Microsoft Purview compliance portal: Endpoint Data Loss Prevention - Endpoint DLP support classification of Azure RMS protected Office documents

🚨 The Signal: Endpoint DLP can now classify Office files protected by Azure RMS on Windows devices. This enhances data protection by extending DLP policies to previously encrypted content, reducing the risk of sensitive information exfiltration.

The Impact

Security teams are affected, gaining enhanced control over sensitive data protected by RMS, reducing data exfiltration risk.

• Security teams: Gain visibility into RMS-protected data.
• Security teams: Can enforce DLP policies on encrypted files.
• Data owners: Reduced risk of sensitive data loss.
• Compliance officers: Improved data protection posture.

The Action

1. Review existing Endpoint DLP policies for scope expansion.
2. Enable 'just-in-time classification' in Purview for immediate scanning.
3. Test DLP policies with RMS-protected Office documents.
4. Communicate enhanced protection capabilities to stakeholders.

Domain: Purview · Impact: medium · Workload: Microsoft Purview