M365 Archive

MC801975 - Endpoint Data Loss Prevention (DLP): Enhancements to the device onboarding page

Message Center

This announcement expired on Nov 11, 2024 and is no longer active in Message Center.

Message ID

MC801975

View in Message Center

Service

Microsoft 365 suite
Microsoft Purview

Last Updated

Sep 11, 2024

Published Jun 14, 2024

Tag

Updated message
New feature
Admin impact

Roadmap ID

393934

View in M365 Roadmap

Platforms

Web

Summary

The message details enhancements to the Endpoint Data Loss Prevention (DLP) device onboarding page, including the ability to search by IP address, a new 'Valid user' filter, exclusion of non-DLP supported devices like Android, and new properties in the export report. Rollout begins mid-July 2024 for Public Preview and early August 2024 for General Availability. No admin action required. Microsoft 365 Roadmap ID 393934.

More information

Updated September 10, 2024: We have updated the Public Preview rollout timeline below. Thank you for your patience.

For Endpoint Data Loss Prevention (DLP), we've added enhancements to the device onboarding page. These include:

  • Ability to search by IP address to look up devices.
  • New filter for 'Valid user' available.
  • Refined device list to only include devices that can be DLP supported, which excludes Android devices from showing up in the device onboarding list.
  • New properties in the export report.

This message is associated with Microsoft 365 Roadmap ID 393934

When this will happen:

Public Preview: We will begin rolling out mid-July 2024 (previously late June) and expect to complete by late July 2024 (previously early July).

General Availability (Worldwide, GCC, GCC-High, DoD): We will begin rolling out early August 2024 and expect to complete by late September 2024 (previously late August).

How this will affect your organization:

  • You will be able to look up devices using their IP address in the search box (located in the upper right corner of the page) and view their device health status in the device onboarding page. 



  • You can filter for valid or invalid devices using the “Valid user” filter to get a list of all the devices that have an invalid user status. When the valid user status is invalid, it means that there was no authenticated user found. Without proper authentication, data classification is impeded. If the status of the valid user status is invalid, follow the provided remediation guidance.


  • The device onboarding page has been enhanced to only show devices that can be DLP supported.
  • You can get all the device information from the device onboarding page using the export capability. The export report now contains new device properties including:
    • Valid user
    • First onboarded date
    • MDATP device ID
    • Defender engine version
    • Defender Mocamp version
    • Endpoint DLP status
    • Last policy sync time
    • Advanced Classification bandwidth usage exceeded


For more information, see Troubleshooting endpoint data loss prevention configuration and policy sync | Microsoft Learn

What you need to do to prepare:

This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.