I've been using Microsoft Purview to scan our on-premises file servers and apply labels automatically, which generally works well. However, I'm facing an issue with email attachments. When some users connect to their Exchange Online mailboxes using Outlook and attach files, our firewall doesn't block certain labels attached to those files. I was under the impression that I might need to block these directly from the MS Purview portal.
I created a DLP policy for fake SSN labeling and set it to test mode with notifications, but I didn't receive any alerts after attaching and emailing a test file containing a fake SSN. Upon checking the settings, I saw a portion regarding device onboarding, and I'm curious if I need to onboard a device for the policy to take effect?
Currently, under the onboarding section, there are no devices listed and the option to enable device onboarding is greyed out. I'm wondering if this issue is related to licensing or just a settings misconfiguration. All on-prem computers are hybrid joined, and about five have been onboarded to Defender for endpoints and Intune. We're using E3 licenses along with AIP P2, although I'm not sure if MDE P2 is relevant here.
1 Answer
First off, double-check the scope of your DLP policy. Make sure that Exchange Online is specifically selected. From what I understand, you're correct about needing the E5 compliance add-on; that's often necessary for full DLP capabilities in Purview. Without this, some features might be limited, which could explain the onboarding issues you're experiencing with devices. Licensing in MS is always a fun puzzle!
For sure! It feels like you're forever adding licenses. With our GCC High E3 licenses, I thought we were covered too, but it seems like additional costs just keep piling up. Are there any affordable alternatives?