How to set up a DLP audit in Mimecast?

Mimecast has good Data Loss Prevention tools built into the platform using Content Examination policies. There are several flexible ways to find content including regex, however, we recommend using the Mimecast prebuilt “entities.” These entities are easy to implement and consist of validation checks to help avoid false positives with your DLP.

A good place to start with DLP is to simply set up an audit to observe what content you can find, without taking restrictive action on it. We call this an audit for the DLP object we are looking for.

An example using a free entity is detecting credit cards. In your definition word/phrase match you simply need to include “1 detect creditcard” and use policy override options to include smart tags. You then create a policy utilizing the definition.

To create smart tags  you need to go to archive>smart tags and create a folder where the tagged email will sort to and it needs to be done before you can successfully create the definition.

After collecting data for some time you now will want to observe the results and decide what bypasses to create, what actions can be taken, and understand fully the compliance or data situation.

If you need help setting up and understanding DLP in Mimecast just let us know!