DLP Endpoint detection not working while in Incognito Mode Google Chrome / Microsoft Edge Chromium
search cancel

DLP Endpoint detection not working while in Incognito Mode Google Chrome / Microsoft Edge Chromium


Article ID: 173203


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention Data Loss Prevention Endpoint Suite Data Loss Prevention Enterprise Suite


In Chromium based browsers such Google Chrome and Microsoft Edge, DLP extensions are disable by default in Incognito Mode/InPrivate Browsing. Symantec Data Loss Prevention requires its plugin to be enabled for detection to work properly. User can manually turn On/Off the plugins in these modes.


All Chromium based browsers.

Windows and MacOS

DLP Endpoint 15.x


Broadcom recommends that you disable Incognito/InPrivate Browsing mode and Guest profile/mode in Chromium browsers by an appropriate Group policy configuration, or an MDM profile on macOS. While the plug-in can be manually enabled via the option "Allow in Incognito" in the extension details, this might not be the feasible option in an enterprise environment. 
The following values need to be set in their respected browsers please review browser documentation regarding how to apply those polices. These administrative templates are provided by the browser vendor and not by Broadcom.

Google Chrome:


0 = Incognito mode available
1 = Incognito mode disabled
2 = Incognito mode forced


BrowserGuestModeEnabled=0 (false)


Microsoft Edge:


Enabled (0) = InPrivate mode available
Disabled (1) = InPrivate mode disabled
Forced (2) = InPrivate mode forced


BrowserGuestModeEnabled=0 (false)


Additional Information

See also: Deploy the DLP Chrome Browser extension via GPO

See also: Deploy the DLP Edge (Chromium) Browser extension via GPO