DLP-01: Enable Sensitive Data Classification
Frequently asked questions about implementing and managing the DLP-01 security control in Microsoft 365 and Entra ID.
QWhat is DLP-01 (Enable Sensitive Data Classification)?▼
DLP-01 is a security control that without data classification, you cannot protect what you cannot identify. sensitivity labels enable targeted protection policies, ensuring sensitive data receives appropriate controls regardless of where it is stored or shared. It requires that microsoft purview sensitivity labels are configured and at least 3 sensitivity levels are defined (e.g., public, internal, confidential), labels are applied to sensitive data in sharepoint and onedrive.
QWhy is Enable Sensitive Data Classification important for Microsoft 365 security?▼
Without data classification, you cannot protect what you cannot identify. Sensitivity labels enable targeted protection policies, ensuring sensitive data receives appropriate controls regardless of where it is stored or shared.
QHow do I implement DLP-01 in my tenant?▼
DLP-01 requires manual implementation. Requires Microsoft Purview license and configuration
QWhat license do I need for DLP-01?▼
This control requires Microsoft 365 E5 Compliance add-on or E5 licensing.
QWhich security baseline includes DLP-01?▼
DLP-01 is included in the Enhanced Security baseline (Level 2). This level adds stricter controls for security-conscious organizations.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial