Configuring DLP Policies
Data Loss Prevention (DLP) monitors outbound email for sensitive information and can block, quarantine, or flag emails that match defined rules. This helps prevent accidental or intentional leakage of confidential data.
How DLP works
When an email is sent, DLP scans the subject, body, and attachments against your configured policies. If a match is found, the configured action is taken — the email can be blocked, quarantined for review, or delivered with an alert generated.
Accessing DLP settings
- Log in to https://cyberprotect.bamboozle.me.
- Click Email Archiving in the left sidebar.
- Click DLP Policies.
[SCREENSHOT: DLP Policies main screen]
Creating a DLP policy
- Click Create policy.
- Give the policy a descriptive name such as "Block credit card numbers" or "Flag passport numbers".
- Configure the policy conditions:
Conditions
Conditions define what the policy looks for in emails:
| Condition type | Examples |
|---|---|
| Sensitive data types | Credit card numbers, passport numbers, UAE Emirates ID, IBAN |
| Keywords | Specific words or phrases such as "confidential" or "do not distribute" |
| Regex pattern | Custom regular expression for specific data formats |
| Attachment type | Block emails containing specific file types such as .exe or encrypted archives |
| Recipient domain | Flag emails sent to specific external domains |
[SCREENSHOT: DLP policy condition configuration screen]
Actions
Actions define what happens when a condition is matched:
| Action | Description |
|---|---|
| Block | The email is not delivered and the sender receives a bounce notification |
| Quarantine | The email is held for administrator review before delivery |
| Deliver with alert | The email is delivered normally but an alert is generated in the console |
| Notify administrator | An email notification is sent to the administrator |
| Notify sender | The sender receives an email warning that their message triggered a DLP policy |
[SCREENSHOT: DLP policy action selection screen]
- Set the Scope — which mailboxes or groups the policy applies to.
- Set the Priority — if multiple policies match an email, the one with the highest priority takes effect.
- Toggle the policy to Active.
- Click Save.
Built-in sensitive data types
Bamboozle DLP includes built-in detection for common sensitive data types including:
- Credit and debit card numbers (Visa, Mastercard, Amex, etc.)
- UAE Emirates ID numbers
- Passport numbers
- IBAN and bank account numbers
- Tax identification numbers
- Social security numbers
- Medical record identifiers
Select any of these from the condition dropdown — no configuration required as the detection patterns are pre-built.
[SCREENSHOT: Sensitive data type selection dropdown]
Reviewing quarantined email
When a policy with the Quarantine action matches an email, it appears in the DLP quarantine queue for administrator review.
- Click Email Archiving then DLP Quarantine.
- Review each quarantined email — you can see the full content and which policy triggered it.
- For each email, choose:
- Release — deliver the email to the recipient
- Release and whitelist — deliver and add sender or content to a whitelist so future similar emails are not quarantined
- Delete — delete the email without delivering it
[SCREENSHOT: DLP quarantine queue with review options]
Whitelisting trusted senders or content
If a DLP policy is regularly catching legitimate emails from a specific sender or containing specific content, add a whitelist entry:
- Go to DLP Policies then Whitelist.
- Click Add entry.
- Define the whitelist condition — sender email, sender domain, or specific content pattern.
- Click Save.
[SCREENSHOT: DLP whitelist configuration screen]
DLP reporting
To see a summary of DLP activity:
- Click Monitoring then Reports.
- Create a new report or look for the DLP summary widget.
- The report shows how many emails were scanned, how many matched policies, and how many were blocked or quarantined.
[SCREENSHOT: DLP summary report]