Forum Discussion
DLP for SaaS Apps - Endpoint DLP/MDE + Purview Browser Extension
I need help verifying my understanding of how Purview tools control file upload/download and clipboard copy/paste actions. Here's the situation:
Goal: Block file upload/download, copy/paste of sensitive data to/from SaaS apps.
Deployment: Rolling out MDE (in Passive mode) or Endpoint DLP (Onboarding device to Purview) and the Purview browser extension for Chrome/Firefox.
My Understanding:
Copy Control: Handled by Endpoint DLP/MDE on the endpoint.
Upload/Download/Paste Control: Requires the Purview browser extension (or native browser support Edge/Safari).
Specific Question: The browser extension isn't available for macOS. I've read that MDE on macOS can handle everything (file upload/download and clipboard control). Could someone confirm if the table I've created correctly reflects this?
Summary of Clipboard (Copy/Paste) Enforcement
Operation | Windows (Onboarded) | macOS (Onboarded) | Note |
Copy to Clipboard Endpoint | Endpoint DLP Sensor | Endpoint DLP Sensor | Prevents data from reaching the clipboard |
Paste into SaaS Apps (Chrome/Firefox) | Browser Extension | Endpoint DLP Sensor | Blocks paste into SaaS apps. |
Paste into SaaS Apps (MS Edge/Safari) | Native on Edge | Native on Edge/Safari | Built-in integration; no extension needed. |