[Introduction:]
We are introducing inline file upload protection for Microsoft Edge for Business to help prevent data leakage when users upload files to consumer generative AI (GenAI) apps in the browser. This complements the existing text upload protections available today for unmanaged GenAI apps and can be layered with Endpoint DLP protections. With this update, admins can detect and enforce inline protections on file uploads in Edge for Business. Policies can target file-specific conditions such as file size, file type, and sensitive information types, enabling organizations to audit or block activities for users on Intune-managed Windows devices.
This message is associated with Microsoft 365 Roadmap ID 518642.
[When this will happen:]
- Public Preview: Begins mid-November 2025; expected to complete by early December 2025.
- General Availability (Worldwide): Begins early December 2025; expected to complete by late December 2025.
[How this affects your organization:]
- Who is affected: Admins managing Microsoft Purview DLP policies and Edge for Business on Intune-managed Windows devices.
- What will happen:
- Admins can extend existing Purview collection and DLP policies to include file upload protection for unmanaged GenAI apps.
- Inline protections are built directly into Edge for Business.
- Automated behaviors will block use of unprotected browsers for users included in blocking policies.
- Policies can be configured based on file size, type, and sensitivity.
[What you can do to prepare:]
- No action is required before rollout.
- Review your current collection and DLP policies.
- Update policies to include file upload conditions if needed.
- Inform your Security and Edge admins about this enhancement.
Learn more:
- Collection policy reference - Collection policies | Microsoft Purview | Microsoft Learn
- Data Loss Prevention for Cloud Apps in Edge for Business | Microsoft Purview | Microsoft Learn
- Data Loss Prevention policy reference | Microsoft Purview | Microsoft Learn
- Help prevent sharing via Microsoft Edge for Business to unmanaged AI apps from managed devices | Microsoft Purview | Microsoft Learn
[Compliance considerations:]
| Question | Impact | Explanation |
|---|---|---|
| Does the change modify, interrupt, or disable any of the following capabilities (Purview): DLP policies or enforcement | Yes | Inline file upload protection modifies how DLP policies are enforced in Edge for Business. |
| Does the change alter how admins can monitor, report on, or demonstrate compliance activities? | Yes | Admins gain new visibility and control over file uploads to unmanaged GenAI apps. |