Automatically protect old file on clients device

%3CLINGO-SUB%20id%3D%22lingo-sub-2118907%22%20slang%3D%22fr-FR%22%3EAutomatically%20protect%20old%20file%20on%20customers%20device%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2118907%22%20slang%3D%22fr-FR%22%3E%3CP%3EHi%2C%20I'd%20like%20to%20know%20if%20there's%20a%20way%20to%20protect%20and%2For%20classify%20old%20file%20on%20user's%20device%2C%20without%20users%20having%20to%20open%20it.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFrom%20what%20I%20know%2C%20AIP%20scanner%20is%20explicitly%20used%20for%20file%20share%20and%20SharePoint%20on-premise%2C%20so%20I%20don't%20think%20it%20can%20be%20used%20for%20user's%20device.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20for%20your%20help%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2118907%22%20slang%3D%22fr-FR%22%3E%3CLINGO-LABEL%3ESecurity%20-%20Compliance%20Center%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Occasional Contributor

Hi, I'd like to know if there's a way to protect and/or classify old file on user's device, without users having to open it.

 

From what I know, AIP scanner is explicitly used for file share and SharePoint on-premise, so I don't think it can be used for user's device.

 

Thank you for your help 

2 Replies
You are correct, but you can create a DLP policy that includes Endpoint protection, if they device user tries to do something unacceptable it will get stopped. This is different type of protection than labeling/encrypting, but it works

@Dean Gross thank you for your answer, wasn't aware of the "Insider Risk Management" option as I've been using the protection center only so far.

 

Cheers