Endpoint DLP Overview
Endpoint DLP Overview
Endpoint DLP Overview
Apply flexible
protection actions PROTECT GOVERN Automatically retain,
including encryption, delete, and store data
access restrictions and
YOUR DATA YOUR DATA and records in a
visual markings compliant manner
Future: Expand
Exchang Teams SharePoint, Endpoint Non- On-prem to non-M365
e OneDrive Microsoft file workloads
Online Clouds and shares
SaaS apps
Guided Unified & flexible Integrated with Unified alerting & Integrated end-user
onboarding policy management MIP Remediation experiences
Unified and integrated
experiences - Cloud native, no on-prem infra required
- Out-of-the-box analytics, no policy needed
Easy onboarding - Tailored experience for policy creation, driven by
insights from analytics (underway)
-
Notify data officer when sensitive data is
Unified alerting and exposed, with rich incident details and triage
remediation - SIEM integration – API support to retrieve
audit and alert data, and remediate
End user
Out-of-the-box
analytics, no
policy needed
Rich detail to
triage
2 and remediate
API support
enabling SIEM
integration
Native protection
Built-in to Windows 10, Office Apps, Edge – no agent required
Seamless deployment
Cloud-delivered, lightweight configuration leads to immediate
value
Integrated
Integrations (e.g. with Microsoft Information Protection)
build on existing capabilities and focus on risks that matter
Key customer pain
points
On-prem infrastructure “You can’t protect what you can’t see” Heavy handed lockdown
Endpoint agent Complicated policies Siloed solution
DLP from the ‘outside-
in’
Large system footprint
Next generation Endpoint
DLP
Seamless
Data-centric,
Risk-aware
Seamle
ss
Integrated to MIP
• Managed through Microsoft Compliance Center
• Single click extends existing DLP policies to devices
Data-centric,Risk-
aware
Data-centric protection
• Content-centric auditing and enforcement
• Apply sensitivity label and encryption (future)
Native protection
Built-in to Windows 10 (1809+), Office Apps, Edge – no
agent required From private preview customers
“Deployment is a breeze”
Seamless deployment “It plugs into my M365 DLP eco-
Cloud-delivered, lightweight configuration leads to immediate system”
value “Bridges the visibility gap for data
on endpoints”
Integrated
Integrations (e.g. with Microsoft Information Protection)
build on existing capabilities and focus on risks that
matter
Operation System
Windows 10, builds 1809 and up.
License
• Microsoft 365 E5/A5
• Microsoft 365 E5/A5 Compliance
• Microsoft 365 E5/A5 Information Protection and Governance
• Microsoft 365 E5 Information Protection + DLP (add-on)
Endpoint DLP
Microsoft 365 E5/A5
Licensing
•
• Microsoft 365 E5/A5 Compliance
• Microsoft 365 E5/A5 Information Protection and
Governance
• Microsoft 365 E5 Information Protection + DLP (add-on)
Microsoft 365 E5 Compliance
Pre-req: M365 E3/A3 or Office 365 E3 + EMS E3
M365 E5 Info Protection & Governance M365 E5 Insider Risk Management M365 E5 eDiscovery and Audit
See Microsoft 365 licensing guidance for security & compliance for detailed guidance and license
Endpoint DLP
Roadmap