DLP features and the future of AIP
The earlier examples showed how we can use user-based classification to protect data within our organizations. However, with this approach, we only protect files that users are working on and not all the other data that is stored on our file servers or locally on end users’ machines.
It would be difficult to make users go in and manually classify all data that is stored there, so we need something that can automatically apply protection policies based on either metadata or content.
Microsoft had a feature called the network scanner that was part of AIP that provided this feature, but in 2022, it was set to be deprecated.
Moving forward, Microsoft is adding more of these features to the Purview DLP policy engine, where many of the features will also be extended with more DLP features.
This includes support for monitoring file activity usage and blocking actions such as being able to block copy file content from an endpoint to a USB...
