Forum Discussion
Purview DLP: Paste to supported browsers
I've enabled a policy that audits "Paste to Supported Browsers." The policy applies if the file has a specific sensitivity label assigned. When I copy content from the file to an unallowed domain e.g. gmail.com I'm not seeing the activity recorded in the log.
I'm reading the Microsoft endpoint data loss prevention page definition for "paste to supported browser" and it appears to only apply if the content copied itself is sensitive e.g. a social security number pattern. So I'm guessing there's no way to prevent users from copying content from a sensitive file and pasting to an unallowed domain. Is that right?
"Detects when a user attempts to paste content to a restricted service domain. Evaluation is performed on the content that is being pasted. This evaluation is independent of how the source item that the content came from is classified."
Learn about Endpoint data loss prevention | Microsoft Learn
Hi MX_IT In order to work DLP on browsers you need to have extension installed on the browser. https://learn.microsoft.com/en-us/purview/dlp-chrome-get-started , and you can install it using Intune as well.
RafaelDornelesMicrosoft
For this option you need to control the "Copy To Clipboard" activity in the Endpoint DLP policy.
