AI innovation is transforming every industry, business process, and individual experience. As organizations adopt AI, one truth remains constant:

Your AI is only as good as your data

If poor quality, incomplete, biased, or sensitive data is fed into AI models, the results will be equally flawed, leading to sensitive data leaks and inaccurate predictions—both of which create potentially harmful outcomes and erode trust. High quality, governed, and secured data enables AI systems to deliver reliable insights and instill confidence in data usage and AI usage. Consider a team building an AI-powered customer service app. Without trustworthy data, the AI could give incorrect answers or expose sensitive information. In fact, about 99% of organizations have already experienced sensitive data exposure through AI tools, underscoring the urgent need for robust safeguards.¹ Compounding this challenge, many companies address data security and governance in silos, using separate point solutions for each, and different tools across cloud platforms, which makes it harder to ensure data discovery, quality, and protection consistently.

As organizations prepare for an AI future, they require a comprehensive approach that solves both security and governance together. Microsoft Purview offers a modern, unified approach to help organizations secure and govern data across their heterogenous data estate. Purview consolidates security, governance, and compliance into a single solution. Purview also bridges different tools across different data sources like Microsoft Azure, Microsoft 365, and Microsoft Fabric, streamlining oversight and reducing complexity across the estate.

At FabCon Vienna, we are announcing new Microsoft Purview innovations for Fabric to help you seamlessly secure and confidently activate your data for AI. These updates span data security and data governance, allowing Fabric users to both

1. Discover risks and protect data in Fabric
2. Improve data discovery and quality across their Fabric estate

Discover risks and protect data

In today’s AI-powered world, data is both a powerful asset and a growing risk. Microsoft Purview helps organizations protect their data holistically by integrating Information Protection, Data Loss Prevention, Insider Risk Management, and Data Security Posture Management for AI. These tools work together to classify and secure sensitive data, prevent leaks, detect insider threats, and uncover AI-related risks. Paired with Microsoft Fabric, Purview builds upon existing data security such as OneLake Security while enabling innovation. Here are a few examples how Purview secures your Fabric estate:

Microsoft Purview Information Protection policies for Fabric items and Data Loss Prevention for structured data in OneLake

Now generally available, Microsoft Purview Information Protection policies allow Fabric users to manually label Fabric items, with access controls automatically enforced according to pre-defined protection policies set by administrators. Data Loss Prevention policies on structured data in OneLake is also now generally available, preventing data oversharing in Fabric through policy tip triggering when sensitive data is detected in assets. 

Microsoft Purview Insider Risk Management indicators for Power BI

Microsoft Purview Insider Risk Management is now generally available for Microsoft Fabric and extends its detection capabilities to Fabric by introducing built-in risk indicators for user activities in Power BI, such as viewing, downloading, exporting, and managing sensitivity labels for Power BI artifacts. These indicators can be applied directly to data theft and data leak policies, giving organizations stronger signals to spot suspicious behavior. By correlating signals across different activities, Insider Risk Management helps uncover potential insider threats such as intellectual property theft, unauthorized data sharing, or policy violations in Fabric.

Microsoft Purview Data Risk Assessments for Fabric

Within Purview’s Data Security Posture Management for AI, Data Risk Assessments will now support discovering overshared Fabric data (dashboards, reports, and more) in preview. Fabric customers will benefit from Data Risk Assessments by easily identifying what data is most at risk of leakage within Fabric. A default assessment will be created to identify overshared Fabric data in the top 100 accessed Fabric workspaces.

Microsoft Purview Data Security and Compliance controls for Copilot in Power BI

Microsoft Purview Data Security and Compliance controls for Copilot in Power BI are now generally available for Fabric users. Users can discover data risks, such as sensitive information in Copilot in Power BI’s prompts and responses, with actionable recommendations surfaced in Microsoft Purview Data Security Posture Management for AI reports. Users can also govern Copilot interactions using audit, eDiscovery, retention policies, and identifying non-compliant usage to support responsible AI usage.

Now that we’ve covered how Purview helps secure Fabric data, the next focus is to ensure that Fabric users can use that data.

Improve data discovery and quality across their Fabric estate

Once an organization’s data is well-protected, the next challenge is making sure Fabric data consumers can find and trust the data for AI and analytics projects. This is where the Microsoft Purview Unified Catalog comes in, as a foundation for data discovery, quality, and curation across your Fabric environment. The Unified Catalog acts as a lever for data activation: it brings together powerful tools to improve data visibility and quality so that your analysts, data scientists, and AI models can easily locate the right data and use it with confidence. Estate-wide data discovery provides a holistic view of your data landscape, so data is not underutilized. Data quality tools empower teams to measure, monitor, and remediate issues in your data such as incomplete rows and columns and redundant data so business decisions are made with confidence based on the accuracy and reliability of the data. Paired with Microsoft Fabric, Purview builds upon existing data governance capabilities in Fabric such as the OneLake catalog while enabling innovation. Here are a few examples of how:

Sub item metadata in Fabric Lakehouse for comprehensive visibility of your Fabric estate

In preview, Fabric data consumers can now view metadata at the table, column, and file level in Purview, ensuring each artifact is recorded at its most granular detail for in-depth data discovery.

Defining custom attributes for business concepts using language your data consumers will understand

In the Unified Catalog, you can define and apply custom attributes to your data assets, which fosters better organization and utilization of your data. Now in preview, custom attributes provide data practitioners with the ability to apply specific attributes to business concepts such as glossary terms, critical data elements and data products. For a Fabric customer, this ensures that data is easier to understand and is more discoverable for usage of data workloads and AI use cases.

Published error records in Fabric for analysis and remediation of data quality issues

Now in preview, Fabric users can identify the root causes of data quality errors directly where they work in Fabric OneLake, providing Fabric data consumers with a one stop shop for remediation of data for its use in analytics and AI.

These governance enhancements empower teams to use data with confidence. A protected dataset isn’t very useful if users neither know it exists nor if they don’t trust its accuracy. Unified Catalog ensures that data assets are more discoverable and trustworthy for Fabric users

Looking forward

As organizations embrace the transformative power of AI, the need for robust data security and governance has never been greater. Microsoft Purview and Microsoft Fabric provide a unified foundation that empowers organizations to innovate confidently, knowing their data is protected, governed, and ready for responsible AI activation. We are committed to helping you stay ahead of evolving challenges and opportunities and invite you to explore these new capabilities. Join us on the journey toward a more secure, governed, and innovative data future.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. 

¹ Businesstechweekly.com, 99% of Organizations Expose Sensitive Data: The Security Risks of Uncontrolled AI Tools, May 28, 2025.

The post Microsoft Purview innovations for your Fabric data: Unify data security and governance for the AI era appeared first on Microsoft Security Blog.

The Microsoft Fabric and Microsoft Purview teams are excited to be in Las Vegas from March 31 to April 2, 2025, for the second annual and highly anticipated Microsoft Fabric Community Conference. With more than 200 sessions, 13 focused tracks, 21 hands-on workshops, and two keynotes, attendees can expect an engaging and informative experience. The conference offers a unique opportunity for the community to connect and exchange insights on key topics such as data and AI.

