From the course: Microsoft Information Security Administrator Associate (SC-401) Cert Prep by Microsoft Press

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Configure advanced DLP rules for devices in DLP policies

Configure advanced DLP rules for devices in DLP policies - Microsoft 365 Tutorial

From the course: Microsoft Information Security Administrator Associate (SC-401) Cert Prep by Microsoft Press

Start my 1-month free trial Buy for my team

Configure advanced DLP rules for devices in DLP policies

Creating an endpoint DLP policy is similar to other DLP policies, with some endpoint-specific options that you can put into place. So some of the things that we can do that are specific to devices, is things like monitoring actions like copying a file to a USB drive, copying a file to a network share, printing a document, copy-paste of content from a protected file into another application, uploading a file via a web browser, and we can monitor and block those things. Here's a quick summary of what we do and what we can do. Like I said, we have things like removable media, network share, printing using the clipboard, copy-paste, and web upload, and the endpoint DLP allows us to set the action for each, so either audit, so the action is allowed, but it logs the event. Of course, when you're first rolling out Endpoint DLP, we absolutely recommend that you use this. Then block, which will completely block the action and the user will get a notification that it's been blocked. There's…

Contents