Forum Widgets
Latest Discussions
Purview -> DLP -> Settings -> Endpoint DLP Settings
I have configured Browser and Domain Restrictions to sensitive data, with a condition as a sensitivity label. I used the Allow for a whitelist for sites, and all others should be blocked. I created and assigned a DLP. I assigned the DLP to sharepoint/Onedrive/devices, allsites/all users&groups/all users&groups. The sensitivity label is published\assigned. But it is not blocking the web sites. What am I missing? My understanding is that DLP policies should inherit the DLP settings by default. I cannot seem to 'on-board' devices in Purview. As it is greyed out. I have MS Business Premium, which includes MS Defender for Business, MS InTune.
How to use Microsoft Purview to scan data in Fabric Lake House
We are exploring Microsoft Fabric for our data analytics and reporting. Some concerns relate to the protection and security of sensitive data (e.g., PII). I've connected my Microsoft Fabric to Purview and have all assets in my Fabric tenant scanned. They don't seem to give me any data. Instead, the scanned list contains Lake House, Pipeline, and Power BI datasets. How can I scan data in my Fabric Lakehouse and/or Power BI dataset?
Custom colors for Sensitivity Label's content marking in Purview
We have implemented Sensitivity labels at our org, which also contains content markings for each label. But Microsoft Purview Compliance Portal only allows us to choose from Black, Yellow, Blue, Green and Red. But I want to choose Amber or Orange as color for content marking. How do I do that?
Lockdown owerApps HTTP Conector
I have been asked to apply data security control over the PowerApps HTTP connector by either whitelisting the URI that it can access or applying block control based on content inspection. Can that be done using Defender for Cloud Apps, Purview Compliance DLP or another product? thanks Graham
"Purview DLP policy is not working as expected."
I am creating a DLP policy with the following configurations: A new policy applied to devices was generated. --SCOPE Devices --USERS DLP_TEST --A rule is created: DLP_TEST_APPSBLOCK --THE FOLLOWING CONDITIONS ARE ADDED Document could not be scanned Document did not complete analysis File type is: Word Processing Spreadsheet Presentation Archive Mail File extension is: py txt HTML --THE FOLLOWING ACTIONS ARE ADDED Application groups: DLP_TEST_APPS Copy to clipboard: Block Print: Block Copy to USB: Block Copy to shared network resource: Block --APPLICATIONS NOT IN THE SHARED APPLICATION GROUPS Configuration: Block with override --NOTIFICATIONS Use notifications to inform users and properly teach them about sensitive information: Enabled ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ In restricted applications, even though I have blocked everything, it still allows me to attach documents from WhatsApp. Although it prevents copying or dragging, I can always upload documents, which should not happen. This is just a test, but I would like to know what is happening and how I can solve itSuppress Alerting to Endpoint DLP Printing on "Print to PDF".
Is there a way to configure an Endpoint DLP policy for Printing to NOT alert on "Print to File" events primarily Print to PDf's. For example print events where the target name are "Microsoft Print to PDF" or "Adobe PDF"? I understand you can create Printer groups, but there is no way to use as a condition when creating DLP rule.How do I exclude certain part of email from being scanned?
Hi there, I have enabled client-side auto Sensitivity labelling for emails in a tenant for PII detection using pre-built SIT & Trainable Classifiers. However, the issue is that the Email signature automatically makes the check true and applies the label automatically, which I want to avoid. Is there a way for me to exclude the signature part of the email from being excluded?
DLP Policy Rule "U.S. Physical Address" exclusion
We have the built in Sensitive Info Type "U.S. Physical Address" in our Default HR & Privacy Info Protection Policy in simulation. This is set to the location of just Exchange Email only. Everyone in the company has our physical address in their email signature. This combination keeps triggering alerts even if I set the instance count to something like 3. I've asked Co-Pilot for instructions to create an exclusion where I can enter our physical address to be ignored but the instructions always mention options that don't exist in the rule edit screen. I see online people asking for signatures to be ignored but the response is they can't be. Am I doomed to ask all staff to remove their signature, remove this SIT altogether, or just let the Action of "encrypt email messages" proceed and have our organization look the fool for encrypting every email sent outside the organization? Anyone know how to tell Purview to ignore your own physical address?
