Jaa


Configure conditions for key communication compliance scenarios

Important

Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory compliance (for example, SEC or FINRA) and business conduct violations such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.

This article provides multiple examples of creating conditions with the condition builder in Microsoft Purview Communication Compliance. Use the examples for your own scenarios and modify as needed for your organization.

For general information on creating conditions for communication compliance policies, see Choose conditions for your communication compliance policies.

Data security examples

Example 1:

Detect all communications sent outside of Contoso.com that contain patterns detected by the Insiders sensitive info type OR that include any of these keywords:

  • "confidential"
  • "top secret"
  • "Project Sparta"
  • "GenAI"

Communication compliance condition builder example 1.

Example 2:

Detect all communications coming from outside or sent outside contoso.com that contains patterns detected by the Insiders sensitive info type.

Communication compliance condition builder example 2.

Example 3:

Proactively detect sharing of secret keys and passwords outside of contoso.com.

Communication compliance condition builder example 3.

Example 4:

Detect Teams phishing requests sent as multifactor authentication requests by using the Phishing Patterns sensitive info type.

Communication compliance condition builder example 4.

Example 5:

Analyze all messages coming from the stateactor1.com, stateactor2.com, and stateactor3.com domains OR messages containing these keywords:

  • recruit
  • payment for your services
  • good offer
  • hiring, recruitment

Communication compliance condition builder example 5.

Example 6:

Analyze specific emails sent to external domains by detecting patterns using the Personal sensitive info type, but ignore specific keywords.

Communication compliance condition builder example 6.

Example 7:

Analyze and view all emails sent to personal email accounts.

Communication compliance condition builder example 7.

Business conduct examples

Example 1:

Detect inappropriate content sent in messages by using the Sexual, Violence, Hate, and Self-harm trainable classifiers OR by using a curated keyword dictionary.

Communication compliance condition builder example 8.

Example 2:

Detect threats and harassment addressed to Contoso's key executives by using the Targeted Harassment, Threat, and Hate trainable classifiers.

Communication compliance condition builder example 9.

Example 3:

Detect all messages that contain patterns detected by the ABA Routing Number, Credit Card Number, U.S. Bank Account Number, U.S. Individual Taxpayer Identification Number (ITIN), and U.S. Social Security Number (SSN) sensitive information types sent by any user, but not sent to or sent by the Finance Team.

Communication compliance condition builder example 10.

See also