Forum Discussion
Endpoint DLP not working as expected
Hi, i created new test tenant to try Endpoint device DLP, i inboard devices and i created DLP policy for devices , with block action but i its not working . can you help thanks
Hello GuillaumeB,
I am also on same page,
My requirements are, I would like to block Confidential Sensitivity label Document if someone is trying to print.
I have set the workload to Endpoint.
As per Microsoft, endpoint workload covers the below action when you create an endpoint DLP policy.
1. Upload to a restricted cloud service domain or access from an unallowed browser. - For me, it is working.
2. Copy to clipboard - Not require
3. Copy to removalbe USB device - Not working
4. Copy to Network Share - - Not require
5. Print - Not working
6. Copy or move using unallowed bluetooth app - Not require
7. Copy or move using RDP - Not require
One Bigger Surprise is here for browser level its working as per requirements (means Confidential Sensitivity label document is blocking if i upload on untrusted domains)
But for Print is not blocking.
My curiosity is over there if its working for Browser level then why it is not blocking for Print.? since it is working for Browser means my Endpoint policy is already reach on respected endpoint machine. it should also work from print task (monitor/block)
Surprised for me: for few machines it is working and for few machines it’s not working.
i have also shared logs with Microsoft team but till date i not heard any solution. if someone knowing this issue and solution. please do the needful.
Note: Expected Defender URL already allowed from proxy.
I am also on same page,
My requirements are, I would like to block Confidential Sensitivity label Document if someone is trying to print.
I have set the workload to Endpoint.
As per Microsoft, endpoint workload covers the below action when you create an endpoint DLP policy.
1. Upload to a restricted cloud service domain or access from an unallowed browser. - For me, it is working.
2. Copy to clipboard - Not require
3. Copy to removalbe USB device - Not working
4. Copy to Network Share - - Not require
5. Print - Not working
6. Copy or move using unallowed bluetooth app - Not require
7. Copy or move using RDP - Not require
One Bigger Surprise is here for browser level its working as per requirements (means Confidential Sensitivity label document is blocking if i upload on untrusted domains)
But for Print is not blocking.
My curiosity is over there if its working for Browser level then why it is not blocking for Print.? since it is working for Browser means my Endpoint policy is already reach on respected endpoint machine. it should also work from print task (monitor/block)
Surprised for me: for few machines it is working and for few machines it’s not working.
i have also shared logs with Microsoft team but till date i not heard any solution. if someone knowing this issue and solution. please do the needful.
Note: Expected Defender URL already allowed from proxy.
tmoen2000
Microsoft
Microsoft
Configure endpoint DLP settings - Microsoft Purview (compliance) | Microsoft Learn
Printer Groups, USB Groups and Network Groups were recently added to Endpoint DLP in Purview Compliance Center.