AI innovation is impacting every industry, business process, and individual. About 75% of knowledge workers today are currently using some sort of AI in their day to day.¹ At the same time, the regulatory landscape is evolving at an unprecedented pace. Around the world, at least 69 countries have proposed more than 1,000 AI-related policy initiatives and legal frameworks to address public concerns around AI safety and governance.² With the need to adhere to regulations and policy frameworks for AI transformation, a comprehensive solution is needed to address security, governance, and privacy concerns. Additionally, with the convergence of the responsibilities of cybersecurity and data teams, customers are asking for a solution that turns data security and data governance into a team sport to address issues such data discovery, data classification, data loss prevention, and data quality in a unified way. Microsoft Purview delivers a comprehensive set of solutions that address these needs, helping customers seamlessly secure and confidently activate their data in the era of AI.

We are excited to announce new innovations that help security and data teams accelerate their organization’s AI transformation:

1. Enhancing Microsoft Purview Data Loss Prevention (Purview DLP) support for lakehouse in Microsoft Fabric to help prevent sensitive data loss by restricting access.
2. Expanding Purview DLP policy support for additional Fabric items such as KQL databases and Mirrored databases to send users notification through policy tips when they are working with sensitive data.
3. Microsoft Purview integration with Copilot in Fabric, specifically for Power BI.
4. Data Observability within the Microsoft Purview Unified Catalog.

Seamlessly secure data

Microsoft Purview is extending its proven data security value delivered to millions of Microsoft 365 users worldwide, to the Microsoft data platform. This helps users drive consistency across their multicloud and multiplatform data estate and simplify risks related to data leaks, oversharing, and risky user behavior as more users are managing and handling data in the era of AI.

1. Enhancing Microsoft Purview Data Loss Prevention (DLP) support for lakehouse in Fabric to help prevent sensitive data loss by restricting access

Microsoft Purview Data Security capabilities are used by hundreds of thousands of customers for their integration with Microsoft 365 data. Since last year’s Microsoft Fabric Community Conference, Microsoft Purview has extended Microsoft Purview Information Protection and Purview DLP policy tip value across the data estate, including Fabric. Currently, Purview DLP supports the ability to show users notifications for when they are working with sensitive data in lakehouse. We are excited to share that we are enhancing the DLP value in lakehouse to prevent sensitive data leakage to guest users by restricting access. Data Security admins can configure policies and limit access to only internal users or data owners based on the sensitive data found. This control is valuable for when a Fabric tenant includes guest users and domain owners want to limit access to internal proprietary data in their lakehouses. 

Figure 1. DLP policy restricting access for guest users into lakehouse due to personally identifiable information (PII) data discovered 

2. Expanding DLP policy support for additional Fabric items such as KQL databases and Mirrored databases to show users notification through policy tips when they are working with sensitive data

A key part of securing sensitive data is to provide visibility to your users on where and how they are interacting with sensitive data. Purview DLP policies can help notify users when they are working with sensitive data through policy tips in lakehouse in Fabric. We are excited to announce that we are extending policy tips support for additional Fabric items—KQL databases and Mirrored databases in preview. (Mirrored Database sources include Azure Cosmos DB, Azure SQL Database, Azure SQL Managed Instance, Azure Databricks Unity Catalog, and Snowflake, with more sources available soon). KQL databases are the only databases used for real-time analytics so detecting sensitive data that comes through real-time analytics is huge for Fabric customers. Purview DLP for Mirrored databases reduces the security risk of sensitive data leakage when data is transferred in Fabric. We are happy to extend Purview DLP value to more data sources, providing end-to-end protection for customers within their Fabric environments, all to prepare for the safe deployment of AI.

Figure 2. Policy tip triggered by Purview DLP due to PII being discovered in KQL databases.

Figure 3. Policy tip triggered by Purview DLP due to PII being discovered in Mirrored databases.

3. Microsoft Purview for Copilot in Fabric

As organizations adopt AI, implementing data controls and a Zero Trust approach is crucial to mitigate risks like data oversharing and leakage, and potential non-compliant usage in AI. We are excited to announce Microsoft Purview capabilities in preview for Copilot in Fabric, starting with Copilot for Power BI. By combining Microsoft Purview and Copilot for Power BI, users can:

• Discover data risks such as sensitive data in user prompts and responses and receive recommended actions in their Microsoft Purview Data Security Posture Management (DSPM) dashboard to reduce these risks.
• Identify risky AI usage with Microsoft Purview Insider Risk Management to investigate risky AI usage, such as an inadvertent user who has neglected security best practices and shared sensitive data in AI or a departing employee using AI to find sensitive data and exfiltrating the data through a USB device.
• Govern AI usage with Microsoft Purview Audit, Microsoft Purview eDiscovery, retention policies, and non-compliant usage detection.

Figure 4. Purview DSPM for AI provides admins with comprehensive reports on Copilot in Fabric’s user activities, as well as data entered and shared within the copilot.

Confidently activate data

4. Data observability, now in preview, within Microsoft Purview Unified Catalog

Within the Unified Catalog in Microsoft Purview, users can easily identify the root cause of data quality issues by visually investigating the relationship between governance domains, data products, glossary terms, and data assets associated with them through its lineage. Data assets and their respective data quality are visible across your multicloud, hybrid data estate. Maintaining high data quality is core to driving trustworthy AI innovation forward, and with the new data observability capabilities in Microsoft Purview, users can now improve how fast they can investigate and resolve root cause issues to improve data quality and respond to regulatory reporting requirements.

Figure 5. Lineage view of data assets that showcases data quality within a Data Product.

Microsoft Purview and Microsoft Fabric can help secure and activate data

As your organization continues to implement AI, Microsoft Fabric and Microsoft Purview will serve as key solutions to safely activate your data for AI. Stay tuned for even more exciting innovations to come and check out the Fabric blog to read more about the innovations in Fabric.

Learn more

Explore these resources to stay updated on our product innovations in security and governance for your data:

• Learn how to secure and govern your entire data estate with Microsoft Purview.
• Learn more about Microsoft Purview Data Governance.
• Get started with Microsoft Fabric.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Work Trends Index

²AI Regulations around the World – 2025

The post New innovations in Microsoft Purview for protected, AI-ready data appeared first on Microsoft Security Blog.

Historically, organizations have relied on the traditional approach to data security and governance, largely involving stitching together fragmented solutions. According to Gartner®, “75% of security leaders are actively pursuing a security vendor consolidation strategy as of 2022.”² Consolidation, however, is no easy feat. In a recent study, more than 95% of security leaders acknowledge that unifying the handling of data security, compliance, and privacy across teams and tools is both a priority and a challenge.³ These approaches often fall short because of duplicate data, redundant alerts, and siloed investigations, ultimately leading to increased data risks. Over time, this approach has been increasingly difficult for organizations to maintain.

Unify how you protect and govern your data with Microsoft Purview

Unlike traditional data security and governance strategies that require disparate solutions to achieve comprehensive data protection, Microsoft Purview is purpose-built to unify data security, governance, and compliance into a single platform experience. This integration aims to reduce complexity, simplify management, and mitigate risk, while helping enhance efficiency across teams to support a culture of collaboration. With Microsoft Purview you can:

• Enable comprehensive data protection.
• Support compliance and regulatory requirements.
• Help safeguard AI Innovation.

