Forum Discussion
Purview -> DLP -> Settings -> Endpoint DLP Settings
Purview DLP is not working - it will not block sites based off of DLP or MIP (microsoft information protection?)
Information Protection - I have created sensitivity labels and published. Reaching the data - I can see the label on the data.
Tied the Sensitivity labels as the condition to DLP policy. I have set DLP up in "Browser and Domain Restrictions to sensitive data" with list of Allow sites, which is supposed to only allow those sites and block all others. This should be pushed to all DLP policies as it is in the DLP settings.
Nothing is getting blocked when i upload the data to google drive for instance. What am I missing?
In defender portal I can see on the device that it is not getting the DLP policy.
Contacting support\sales of Microsoft they tell me I need additional licensing, that is why it is greyed out and why the DLP settings are not going to device. They instructed me to purchase the Defender for Endpoint license, which they told me would fix this issues. Needless to say it did not fix the issue.
Please share if you are referring to another way to block data from being uploaded to sites and apps via Purview. Or if you know why it is not sync'ing or how to sync. Anything to help. Frustrating as support and sales do not seem to know what is what.
Can you share full screenshot of the endpoint DLP section learnazure_ad, Microsoft Purview compliance portal, navigate to Data loss prevention > Overview > Data loss prevention settings > Endpoint settings. Also Sign in to the purview > Settings (gear icon in the upper right hand corner) > Device onboarding > Devices., or in your bottom at compliance center go to settings, endpoint DLP, Device onboarding. I also suggest creating Endpoint DLP rule under Data Loss Prevention > Create Rule > Select Endpoint as the option --> If fails share me details on that. I think you receive this DLP Policy sync not updated due to that. However, you need Compliance licenses. Share the Details then let's try to resolve this matter.😊
Hi learnazure_ad good day, based on this information it looks like your endpoint onboarding is grayed out. means you cannot use Endpoint DLP capability. In order to use this feature you need to have one of these licenses. 1. Compliance license like M365 Et5, Information Protection and Governance E5, Etc. Please confirm if it is available. If you do not have Compliance License like Information Protection and Governance E5, you will not be able to continue with these features. just to check the finals, would you be able to share the licenses, from admin console, redact sensitive information. Alternatively, you can request Trial license from Microsoft compliance portal or your local Microsoft partner.
When you say DLP create rule in policy? I have a policy created and end point selected, and the sensitivity label as the rule\condition (mentioned earlier). Nothing is being enforced.
DLP settings in Purview
only edge is allowed browser
^ 24 sites allowed, all others should be blocked.
Devices in Purview (greyed out)
Onboarding in Purview (greyed out)
DLP policy to Device and the rule. Not working.