DLP and Defender for Cloud Apps (MCAS) blocking the upload of sensitive data to personal Dropbox
Hi there, THE REQUIREMENT Block the upload of sensitive content (defined with Sensitive Information Types - not Labels) to personal cloud storage such as a personal Dropbox account. THE RESEARCH Endpoint DLP Based on this requirement, I have come to the conclusion that this can only be achieved through https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide using the https://docs.microsoft.com/en-us/microsoft-365/compliance/dlp-chrome-get-started?view=o365-worldwide and requiring an E5 license for all users. Conditional Access and Defender for Cloud Apps - Session Policy I also considered using a https://itsakerhetsguiden.se/2021/03/31/mcas-session-control-for-sensitive-information/ in Defender for Cloud Apps (MCAS) to block the upload of such information, but the policy only relies on Sensitivity Labels (and not Sensitive Information Types which is the requirement) M365 Compliance Centre and Defender for Cloud Apps - DLP Policy I am also aware that one can add an App Connector for Dropbox as a Cloud App, then using this in M365 Compliance Centre as a location: But this only works for corporate Dropbox accounts and not personal. I am sure I am missing something here in terms of the requirement and the capability that Microsoft provides throughout the DLP and MIP capabilities. Please help? Dirk