What’s new in Microsoft Purview?

To meet our growing customer needs, the team has been delivering a lot of innovation at a rapid pace. In this blog, we’re excited to recap all the new capabilities we announced at Microsoft Ignite last month.

Enable comprehensive data protection

Microsoft Purview enables you to discover, secure, and govern data across Microsoft and third-party sources. Today, Microsoft Purview delivers rich data security capabilities through Microsoft Purview Data Loss Prevention, Microsoft Purview Information Protection, and Microsoft Purview Insider Risk Management, enhanced with AI-powered Adaptive Protection. To drive AI transformation, you need to build and maintain a strong data foundation, categorized by data that is not just secured but also governed. Microsoft Purview also addresses your data governance needs with the newly reimagined Microsoft Purview Unified Catalog. These data security and data governance products leverage shared capabilities such as a common data catalog, connectors, classifications, and audit logs—helping reduce inconsistencies, inefficiencies, and exposure gaps, commonly experienced by using disparate tools.

Introducing Microsoft Purview Data Security Posture Management

Microsoft Purview Data Security Posture Management (DSPM) provides visibility into data security risks and recommends controls to protect that data. DSPM provides contextual insights, usage analysis, and continuous risk assessments of your data, helping you mitigate risks and enhance data security. With DSPM, you get a shared understanding of key risks through a series of reports that correlate insights across location and type of sensitive data, risky user activities, and common exfiltration channels. In addition, DSPM provides actionable, scenario-based recommendations for detection and protection policies. For example, DSPM can help you create an Insider Risk Management policy that identifies risky behavior such as downgrading labels in documents followed by exfiltration, and a data loss prevention (DLP) policy to block that exfiltration at the same time.

DSPM also brings a view of historical trends and insights based on sensitivity labels applied, sensitive assets covered by at least one DLP policy, and potentially risky users so show the effectiveness of your data security policies over time. And finally, DSPM leverages the power of generative AI through its deep integration with Microsoft Security Copilot. With this integration, you can easily uncover risks that might not be immediately apparent and drive efficient and richer investigations—all in natural language.

With DSPM, you can easily identify possible labeling and policy gaps such as unlabeled content and users that aren’t scoped in a DLP policy, unusual patterns and activities that might indicate potential risks, as well as opportunities to adapt and strengthen your data security program.

Figure 1. DSPM overview page provides centralized visibility across data, users, and activities, as well as access to reports.

Learn more about this announcement in the Data Security Posture Management blog.

Increasing data security and security operations center integration

Understanding data and user context is vital for improving security operations and prioritizing investigations, especially when sensitive data is at stake. By integrating insights such as data classification, access controls, and user activity into the security operations center (SOC) experience, organizations can better assess the impact of security incidents, reduce false alerts, and enhance containment efforts. In addition to the already present DLP alerts in the Microsoft Defender XDR incident investigation and data security remediation actions enabled directly from Defender XDR, we’ve also added Insider Risk Management context to the user entity page to provide a more comprehensive view of user activities.

With Microsoft Purview’s latest integration with Microsoft Defender, now in preview, you get insider risk alerts in Defender XDR and can correlate them with incidents. This gives you critical user context for your security investigations. SOC teams can now better distinguish internal incidents from external cyberattacks and refine their response strategies. For more complex analysis to identify risks such as attack patterns, we are integrating insider risk signals into Defender XDR’s Advanced Hunting, giving you deeper insights and allowing you to improve your policies in partnership with data security teams. Together, these advancements allow your organization to stay ahead of evolving cyberthreats, providing a collaborative and data-driven approach to security.

Learn more about this announcement in the Purview Insider Risk Management blog.

Protecting data and preventing sensitive data loss

As AI generates new data in unprecedented volumes, the need to secure that data and prevent the loss of sensitive information has become even more crucial. Our new DLP capabilities help you effectively investigate DLP incidents, fortify existing protections, and refine your overall DLP program. You can now customize Purview DLP to the established processes of your organization with the Microsoft Power Automate connector in preview. This lets you automate and customize your DLP policy actions through Power Automate workflows to integrate your DLP incidents into new or established IT, security, and business operations workflows, like stakeholder awareness or incident remediation.

DLP policy insights in Security Copilot, also in preview, summarize existing DLP policies in natural language and helps you understand any gaps in policy coverage across your environment. This makes it easier for you to quickly and easily understand the full breadth of DLP policy coverage across your organization and address gaps in protection. We are also enhancing DLP protections on endpoints by expanding our file type coverage from more than 40 to more than 110 file types. Users can also now store and view full files on Windows devices as evidence for forensic investigations using Microsoft-managed storage. With the Microsoft-managed option, your admins can save time otherwise spent configuring additional settings, assigning permissions, and selecting the storage in the policy workflow. Finally, you can now enforce blanket protections on file types that cannot currently be scanned or classified by endpoint DLP, such as blocking copy to removable media for all computer-aided design (CAD) files regardless of those files’ contents. This helps ensure that the diverse range of file types found in your environment are still protected even if they cannot currently be scanned and classified by Microsoft Purview endpoint DLP. 

Learn more about these announcements in our Microsoft Purview Data Loss Prevention blog.

Microsoft Purview Data Governance innovations to drive greater business value

Research indicates that data practitioners spend 80% of their time finding, cleaning, and organizing data, leaving only 20% of time to process and analyze it.⁴ To simplify the data governance practice in the age of AI, the Microsoft Purview Unified Catalog is a comprehensive enterprise catalog that automatically inventories and tags your organization’s critical data assets. This gives your business users the ability to search for specific business data when building analytics reports or AI models. The Unified Catalog gives you visibility and confidence in your data across your disparate data sources and local catalogs with built-in data quality management and end-to-end lineage. You can integrate metadata from diverse catalogs such as Fabric OneLake, Databricks Unity, and Snowflake Polaris, into a unified catalog for all your data stewards, data owners, and business users.

Now in preview, Unified Catalog provides deeper data quality through a new scan engine that supports open standard file and table formats for big data platforms, including Microsoft Fabric, Databricks Unity Catalog, Snowflake, Google Big Query, and Amazon S3. This new scan engine enables rich data quality management at the asset level for improved data quality management at the asset level for overall improved data quality health. Lastly, Microsoft Purview Analytics in OneLake (preview) allows you to extract tenant-specific metadata from the Unified Catalog and export it directly into OneLake. You can then use Microsoft Power BI to analyze the metadata to further understand and report on your data’s quality and lineage.

Learn more about these announcements in our Microsoft Purview Data Governance blog.

Support compliance and regulatory requirements

As regulatory requirements evolve with the proliferation of AI, it is more critical than ever for businesses to keep compliance and privacy top of mind. However, adhering to requirements is becoming increasingly complex, while consequences for non-compliance are growing more severe. Microsoft Purview empowers you to address regulatory demands and comply with corporate policies by offering compliance and privacy controls that are both scalable and adaptable to changing needs.

