Microsoft Purview Compliance Portal: Endpoint DLP - Protect shadow files for OneDrive

🚨 The Signal: Microsoft Purview Endpoint DLP can now protect OneDrive shadow files not locally synced. This enhances data loss prevention for files accessed via Just-in-Time (JIT) sync, reducing exfiltration risk from endpoints.

The Impact

Security teams and data owners are affected, as this reduces the risk of sensitive data exfiltration from endpoint devices.

• Security Teams: Reduced risk of data exfiltration.
• Data Owners: Enhanced protection for sensitive OneDrive files.
• Compliance Officers: Improved DLP posture and audit readiness.
• Endpoint Users: No direct impact, but sensitive data is better protected.

The Action

1. Review existing Endpoint DLP policies in Microsoft Purview Compliance Portal.
2. Navigate to Data loss prevention > Policies > Create policy or edit existing.
3. Ensure policies are configured to include OneDrive locations and sensitive info types.
4. Verify Endpoint DLP settings are deployed to relevant devices via Microsoft Intune.
5. Test shadow file protection with sample sensitive data on managed endpoints.

Domain: Purview · Impact: high · Workload: Microsoft Purview