![]() So a path definition can contain an asterisk ( *) in the middle of the path or at the end of the path. You can also add your own exclusions for macOS devices.įile path definitions are case insensitive, so User is the same as user. Example: %SystemDrive%\Users\*\Documents\*(2)\Sub\ Example: %SystemDrive%\Test\*Ī mix of all the patterns described above. Example: C:\Users\*(1)\Downloads\Ī path with SYSTEM environment variables. ![]() Example: C:\Users\*\Desktop\Ī path with wildcard between \ from each side and with (number) to specify the exact number of subfolders to be excluded. Example: C:\TempĪ path with wildcard between \ from each side. Valid file path that ends without \ or \*, means all files directly under the specified folder and all of its subfolders are excluded. Files directly under the specified folder itself aren't excluded. Valid file path that ends with \*, means only files within subfolders of the specified folder are excluded. ![]() Valid file path that ends with \, means only files directly under the specified folder are excluded. You can use the following logic to construct your exclusion paths for Windows 10/11 devices: To configure path exclusions in DLP settings, navigate to Microsoft Purview compliance portal > Data loss prevention > Endpoint DLP settings > File path exclusions. Files in excluded locations aren't audited and any files that are created or modified in those locations aren't subject to DLP policy enforcement. If you want to exclude certain paths from DLP monitoring, DLP alerts, and DLP policy enforcement on your devices, you can turn off those configuration settings by setting up file path exclusions. To learn more about contextual text, see Contextual summary. Additionally, you must enable advanced classification before Activity explorer will display contextual text for DLP rule-matched events. ![]() To use advanced classification for Windows 11 devices, KB5016691 must be installed on those Windows 11 devices. To use advanced classification for Windows 10 devices, you must install KB5016688. The following Windows versions and above support advanced classification scanning and protection. If bandwidth usage isn't a concern, select No limit to allow unlimited bandwidth use. When the cumulative bandwidth usage drops below the rolling 24-hour limit, communication with the cloud services resumes. At that point, data classification continues locally on the device but classification using exact data match, named entities, and trainable classifiers aren't available. If you set a bandwidth usage limit and it's exceeded, DLP stops sending the user content to the cloud. The limit is configured in Endpoint DLP settings and is applied per device. If bandwidth usage is a concern, you can set a limit on how much bandwidth can be used in a rolling 24-hour period. When advanced classification is turned on, content is sent from the local device to the cloud services for scanning and classification. Therefore, you can take advantage of classification techniques such as exact data match classification, and named entities in your DLP policies. Setup evidence collection for file activities on devicesīrowser and domain restrictions to sensitive dataĪdvanced classification scanning and protection allow the Microsoft Purview cloud-based data classification service to scan items, classify them, and return the results to the local machine. MacOS includes a recommended list of exclusions that is on by default SettingĪdvanced classification scanning and protectionĪdvanced classification enables these features for macOS: - Document Fingerprinting- Exact data match based sensitive information types- Trainable classifiers- Learn about named entities The following table describes the supported endpoint settings for Windows 10/11 and macOS. Endpoint DLP Windows 10/11 and macOS settings For information about the Adobe requirements for using Microsoft Purview Data Loss Prevention (DLP) features with PDF files, see this article from Adobe: Microsoft Purview Information Protection Support in Acrobat. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |