Forum Discussion

vicwingsing's avatar
vicwingsing
Brass Contributor
May 18, 2024

Guide: Building a Policy to restrict File sharing on a VPN connection using Purview DLP

Building a Policy to restrict File sharing on a VPN connection using Microsoft Purview DLP

Scenario: The organisation needs to block any files to be copied by the user from their corporate device to a network share if they are connected from their home network via VPN.

 

Desired outcome: By implementing this DLP policy, any attempt to copy files within the selected file types (or file extension) to the VPN network address (example: 192.168.0.0/16 subnet) will be blocked.

 

There are 2 key steps that is needed to accomplish this.

Step 1: Creating the DLP policy and Configuring the VPN setting in the DLP Settings

To block file sharing to a specific network subnet (e.g. 192.168.0.0/16) using Microsoft Purview Data Loss Prevention (DLP), you can create a DLP policy with the following configuration:

 

  • Configure DLP Policy.
  • Define the sensitive information types or sensitivity labels you want to protect from being shared to the restricted subnet.
  • Under the policy's Locations, Select Devices (Endpoints).

  • In the Conditions section, create a blanket detection to include the most common file types by using File type is. Note: You may also add additional file type by adding extra file types by using the option for File extension is

  • In the Actions section, go to File activities for all apps (please note that you can put in exceptions if needed) and select Copy to a network share > Then edit the Network restriction to select VPN and Select Block

This will block access to file being copied over to the network share that you will put in to Step 2:

Step 2: Updating the VPN settings in the DLP configuration

Add a VPN

  1. Open Microsoft Purview compliance portal > Data loss prevention > Overview > Data loss prevention settings > Endpoint settings > VPN settings.
  2. Select Add or edit VPN addresses.
  3. Provide either the Server address or Network address (example: 192.168.0.0/16)
  4. To get a more accurate reading of the VPN connection. Run Get-VpnConnection on the target device using Powershell to ppull this info.
  5. Select Save.
  6. Close the item.

Source: https://learn.microsoft.com/en-gb/purview/dlp-configure-endpoint-settings#vpn-settings

No RepliesBe the first to reply

Resources