1. Home
  2. Docs
  3. General
  4. DLP rules & policies guide
  5. Creating DLP Rules

Creating DLP Rules

Navigation

First, log in to the Trustifi web app using your admin credentials.

After logging in, navigate to the “Rules & Policies” page under the “Outbound Management” section and click on the “Rules” tab.

Creating a new rule

To open the rule creation interface, simply click on “Create New Rule”.

Follow these steps to customize the rule:

  1. Enter a name for the rule. The name can be anything you want, but it is best to make it descriptive of the rule’s purpose.
  2. Choose a condition from the “IF” drop-down menu. If this condition is met in any email sent by your users, the rule will be triggered and applied. More information about the different conditions can be found here.
  3. You can choose to add one ore more “OR” conditions. If there are multiple “OR” conditions in the rule, it will be enough to match at least one of these to trigger the rule.
  4. You can also choose to add one ore more “AND” conditions. If there are multiple “AND” conditions in the rule, emails will need to match all of them to trigger the rule.
  5. It is also possible to add one ore more exceptions to rules. Exceptions are built out exactly like “IF” conditions, and if they are met the rule will not trigger.
    Note that exceptions may also contain additional “OR” or “AND” conditions.
  6. Choose a result from the “THEN” drop-down menu. Here you choose the outcome of the rule, which will be applied if the condition is met. More information about the different results can be found here.
  7. Click on the “Add Rule” button to create the rule and add it to your rules list.
Adding multiple “AND” conditions

It is possible to add multiple conditions using the “Add Condition” button, this allows you to create complex rules that require multiple conditions to be met. You may add as many conditions as you like.

Note: It is not recommended to add many conditions to a single rule, since it makes the rule more complex and therefore less likely to be triggered.

In the example pictured above, the rule will only be applied if both conditions are met:

  • The email’s sensitivity score is equal to or above 4
  • The email contains information related to either HIPAA or GDPR compliance

If only one of these conditions is met (and not both), the rule will not be applied.

Adding “OR” conditions to a rule

You may choose to create multiple conditions to a rule, that should trigger if any one of these conditions is met. To do this, click on the “Add Or Condition” button. You may add as many of these conditions as you like.
It is not recommended to add too many such conditions to your rule, as it may cause the rule to be too easily triggered.

In the example pictured above, the rule will be triggered if any of the conditions are met:

  • The email’s sensitivity score is equal to or above 4
    OR
  • The email contains information related to credit card numbers
Adding an exception to a rule

By clicking on “Add rule exception” you can create conditions that, if met, will cause the rule to not apply to the sent email – even if the primary condition(s) are met.

You may add as many exceptions as you like.

In the example pictured above, the rule will not be applied if the email is sent to an internal recipient – even if the sensitivity condition is met.

Rules priority

If you have multiple rules under your plan, they will be applied according to their priority, which can be seen on the left column.

This means that if 2 or more rules contradict each other, or if any rule has the “Stop rules processing” action applied, the rules with the higher priority will be applied.

In the example pictured above – if an email contains the keyword #secure in the subject, it will match the 1st rule but it will not match the 2nd rule even if the conditions are met. This is because the 1st rule has the “Stop rules processing” in the “Actions to perform” list.

Note: you can change the priority of the rules at any time by dragging & dropping them.

How can we help?