Email Data Protection Service Best Practices
search cancel

Email Data Protection Service Best Practices


Article ID: 179084


Updated On:




The Email Data Protection service enables you to control the flow of email content for your inbound and outbound email. The polices that you define for Email Data Protection assist in monitoring and controlling your company's acceptable use policy.


The following best practices will help you to craft policies that will enable you to take full advantage of the service.

  • Policy Simplicity: Aim for straightforward and exact policies. When filtering for content with multiple parameters, create separate policies. This simplifies future troubleshooting without interfering with the functionality of complex, singular policies.
  • Policy Activation Timing: Strategically activate policies during non-business hours, especially if they impact multiple groups or a large user base to avoid disrupting workflows.
  • Policy Testing: Before global application, rigorously test policies on select groups or users to ensure they work as intended without wide-scale issues.
  • Template Use: When utilizing templates, diligently update each field to make sure the policy is accurately detecting the specific content you’re targeting.
  • Administrator Email Exception: Remember that administrator email addresses are excluded from Email Data Protection scans. Policies will not apply to any email address designated as an administrator in any Data Protection policy, which is an intentional design without a workaround.
  • Policy Propagation Time: Keep in mind that all alterations to Data Protection policies need approximately 1 hour to become effective, considering propagation time when modifying policies.
  • Regular Expression Creation: Exercise caution in crafting regular expressions. While we don’t troubleshoot underperforming regular expressions, you can request creation assistance from Support to meet specific requirements.
  • Initial Policy Set-Up Recommendation: Initially, consider establishing four policies to log various email content aspects:
    • Log inbound emails over 2 MB
    • Log outbound profanities
    • Block inbound emails over 10 MB
    • Log inbound and outbound audio and video files

Once you've grasped the types of emails detected, you may confidently block some and redirect others.

Common policies are provided below, but remember every organization is unique. Ensure you comprehend your business requirements before setting up any example rules. Thereafter, align your email security policy accordingly

Common Email Data Protection Policies

You can use our predefined policy templates as a starting point, to address specific regulatory requirements.



Block emails over 25 MB

Reduces the size of emails coming into the organization to save bandwidth. All emails over 25 MB can be blocked and deleted. You can send notifications to all parties.

Redirect emails to/from suspicious domains

Monitors emails coming from or going out to competitors' domains, restricting the passing on of intellectual property and poaching of employees.

Monitor profanity outbound

Protects the organization's brand and reputation. For example, you can prevent an employee from sending out an email containing slander to a friend.

Redirect encrypted or password-protected mail

Enables you to monitor and control who sends and receives encrypted or password-protected messages.

Compress emails of between 10 MB and 25 MB

Reduces the bandwidth that is taken up by large messages coming into the organization.


Additional Information

See About policies and Email Data Protection

See Creating an Email Data Protection policy - process overview