ASD's Blueprint for Secure Cloud

Data Loss Prevention: Default policy for Teams

This section describes the configuration of Data Loss Prevention (DLP) policies within Microsoft Purview associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Estimated reading time: 3 minutes


NameDefault policy for Teams
DescriptionThis policy detects the presence of credit card numbers in Teams chats and channel messages. When this sensitive info is detected, admins will receive an alert but policy tips won’t be displayed to users. You can edit these actions at any time.

Admin units

Admin unitsFull directory


Exchange email
SharePoint sites
OneDrive accounts
Teams chat and channel messagesAll users and groups
On-premises repositories
Power BI workspaces

Advanced DLP rules

Default Teams DLP policy rule

NameDefault Teams DLP policy rule
DescriptionThis rule detects the presence of one or more credit card numbers. Admins will be alerted in email when 10 or more instances are detected within a 24-hour period for all users.

Content contains

Group nameDefault
Group operatorAny of these
Sensitive info types
Credit Card NumberHigh confidence
Instance count: 1 to Any


User notifications
Use notifications to inform your users and help educate them on the proper use of sensitive infoFalse
User overrides
Allow overrides from M365 servicesFalse
Incident reports
Use this severity level in admin alerts and reportsLow
Send an alter to admins when a rule match occurs
Use email incident reports to notify you when a policy match occursChecked
Send notifications to these peopleSiteAdmin
You can also include the following information in the report:
The name of the person who last modified the contentChecked
The types of sensitive content that matched the ruleChecked
The rule’s severity levelChecked
The content that matched the rule, including the surrounding textNot checked
The item containing the content that matched the ruleNot checked
Additional options
If there’s a match for this rule, stop processing additional DLP policies and rulesNot checked

Policy mode

Policy modeTurn the policy on immediately

Security & Governance

  • None identified


  • None identified


  • None identified


  • None identified

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra