Auto labeling on end-user machine

anhpham1652525 · ‎Jul 18 2023

Hello All,

Microsoft Purview has auto-labeling policy for scanning Exchange mails, SharePoint and OneDrive files to applying the label for them. I wonder if it is possible to create something like auto-labeling policy for scanning end-user machine? If yes, what are the requirements?

Thank you.

miller34mike · ‎Jul 18 2023

Hi, @anhpham1652525,

Thank you for posting your question here. I understand you're looking for a solution to auto-label files stored on Endpoints, similar to the options for Exchange, SharePoint, and OneDrive.

Unfortunately, there is no direct tool that will scan data-at-rest on endpoints and apply a label based on content being matched.

However, there are a few options available to help with this:

You can automatically back-up the Known folders (Desktop, Documents, and Images) to OneDrive, which will help cut-back on the amount of files stored locally on the PC, and then they will be subject to OneDrive auto-labeling policies
You can configure auto-labeling within your sensitivity labels and as users interact with files on their endpoints, the files will be scanned and labeled accordingly
- This is known as client-side labeling, the auto-labeling policies you're asking about is known as service-side labeling
Leverage Endpoint DLP to prevent unauthorized movements, such as putting the file on a USB, if the document is NOT labeled by using the "Content is not labeled" condition available for Endpoint DLP policies

Products (52)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Auto labeling on end-user machine

Auto labeling on end-user machine

Re: Auto labeling on end-user machine