Mar 30 2017
07:02 PM
- last edited on
Feb 01 2023
01:25 PM
by
TechCommunityAP
Mar 30 2017
07:02 PM
- last edited on
Feb 01 2023
01:25 PM
by
TechCommunityAP
Hello Everyone,
I have enabled some DLP policies in Office 365 security center, and these apply to OneDrive for business and SharePoint Online.
So far these policies are working and preventing data from getting shared to un-authorized recipients. However, if I create/upload a new file in my OneDrive For Business, I can share the file with external people within the first 10 to 15 minutes of upload/create. After about 10-15 minutes the DLP policy kicks in and locks down the new file, but it's too late, the file is already shared!
Any idea how to force new files to get scanned by the DLP policy engine immediatly?
Thanks,
Robert
Mar 31 2017 01:33 AM
At the very least, the document needs to be crawled by the search engine, which in SPO can take a while (I believe the minimum guarantee is around 15 mins, but it can take a lot less or lot more depending on the overall load).
The way DLP policies work against SPO/ODFB content is detailed here: https://support.office.com/en-us/article/Overview-of-data-loss-prevention-policies-1966b2a7-d1e2-4d9...
Mar 31 2017 07:55 AM
Mar 31 2017 12:08 PM
Well if memory serves, the document will get locked upon detecting any DLP policy matches, so even if it was shared during that short interval, it will not be accessable by external users.
Jun 04 2020 04:05 PM
Jun 04 2020 04:50 PM
Yes, this is a huge security issue. Not only has it not improved, but MS seems content to spend it time rebranding things. Now we have security tags. These tags have the same flaw.
To make matters worse, I have an environment that has Windows 10, Mac OS, IOS, etc. The encryption features that follow a document depend on Azure Information Protection. The client is built into office now.
Unfortunately, the office client does not have the encryption code. After speaking with MS support, the encryption features are in the Windows OS. So security in Azure/O365 is for Windows-only, it isn't real time, and in my opinion is not a serious contender in the security space.
Jun 04 2020 04:55 PM
Aug 05 2020 04:54 PM
@Odenkaz consider trying this.
https://docs.microsoft.com/en-us/sharepoint/sensitive-by-default
Aug 22 2020 02:40 PM
I tried it and I am having trouble. I can still share newly uploaded files even with this feature turned on. I read that this is a feature still on roll out. How would I know if I can now use it or not?
Aug 17 2023 11:23 AM