Microsoft Purview Compliance Portal: Data Loss Prevention-Enforce DLP protection upon new content before its saved

🚨 The Signal: Microsoft Purview DLP can now prevent sensitive content from being exfiltrated (printed, USB, network share) even before it's saved. This significantly reduces the window of exposure for sensitive data.

The Impact

Security teams and end-users are affected; this reduces the risk of sensitive data exfiltration from unsaved documents.

• Security Teams: Reduced risk of data loss from unsaved documents.
• End-Users: Potential blocks on printing or saving unsaved sensitive content.
• Compliance Officers: Improved adherence to data protection policies.
• IT Administrators: New DLP policy configurations may be required.

The Action

1. Review existing Data Loss Prevention policies in Microsoft Purview Compliance Portal.
2. Navigate to 'Data loss prevention' > 'Policies' and create or modify relevant policies.
3. Ensure policies are configured to 'Enforce' actions on 'Content not yet saved' for relevant sensitive info types.
4. Test new DLP policies with end-users to ensure expected behaviour and minimise disruption.
5. Communicate changes to end-users regarding new real-time DLP protections.

Domain: Purview · Impact: high · Workload: Microsoft Purview