U.S. Social Security Number (SSN)
- Credit Card Number
- U.S. / U.K. Passport Number
- U.S. Bank Account Number
- U.S. Driver's License Number
- Canada Bank Account Number
- Canada Passport Number
- Canada Social Insurance Number
What you see if you send Category 1 Data with Microsoft Purview DLP enabled
Applies to: People using Windows Outlook desktop client
Important: individuals using UBmail should not be sending category 1 data.
1. When using Outlook to compose a message with Category 1 Data, you will notice a policy tip above the header information.
.2. You will receive an acknowledgement window when you click send. Select Send Anyway
What a recipient sees if you send Category 1 Data
- If the recipient is using Exchange Online on an official Microsoft Outlook client, the message is decrypted automatically and displayed like any other email
- External recipients not using Exchange Online will receive a notification that they’ve been sent a protected message and will need to sign in to retrieve it:
1. Click Read the message
2. Sign in to view the message
Known issues
- When using a digital signature, you will receive Category 1 alerts, but the message will not send encrypted.
- Outlook Classic will not display encrypted messages, with attachments, for messages sent to a shared mailbox. Please use New Outlook or the web version.
False Positives
Submit false positives to microsoft-data-protection@buffalo.edu
See also
Need more help with technology at UB?
Contact the UBIT Help Center.