Can we adjust DLP policy to exclude HR shared drive?
TKT-0008
Normal
In Progress
Policy Change
- Created By
- p.thomas
- Created
- 2026-07-05 15:55
- Last Updated
- 2026-07-06 16:58
- Assigned Analyst
- James Okonkwo
- Category
- Policy Change
- Messages
- 9
Conversation
p.thomas
Customer
2026-07-05 15:55
We'd like to request a change to our security policy:
Can we adjust DLP policy to exclude HR shared drive?
Please let us know if this is feasible and what the security implications would be.
Can we adjust DLP policy to exclude HR shared drive?
Please let us know if this is feasible and what the security implications would be.
James Okonkwo
SOC Analyst
2026-07-05 17:55
We've applied the policy change you requested. It will take effect within 15 minutes across all monitored endpoints. Please let us know if you see any issues.
p.thomas
Customer
2026-07-05 18:31
We've applied the patch on our end. Can you run a verification scan?
James Okonkwo
SOC Analyst
2026-07-05 20:59
I've updated the DLP policy as requested. The HR shared drive is now excluded from the external transfer monitoring rule, but internal audit logging remains active.
p.thomas
Customer
2026-07-05 21:40
We've applied the patch on our end. Can you run a verification scan?
James Okonkwo
SOC Analyst
2026-07-05 22:35
We've applied the policy change you requested. It will take effect within 15 minutes across all monitored endpoints. Please let us know if you see any issues.
p.thomas
Customer
2026-07-06 02:05
Thanks for the quick response. Can you send me the full timeline when it's ready?
James Okonkwo
SOC Analyst
2026-07-06 03:55
I've checked with our threat intelligence team. The dark web finding is from a third-party breach, not a direct compromise. We recommend enforcing a password reset for the affected account.
p.thomas
Customer
2026-07-06 06:59
That's reassuring. Can we schedule a call to discuss the remediation steps?