New-DlpSensitiveInformationType

This cmdlet is available only in Security & Compliance Center PowerShell. For more information, see Security & Compliance Center PowerShell.

Use the New-DlpSensitiveInformationType cmdlet to create sensitive information type rules that use document fingerprints.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

New-DlpSensitiveInformationType
   [-Name] <String>
   -Description <String>
   -Fingerprints <MultiValuedProperty>
   [-Confirm]
   [-Locale <CultureInfo>]
   [-WhatIf]
   [<CommonParameters>]

Description

Sensitive information type rule packages are used by data loss prevention (DLP) to detect sensitive content in messages.

To use this cmdlet in Security & Compliance Center PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft 365 compliance center.

Examples

Example 1

$Employee_Template = Get-Content "C:\My Documents\Contoso Employee Template.docx" -Encoding byte -ReadCount 0
$Employee_Fingerprint = New-DlpFingerprint -FileData $Employee_Template -Description "Contoso Employee Template"
$Customer_Template = Get-Content "D:\Data\Contoso Customer Template.docx" -Encoding byte
$Customer_Fingerprint = New-DlpFingerprint -FileData $Customer_Template -Description "Contoso Customer Template"
New-DlpSensitiveInformationType -Name "Contoso Employee-Customer Confidential" -Fingerprints $Employee_Fingerprint[0],$Customer_Fingerprint[0] -Description "Message contains Contoso employee or customer information."

This example creates a new sensitive information type rule named "Contoso Employee-Customer Confidential" that uses the document fingerprints of the files C:\My Documents\Contoso Employee Template.docx and D:\Data\Contoso Customer Template.docx.

Parameters

-Confirm

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Description

The Description parameter specifies a description for the sensitive information type rule.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Fingerprints

The Fingerprints parameter specifies the byte-encoded files to use as document fingerprints. You can use multiple document fingerprints separated by commas. For instructions on how to import documents to use as templates for fingerprints, see New-Fingerprint or the Examples section.

Type:MultiValuedProperty
Position:Named
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Locale

The Locale parameter specifies the language that's associated with the sensitive information type rule.

Valid input for this parameter is a supported culture code value from the Microsoft .NET Framework CultureInfo class. For example, da-DK for Danish or ja-JP for Japanese. For more information, see CultureInfo Class.

You can add additional language translations to the sensitive information type rule by using the Set-DlpSensitiveInformationType cmdlet.

Type:CultureInfo
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Name

The Name parameter specifies a name for the sensitive information type rule. The value must be less than 256 characters.

The value of this parameter is used in the Policy Tip that's presented to users in Outlook on the web.

Type:String
Position:1
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-WhatIf

The WhatIf switch doesn't work in Security & Compliance Center PowerShell.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center

Inputs

Outputs