Forum Discussion

Evangelix365's avatar
Evangelix365
Copper Contributor
Oct 10, 2024

Endpoint DLP not blocking File Explorer?

hi,

 

scenario: M365 E5

I want to block encrypted files upload via Files Explorer to network locations, eg. ftp://

I have setup Endpoint Device DLP rule to catch encrypted files.

It is applied to the device.

I then copy an encrypted file, eg. 7z in one tab (W11) and past to ftp:// - local or internet - the file is not blocked from uploading.

How do I block such scenario? I do not want to mange outbound firewall. I have only Microsoft Defenders (MDE, MCAS, etc.), no other proxies etc.

 

Btw.

this works through Edge browser but why upload through the browser (which is blocked) if you can upload through files explorer,

and the system won't switch ftp to Edge automatically - which would be an option but there is no proper way know to me to configure such switch programmatically (it is part of Control Panel > IE settings, registry HKCU, itp. nightmares)

No RepliesBe the first to reply