AIP, Sensitivity Labels, and DLP protects for data on a Windows File Server

%3CLINGO-SUB%20id%3D%22lingo-sub-2942784%22%20slang%3D%22en-US%22%3EAIP%2C%20Sensitivity%20Labels%2C%20and%20DLP%20protects%20for%20data%20on%20a%20Windows%20File%20Server%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2942784%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20implementing%20DLP%20protections%20for%20data%20stored%20on%20a%20Windows%20File%20share.%26nbsp%3B%20We%20have%20the%20AIP%20scanner%20setup%20and%20labeling%20data.%26nbsp%3B%20We%20have%20some%20test%20data%20labeled.%26nbsp%3B%20We%20published%20DLP%20rules%20to%20prevent%20the%20data%20from%20being%20copied%20to%20USB%20or%20uploaded%20to%20the%20web.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20rules%20work%20and%20block%20data%20if%3A%3C%2FP%3E%3CP%3E1)%20From%20Word%2C%20do%20File%20Save%20As%20and%20attempt%20to%20save%20to%20USB.%3C%2FP%3E%3CP%3E2)%20Data%20stored%20in%20One%20Drive%20and%20attempt%20to%20use%20File%20Explorer%20to%20copy%20to%20USB.%3C%2FP%3E%3CP%3E3)%20Data%20stored%20on%20local%20C%3A%20drive%20and%20attempt%20to%20use%20File%20Explorer%20to%20copy%20to%20USB.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERules%20do%20NOT%20work%20if%20data%20is%20stored%20on%20a%20Windows%20File%20share.%26nbsp%3B%20I%20can%20use%20File%20explorer%20to%20copy%20the%20data%20to%20a%20USB%20drive.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESame%20with%20Edge%20and%20web%20uploads%3A%20appropriately%20blocks%20if%20One%20Drive%20or%20C%3A%20drive.%26nbsp%3B%20Does%20NOT%20block%20if%20on%20a%20Windows%20File%20share.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%20on%20this%3F%26nbsp%3B%20Does%20the%20Windows%20File%20server%20have%20to%20have%20Defender%20installed%3F%26nbsp%3B%20I%20thought%20the%20workstation%20Defender%20would%20protect%20the%20data%2C%20but%20maybe%20I%20am%20wrong.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2942784%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EData%20Loss%20Prevention%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EEndpoint%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Protection%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EInformation%20Protection%20and%20Governance%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

We are implementing DLP protections for data stored on a Windows File share.  We have the AIP scanner setup and labeling data.  We have some test data labeled.  We published DLP rules to prevent the data from being copied to USB or uploaded to the web.

 

The rules work and block data if:

1) From Word, do File Save As and attempt to save to USB.

2) Data stored in One Drive and attempt to use File Explorer to copy to USB.

3) Data stored on local C: drive and attempt to use File Explorer to copy to USB.

 

Rules do NOT work if data is stored on a Windows File share.  I can use File explorer to copy the data to a USB drive.

 

Same with Edge and web uploads: appropriately blocks if One Drive or C: drive.  Does NOT block if on a Windows File share.

 

Any ideas on this?  Does the Windows File server have to have Defender installed?  I thought the workstation Defender would protect the data, but maybe I am wrong.

 

Thanks.

0 Replies