New templates in Compliance Manager to help simplify compliance

Microsoft Purview Compliance Manager provides insights into your organization’s compliance status through compliance templates and provides suggested actions and next steps to help you along your compliance journey. Compliance Manager continues to add new templates to help you address new and evolving regulations, including templates for the European Union AI Act (EUAI Act), NIST 2 AI, ISO 42001, ISO 23894, Digital Operations Resiliency Act (DORA), and additional industry and regional regulations. Compliance Manager now includes historical records that help track your organization’s compliance and provides actionable next steps to understand how new regulations or policies affect your compliance score over time. In addition, you can now leverage custom templates to address both regulatory and your organization’s specific policies and preferences.

Figure 2. EUAI Act Assessment in Compliance Manager.

Learn more about this announcement in the Microsoft Purview Compliance Manager blog.

New Microsoft Purview controls for ChatGPT Enterprise with integration with OpenAI for improved compliance

Microsoft Purview now integrates with ChatGPT Enterprise, allowing you to gain visibility and govern the prompts and responses of your ChatGPT Enterprise interactions. This integration, currently in preview, includes Microsoft Purview Audit for auditing ChatGPT Enterprise interactions, Microsoft Purview Data Lifecycle Management for enabling retention and deletion policies, Microsoft Purview Communication Compliance to proactively detect regulatory and corporate policy violations, and Microsoft Purview eDiscovery to streamline legal investigations.

Learn more about all these announcements in our Security for AI blog.   

Microsoft Purview is built to help safeguard AI Innovation

With the rapid adoption of AI, new vulnerabilities have emerged, highlighting the need for strong data security and governance of AI workloads. Microsoft Purview is built to secure and govern data related to pre-built and custom-built AI apps.

Introducing Microsoft Data Security Posture Management for AI (DSPM for AI)

Security teams often find themselves in the dark when it comes to data security and compliance risks associated with AI usage. Without proper visibility, organizations often struggle to safeguard their AI assets effectively. DSPM for AI, now generally available, gives you visibility through a centralized dashboard and reports, enables you to proactively discover and manage your AI-related data risks, such as sensitive data in user prompts, and gives you actionable recommendations and real-time insights to respond effectively to security incidents.

Microsoft Purview controls for Microsoft 365 Copilot help prevent data oversharing

Data oversharing occurs when users have access to more data than necessary for their job duties. Organizations need effective data security controls to help mitigate this risk. At Microsoft Ignite we announced a number of new Microsoft Purview capabilities in preview to prevent data oversharing in Microsoft 365 Copilot.

Data oversharing assessments: Discover data that is at risk of oversharing by scanning files containing sensitive data, identifying risky data sources such as SharePoint sites with overly permissive user access, and by providing recommendations such as auto-labeling policies and default labels to prevent sensitive data from being overshared. The oversharing assessment report can identify unlabeled files accessed by users before deploying Copilot or can be run post-deployment to identify sensitive data referenced in Copilot responses. 

Label-based permissions: Microsoft 365 Copilot honors permissions based on sensitivity labels assigned by Microsoft Purview when referencing sensitive documents.

Purview DLP for Microsoft 365 Copilot: You can create DLP policies to exclude documents with specified sensitivity labels from being processed, summarized, or used in responses in Microsoft 365 Copilot, preventing sensitive data from being inadvertently overshared.

New Microsoft Purview capabilities to detect risky activities in Microsoft 365 Copilot

Security teams need ways to detect risky use of AI applications like deliberate or accidental access to sensitive data, jailbreaks, and copyright violations. Insider Risk Management and Communication Compliance now provide risky AI usage indicators, a policy template, and an analytics report in preview to help detect and investigate the risky use of AI. These new capabilities not only help detect risky activities and prompts but also integrate with Microsoft Defender XDR, enabling your security teams to investigate new AI-related risks holistically alongside other risks, such as identity risks through Microsoft Entra and data oversharing and data loss risks through Purview DLP.

New Microsoft Purview capabilities for agents built with Microsoft Copilot Studio

When new and citizen developers are building low code or no-code AI, they often lack security expertise and tools to enable security and compliance controls. Microsoft Purview now provides data controls for agents built in Copilot Studio to enable low code and no-code developers to build more secure agents. For example, when an agent built with Copilot Studio accesses sensitive data, it will recognize and honor the sensitivity labels of the data being accessed. Microsoft Purview will also protect sensitive data generated by the agent through label inheritance and will enforce label permissions, ensuring only authorized users have access.

Data security admins also get visibility into the sensitivity of data in user prompts and agent responses within DSPM for AI. Moreover, Microsoft Purview will enable you to detect anomalous user activity and risky or non-compliant AI use and apply retention or deletion policies on your agent prompts and responses. These new controls give you visibility and and insights into risks for your agents built with Copilot Studio, strengthening your data security posture.

Learn more about all these announcements in our Security for AI blog.   

Unified solutions that empower your organization

As you navigate the complexities of AI proliferation, regulatory requirements, and security threats, we are excited to innovate, invest in, and expand the capabilities of Microsoft Purview to address your most pressing data security, governance, and compliance challenges.

Get started with Microsoft Purview today

To get started, we invite you to try Microsoft Purview free and to learn more about Microsoft Purview today.

• Read the Data Security Index report.
• Read our new whitepaper: Accelerating AI transformation by prioritizing security, a path to implementing effective security for AI that enables innovation.
• Watch Microsoft Purview sessions from Microsoft Ignite.
• Try Microsoft Purview for free.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Microsoft internal research, May 2023. 

²Gartner, Innovation Insight for Security Platforms, Peter Firstbrook, Craig Lawson. October 16, 2024. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

³Microsoft internal research, August 2024. 

⁴Overcoming the 80/20 Rule in Data Science, Pragmatic Institute.

The post New Microsoft Purview features help protect and govern your data in the era of AI appeared first on Microsoft Security Blog.

The Microsoft Purview team and I are thrilled to showcase the latest innovations in Microsoft Purview and Microsoft Fabric, designed to help customers secure, govern, and manage their complex data estates in the AI era. We’re excited to announce the preview of Microsoft Purview Information Protection, which allows for content restriction in Fabric using sensitivity labels, and Microsoft Purview Data Loss Prevention policies for lakehouses. Additionally, we’re highlighting the recent general availability of the Microsoft Purview Data Governance solution.

Customers are asking for a seamless solution that turns data security, governance, and compliance into a team sport to effectively address the converging trends across 1. scale and sophistication of data threats; 2. increasing regulations; 3. ever-expanding data estate; and 4. acceleration of AI adoption within the business.

Microsoft Purview delivers a comprehensive set of solutions that can help your organization secure, govern, and manage data for compliance and regulatory needs, wherever it lives. As we engage with customers at the Fabric Conference this week, we underscore the pivotal role of security and governance in laying the groundwork for responsible analytics. For businesses all over the world, this comprehensive approach balances the need to secure and protect data from cyberthreats with the need to activate data for business insights and AI.

