Dear Customer:

The purpose of this Advisory is to inform you of a potential problem that has been recently identified with the DLP products listed below.  Please read the information provided and follow the instructions to avoid being impacted by this problem.

PRODUCT(S) AFFECTED:

Data Loss Prevention Cloud Detection Service, Data Loss Prevention Cloud Detection Service for ICAP, Data Loss Prevention Cloud Detection Service for REST, Data Loss Prevention Cloud Service for Email, and Data Loss Prevention Cloud Package

PROBLEM DESCRIPTION: 

Some policies fail to work in Cloud Detection after upgrading to DLP 16.0.

CAUSE:

Customers upgrading to DLP Enforce 16.0 may face potential detection issues with their CDS detector if the following conditions apply:

• Enforce is running DLP version 16.0 or newer.
• The CDS detector receives a policy with endpoint conditions, such as a Device ID.
• Note that this issue can affect any CDS channel; for example, Email, ICAP, REST, and so on.

WORKAROUND:

If all of the above conditions are true, the workaround is to split the policies such that endpoint conditions are not published to the cloud.

RESOLUTION:

These are possible steps for remediation:

1. Duplicate the policy with the endpoint condition.
2. Remove the endpoint condition from the duplicated policy.
3. Assign the duplicated policy to the policy group that is used by the CDS.
4. Remove the original policy from the policy group that is used by CDS.
   

Note: The original policy can continue to be used by the on-premise monitors, if applicable.

UPDATE:

A permanent fix has been applied as of May 29th 2023.

Note: You do not need to take any action. The permanent fix has been applied on the Cloud Detection Service.