Email Data Loss Prevention

As Email remains the most popular way in which the Communication happens in the Corporate World, it has also emerged as one of the biggest sources of Data Loss.  So here are the ways in which you can prevent the Data Loss via Email.

Email DLP using Exchange Plan 1:

  • Restrict certain users to send emails only to Company users.  

  • Auto Forward messages to a sender’s manager for approval 

  • Block messages with executable attachments  

  • Setup Spam Confidence levels for Incoming Emails 

  • Organization wide message disclaimers, signatures, footers  

  • Forward message that contains sensitive information 

  • Forward messages that match one of the several criteria 

  • Supervisor Mailbox.  All messages can be copied to this account or just those sent internally or externally. This feature is very useful in preventing data leakage via email. 

  • Prevent download of attachment in Browser. View only  

  • Block browser access for email. Access only on Outlook app. 

  • Monitor Email forwarding 

  • Archive mailbox – Users can use the archive mailbox, also called a personal archive, to store historical messaging data by moving or copying messages from their primary mailbox to their archive mailbox. 

  • Retention Policies – Retention policies use retention tags to apply retention settings to e-mail messages and folders. Retention tags define an age limit that specifies how long items are retained, and a retention action that specifies what happens to items that reach the retention age limit. 

  • Sensitivity Labels. We can manually create the labels and apply to Documents which will help us to prevent Data Loss. 

Email DLP using Exchange Plan 2:

  • Inactive mailbox. Retain Emails of departing Employees without using Exchange Online License 

  • Legal Hold. Here the full mailbox copy is maintained at the back end.  

Email DLP using Intune and Azure AD Premium:

Please refer to SecureIT 365 Device Management with Intune — TechGyan – Cloud Changes Everything


Also refer to  SecureIT 365 WIP — TechGyan – Cloud Changes Everything


Note that the features given here are deployed using the above Service packs


  • Remote Wipe. Wipe Corporate Data from system if it gets lost leaving personal data intact

  • Protect data through restricting the copy/ paste of corporate data within Office 365 apps only in Mobile and PCs

  • Restrict setup of Corporate apps like Outlook only.

  • Block printing organization data

  • Block screen capture

Email DLP and Disaster Recovery. This creates a copy of the emails to another Cloud Services and allows for quick recovery.

Mail backup and Disaster Recovery to another Cloud for pre-defined users.

If you wish to discuss How you can implement DLP in your Company kindly, 



Our Solutions