Learn about the Microsoft Purview extension for Chrome
Endpoint data loss prevention (endpoint DLP) extends the activity monitoring and protection capabilities of Microsoft Purview data loss prevention (DLP) to sensitive items that are on Windows 10/11 devices. Once devices are onboarded into the Microsoft Purview solutions, the information about what users are doing with sensitive items is made visible in activity explorer and you can enforce protective actions on those items via data loss prevention policies.
Once the Microsoft Purview extension for Chrome is installed on a Windows 10/11 device, organizations can monitor when a user attempts to access or upload a sensitive item to a cloud service using Google Chrome and enforce protective actions via DLP.
Tip
If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.
Activities you can monitor and take action on
The extension enables you to audit and manage the following types of activities users take on sensitive items on devices running Windows 10/11.
| activity | description | supported policy actions |
|---|---|---|
| file copied to cloud | Detects when a user attempts to upload a sensitive item to a restricted service domain through the Chrome browser | audit, block with override, block |
| file printed | Detects when a user attempts to print a sensitive item that is open in the Chrome browser to a local or network printer | audit, block with override, block |
| file copied to clipboard | Detects when a user attempts to copy information from a sensitive item that is being viewed in the Chrome browser and then paste it into another app, process, or item. | audit, block with override, block |
| file copied to removable storage | Detects when a user attempts to copy a sensitive item or information from a sensitive item that is open in the Chrome browser to removable media or USB device | audit, block with override, block |
| file copied to network share | Detects when a user attempts to copy a sensitive item or information from a sensitive item that is open in the Chrome browser to a network share or mapped network drive. | audit, block with override, block |
Deployment process
- Get started with endpoint data loss prevention
- Onboarding tools and methods for Windows 10/11 devices
- Install the extension for Chrome on your Windows 10/11 devices
- Create and Deploy data loss prevention policies that restrict upload to cloud service, or access by unallowed browsers actions and apply them to your Windows 10/11 devices
Next steps
See Get started with the Microsoft Purview extension for Chrome for complete deployment procedures and scenarios.
See also
- Get started with Microsoft Purview extension for Chrome
- Learn about Endpoint data loss prevention
- Getting started with Endpoint data loss prevention
- Using Endpoint data loss prevention
- Learn about data loss prevention
- Create and Deploy data loss prevention policies
- Get started with Activity explorer
- Microsoft Defender for Endpoint
- Insider risk management
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for