Nov 22 2023 10:49 PM
I hope this message finds you well. I am reaching out with a query regarding the robust security features offered by Microsoft 365 E5, specifically related to safeguarding sensitive information from screenshots on endpoints and browsers.
Scenario: We have implemented Microsoft 365 E5 licenses within our organization, and while we are confident in the overall security capabilities, we are seeking advice on how best to protect sensitive information from being captured via screenshots on endpoints and browsers.
Key Components:
Dec 03 2023 09:17 AM
Microsoft Purview DLP and Purview Information Protection can help you with this, you will need to ensure that you have a labelling system in place to protect your sensitive information, then using Purview DLP, and Purview Endpoint DLP, you will need to create policies to protect these sensitive data.
Onboard your Windows Devices to be managed by Purview:
This requires that you on-board all your managed devices to Purview. Once the onboarding is done, the following steps below will work with the latest version of Microsoft Edge on Windows 10/ 11 out of the box.
Manage the Browser and Domains that can access you data:
Within Purview Endpoint DLP, there are capabilities for you to manage. You can control which browsers you can allow to access your data and also control which service domains can access your sensitive information.
Manage which apps can the users use to access your data:
You can then use the restricted apps option to restrict the tools that you have in their devices. So when a user tries to use the Snipping tool or something similar, the activity itself will be restricted. This will only work on the sensitive/ restricted data that you set of-course. Hence the importance of a well-defined Information classification using Purview Information Protection.
You can read more here: https://learn.microsoft.com/en-us/purview/endpoint-dlp-getting-started