Integrated with Microsoft Fabric

Microsoft Purview and Microsoft Fabric are committed to delivering a rich integrated experience so customers can seamlessly secure and govern their data estate efficiently to help meet regulatory, compliance, and privacy requirements while ensuring high-quality data for data activation. For Fabric customers, this means you can discover, secure, govern, and manage Fabric items from within Microsoft Purview as a single pane of glass across your heterogeneous data estate.

Microsoft Purview helps you seamlessly discover data assets in OneLake, extend the same Microsoft Purview data security sensitivity labels and policies from Microsoft 365 to Fabric items, and curate your Fabric data assets into a single enterprise data catalog along with other data sources like Azure Databricks, Snowflake, and Google Big Query. And this seamless integration doesn’t require any data movement or duplication, helping you reduce data sprawl and silos.

Seamlessly secure your data

Microsoft Purview Data Security capabilities are already loved and leveraged by customers around the world for their Microsoft 365 data, and with today’s announcements, we are extending this value further to Microsoft Fabric customers. These added investments enhance the Microsoft Purview Data Security capabilities already available for Fabric released in March.

Now in preview, Microsoft Purview Information Protection now includes the ability to restrict access to content based on sensitivity labels for Fabric data, which helps you discover, classify, and protect sensitive information, including the ability to apply sensitivity labels. By extending the sensitivity label support to Fabric data, security admins can now use sensitivity labels to manage who has access to Fabric items with certain labels. For example, a security admin could restrict access to data items with a “financial data” sensitivity label to only users in the finance department.

We are also extending support for Microsoft Purview Data Loss Prevention (Purview DLP) policies for your Fabric items. Purview DLP helps an organization protect sensitive data and reduce the risk of data oversharing by letting organizations define and apply policies. With these new integrations, security admins can now apply Purview DLP policies to Fabric data. As an example, a policy can be set to help detect the upload of sensitive data, like social security numbers to a lakehouse in Fabric. If detected, the policy will trigger an automatic audit activity, which can alert the security admin, and can also surface a custom policy tip to data owners to take action and remedy the non-compliance with the policy.

Learn more about Microsoft Purview Data Security integrations in Fabric.

Confidently activate your data

Microsoft Purview’s new data governance experience was made generally available on September 1, 2024. This newly reimagined solution is purpose-built for federated data governance and offers a business-friendly experience, AI-powered experiences for dramatic efficiencies, and all the key ingredients you’d expect, including catalog curation, data quality management, actionable insights, rich user experiences, and integration with third-party data management solutions—helping organizations to confidently activate their data for analytics and AI.

Microsoft Fabric customers can complement the governance capabilities in Fabric for a single-pane-of-glass experience in Microsoft Purview for data catalog curation, data user access, data quality management, health controls, and actionable insights for Fabric items and for data assets across your heterogeneous data environment.

A complete solution for the modern data governance practice

Data Catalog management offers a business-friendly experience and terms, making it easy to logically build a data catalog for your unique business needs while built-in AI serves up recommendations based on your active metadata. Data owners and data stewards can easily participate across data curation and management, responsible data access, and impact analysis—easily combining data assets from the heterogenous data estate (for example: Fabric, Databricks, Snowflake, and Google). Data users can seamlessly and securely request access to data assets for use in insights, analysis, development, and AI.

Data Health management offers a rich experience across data quality capabilities, actionable insights, and health reports, which help organizations to assess and action the quality of their governed data estate—making it easy and efficient to support a strong healthy data governance posture. With complete data quality capabilities, you can apply built-in rules and AI-generated rules that are applied and translate into data quality scores and actions across your data assets, data products, and governance domains, helping you to more effectively manage and improve your data governance posture. Data Health controls enable data stewards and chief data officers to assess the health of their data estate through the lens of industry-recognized standards and controls. While the control rules are established at a global level, execution is delegated to individual governance domains, allowing for the application of broad standards while meeting the specific needs of various groups within the organization.

Purpose-built integration with industry-leading master data management and data modeling solutions extend the value of Microsoft Purview further and help customers maximize their existing data management investments.

• CluedIn brings native master data management and Data Quality functionality to Microsoft Fabric, Microsoft Purview, and the Azure stack. Learn more about CluedIn. 
• Profisee Master Data Management is a complimentary and necessary piece of your data governance strategy. Learn more about Profisee. 
• Semarchy combines master data management, data intelligence, and data integration into a singular application in any environment. Learn more about Semarchy.  
• RELTIO’s AI-powered data unification and management solutions unify data from disparate sources, delivering a single source of truth. Learn more about RELTIO.
• ER/Studio (an Idera company) delivers advanced data modeling and metadata management to help organizations improve their data posture. Learn more about ER/Studio.

The general availability release also delivered new data governance capability not previously available during preview. Some of these new capabilities include: customers can now delete business concepts, more easily manage data access through the data catalog admin settings, view data product access request workflows, browse an enterprise glossary to better understand terms, and apply the Data Quality capabilities to Azure Synapse, Databricks Unity Catalog, Fabric Lakehouse, Google Big Query (preview), and Snowflake. Check out the complete list of new capabilities in Microsoft Purview Data Governance.

Learn more about Microsoft Purview

• Try Microsoft Purview today.
• Watch the webinar The CDO Dilemma.
• Visit the Microsoft Purview website.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Activate your data responsibly in the era of AI with Microsoft Purview appeared first on Microsoft Security Blog.

Microsoft Purview Audit

Discover new capabilities that will transform how you secure your organization’s data across clouds, devices, and platforms.

Learn more

New default retention period for activity logs

Starting in October 2023, we began rolling out changes to extend default retention to 180 days from 90 for audit logs generated by Audit (Standard) customers. Audit (Premium) license holders will continue with a default of one year, and the option to extend up to 10 years. Our public roadmaps detail when retention changes will reach your organization, starting with worldwide enterprise customers and quickly followed by our government customers in accordance with our standard service rollout process. This update helps all organizations minimize risk by increasing access to historical audit log activity data that is critical when investigating the impact from a security breach incident or accommodating a litigation event.

New logs for increased security

Every day, Microsoft Purview Audit Logs record and retain the thousands of user and admin activities that take place in Microsoft 365 applications. Authorized administrators can search and access the logs from the Microsoft Purview compliance portal to determine the scope of a compromise and enhance their investigations. Audit (Standard) license holders will be able to access an additional 30 audit logs, shown in the table below over the next several months. To learn more about when the logs will be available in your tenant, please visit the Public roadmap.

Microsoft has worked closely with CISA to identify these critical logs and include them in our Microsoft Purview Audit (Standard) license. Audit (Premium) license holders will continue to get longer default retention, broader access to export data, higher bandwidth API access, and logs enriched by Microsoft’s AI-powered intelligent insights.

Additional enhancements recently released and coming soon

In addition to the retention extension and newly available logs, we also have a number of new enhancements in Purview Audit recently released or coming soon, that will help improve your experience:

• Audit Search Graph API: Programmatically access new async Audit Search experience for improved reliability and search completeness, through Microsoft Graph API. 
• Granular scoping with role-based access controls: Delegate role-based permissions to users or analysts in a granular way and access role-based information with Audit search results.  
• Audit Custom Activities Search: Admins can use the custom search bar to search for several audit log events directly. 
• Customized retention policies (short): Customers with the 10-Year Audit Log Retention add-on for Microsoft Purview Audit (Premium) can create additional customized retention policies (7 days, 30 days, three years, five years, and seven years retention). And customers with the Audit (Premium) SKU will have additional short-term retention policies available (7 days and 30 days).
• Customized retention policies (long): New long-term retention policies for the 10-Year Audit Log Retention add-on for Microsoft Purview Audit (Premium) (three years, five years, and seven years).

