After enabling attachment compliance rules to scan for malicious file types, you notice that legitimate files needed for business operations are also getting quarantined, disrupting workflows. What is the best approach to minimize false positives in attachment compliance without reducing security measures?