Cloud App Security Administration Guide for Office 365

Managing Policies > Creating New Policy Rules > Creating Office 365 and Microsoft 365 Email Encryption Policy Rules
Table of Contents

Creating Office 365 and Microsoft 365 Email Encryption Policy Rules

To create an Office 365 email encryption policy rule

  1. In the Rule Name field, enter the name you want to use to identify the rule.
  2. From the Mode dropdown list, select Protect (inline).
  3. In the Scope section, either:
    • Select All users and groups (all licensed users) to have the policy rule either apply to all users.
    • In the Specific users and groups list, select the specific users or user groups to which the policy should apply or be excluded from being applied.
  4. In the DLP Criteria section:
    1. From the DLP Rules list, select the rules you want applied.
    2. From the Sensitivity list, select the sensitivity (based on the hit count) to be used to apply the rules.

    Depending on the type of cloud application and the Mode, you may see a different set of options in the Advanced sections.

  5. From the DLP Workflow list, select which action should be taken when a possible leak is detected:
    • Email is blocked. User is alerted and allowed to request a restore (admin must approve)
    • Email is blocked. User is alerted and allowed to restore the email
    • Email is blocked and user can request to resend as encrypted (admin must approve)
    • Email is blocked and user can request to resend as encrypted
    • Email is allowed. Header is added to the email
    • Email is allowed. Encrypted by Microsoft
    • Do nothing

    Action requiring encryption are only visible and available if you subscribe to Microsoft encryption services and have encryption enabled. Encrypted Office 365 and Microsoft 365 Email support requires that you have the necessary Office 365 and Microsoft 365 or Exchange Online subscription level from Microsoft and a Cloud App Security Advanced license from SonicWall.

  6. In the Advanced > Alerts section:
    1. Select Send email alert to notify specific users when a possible leak is detected.
    2. Click the gears icon if you want to modify the email message sent to the file owner.
  7. Click Save and Apply.

For more information about creating policy rules, refer to Creating New Policy Rules.