Learn about the Microsoft Purview Extension
Endpoint data loss prevention (endpoint DLP) extends the activity monitoring and protection capabilities of Microsoft Purview data loss prevention (DLP) to sensitive items that are on Windows 10 devices. Once devices are onboarded into the Microsoft Purview solutions, the information about what users are doing with sensitive items is made visible in activity explorer and you can enforce protective actions on those items via DLP policies.
Once the Extension is installed on a Windows 10 device, organizations can monitor when a user attempts to access or upload a sensitive item to a cloud service using Google Chrome and enforce protective actions via DLP.
If you're not an E5 customer, you can try all the premium features in Microsoft Purview for free. Use the 90-day Purview solutions trial to explore how robust Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.
Activities you can monitor and take action on
The extension enables you to audit and manage the following types of activities users take on sensitive items on devices running Windows 10.
|activity||description||supported policy actions|
|file copied to cloud||Detects when a user attempts to upload a sensitive item to a restricted service domain through the Chrome browser||audit, block with override, block|
|file printed||Detects when a user attempts to print a sensitive item that is open in the Chrome browser to a local or network printer||audit, block with override, block|
|file copied to clipboard||Detects when a user attempts to copy information from a sensitive item that is being viewed in the Chrome browser and then paste it into another app, process, or item.||audit, block with override, block|
|file copied to removable storage||Detects when a user attempts to copy a sensitive item or information from a sensitive item that is open in the Chrome browser to removable media or USB device||audit, block with override, block|
|file copied to network share||Detects when a user attempts to copy a sensitive item or information from a sensitive item that is open in the Chrome browser to a network share or mapped network drive.||audit, block with override, block|
- Get started with endpoint data loss prevention
- Onboarding tools and methods for Windows 10 devices
- Install the extension on your Windows 10 devices
- Create or edit DLP policies that restrict upload to cloud service, or access by unallowed browsers actions and apply them to your Windows 10 devices
See Get started with the Microsoft Purview Extension for complete deployment procedures and scenarios.
- Get started with Microsoft Purview Extension
- Learn about Endpoint data loss prevention
- Getting started with Endpoint data loss prevention
- Using Endpoint data loss prevention
- Learn about data loss prevention
- Create, test, and tune a DLP policy
- Get started with Activity explorer
- Microsoft Defender for Endpoint
- Insider risk management
Submit and view feedback for