Sep 14 2021 07:45 AM
Hi All,
We have configured EDM sensitive types.
We have got a couple of questions regarding the hash file of customer data that us uploaded using thr EDM Upload Agent.
1. Where are the hash files stored in M365
2.What happens to the old hash file once a new is uploaded
3. Can the EDM upload agent work in presence of a proxy like Zscaler or MWG
4.Can we access the uploaded hash file on M365 Compliance portal
5. What is the best location (on-premise) to deploy the EDM Upload Agent VM
Please provide help ASAP as I need to provide info on this to my team by the end of this week.
Sep 24 2021 03:16 PM
Hi @Rhul1545 - please see below for answers to your EDM related questions.
Where are the hash files stored in M365?
The hashed data uploaded is securely stored encrypted in an Azure table storage and always remains in the same geo as where it was uploaded from.
What happens to the old hash file once a new is uploaded?
Old hashed data gets deleted after new hashed / salted EDM data file is uploaded.
Can the EDM upload agent work in presence of a proxy like Zscaler or MWG?
The EDM upload agent is used to salt/hash/upload the EDM sensitive data that is to be protected. Though it has not been tested explicitly with the proxies mentioned here, it should work in presence of any proxy as long as outbound connectivity to Microsoft Graph, Azure Blob storage and Azure AD endpoints is allowed. EDM detections from the Microsoft EDM can be detected in parallel with other EDM vendors, such as Zscaler and McAfee, but conflicts may arise if various DLP solutions are actively protecting the same content.
Can we access the uploaded hash file on M365 Compliance portal?
No, the uploaded hash file is not available for access; however, the hash file generated prior to upload is written locally and can be accessed.
What is the best location (on-premise) to deploy the EDM Upload Agent VM?
It should be deployed in a location that the compliance admin or tenant admin has full access to.
Best regards,
Martin Berzin
Nov 03 2021 03:27 AM
Oct 04 2022 08:40 AM
@Rhul1545 apologies for missing the 2 follow-up EDM questions, this only recently came to my attention.
1. All data sent over the wire is encrypted (https using TLS 1.2).
2. We've not tested this, but we expect that express route can be used instead of public internet