Purview DLP: Paste to supported browsers
I’ve enabled a policy that audits “Paste to Supported Browsers.” The policy applies if the file has a specific sensitivity label assigned. When I copy content from the file to an unallowed domain e.g. gmail.com I’m not seeing the activity recorded in the log.
I’m reading the Microsoft endpoint data loss prevention page definition for “paste to supported browser” and it appears to only apply if the content copied itself is sensitive e.g. a social security number pattern. So I’m guessing there’s no way to prevent users from copying content from a sensitive file and pasting to an unallowed domain. Is that right?
“Detects when a user attempts to paste content to a restricted service domain. Evaluation is performed on the content that is being pasted. This evaluation is independent of how the source item that the content came from is classified.”
Learn about Endpoint data loss prevention | Microsoft Learn
I’ve enabled a policy that audits “Paste to Supported Browsers.” The policy applies if the file has a specific sensitivity label assigned. When I copy content from the file to an unallowed domain e.g. gmail.com I’m not seeing the activity recorded in the log. I’m reading the Microsoft endpoint data loss prevention page definition for “paste to supported browser” and it appears to only apply if the content copied itself is sensitive e.g. a social security number pattern. So I’m guessing there’s no way to prevent users from copying content from a sensitive file and pasting to an unallowed domain. Is that right? “Detects when a user attempts to paste content to a restricted service domain. Evaluation is performed on the content that is being pasted. This evaluation is independent of how the source item that the content came from is classified.” Learn about Endpoint data loss prevention | Microsoft Learn Read More