I'm starting to roll out more policies in DLP, I was wondering if you would be willing to share naming conventions or patterns that you use to keep the policies organized.
I haphazardly use these now (pipe | used to seperate fields):
Law/Policy | email/web | use O365? | Detect/Block
i used to define polci naming rule in the following way
- Population scope : especially when DLP is deployed for companies with many branches across the world
- Leakage channel covered by the policy (mail, web, endpoint, cloud, discover,....)
- remediation action in place in the policy (blocking, quarantine, monitoring, encryption,....)
- policy label (short description of use case / law / regulation covered by this policy)
I usually used _ as fields separator as it is more "readable" (at least fro mmy point of view).
For the first three parameters i used acronyms or short version of value in ordert to keep policy name as short as possible, because if not name are splitted in DLP UI which made them less readable and manageable.