Skip Navigation

Add allowed and trusted domains

You specify domains so that you can list browser and email addresses that you trust to safely upload files to. After you add domains, you will need to enable them to be used in the information protection policies. When you specify an allowed domain for a policy, that domain will not trigger any policy violations when it is scanned for sensitive file uploads if the domain has been validated against an added certificate and become a trusted domain. If you don't specify any domains in the information protection settings or add any domains for use in your policies, all domains will be treated as untrusted.
  • All USB device domains are considered as untrusted.
  • After you specify an allowed domain, any subdomains will also be considered as allowed as long as their trusted certificates are added.
Verify that you have upload a trusted certificate. For a domain to be considered as trusted, a trusted certificate must be uploaded. If a trusted certificate is not uploaded and the allowed domain is used in a policy, it will still trigger an exfiltration event. For more information, see Verify domains using trusted certificates.
  1. In the management console, on the menu bar, click
    Settings > Information Protection
  2. Click the
    Allowed Domains
  3. To add a new browser domain, click the
    Add New Domain
  4. In the
    Add allowed domain
    dialog box, type a name and description for the domain in the text fields. Wildcard characters are not supported in the domain name field.
  5. Optionally, turn on the ability to use this domain in a policy.
  6. Click
    to check if this domain uses an existing trusted certificate. If you have not uploaded a certificate, add the certificate now. For instructions, see Verify domains using trusted certificates.
  7. Click
  8. If you would like to add a new email domain, type the domain in the
    Allowed Email Domains
    section and use a comma to separate it from the previously entered domains.
To delete an allowed domain, in the
Allowed Domains
list, click the check box beside the domain that you want to delete and click