Sending an E-Mail with Social Security Number(s) in Outlook to an Internal Recipient

Issue/Question

What happens when I send an e-mail containing Social Security Number(s) to an e-mail address?

Environment

• Microsoft Information Protection
• Outlook
• Outlook 365 (web version)

Resolution

Expected behavior for detected SSN(s) with internal recipient(s) (any @macomb.edu address). 

• When writing an e-mail message that contains at least one Social Security Number to another Macomb e-mail address, a tool tip will appear. 

 Note: This example is using randomly generated test Social Security Numbers. 

• If you must send an e-mail with SSNs to another Macomb e-mail address, change the Sensitivity label to Secret so that the message is encrypted and the contents of the e-mail cannot be forwarded, printed, or copied. Only the recipient(s) of the e-mail will be able to open the message. 

• To verify the Sensitivity label has been changed, a notification will appear under the Policy Tip. There will also be a green check mark next to the label in the Sensitivity label drop down. 

• A notification e-mail is then received from Microsoft Outlook postmaster@Macombedu.onmicrosoft.com. The purpose of the notification e-mail is to let the sender know that they just sent an e-mail that contains SSN(s) and the contents have automatically been encrypted. The e-mail that matched against this policy will be in this e-mail as an attachment. 

• The Macomb recipient(s) will receive the encrypted message, and will not be able to forward, print, or copy the contents of the e-mail. The user that granted the permissions (who sent the e-mail) will be listed. 

How to manually override a false positive Social Security Number 

• If the e-mail has been wrongly classified as having a Social Security Number, you can report it as a false positive. 
• Under the policy tip, select override. 

• Once clicked, the tool tip will change to verify that it has been reported.