Data Loss Prevention Microsoft Purview (DLP) for Endpoint Step By Step Guide and Demo
HTML-код
- Опубликовано: 23 ноя 2023
- This video will cover a step by step guide and demo showing how to configure Data Loss Prevention (DLP) in Microsoft Purview for Windows endpoint devices to block, block with override and audit.
We will create a DLP policy for sensitive information such as drivers license numbers, IP addresses being copied to the clipboard from a document and pasted elsewhere into notepad for example.
We will also cover onboarding to Microsoft Purview from Microsoft Intune for Endpoint DLP. Blocking the copying of Microsoft documents and files to a network share, copying files outside a Remote Desktop Session for RDP, blocking uploading files and data to Cloud Storage like google drive and dropbox. We will also look at auditing in the compliance portal to see alerts and the activity explorer.
👌 Contents of this video 👌
00:06 Intro
01:37 Licensing
01:52 Onboarding Windows Devices to Microsoft Purview from Microsoft Intune
04:15 Configuring Data Loss Prevention (DLP) Settings Overview
07:34 Block service domains
08:19 Configure DLP Policy for Endpoint DLP
12:15 Demo Block Copy to Network Share DLP Policy
13:36 Demo Block Copy from RDP DLP Policy
14:02 Demo Block Copy to Cloud Storage DLP Policy
14:43 Demo Block Copy Paste to Clipboard DLP Policy
15:25 Alerts and Activity Explorer
👌 Check out my Social Media pages 👌
💡 Blog at Cloudinspired.com
www.cloudinspired.com
💡 Twitter(X)
/ cloud_inspired
💡 Licensing
learn.microsoft.com/en-us/pur...
💡 Subscribe here, new videos posted weekly
/ @cloudinspired
#microsoft365
#microsoft
#purview
#dlp
#azure 
Наука
This is well timed, im due to start testing device DLP soon. Thanks for the tips 👍
Glad it was helpful!
When I create the policy, I don't have the option to upload the configuration file?
Excellant
Thanks Mustafa
Will the policy be applied for Windows 11? 23H2
Hey, excellent video. We're implementing Endpoint DLP but we can't fully enroll the pcs. In Purview, the configuration status is Updated but the Policy Sync Status is Not Updated. The test pcs have the Intune EDR onboarding package and Purview and Intune are connected. The problem may be onboarding into M365, we can't get the two processes in the article you link in the response to run - MdCoreSve and MDDlpSvc. Defender and the Windows 10 OS are at the right version. Any help would be greatly appreciated. Thanks.
Hello and thanks for your comment. Have you checked out and confirmed the requirements in preparing and onboarding devices for DLP learn.microsoft.com/en-us/purview/device-onboarding-overview#prepare-your-windows-devices
Hi, really enjoying watching your videos, such an informative video. Do you know if I onboard a device to use Endpoint DLP protection in my organization and the users using that device have some sensitive contents that I don't want them to leak, will this setup give me an alert if they copy the text to the clipboard and then paste on OneNote on the web?
Thanks Rohit for your kind comment.
Copy to clipboard and block with override as shown in the demo block copy paste to clipboard DLP policy in 00:14:46 should prevent this, as always would need to be tested in your environment.
Hi, I am preparing for my SC 400 exam. Just wondering does that mean for all third party apps, to configure DLP -> require defender of cloud apps; whereas all the Microsoft 365 suites apps, no matter on premises or cloud could be configured on Purview?
Hi, Joyce. Most of the endpoint DLP settings for Purview are shown in the video and listed here that can be applied to endpoints learn.microsoft.com/en-us/purview/dlp-configure-endpoint-settings
Defender for Cloud Apps can monitor and enforce restrictions on Microsoft 365 apps i.e SharePoint Online, Exchange Online, OneDrive, Teams. You can also use it to restrict browser access for some supported third-party apps to prevent data leakage. Best of luck with the exam!
Is it possible to use the Purview DLP on Windows Endpoints without the Defender for Endpoint agent?
Hi Travis. Endpoint DLP requires that Windows devices be onboarded into the service to send monitoring data.
Check out the EndPoint DLP onboarding requirements here:
learn.microsoft.com/en-us/purview/device-onboarding-overview#onboard-windows-devices-into-microsoft-365-overview