Microsoft Ignite 2020 has ended some weeks ago. Many security and compliance (preview) functions have been presented, including the ability to use Microsoft 365 DLP policies with Windows 10 endpoints.
These new policies combine several Microsoft platform to works as one. Microsoft Defender ATP on the Windows 10 endpoint allows for the scanning of the sensitive information and providing information back to Microsoft 365. This component allows for the definition of DLP policies, alerting and monitoring dashboards.
The endpoint DLP function is not for the faint-at-heart though. It does require Microsoft 365 E5 Compliance licenses. Or a trial-version, should you want to test them. Also, the Windows 10 endpoints need to be Azure AD or Azure AD (hybrid) joined.
Endpoint DLP scans the files based on the mime-type. Which is great. The file’s extension will not impact the functionality. These mime-types are included:
- Word files
- PowerPoint files
- Excel files
- PDF files
- .csv files
- .tsv files
- c files
- class files
- cpp files
- cs files
- h files
- java files
More information can be found here: https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?WT.mc_id=EM-MVP-5003084
I hope you enjoy the short video.