We are pleased to share today’s cloud logging update as a continuation of the thoughtful conversations we’ve had with our security experts, customers, and influential authorities like CISA. Please visit the Public roadmap to get the latest information on updates coming to Microsoft Purview Audit. 

Learn more

Learn more about Microsoft Purview Audit or sign up now for a free trial.

Explore data security resources and trends

Gain insights into the latest data security advancements, including expert guidance, best practices, trends, and solutions.

Get started

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X, formerly known as Twitter, (@MSFTSecurity) for the latest news and updates on cybersecurity. 

¹Expanding cloud logging to give customers deeper security visibility, Vasu Jakkal. July 19, 2023.

The post Expanding audit logging and retention within Microsoft Purview for increased security visibility appeared first on Microsoft Security Blog.

As more organizations shift to a hybrid work model, cybersecurity leaders need a way to strengthen and secure growing boundaries. They are struggling now more than ever with a fragmented solution landscape and increased, more sophisticated threats to data security.

A Zero Trust architecture is a critical component to modernizing security programs and ensuring sensitive organizational data and identities are kept safe. Plus, it can help organizations stay in compliance with regulatory standards.

In this blog, we’ll discuss how implementing a Zero Trust framework helps organizations meet compliance and data security requirements, prevent, identify, and secure sensitive business data, and reduce business damage from a breach.

As regulatory and compliance requirements evolve in response to technological transformations, organizations must rapidly modernize their security posture to protect sensitive data and processes. A Zero Trust architecture is a comprehensive security strategy to help you secure your data and prepare your organization for future threats.

Prevent and reduce the impact of internal or external bad actors on business damage from a breach

Applying the Zero Trust principle of “assume breach” helps proactively minimize the impact of security attacks from internal and external bad actors by implementing specific security measures using all available data points and enforcing least privileged access to secure digital environments:

• Data classification and end-to-end encryption.
• Sequence detection and user context to detect critical insider risks.
• Policy configuration to prevent data loss.
• Automated threat detection and response.

Implementing redundant security mechanisms, collecting system telemetry and using it to detect anomalies, and—wherever possible—connecting that insight to automation empowers a business to prevent, respond, and remediate data security incidents efficiently.

Assuming breach involves organizations first determining if they have the right data security strategies and controls in place and if they can measure their breach risk. This also involves understanding both internal and external activity around sensitive data, wherever it lives and throughout its entire lifecycle. A Zero Trust lens can help organizations implement the right protection to detect and remediate modern and evolving cyber risks and vulnerabilities in a timely, preventative measure.

Managing insider risks provides insights into events that could potentially lead to data theft or other exfiltration activities happening inside of your organization. And by configuring dynamic policies with protective actions, you can prevent data from unauthorized use across apps, services, and devices, even in hybrid work environments. Implementing a Zero Trust architecture helps organizations confidently prevent sensitive data loss.

Identifying the business risk of a data breach and the resulting damage to reputations and relationships also reduces the impact of a major incident, such as serious risks to data security structure, financial health, and market reputation. A Zero Trust framework provides the visibility, controls, and redundancy necessary to quickly detect, deter, and defend against data security risks, and to secure sensitive data by proactively detecting and minimizing those risks.

Implementing a Zero Trust architecture ultimately bridges the gap between balancing data security and enabling productivity, without compromising either. Reduce the blast radius of security attacks and use proper access controls to strengthen security posture, which helps to minimize reputational damage, the financial costs of a security breach, cyber insurance premiums, and employee burnout among security teams.

Identify and protect sensitive business data and identities

Figure 1. Through a comprehensive Zero Trust approach, organizations can secure their most precious data and devices and prevent bad internal and external actors from breaching.

Identifying the most critical data and identities is important for a Zero Trust approach. A more robust security posture begins by understanding the organization’s security architecture before integrating controls and signaling across layers to apply and enforce unified policies. The Zero Trust architecture extends throughout the entire digital estate and serves as an integrated, unified security strategy to reduce the complexity and time-consuming aspects of end-to-end security.

Organizations must first gain visibility into what assets—such as identities, endpoints, apps, networks, infrastructure, and data—exist within their organization. Then, assess their current risk and identify which assets should be prioritized and which ones users are interacting with.

Securing sensitive data must involve these key steps:

• Gaining visibility into the existence (across multicloud, on-premises, and hybrid environments) and risks associated with how sensitive data is being used, accessed, and shared through built-in, ready-to-use machine learning models.
• Understanding insider risks by gaining insight into how users are interacting with sensitive data and leveraging sequence detection to understand user intent.
• Preventing data loss by preventing sensitive data from unauthorized use across apps, services, and devices.
• Leveraging dynamic controls to adjust data loss prevention policies to address the most critical data risks.

These steps enable organizations to adopt a comprehensive end-to-end strategy to manage security and apply protection actions—such as encryption, access restrictions, and visual markings—that safeguard your data, even if it leaves the devices, apps, infrastructure, and networks that the organization controls.

When data and sensitive content is understood, classified, and identified, organizations can:

• Inform and enforce policy decisions to block sharing of emails, attachments, or documents that contain sensitive data.
• Encrypt files with sensitivity labels on device endpoints.
• Auto-classify content with sensitivity labels through policy and machine learning.
• Detect sensitive data that travels inside and outside your digital estate and understand user context to better investigate and mitigate risks.

Fine-tuned adaptive access controls, such as requiring multifactor authentication or device security policies, based upon user context, device, location, and session risk information, move the security perimeter to where data lives and encourage strict control over digital identities and identity access. This enables the implementation of security controls within each layer of the security architecture to further segment access.

Policies and real-time signals are required to determine when to allow, block, or limit access, or require additional proofs like multifactor authentication so that organizations can improve boundaryless collaboration without putting their data at risk.

By adopting Zero Trust, organizations understand the context of user activity around sensitive data and can prevent unauthorized use or loss of data. Types of data security that help protect against data breaches and help meet regulatory requirements include:

• Data loss prevention to guard against unauthorized use of sensitive data.
• Encryption to make files unreadable for unauthorized users.
• Information protection to help classify sensitive data found in files and documents.
• Insider risk management to mitigate potentially risky user activity that may result in a data security incident.

Proactively meet regulatory requirements

Microsoft’s Zero Trust security framework can help your organization meet many regulatory and compliance standards by default, including compliance requirements surrounding data, compliance, and law. This involves securing data, including personally identifiable information, financial data, health information, and intellectual property, all of which are at high risk of theft, loss, or exfiltration. Thus, protecting sensitive data is imperative.

While these regulatory standards will differ depending on the organization, they help organizations meet both security and compliance requirements.

