Specify outlook-specific default sensitivity label
Dear Admins! - Please read this fully before marking this as "Done"!
Requirements:
We would like the ability to set a default label for all documents, but exclude email/outlook from the policy.
Currently there is a powershell setting 'OutlookDefaultLabel' however it is not an adequate/complete solution given that:
1. it requires the unified labeling client to be installed on endpoints
2. it does not work for outlook clients that have native support for sensitivity labels (O365 Pro plus, the outlook web client, or for outlook mobile apps)
Background:
We are trying to deploy sensitivity labels to our company wherein all documents have an "internal only" sensitivity label, and DLP blocks "internal only" documents from leaving the company. We want to exclude emails from having this default sensitivity label applied because it would be far too painful to expect our users to have to go through the process of downgrading the sensitivity label of an email each time they need to send an email outside of the company (often).
Ideally, a new email should have no default label, or otherwise a lower sensitivity by default ("public"), and only be blocked by DLP if the email is upgraded to "Internal Only" or if the email contains an "Internal Only" attachment.
This gap is forcing us into a position where we effectively have to choose between the lesser of evils: having no default label vs disabling DLP for outlook/email/exchange to make the experience tolerable for end users. The former resulting in dramatically decreased usage/adoption of labels by end users, and the latter resulting in a large hole in our DLP coverage. Neither of the choices are particularly attractive as they both effectively reduce the efficacy of the overall DLP strategy.
James McWhinney
shared this idea
This capability is planned to be supported within March – April 2021 across all M365 native clients that support sensitivity labels.
1 comment
-
PR
commented
The option to label email with different policies if needed. Email Communication is not exactly the same as the content found in a document, which very likely has several versions and revisions.
Policies for Email and Files should be separate, to accommodate enterprises communication and data protection respectively.