Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Include or Exclude a User Group from DLP Policy

Including or excluding a User Group is a powerful way to apply a policy to your deployment. For example, you could do this when you need to include or exclude a finance group from attaching financial information.

In policies, Exclude always takes precedence over Include. If you accidentally try to add a User Group to both Include and Exclude, you will see a message asking you to choose one or the other.

To include or exclude a User Group from a DLP policy:

  1. Go to Policy > DLP Policies > DLP Policies.
  2. Under Actions > Sanctioned Policy > Create New Policy, or click the name of an existing policy to edit it.
  3. On the Descriptions page:
    • Enter a Name for the policy and an optional Description.
    • Deployment Type. Select API, Lightning Link, or Reverse Proxy.
    • Select Service Instances the policy should apply to. 
  4. Under User Groups, for Include All User Groups, click Edit and select from the list. 
  5. Click Done
  6. To exclude User Groups, click Add Exclusions and select from the list. 
    User Groups.png
  7. Click Done
  8. Follow the wizard to enter selections for the Rules and Exceptions page, then Review and save your policy. For details see, Create or Edit a Sanctioned DLP Policy
  • Was this article helpful?