Some important regulations include:

• General Data Protection Regulation (GDPR)
• Health Insurance Portability and Accountability Act (HIPAA)
• California Consumer Privacy Act (CCPA)

Adopting a Zero Trust architecture can also help you exceed standards and requirements, which enhances proactive, preventative security protection and enables:

• A deeper, more consistent integration across all security pillars, which will simplify unified policy enforcement.
• Increased empowerment across all security teams, allowing for protection against more sophisticated and serious security attacks.
• A more efficient management of organizational security posture management through the simplification of configuring and managing various policies and improving on old security practices.
• Enhanced security to protect against IT skills shortages and staff capacity, ultimately breaking down the silos between security pillars and enabling organizations of different sizes and industries to adopt Zero Trust more easily.
• Cross-platform and cross-cloud security protection to enable visibility across all workflows and integrate with Microsoft Azure platforms.

A Zero Trust model helps with understanding the policies needed to comply with governance requirements. It enables continuous assessments—from taking inventory of data risks to implementing controls and staying current with regulations and certifications.

Zero Trust journey: How to get started

Organizations can get started by determining their place in the Zero Trust journey:

• Getting started (first stage): Using strong authentication methods such as multifactor authentication and single sign-on access to cloud apps.
• Advanced (significant progress): Using real-time insider risk analytics and proactively finding and fixing security issues to reduce threats.
• Optimal (most mature stage): Using automated threat detection and response across all security pillars to speed up threat detection and prevention.

Embrace Zero Trust security

Adopting an end-to-end Zero Trust strategy is a critical step your organization can take to modernize your security posture and exceed required regulatory and compliance standards. To learn more about implementing Zero Trust with Microsoft:

• Get started with our Zero Trust assessment tool.
• 5 reasons to adopt a Zero Trust security strategy for your business.
• Securely work from anywhere.
• Safeguard your most critical assets.
• Meet regulatory and compliance requirements.
• Minimize the impact of internal or external bad actors.
• Rapidly modernize your security posture.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Cost of a Data Breach Report 2022, IBM. 2022.

²Building a Holistic Insider Risk Management Program, Microsoft. 2022.

The post Stay compliant and protect sensitive data with Zero Trust security appeared first on Microsoft Security Blog.

To help our customers navigate this complex data landscape, we are focused on delivering secure, intelligent, and user-centric solutions that provide visibility, reduce complexity, and mitigate risk. Over the past few years, we significantly increased our investment in building our Microsoft Purview data security capabilities across our information protection, data loss prevention (DLP), and insider risk management solutions, as well as our privacy solution: Microsoft Priva. A few recent capabilities are advanced ready-to-use machine learning-enabled classifiers, Adaptive Protection, a DLP migration assistant tool (on-premises DLP to cloud-native DLP), and right to be forgotten for Microsoft Priva Subject Rights Requests.

I am delighted to announce that Forrester listed Microsoft as a Leader in its  2023 Wave™ for Data Security Platforms. The Forrester Wave™ report evaluates the data security platform market and provides a detailed overview of the current offering, strategy, and market presence of these vendors. Microsoft received the highest possible score in the current offering category for data classification, data threat and risk visibility, data masking or redaction, encryption, rights management, privacy use cases, and integrations for Zero Trust criteria; and in the strategy category for the product vision, execution roadmap, and community engagement criteria.  

We believe our investments in advanced classification technology, data threats and risk visibility, rights management, and privacy resulted in this recognition.

The Forrester report also acknowledges: “Microsoft shines with its ecosystem approach—if you go all in,” wrote Heidi Shey, Forrester Principal Analyst, in the report. “Microsoft Purview brings together capabilities to 1. understand and govern data; 2. safeguard data; and 3. improve risk and compliance posture. But Microsoft’s security capabilities go beyond Microsoft Purview. By design, the entire Microsoft ecosystem working together multiplies its value via telemetry from across the environment.” She added, “The power of Microsoft’s telemetry is evident in its capabilities for identifying data threats and risk visibility. These offer strong controls for data masking, encryption, and rights management.”

Our work isn’t stopping there, however. We continue to work closely with our customers to gather feedback to help us build better products. Your input provides critical insights as we strive to create solutions to help you on your data security journey.

Learn more

Read this complimentary copy of The Forrester Wave™: Data Security Platforms, Q1 2023 for the analysis behind Microsoft’s position as a Leader.

Read more about Microsoft’s recognition as a leader in cloud security, email security, security analytics, and more:

• Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report.
• Forrester names Microsoft a Leader in Q4 2022 Security Analytics Platforms Wave report
• Microsoft achieves a Leader placement in Forrester Wave for XDR, Q4 2021.
• Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021.
• Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave.
• Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Cost of a Data Breach Report 2022, IBM. 2022.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

The post Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023 appeared first on Microsoft Security Blog.

Forward-thinking organizations are seeking to future-proof their DLP strategy with a comprehensive solution that scales across all applications, services, endpoints, and platforms. To help those that may be considering a DLP migration, Microsoft spoke to more than 300 data and compliance professionals to create the white paper “Data Loss Prevention: From on-premises to cloud.” We’ve presented some of the study’s highlights here, including common DLP states in use, challenges in migrating to a new DLP solution, best practices, and the benefits of adopting a cloud-native DLP solution.

“Data is not confined in a certain area. In today’s environment, it’s everywhere: someone else’s phone, tablet, data center, or software as a service application—because of that, you definitely see a lot more breaches happening.”

—Vice President, Information Security Officer, Financial Services

The stages of DLP deployment

We can define DLP as the people, processes, and technology that ensure data is not lost, misused, or accessed by unauthorized users. Our research revealed that 70 percent of companies see their DLP solution as a focal point of their overall data protection strategy. For that reason, a good DLP solution uses a holistic approach to protect the organization’s data assets, aid regulatory compliance, and prevent data leakage by monitoring all endpoints, apps, services, and the cloud—anywhere data is stored or shared. Most respondents said their ideal solution would be cloud-native DLP, which could provide scalability and flexibility, balancing protection and productivity.

An organization’s DLP can exist in five different stages with regard to deployment, starting from 100 percent on-premises (obsolete) and moving to 100 percent cloud-native (ideal). For this study, we focused on the three stages in the middle that involve some level of cloud deployment.

1. On-premises—anchored: In this stage, an organization’s DLP is roughly 40 percent cloud and 60 percent on-premises. These organizations often have concerns about cloud migration, whether because of misconceptions or real difficulties related to migrating a larger amount of on-premises data. They tend to be highly focused on maintaining their current infrastructure and managing device agents through on-premises DLP solutions. This stage is the costliest in terms of staff hours and infrastructure required. Organizations at this stage also report the lowest level of perceived success and confidence in their current DLP program.
2. Hybrid: Looking to push their program forward, these organizations currently have amostly equal split between on-premises and cloud DLP. They see their biggest challenges around custom integrations and tend to evaluate new DLP solutions annually, seeking improvements in scalability, flexibility, and accuracy. They expend a lot of effort stitching together and managing multiple DLP solutions to support their hybrid data environments.
3. Cloud-focused: These organizations are farthest along in their migration plans—60 percent cloud and 40 percent on-premises—and have the highest level of confidence and perceived success in their DLP program. Their goal is to improve visibility into their data, and they tend to evaluate new DLP solutions at a slower rate (every two to three years). They also experience fewer challenges with their current DLP programs and have a clearer understanding of their data. Their main challenge lies in ensuring that employees are following DLP policies for handling sensitive data.

