SharePoint/OneDrive Application DLP - MIP or MCAS policies?

Occasional Contributor

Hi All,


When configuring DLP policies for SharePoint/OneDrive, where is the recommended place to configure this, the Compliance portal/MCAS portal or both? The compliance portal is providing actions of block/encrypt, whilst MCAS there are additional governance actions such as make private, remove external users etc. 


Might we expect some governance features coming across into the compliance portal in the future or sync for first-party locations to reduce the number of troubleshooting vectors (Check this portal, now check this portal)? I could be approaching this completely wrong, the lines do seem quite blurry with first-party applications.


I've noticed that MIP now has auto-labelling configured through the compliance portal as another option like MCAS we can apply to SharePoint and OneDrive. I haven't seen the recent limitations in MCAS, but the compliance centre appears to have recently improved throughput for this. 


Trying to find an answer on this one, I found this blog post with an answer of "it depends," making conversations about this a little bit harder without hard clarification however it's the closest answer on the topic I have found. MCAS Data Protection Blog Series: Do I use MCAS or MIP? - Microsoft Tech Community.


Keen to hear how others are putting this into practice. 



1 Reply

I think for SharePoint and One Drive the Compliance portal is the best for configuring DLP