Forum Discussion

Dirk Prinsloo's avatar
Dirk Prinsloo
Copper Contributor
Nov 14, 2021
Solved

DLP and Defender for Cloud Apps (MCAS) blocking the upload of sensitive data to personal Dropbox

Hi there,   THE REQUIREMENT Block the upload of sensitive content (defined with Sensitive Information Types - not Labels) to personal cloud storage such as a personal Dropbox account.   THE RESE...
Dropbox
MCAS Policy
  • JaredPoeppelman's avatar
    JaredPoeppelman
    Dec 03, 2021
    Yes, endpoint DLP is the Microsoft solution for this requirement. MDCA does not have a forward proxy capability, so the best MDCA can do is integrate with a 3rd party secure web gateway like Zscaler, iBoss, Menlo Security, etc.

    CAAC session policies are limited to SSO-enabled (sanctioned) apps and they also only support browser-based access, not client apps.

    With MDE integration, MDCA can block access to the SaaS app entirely, which also includes blocking uploads, but is typically not what customers with this requirement are looking for.

    Cu
Dean_Gross's avatar
Dean_Gross
Silver Contributor
Nov 29, 2021
I have a similar request from a client, have you been able to identify an actual solution using other approaches?

Resources