Add allowed and trusted domains

You specify domains so that you can list browser and email addresses that you trust to safely upload files to. After you add domains, you will need to enable them to be used in the information protection policies. When you specify an allowed domain for a policy, that domain will not trigger any policy violations when it is scanned for sensitive file uploads if the domain has been validated against an added certificate and become a trusted domain. If you don't specify any domains in the information protection settings or add any domains for use in your policies, all domains will be treated as untrusted.
Note:
  • All USB device domains are considered as untrusted.
  • After you specify an allowed domain, any subdomains will also be considered as allowed as long as their trusted certificates are added.
Verify that you have upload a trusted certificate. For a domain to be considered as trusted, a trusted certificate must be uploaded. If a trusted certificate is not uploaded and the allowed domain is used in a policy, it will still trigger an exfiltration event. For more information, see Verify domains using trusted certificates.
  1. In the management console, on the menu bar, click Settings > Information Protection.
  2. Click the Allowed Domains tab.
  3. To add a new browser domain, click the Add New Domain button.
  4. In the Add allowed domain dialog box, type a name and description for the domain in the text fields. Wildcard characters are not supported in the domain name field.
  5. Optionally, turn on the ability to use this domain in a policy.
  6. Click Verify to check if this domain uses an existing trusted certificate. If you have not uploaded a certificate, add the certificate now. For instructions, see Verify domains using trusted certificates.
  7. Click Add.
  8. If you would like to add a new email domain, type the domain in the Allowed Email Domains section and use a comma to separate it from the previously entered domains.

To delete an allowed domain, in the Allowed Domains list, click the check box beside the domain that you want to delete and click Delete.