Microsoft Purview compliance portal: Endpoint Data Loss Prevention-Endpoint DLP support classification of Azure RMS protected Office documents

🚨 The Signal: Endpoint DLP can now classify Office files protected by Azure RMS on Windows devices. This enhances data loss prevention by extending classification to previously encrypted content, improving visibility and control over sensitive information.

The Impact

Security teams and data owners are affected, gaining improved protection against sensitive data exfiltration from RMS-protected Office documents.

• Security Teams: Reduced risk of data exfiltration from RMS-protected files.
• Data Owners: Enhanced assurance that sensitive information remains protected.
• Compliance Officers: Better visibility for auditing and reporting on data handling.
• IT Administrators: Improved control over data movement on endpoints.

The Action

1. Review existing Endpoint DLP policies in Microsoft Purview compliance portal.
2. Verify 'just-in-time classification' settings for relevant DLP rules.
3. Test DLP policies with Azure RMS-protected Office documents to confirm expected behavior.
4. Communicate enhanced protection capabilities to data owners and security stakeholders.

Impact: medium · Workload: Microsoft Purview