Configuring the Email DLP Policy

Forcepoint DLP can help administrators control how sensitive data moves through their organization via email using the email DLP quick policy. (The email DLP policy applies to network channels only. To monitor email on endpoint machines, such as laptops that are off-network, create a custom policy.)

  • Depending on the deployment, Forcepoint DLP can protect outbound, inbound, or internal email from data loss, or all three.
  • Monitoring email for sensitive data requires either Forcepoint Email Security or the Forcepoint DLP protector.
Tip:

To get the full benefit of Forcepoint DLP email capabilities, subscribe to Forcepoint Email Security.

The protector can monitor inbound and outbound email in monitoring mode.

Email Security Cloud protects only outbound email.

Forcepoint Email Security is automatically configured to work with Forcepoint DLP.

  • Forcepoint Email Security registers with the management server during installation.
  • Forcepoint DLP policies are enabled by default.
    Important: Click Deploy in the Forcepoint Security Manager to complete the registration process.

To confirm that Forcepoint Email Security has successfully registered with Forcepoint DLP:

  1. Log on to the Forcepoint Security Manager, hover over the Forcepoint logo at the top of the Forcepoint header and then select Email from the drop-down list
  2. Navigate to the Settings > General > Data Security page.
  3. If the status is “unregistered”, enter the IP address of the management server in the field provided, and click Register.
  4. Hover over the Forcepoint logo at the top of the Forcepoint header and select Data from the drop-down list to switch to the Data Security module.
  5. Navigate to the Main > Policy Management > DLP Policies > Email DLP Policy page to configure the quick-start email DLP policy.
  6. On the Outbound tab, select and enable the attributes to monitor in outgoing email messages—for example, attachment type—and configure properties for those attributes. See Configuring outbound and inbound email DLP attributes.
  7. On the Inbound tab, select and enable the attributes to monitor inbound email messages—for example, questionable images—and configure properties for those attributes.
    Note:

    The email DLP policy can be used to define only inbound and outbound email attributes to monitor.

    Monitoring of internal email attributes for network or endpoint email is configured on the Destination tab of the custom policy wizard.

  8. Identify an owner or owners for the policy. See Defining email DLP policy owners.
  9. Identify trusted domains, if any. See Identifying email DLP trusted domains.
  10. Click OK.
    Note: The email DLP policy cannot be deleted or renamed, but its attributes can be enabled or disabled.