Microsoft Purview compliance portal: Endpoint Data Loss Prevention: Collection Policies: Scope classifiers and activity to track on all Windows devices

🚨 The Signal: Purview Endpoint DLP now allows granular scoping of Sensitive Information Types (SITs) and activities for specific users on Windows devices. This enhances data protection by enabling more precise policy enforcement.

The Impact

Security teams and compliance officers are affected, gaining better control over sensitive data exfiltration risks.

• Security Teams: Reduced false positives from DLP policies.
• Compliance Officers: Improved ability to meet data protection mandates.
• Data Owners: Enhanced protection for their sensitive information.
• IT Admins: More complex policy configuration required.

The Action

1. Navigate to Microsoft Purview compliance portal > Data loss prevention > Policies.
2. Create or edit an Endpoint DLP policy.
3. Under 'Choose locations to apply the policy', select 'Devices'.
4. Configure 'Advanced settings' to scope specific users and groups.
5. Define 'Sensitive info types' and 'Activities to track' for the scoped users.

Impact: medium · Workload: Microsoft Purview