Upload to a restricted cloud service domain or access from an unallowed browser

Ahmed Sh 100 Reputation points
2024-07-02T07:13:11.5633333+00:00

-The action in DLP rules  "Upload to a restricted cloud service domain or access from an unallowed browser" does not seem to be working as expected.

-Currently a number of policies are meant to detect certain sensitivity labels as well as certain information types and among the actions taken to restrict data/files being shared, Is the action named above.

-The activity explorer shows the policy match but the enforcement action is always audit instead of block(which is specified in the policy)

-Service domains and domain groups are added with an action of block in DLP settings.

-Unallowed browser also specified.

 

What could be the issue here? Any Ideas?

 

 

Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,056 questions
{count} votes

1 answer

Sort by: Most helpful
  1. PRADEEPCHEEKATLA-MSFT 85,351 Reputation points Microsoft Employee
    2024-07-02T11:28:25.1+00:00

    @Ahmed Sh - Thanks for the question and using MS Q&A platform.

    Based on the information you provided, it seems that the "Upload to a restricted cloud service domain or access from an unallowed browser" action in your DLP policy is not working as expected.

    One possible reason for this could be that the policy enforcement mode is set to "Audit" instead of "Block". You mentioned that the policy is configured to block the action, but the enforcement action is always audit. Please check the policy settings to ensure that the enforcement mode is set to "Block" for this action.

    Another possible reason could be that the service domains and domain groups added in the DLP settings are not configured correctly. Please review the domains and domain groups added to ensure that they are correct and that they are configured with the correct action of "Block".

    Lastly, it is possible that the unallowed browser specified in the policy is not being recognized correctly. Please check the policy settings to ensure that the unallowed browser is specified correctly.

    If none of these solutions work, it may be necessary to create a support ticket to further investigate the issue.

    0 comments No comments