Endpoint DLP not blocking File Explorer?
hi,
scenario: M365 E5
I want to block encrypted files upload via Files Explorer to network locations, eg. ftp://
I have setup Endpoint Device DLP rule to catch encrypted files.
It is applied to the device.
I then copy an encrypted file, eg. 7z in one tab (W11) and past to ftp:// - local or internet - the file is not blocked from uploading.
How do I block such scenario? I do not want to mange outbound firewall. I have only Microsoft Defenders (MDE, MCAS, etc.), no other proxies etc.
Btw.
this works through Edge browser but why upload through the browser (which is blocked) if you can upload through files explorer,
and the system won't switch ftp to Edge automatically - which would be an option but there is no proper way know to me to configure such switch programmatically (it is part of Control Panel > IE settings, registry HKCU, itp. nightmares)