Skip to main content
Jorge Bernhardt Jorge Bernhardt
  1. Posts/

How to change the priority of DLP policies

·368 words·2 mins· 100 views · 5 likes ·
Connect-IPPSSession Data loss prevention Data loss prevention (DLP) Get-DlpCompliancePolicy

Data loss prevention (DLP) policies are processed in a specific order. This process is called policy precedence. The policy with the lowest priority number is processed first. The first rule is configured as a priority “0” by default, the next one as “1”, and so on. In this post, I want to show you how to change Data loss prevention (DLP) policies priority to ensure your policies are processed according to your needs.

**Important: **Keep in mind to always prioritize policies with less restrictive actions below more restrictive policies.

PowerShell Workaround>

PowerShell Workaround #

First, you need to ensure the Exchange Online PowerShell V2 module is installed on your computer and then imported into your Powershell session. To do that, you should use the following commands.

Install-Module -Name ExchangeOnlineManagement
Import-Module -Name ExchangeOnlineManagement

Once you have imported the module, you are ready to start.

Connect to Security** & Compliance Center PowerShell in a Microsoft 365**>

Connect to Security** & Compliance Center PowerShell in a Microsoft 365** #

The easiest way to get started is to log in interactively at the command line. Replace  with your account in user principal name format.

Connect-IPPSSession -UserPrincipalName <UPN>
Check current priority>

Check current priority #

To obtain the list of DLP policies and the order assigned to each, you should use the Get-DlpCompliancePolicy cmdlet with the following syntax.

Get-DlpCompliancePolicy `
    | Select-Object Name,Mode,Priority


Change DLP policies priority>

Change DLP policies priority #

To change the priority of a DLP policy, you should use the Set-DLPCompliancePolicy cmdlet with the following syntax.

Set-DlpCompliancePolicy `
    -Identity "General Data Protection Regulation (GDPR)" `
    -Priority 1


Microsoft 365 Compliance center>

Microsoft 365 Compliance center #

If you prefer to use the Microsoft 365 Compliance center portal, log in to the portal with your global administrator account or Compliance Administrator account and select the Data loss prevention at the left menu. Once there, go to _Policies _-> Select the three vertical dots behind the name of the policy and finally select Move to bottom or Move Down to change the policy order.

Thanks for reading my post. I hope you find it helpful.

If you want to learn more about Data loss prevention (DLP) policies, check out this link.