Forum Discussion
Afsar_Shariff
Apr 25, 2023Brass Contributor
DLP policy using File Type as condition to block copy to removable usb device
Hello all, Kindly advice what are the exact steps to create the policy to block/audit users while copying and pasting data removable device using file type as condition. Currently I have created ...
miller34mike
May 24, 2023Microsoft
Here are the steps I would recommend, and have used them myself in the past to create this policy, which worked successfully:
- Login here:
- Create a new policy > set the category and template both to custom
- Set the locations to Devices only
- Set user or group specific inclusions as needed
- Create a new custom rule > set the condition to File Type is and choose from the options provided.
- Configure the Actions to "Audit or restrict activities on devices"
- Specifically set the "Copy to a removeable USB device" setting to Block or Block with override
- Disable the others or leave them enabled if you wish, this will not impact the USB control though
- Set any other options such as policy tips or alert settings within the rule as desired
- Save the policy but make sure it is set to "On"
- Allow at least 1 hour for the policy to replicate, but note that it can take up to 24 hours
- Make sure the device you're using is fully onboarded to Microsoft purview and you're logging in to the device with an identity included in the scope of the policy (set on the locations tab)
- Check onboarded devices here: Device onboarding - Microsoft Purview
ItsKJ11
Aug 02, 2024Copper Contributor
Great instructions, can’t wait to give it a try.