Data loss prevention
Data loss prevention policies are a way for your organization to protect you and your organization's information. Your organization may apply a DLP policy to protect employees from sending sensitive information (like a credit card number, Social Security number, etc.) in a Microsoft Teams channel or chat—including meeting chats—where guests or other partners from outside your organization are present.
Your organization can apply a DLP policy to protect sensitive information in messages and in documents. If sensitive information is sent in a message, that message may be audited or deleted based on the type of policy. If you’re the sender, you may receive a system message with the option to notify your admin to review the message and resolve it. And if your organization allows, you may also have the option to override and send the message.
When your organization has a SharePoint or OneDrive for Business DLP policy in place and you try to share a file in Teams that contains sensitive information, people outside your organization won’t be able to open the file.
Communication compliance
Communication compliance policies help minimize communication risks in your organization by detecting, capturing, and acting on inappropriate messages in email and Microsoft Teams. Your organization may apply communication compliance policies to help protect people from profanity, threats, harassment, and other inappropriate communications.
Reviewers can investigate scanned email, Teams, Yammer, or third-party communications in your organization and take appropriate actions to make sure they're compliant with your organization's message standards.
After communication compliance policies are set up, reviewers in your org can help safeguard by reviewing communication compliance alerts and removing flagged messages from view in Teams. Removed messages and content are replaced with notifications explaining that the message or content has been removed and what policy is applicable to the removal.
The sender of the removed message or content is also notified of the removal status and provided with the original message's content for context relating to its removal. The sender can also view the specific policy that applies to the message removal.
: Messages may also be removed due to a policy set by another organization that you interact with.
Read more about communication compliance policies and message removals from the following IT admin links:
Potential notices you may receive when sending sensitive or inappropriate information
What you'll receive |
What you can do |
---|---|
This message was flagged.
This means your org's DLP policy will still send your message, but it's been flagged for containing sensitive data. It will remain flagged to show that it contains sensitive information. |
If you believe the message was flagged in error, select What can I do? This will open a form where you can report the message to your admin for review. |
This message was blocked. (Override not allowed)
This means your org's DLP policy has blocked your message from showing. Recipients will also receive a message stating that the content of your message was blocked. |
Select What can I do? From there, you can report the message to your admin for review. This won't override the policy. Your message will remain blocked until your admin reviews and deems it safe to send. |
This message was blocked. (Override allowed)
This means your org's DLP policy has blocked your message from showing. Recipients will also receive a message stating that the content of your message was blocked. |
Select What can I do? If your org allows you to override the policy, you may see any of the following options:
: In some policies, you may have to provide a justification for the override. |
This message was blocked (Inappropriate content)
This means your org’s communication compliance policy has blocked your message from showing. Recipients will also receive a message stating that the content of your message was blocked. |
Messages blocked by a communication compliance policy don’t have actions you can take. Blocked messages can only be overridden by admins. |
If you receive a message that gets blocked by an org's DLP or communication compliance policy
Instead of an option to override, you’ll get a message that says “This message was blocked by organizational policy. What’s this?”. Selecting What’s this? brings you to this article.
: If the sender is able to override the policy, the original message will be sent to you as soon as the override is done.