0

Hi i need help setting up a transport rule to block social security numbers, bank card numbers.

currently we have the office 365 midsize business plan, it does not have "data loss Prevention".

everything i look up is for exchange 2010 and not 2013.. so im not sure it's the same.

Justin Hall
  • 21
  • 2
  • Transport rules haven't really changed since 2007. We've had a few in place since before my time and with each exchange upgrade they've continued to work. – Reaces Jan 08 '15 at 15:24
  • Are you in a hybrid environment or solely in the cloud with no on-premise Exchange server? – TheCleaner Jan 08 '15 at 15:51
  • You cannot do this with just plain old transport rules. – mfinni Jan 08 '15 at 15:52
  • we are cloud only.. 365 midsize. i have set the rules up based on best practice.. see how that goes.. it will email me if something gets blocked. – Justin Hall Jan 08 '15 at 18:34
  • 2
    •\d\d\d\d\s\d\d\d\d\s\d\d\d\d\s\d\d\d\d (MasterCard Visa) •\d\d\d\d\s\d\d\d\d\d\d\s\d\d\d\d\d (American Express) •\d\d\d\d\d\d\d\d\d\d\d\d\d\d\d\d (any 16 digit number) •\d\d\d\-\d\d\-\d\d\d\d (Social Security Numbers) – Justin Hall Jan 08 '15 at 18:35
  • http://technet.microsoft.com/en-us/library/jj723164%28v=exchg.150%29.aspx – Justin Hall Jan 08 '15 at 18:35
  • @JustinHall answer your own question and put those 2 comments in as the answer. – TheCleaner Jan 09 '15 at 16:42
  • @JustinHall `123 45 6789` just passed a SSN that your pattern didn't catch (and yes, some systems use space instead of dash. Also cut-and-paste from some forms). Not saying the rule is completely without value, but this is one of those problems you can't really solve with [regular expressions](http://xkcd.com/208/). – voretaq7 Jan 09 '15 at 20:40

1 Answers1

0

I manage an O365 E3 tenant, so I have more features (including DLP). That said, I do show a canned rule under Mail Transport Rules: Generate an incident report when sensitive information is detected. See below:

Exchange Rules in E3

When configuring the rule, you can curate a list of sensitive information types, US Social Security number is in the list, as well as many other canned types. When the rule is met, you can generate a report, block the message, apply a disclaimer, etc.

You know what? I'm looking at the help for the function, it does seem this is directly related to Data Loss Prevention. Maybe use this post to sell an upgraded Exchange Online service to management.

As the OP figured out on their own, regex matches are now supported in transport rules. Technet Reference

blaughw
  • 2,267
  • 1
  • 11
  • 17
  • the option is there to create that rule but its grayed out when you go to specify the sensitive information types.... looks like they want you to migrate to the enterprise e3 plan.... darn.. o well.. the work around\ best practices seems to be blocking anything with a long number... including links in hyper links my luck. – Justin Hall Jan 08 '15 at 20:27
  • Well, you can at least log the rule matches and state a business case for moving up to an Enterprise plan. There should probably be more than a single case for doing so, but if you're processing CC's , etc. DLP is probably pretty important. – blaughw Jan 08 '15 at 20:30