Endpoint DLP
Extend Data Loss Prevention to Windows and macOS endpoints. Monitor and control sensitive data on managed devices.
Note: Requires Microsoft 365 E5 or E5 Compliance. Devices must be onboarded to Microsoft Defender for Endpoint.
Monitored Activities
- File copy to USB removable media
- File copy to network share
- File upload to cloud services
- File access by unallowed apps
- Print operations
- Clipboard copy/paste
Policy Actions
| Action | Description |
|---|---|
| Audit only | Log activity without blocking |
| Block with override | Block but allow user justification |
| Block | Prevent the action entirely |
Device Groups
Apply different DLP policies to different device groups based on sensitivity requirements.
API Reference
GET /api/security/endpoint-dlp/policies— List policiesGET /api/security/endpoint-dlp/alerts— List endpoint DLP alerts
Last updated on