使用敏感度標籤作為 DLP 原則中的條件 (預覽)Use sensitivity labels as conditions in DLP policies (preview)

針對這些位置,您可以在 DLP 原則中使用敏感度標籤做為條件:You can use sensitivity labels as a condition in DLP policies for these location:

  • Exchange Online 電子郵件Exchange Online email messages
  • SharePoint OnlineSharePoint Online
  • 商務用 OneDrive 網站OneDrive for Business sites
  • Windows 10 裝置Windows 10 devices

敏感度標籤會顯示為內容包含清單的選項。Sensitivity labels appear as an option in the Content contains list.

敏感度標籤做為條件sensitivity label as a condition

重要

若您選取 Teams 聊天和頻道訊息 為套用 DLP 原則的位置,將無法以 敏感度標籤 做為條件。Sensitivity Labels as a condition will not be available if you have selected Teams chat and channel messages as a location to apply the DLP policy.

支援的項目、案例和原則提示Supported items, scenarios, and policy tips

您可以針對這些項目使用敏感度標籤做為條件,並在這些案例中使用。You can use sensitivity labels as conditions on these items and in these scenarios.

不支援的項目Supported items

服務Service 項目類型Item type 可用於原則提示Available to policy tip 強制Enforceable
ExchangeExchange 電子郵件email message yes yes
ExchangeExchange 電子郵件附件email attachment 否 *no * 否 *no *
SharePoint OnlineSharePoint Online SharePoint Online 中的項目items in SharePoint Online yes yes
商務用 OneDriveOneDrive for Business 項目items yes yes
TeamsTeams Teams 和頻道訊息Teams and channel messages 不適用not applicable 不適用not applicable
TeamsTeams 附件attachments 是 **yes ** 是 **yes **
Windows 10 裝置 (預覽)Windows 10 devices (preview) 項目items yes yes
MCAS (預覽)MCAS (preview) 項目items yes yes

* 支援電子郵件上敏感度標籤的 DLP 偵測。* DLP detection of sensitivity labels on emails are supported. 不支援標示敏感度電子郵件附件的 DLP 偵測。DLP detection of sensitivity labeled email attachments are not.

** 在 Teams 中透過 1 對 1 聊天或頻道傳送的附件,會自動上傳至 [商務用 OneDrive] 和 SharePoint。** Attachments sent in Teams over 1:1 chat or channels are automatically uploaded to OneDrive for Business and SharePoint. 因此,如果將 SharePoint Online 或 [商務用 OneDrive] 包含在您的 DLP 原則做為位置,則會在此條件的範圍中會自動包含於 Teams 中傳送的已標示附件。So if SharePoint Online or OneDrive for Business are included as locations in your DLP policy, then labeled attachments sent in Teams will be automatically included in the scope of this condition. 您不需要在 DLP 原則中選取 Teams 做為位置。Teams as a location does not need to be selected in the DLP policy.

支援的案例Supported scenarios

  • 選擇要將一或多個敏感度標籤做為條件時,DLP 系統管理員將看到租用戶中所有敏感度標籤的清單。DLP Admin will be able to see a list of all sensitivity labels in the tenant when they choose to include one or more sensitivity labels as a condition.

  • 如上前述的支援矩陣中所指出,所有工作負載均支援使用敏感度標籤做為條件。Using sensitivity labels as a condition is supported across all workloads as indicated in the support matrix above.

  • 針對包含敏感度標籤做為條件的 DLP 原則,DLP 原則提示將持續針對各工作負載 (Outlook Win32 除外) 顯示。DLP policy tips will continue to be shown across workloads (except Outlook Win32) for DLP policies which contain sensitivity label as a condition.

  • 如果比對到使用敏感度標籤做為條件的 DLP 原則,則敏感度標籤也會隨著事件報告電子郵件顯示。Sensitivity labels will also appear as a part of the incident report email if a DLP policy with sensitivity label as a condition is matched.

  • 也會在包含敏感度標籤做為條件的符合 DLP 原則比對的 DLP 規則稽核記錄中顯示敏感度標籤詳細資料。Sensitivity label details will also be shown in the DLP rule match audit log for a DLP policy match which contains sensitivity label as a condition.

支援原則提示Support policy tips

工作負載Workload 支援/不支援的原則提示Policy tips supported/not supported
OWAOWA 支援supported
Outlook Win 32Outlook Win 32 不支援not supported
SharePointSharePoint 支援supported
商務用 OneDriveOneDrive for Business 支援supported
端點裝置endpoint devices 不支援not supported