Forum Widgets
Latest Discussions
Purview -> DLP -> Settings -> Endpoint DLP Settings
I have configured Browser and Domain Restrictions to sensitive data, with a condition as a sensitivity label. I used the Allow for a whitelist for sites, and all others should be blocked. I created and assigned a DLP. I assigned the DLP to sharepoint/Onedrive/devices, allsites/all users&groups/all users&groups. The sensitivity label is published\assigned. But it is not blocking the web sites. What am I missing? My understanding is that DLP policies should inherit the DLP settings by default. I cannot seem to 'on-board' devices in Purview. As it is greyed out. I have MS Business Premium, which includes MS Defender for Business, MS InTune.
Custom colors for Sensitivity Label's content marking in Purview
We have implemented Sensitivity labels at our org, which also contains content markings for each label. But Microsoft Purview Compliance Portal only allows us to choose from Black, Yellow, Blue, Green and Red. But I want to choose Amber or Orange as color for content marking. How do I do that?
How to use Microsoft Purview to scan data in Fabric Lake House
We are exploring Microsoft Fabric for our data analytics and reporting. Some concerns relate to the protection and security of sensitive data (e.g., PII). I've connected my Microsoft Fabric to Purview and have all assets in my Fabric tenant scanned. They don't seem to give me any data. Instead, the scanned list contains Lake House, Pipeline, and Power BI datasets. How can I scan data in my Fabric Lakehouse and/or Power BI dataset?
Purview endpoint DLP cant block file upload to web.whatsapp on open in app mode chrome browser MacOS
we are using purview endpoint DLP to block file upload to web.whatsapp.com on browser for MacOS. its working fine on chrome browser when i try dirrectly upload file contain ssn pattern and its blocked by purview but if we upload using open in app mode (pwa) purview cant detect that activity and file is uploaded to web whatsapp susscessfully. try to upload senstive file to web.whatsapp.com from chrome browser and its blocked. but when i try to use "open in app" mode (pwa) dlp purview cant detect the sensitive upload to web.whatsapp.com how to detect and block file uploaded to unwanted url if user using pwa especially on chrome browser? try the same scenario on edge, purview able to detect pwa and can intercept the activity but why in chrome its not the same behaviour expected.
"Purview DLP policy is not working as expected."
I am creating a DLP policy with the following configurations: A new policy applied to devices was generated. --SCOPE Devices --USERS DLP_TEST --A rule is created: DLP_TEST_APPSBLOCK --THE FOLLOWING CONDITIONS ARE ADDED Document could not be scanned Document did not complete analysis File type is: Word Processing Spreadsheet Presentation Archive Mail File extension is: py txt HTML --THE FOLLOWING ACTIONS ARE ADDED Application groups: DLP_TEST_APPS Copy to clipboard: Block Print: Block Copy to USB: Block Copy to shared network resource: Block --APPLICATIONS NOT IN THE SHARED APPLICATION GROUPS Configuration: Block with override --NOTIFICATIONS Use notifications to inform users and properly teach them about sensitive information: Enabled ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ In restricted applications, even though I have blocked everything, it still allows me to attach documents from WhatsApp. Although it prevents copying or dragging, I can always upload documents, which should not happen. This is just a test, but I would like to know what is happening and how I can solve it
DLP Policy Rule "U.S. Physical Address" exclusion
We have the built in Sensitive Info Type "U.S. Physical Address" in our Default HR & Privacy Info Protection Policy in simulation. This is set to the location of just Exchange Email only. Everyone in the company has our physical address in their email signature. This combination keeps triggering alerts even if I set the instance count to something like 3. I've asked Co-Pilot for instructions to create an exclusion where I can enter our physical address to be ignored but the instructions always mention options that don't exist in the rule edit screen. I see online people asking for signatures to be ignored but the response is they can't be. Am I doomed to ask all staff to remove their signature, remove this SIT altogether, or just let the Action of "encrypt email messages" proceed and have our organization look the fool for encrypting every email sent outside the organization? Anyone know how to tell Purview to ignore your own physical address?Suppress Alerting to Endpoint DLP Printing on "Print to PDF".
Is there a way to configure an Endpoint DLP policy for Printing to NOT alert on "Print to File" events primarily Print to PDf's. For example print events where the target name are "Microsoft Print to PDF" or "Adobe PDF"? I understand you can create Printer groups, but there is no way to use as a condition when creating DLP rule.
AADSTS50020: protected PDF issue for external users
I have been recently (don't know when it was started) observed getting error from protected PDF (sensitivity label with user defined permission) file while trying to open that pdf via AIP viewer mobile app (Android/iOS) AS external user (who has permission to open/view). No issue with Office file types protected. external (not internal, not guest) user (currently testing with gmail.com account, other O365 tenant user) getting error as attached from AIP view mobile app. We do have AIP excluded at conditional access policy which helped so far to avoid this problem for external users. Is there been any recent change in behavior around user defined protected PDF? Since user having problem is external, have no clue where to look for log and start investigation. Error code: AADSTS50020
Lockdown owerApps HTTP Conector
I have been asked to apply data security control over the PowerApps HTTP connector by either whitelisting the URI that it can access or applying block control based on content inspection. Can that be done using Defender for Cloud Apps, Purview Compliance DLP or another product? thanks Graham
