Summary
This technical tutorial explains the three fundamental components that form the foundation of data loss prevention policy in Zscaler Internet Access. DLP dictionaries define the content to protect through pattern matching and confidence scoring, ranging from low confidence pattern detection to high confidence phrase-proximity combinations. DLP engines combine multiple dictionaries with logical operators and match counts to create sophisticated detection criteria, supporting advanced features like sub-expressions and exclusions. Finally, DLP policy ties engines to actions—allow, block, or user confirmation—enabling granular control over data protection decisions. The video demonstrates how these building blocks work together through practical examples, including integration with Microsoft Purview Information Protection labels, exact data matching using CSV-based indexing, and index document matching for form detection. Organizations already using MIP labels in Microsoft 365 can import these classifications directly into Zscaler, eliminating duplicate effort while maintaining data security through hash-based matching that never exposes sensitive data to the cloud platform.
