What is classed as sensitive data?
  • Credit card numbers
  • Debit card numbers
  • Bank account numbers
  • National Insurance numbers
  • Passport numbers
Before sharing sensitive data, consider:

Before sharing sensitive data, consider the following:

  • What am I sharing?
  • Who am I sharing it with?
  • Why am I sharing it?
  • Do I need to share it?
Policy tip message

The policy tip message will appear when you might be sharing sensitive information with recipients who are outside the University.

IT Policies and Guidance

Find out more about IT Policies and Guidance on our SharePoint site.

What is Data Loss Prevention?

Data Loss Prevention is a system used by organisations to help protect sensitive information. It helps reduce the risk of sharing sensitive, personal data with individuals who shouldn’t have access to the information. The University has implemented Data Loss Prevention across Microsoft 365, including the following applications: Outlook, Teams, SharePoint and OneDrive.

Every organisation has the obligation to protect sensitive, personal data. To support the University’s commitment on data protection, IT Services have introduced Data Loss Prevention to Microsoft 365 applications. 

Across the University, information is stored and shared every day and this may include sensitive, personal data. When this type of data is shared, there is a risk of unauthorised individuals gaining access to it. Data Loss Prevention can help us to protect individuals data from unauthorised access.

To understand more on the University’s commitment to protecting data, please read
the Data Protection Policy.

Data Loss Prevention (DLP) is an automated scanning tool built into Microsoft 365 . It looks for specific patterns of sensitive information, like bank account numbers, passport numbers and other personally identifiable information.

If the Data Loss Prevention tool detects sensitive data being shared, it will be logged within the Microsoft DLP system. It can also raise alerts and warnings, and potentially block information from being shared.

How will Data Loss Prevention impact me?

If you share a file or information externally using Outlook, Teams, SharePoint or OneDrive you may receive a warning message called a Policy Tip. You may also receive a Data Loss Prevention Notification email. As the system is rolled out, you may need to confirm your action or provide a business justification. You may also need to provide feedback to monitor and improve the system. Anyone at the University (both staff and students) with a University IT account will have their data protected by Data Loss Prevention.

What is a policy tip message?

The policy tip message is just a warning to make you aware that the sharing of sensitive data has been detected. You will still be able to share information, however it is an opportunity to think carefully about sharing this type of content and whether it is required. Consider the following:

  • What am I sharing?
  • Who am I sharing it with?
  • Why am I sharing it?
  • Do I need to share it?

What is classed as sensitive data?

  • Credit card numbers
  • Debit card numbers
  • Bank account numbers
  • National Insurance numbers
  • Passport numbers

The policy tip message will appear once an external email address has been included and when you include sensitive data within the message. It will include the words: "This message appears to contain sensitive information. Please consider whether this information should be sent outside of University systems."

 

The policy tip will appear when you share sensitive data with an external contact. The message will appear at the top of the document. It will include the words:"This document appears to contain sensitive information. Please consider whether this information should be sent outside of University systems."