This is a DLP policy template that you can implement easily in the Nightfall platform.
Description | Detect and automatically notify when US PII is found in OneDrive accessible outside the organization or via public link. Automatically restrict access to the Owner. |
---|---|
Integration | Microsoft OneDrive |
Use Case | Safeguard Personal Information |
Output Settings | Alert admins in Slack or Teams, automatically restrict access to Owner, recommend configuring alerting to SIEM, and alert end-user with remediation instructions and educational messaging to proper PII handling to prevent future exposure. |
Inclusions | Include drives and special folders you want to monitor. Scope permissions to files accessible outside the organization or via public link. |
Exclusions | Select drives, folder paths, and file extensions you don't want to scan. |
These are the detection rules that will be applied within this policy, defining what types of sensitive data the policy is looking for.