Data loss prevention (DLP) policies are processed in a specific order. This process is called policy precedence. The policy with the lowest priority number is processed first. The first rule is configured as a priority “0” by default, the next one as “1”, and so on. In this post, I want to show you how to change Data loss prevention (DLP) policies priority to ensure your policies are processed according to your needs.

Important: Keep in mind to always prioritize policies with less restrictive actions below more restrictive policies.

PowerShell Workaround

First, you need to ensure the Exchange Online PowerShell V2 module is installed on your computer and then imported into your Powershell session. To do that, you should use the following commands.

Once you have imported the module, you are ready to start.

Connect to Security & Compliance Center PowerShell in a Microsoft 365

The easiest way to get started is to log in interactively at the command line. Replace <UPN> with your account in user principal name format.

Check current priority

To obtain the list of DLP policies and the order assigned to each, you should use the Get-DlpCompliancePolicy cmdlet with the following syntax.

Get-DlpCompliancePolicy

Change DLP policies priority

To change the priority of a DLP policy, you should use the Set-DLPCompliancePolicy cmdlet with the following syntax.

Set-DLPCompliancePolicy

Microsoft 365 Compliance center

If you prefer to use the Microsoft 365 Compliance center portal, log in to the portal with your global administrator account or Compliance Administrator account and select the Data loss prevention at the left menu. Once there, go to Policies -> Select the three vertical dots behind the name of the policy and finally select Move to bottom or Move Down to change the policy order.

Thanks for reading my post. I hope you find it helpful.

If you want to learn more about Data loss prevention (DLP) policies, check out this link.