Forum Discussion

DanSec's avatar
DanSec
Copper Contributor
Apr 05, 2023

Blocking file uploads to all sites, unless safelisted

We're trying to verify if we can block file uploads through the browser to all sites, unless these sites are part of an approved list or the user has an exception. We currently have a similar solutio...
miller34mike's avatar
miller34mike
Icon for Microsoft rankMicrosoft
Jun 07, 2023

Hi The737 

 

Great! I look forward to hearing the results of the policy testing!

The737's avatar
The737
Brass Contributor
Jun 07, 2023

miller34mike, it's a no-go unfortunately. 

  • miller34mike's avatar
    miller34mike
    Icon for Microsoft rankMicrosoft
    Jun 07, 2023

    The737 

     

    Just to confirm, are you performing your testing on a Microsoft Purview Onboarded device and using an Azure AD Identity with an E5 license to log in to the machine?

    • The737's avatar
      The737
      Brass Contributor
      Jun 07, 2023

      miller34mike, yes. Full E5 licensed tenant, device enrolled in Intune and onboarded in MDE as per the device inventory (screenshot below).

      • miller34mike's avatar
        miller34mike
        Icon for Microsoft rankMicrosoft
        Jun 07, 2023

        The737 

         

        Perfect! The final check to perform is under settings within the compliance portal at the link below, confirm that device onboarding has been enabled and that the same device from MDE shows up under Purview (it may take up-to an hour to complete the onboarding). Enabling Device onboarding within the compliance portal will automatically ingest all MDE-onboarded devices into purview, which is the final step to make sure that Endpoint DLP policies can be pushed to the device.

         

         

Resources