Oct 25 2023 03:44 PM
Hi MS Community
I'm facing a weird problem with MS 365 DLP solution (compliance.microsoft.com)
I have 2 machines 1) Win 10 Desktop 2) Win 10 Azure AVD.
Both machines have latest Defender version. as shown below.
Background of DLP policy: I have 7-8 Endpoint policy which has audit enable for print and copy to USB option. Both device showing policy updated and sync with latest. Currently Testing a policy where if someone print a business document it should trigger alert. The policy has
1)SIT with few words sensitive words matching
2) A trainable classifier.
3) Extension: PDF WORD PPT
Problem: When i try to print a business document, the alert is triggering for desktop machine but not for my AVD machine. even though both machines are scoped for policy, MDE Onboarded, and defender is latest. also, policy is synched. Somewhere its not detecting the print action initiated on AVD machine. The Print action is not working for any policy for AVD machine.
Regards
Mohammed
Oct 25 2023 05:32 PM
Mar 21 2024 04:54 PM - edited Mar 21 2024 04:56 PM
This issue was resolved . You wont believe the stupidity here.
Statement from support : as per backend logs , its seem MS purview is considering AVD as server and since DLP doesnt work on server its not detecting . Soon after that month they release Defender for server option in setting of DLP. its a toggle button.
They release an update , so if your AVD has Antimalware client version 4.18.24010.9 and above it will work on AVD.
It means Microsoft QA didnt even check that this MS product is not working on one of their own product.