Costa Rica
Last updated: 2025-07-17
List of References (Click to expand)
- Learn about data loss prevention
- Get started with collecting files that match data loss prevention policies from devices
- Learn about Endpoint data loss prevention
- Announcing machine learning features in Microsoft Purview Data Loss Prevention
- Common questions on Microsoft Purview Data Loss Prevention for endpoints
- Configure endpoint data loss prevention settings
- Use data loss prevention policies for non-Microsoft cloud apps
- Data Loss Prevention policy reference
- Govern your data wherever it resides with Azure Purview
- Frequently asked questions (FAQ) about Microsoft Purview data governance solutions
- Data loss prevention Exchange conditions and actions reference
- Introducing HTTP and Custom Connector Support for Data Loss Prevention Policies - Power Platform
- Connector classification - Power Platform
- DLP for custom connectors
Data Loss Prevention (DLP) without Microsoft Purview can still be effective, but it has some limitations compared to the comprehensive features offered by Purview.
| Limitation | Description |
|---|---|
| Limited Integration | DLP solutions might not integrate as seamlessly with other Microsoft 365 services and third-party applications. |
| Reduced Coverage | Limited support for non-Windows devices compared to Purview's extensive coverage across Windows, macOS, iOS, and Android. |
| Policy Management | More challenging to manage and enforce DLP policies without the centralized management capabilities provided by Purview. |
| Advanced Features | Less robust features like Endpoint DLP and integration with non-Microsoft cloud apps. |
| Compliance and Reporting | Fewer advanced compliance and reporting tools to help meet regulatory requirements and monitor data usage effectively. |
| Limitation | Description | Workaround |
|---|---|---|
| Policy and Rule Limits | Constraints on the number of policies and rules you can create. For instance, the maximum number of DLP rules in a tenant is 600, and the maximum size of an individual DLP rule is 100 KB. | - Prioritize Critical Policies: Focus on creating policies that address the most critical data protection needs first. - Combine Rules: Where possible, combine multiple conditions into a single rule to stay within the limits. |
| File Type Restrictions | DLP policies are primarily effective for specific file types, mainly Office files. This can limit the scope of protection for other file formats. | - Custom Connectors: Use custom connectors to extend DLP capabilities to other file types and applications. - Third-Party Tools: Integrate third-party DLP solutions that support a broader range of file types. |
| Text Extraction Limits | The maximum size of text that can be extracted from a file for scanning is 2 MB. | - Pre-Processing: Pre-process files to reduce their size before they are scanned by DLP policies. - Selective Scanning: Focus on scanning the most critical parts of documents, such as headers, footers, and specific sections. |
| Policy Size and Complexity | The maximum size of a DLP policy is 100 KB, which can limit the complexity and number of rules within a single policy. | - Modular Policies: Break down complex policies into smaller, modular policies that can be managed more easily. - Regular Reviews: Regularly review and optimize policies to ensure they remain within size limits. |
| Integration Limitations | The data map in Microsoft Purview does not currently support DLP capabilities for Microsoft 365 apps and services. | - Manual Processes: Implement manual processes to complement DLP policies where integration is not supported. - Custom Scripts: Use custom scripts to automate data protection tasks that are not covered by DLP policies. |
| License Restrictions | Some advanced DLP features are only available with higher-tier licenses, such as Office 365 E5. | - Evaluate Needs: Assess your organization's specific needs to determine if higher-tier licenses are necessary. - Leverage Available Features: Make the most of the features available in your current license tier while planning for future upgrades if needed. |
Find below some examples of custom connectors for Data Loss Prevention (DLP) in Azure Purview. These custom connectors
can be created and managed using the Power Platform admin center, where you can classify them into different categories such asBusiness, Non-Business, or Blocked.This classification helps in applying appropriate DLP policiesto ensure data protection across various environments.
-
Custom API Connectors:
- Example: A custom connector to a proprietary HR system API to monitor and protect sensitive employee data.
- Usage: This connector can be used to enforce DLP policies on data being transferred between the HR system and other applications.
-
Third-Party Cloud Services:
- Example: A custom connector for a third-party cloud storage service like Box or Dropbox.
- Usage: This allows DLP policies to monitor and control the flow of sensitive information to and from these services.
-
Legacy Systems:
- Example: A custom connector to a legacy on-premises database.
- Usage: Enables DLP policies to be applied to data being accessed or transferred from older systems that do not natively support modern DLP features.
-
Custom File Processing Services:
- Example: A custom connector for a file processing service that converts documents to different formats.
- Usage: Ensures that sensitive information is not inadvertently exposed during the conversion process.
-
Custom Email Gateways:
- Example: A custom connector for an email gateway that handles outbound emails.
- Usage: Applies DLP policies to monitor and prevent the leakage of sensitive information through email communications.
Refresh Date: 2025-07-17