As a customer facing company, we regularly receive booking-related emails from customers and partners that contain Personally Identifiable Information (PII) such as passport numbers, ID documents, and travel itineraries.

To prevent external data leakage, we’ve implemented Netskope DLP to monitor outgoing emails for PII. However, we’re facing a challenge:

When our employees reply to incoming emails (even without including any PII in their response), Netskope DLP still quarantines those replies. This is because it detects the original PII from the customer’s message in the reply thread.

We want to understand if there’s a way to configure DLP policies so that it only quarantines emails that are originated internally and contain PII, and not block replies to incoming messages that happen to include previously received PII.

Is there a solution or best practice to achieve this behavior?