Forum Discussion
Purview -> DLP -> Settings -> Endpoint DLP Settings
Hi learnazure_ad learnazure_ad Thanks for clarifying, I think WIP is mostly outdated. Next solution you have is Defender for Endpoint + Microsoft Purview, In Business Premium, you have defender for business (Likely same functionality as Defender for Endpoint P2. Obviously with some limitations). However, defender comes in Business Premium is sufficient to get the defender function required. Your website blocking based on sensitive data, as I said you need Information Protection and Governance E5, which provide Endpoint DLP capability. If we drilled down to website blocking when sensitive data available, 1. We can block uploading data to a external website 2. Block website if required, This require purview browser extension and purview endpoint DLP capability. Your "mixed license" scenario does not apply as Defender for Business is sufficient to work on your scenario. There is another scenario where as we call WCF, web content filtering based on categories such as Gambling, Gaming etc. you can achieve that functionality through Defender for Business.
- We can block uploading data to a external website - Yes i can block specific websites via Defender portal > Settings > Endpoints > Rules\Indicators > URLs\Domains\IP's\etc.
But this does not give me the whitelist or block. I have to explicitly set the site, leaving any sites that are not blocked as allowed. Not very helpful to blanket block all then have a allowed list of sites. If there is something I am missing please let me know.
2. WCF - not great. General headings (Gambling\Social Media\etc) without knowing what sites it deems to block is not very helpful and will cause problems down the line, as it has in testing.
Ultimately I am getting that to move from WIP which is deprecated in latest Win11 release, which allows everything that i want. Is only supported for all features in E5. Which is 2x the cost of Business Premium and needs the additional license for Teams as that is not included.
- We can block uploading data to a external website - Yes i can block specific websites via Defender portal > Settings > Endpoints > Rules\Indicators > URLs\Domains\IP's\etc. ( This blocking is not based on content you upload. If your user uploads content like credit card number, purview DLP can block just that. All other data can be uploaded. 2. You can still block websites from purview DLP, talking from compliance perspective, Purview MIP and DLP is way to go. Below are some use cases, sensitive data redacted purposefully.
Purview DLP is not working - it will not block sites based off of DLP or MIP (microsoft information protection?)
Information Protection - I have created sensitivity labels and published. Reaching the data - I can see the label on the data.
Tied the Sensitivity labels as the condition to DLP policy. I have set DLP up in "Browser and Domain Restrictions to sensitive data" with list of Allow sites, which is supposed to only allow those sites and block all others. This should be pushed to all DLP policies as it is in the DLP settings.
Nothing is getting blocked when i upload the data to google drive for instance. What am I missing?In defender portal I can see on the device that it is not getting the DLP policy.
Contacting support\sales of Microsoft they tell me I need additional licensing, that is why it is greyed out and why the DLP settings are not going to device. They instructed me to purchase the Defender for Endpoint license, which they told me would fix this issues. Needless to say it did not fix the issue.
Please share if you are referring to another way to block data from being uploaded to sites and apps via Purview. Or if you know why it is not sync'ing or how to sync. Anything to help. Frustrating as support and sales do not seem to know what is what.
Can you share full screenshot of the endpoint DLP section learnazure_ad, Microsoft Purview compliance portal, navigate to Data loss prevention > Overview > Data loss prevention settings > Endpoint settings. Also Sign in to the purview > Settings (gear icon in the upper right hand corner) > Device onboarding > Devices., or in your bottom at compliance center go to settings, endpoint DLP, Device onboarding. I also suggest creating Endpoint DLP rule under Data Loss Prevention > Create Rule > Select Endpoint as the option --> If fails share me details on that. I think you receive this DLP Policy sync not updated due to that. However, you need Compliance licenses. Share the Details then let's try to resolve this matter.😊
- We can block uploading data to a external website - Yes i can block specific websites via Defender portal > Settings > Endpoints > Rules\Indicators > URLs\Domains\IP's\etc. ( This blocking is not based on content you upload. If your user uploads content like credit card number, purview DLP can block just that. All other data can be uploaded. 2. You can still block websites from purview DLP, talking from compliance perspective, Purview MIP and DLP is way to go. Below are some use cases, sensitive data redacted purposefully.