Forum Discussion
To Block Entire File Upload or File transfer
I Planning to setup up DLP policy . All of our systems are joined under the Entra ID and on boarded on purview. I need to restrict the file uploading/transfer (Completely ) through any kind of platf...
Hi Binto
It is possible via endpoint DLP.
Apart from making sure that devices are onboarded to Purview, make sure that you have the Microsoft Purview extension deployed to any other supported browser, other than the native MS Edge.
Then your first step is configuring the endpoint DLP settings and your allowed Service domains (it will be easier for you to go into a whitelist and block everything else, rather than a block list)
=> (purview.microsoft.com > Settings > Data Loss Prevention > Endpoint DLP settings > expand the Browser and domain restrictions to sensitive data
Check that it says "Allow" beside Service domains and add some cloud service domains under this section:
in your case this could potentially look like the below:
-yourdomain-my.sharepoint.com
-yourdomain.sharepoint.com
-outlook.com
Once your service domains are configured within the endpoint DLP, you can then go and create your DLP policy. Once you add your condition(s), you will then be using the "Audit or restrict activities on devices"> Service domains and browser activities> 'Upload to a restricted cloud service domain or access from an unallowed browsers' condition in a block mode.
See example of what the policy may look like for you.
Hope this helps.
Any additional questions, give us a shout :)