Overall, the study found that organizations in on-premises-anchored states are experiencing the most discomfort. Hybrid organizations report feeling like they’re in a holding pattern, spending time and effort maintaining complex integrations and multiple DLP solutions across data environments. Fifty-nine percent of organizations with a hybrid DLP configuration report a desire to move to a cloud DLP solution.

The goal—cloud-native DLP: Beyond the cloud-focused stage, this is the desired destination. At this point, an organization’s DLP solution is fully cloud-native and the firm can benefit from scalable, holistic data protection across applications, services, endpoints, and platforms—all without hindering productivity or adding staff.

“It doesn’t make sense to maintain two or three different solutions because then you have to keep them updated, you have to make sure that there’s not a whole lot of difference between one, two, and three. So, you want to create the benefits and the economic savings of standardization. That’s why consolidation is critical.”

—Director, Technology Services

Benefits of leveraging a cloud-native DLP solution

In migrating your DLP solution, there are two options: a cloud-based or a cloud-native DLP solution. Both types will require the recreation of legacy policies, so how can you decide which solution better suits your organization?

• Cloud-based: This type of DLP solution integrates with your existing cloud and on-premises environments but isn’t natively built in the cloud environment or productivity suite. Therefore, it relies on installing and updating agents and custom integrations. Many cloud-based DLP solutions start on-premises and evolve into the cloud.
• Cloud-native: These DLP solutions are built in the cloud from the start. Meaning, this type of data protection already exists in a scalable, holistic environment. Cloud-native DLP is built into the cloud environment and productivity suite by the cloud and collaboration tools provider.

Organizations that use a cloud DLP solution were twice as likely to say that cloud-native DLP solutions are easier to scale and provide a better balance of data protection and productivity. A cloud-native solution can also help reduce costs by eliminating the need for agents, infrastructure, or custom integrations while replacing inefficient silos and patchwork solutions that can create vulnerabilities. Organizations may also see improved performance because the data has to make fewer hops, enabling greater productivity.

As a cloud-native DLP solution, Microsoft Purview Data Loss Prevention provides all of the above benefits, with the added power of Adaptive Protection to help apply DLP policies dynamically based on users’ risk levels. By leveraging machine learning in Microsoft Purview Insider Risk Management, Adaptive Protection can understand how users are interacting with data, assign risk levels, and automatically tailor DLP controls. This enables DLP policies to become dynamic, ensuring that the strictest policies—such as blocking data sharing—are applied only to high-risk users. Microsoft Purview Data Loss Prevention does all this automatically wherever data is accessed or shared, so you can protect more data (with less).

Key challenges of migrating to a DLP solution

To better understand the barriers keeping companies from moving to cloud-native DLP, the study looked at the on-premises-anchored respondents, who are nearly twice as likely to cite apprehension about the unknown as a barrier to migration. We found five common themes reported as challenges preventing their DLP cloud migration:

1. Dealing with the unknown: Reasons for being apprehensive about a cloud migration broke down predictably across roles. C-suite executives worried about the cost of a DLP migration, while IT administrators reported feeling uneasy about the perceived time and resources required. IT managers were uncertain about the unknowns of a new DLP solution, which potentially makes them hesitant to promote a cloud-based DLP solution when the one they’ve been using is still working (even if performance is unsatisfactory).
2. Funding the DLP migration: Nearly 60 percent of organizations surveyed reported cost as a top barrier to migration. With organizations in the on-premises–anchored category, the figure rose to 70 percent. It’s appropriate for a business to consider costs first; however, upfront migration costs are often mitigated by reduced infrastructure and maintenance costs down the road. And with fewer IT professionals required to protect data, those resources can be leveraged elsewhere.
3. Complexity of the problem: According to the study, on-premises-anchored organizations experience the highest levels of discomfort around DLP migration, with 73 percent naming it a top concern. Likewise, half of hybrid and cloud-focused companies who’ve gone through some of the migration process also stressed the high impact of data transformation. Nearly 50 percent of all organizations report that the challenge of re-engineering and recreating policies is preventing them from taking the next step.
4. Balancing protection and productivity: Nearly half (48 percent) of on-premises-anchored organizations say DLP gets in the way of productivity, whereas cloud-focused companies show the least concern about productivity impacts. On-premises–anchored organizations are also more likely (58 percent) than hybrid or cloud-focused companies to run their DLP solutions in audit-only mode, due to the perceived impact that blocking mode may have on productivity. However, because of access to more granular controls, cloud-focused organizations have greater control over where data exfiltration is likely to happen—striking the right balance.
5. Education of employees and administrators: On-premises-anchored companies face more challenges in educating employees on optimal data-handling practices, as well as educating administrators on better policy design. Cloud-focused and hybrid groups reported fewer challenges around education, viewing it as an important part of a holistic data-protection strategy. By prioritizing education, organizations can decrease data exfiltration risks and free up administrators to focus on other high-priority issues.

In an encouraging finding, respondents who’ve had experience migrating to a cloud-native solution report that the journey is not as difficult as others might imagine. Cloud-focused organizations were 46 percent less likely to say it’s risky to switch solutions. For the same firms, 60 percent were less likely to worry about losing control of their DLP program after migrating. They’re also 35 percent less likely to view recreating policies from their legacy DLP solutions as a major concern. In other words, migrating your DLP to a cloud-native solution isn’t as scary as it might seem.

Four best practices for migrating your DLP solution to the cloud

Moving to the cloud helps your organization future-proof its DLP solution, protecting your data across endpoints, clouds, and platforms with speed and scalability that on-premises solutions can’t match. By following a few guiding principles, your organization can achieve an effective DLP program that builds confidence and drives success.

1. Use a cloud-native DLP with a holistic approach: A robust DLP strategy emphasizes people, processes, and education in addition to technology. Look for a solution partner that offers integrations with other key elements of a holistic data-protection strategy, like the ability to classify and label data and address insider risks. Prioritize solutions that offer a trial period; this helps alleviate anxiety and convince reluctant stakeholders that a successful migration is within reach.
2. Recognize your apprehension so you can overcome it: Identify organizational challenges, then weigh those against the many benefits of migration, such as scalability and cost savings. Don’t let exaggerated worries hold your organization back from creating the efficient DLP solution it needs to maintain growth and respond to a changing data landscape.
3. Ensure security without compromising productivity: Striking the right balance between data protection and productivity is essential. Getting there requires a solution that allows for granular policy configuration, helping admins fine-tune policies to fit the way your organization accesses, shares, and stores data.
4.  Choose the right solution provider and take advantage of migration tools: A good solution provider understands the challenges of migration and offers tools that automatically convert policies from legacy solutions. This reduces manual work and helps reduce anxiety among stakeholders. A provider that offers documentation and support adds greater value.

For a small number of organizations, industry regulations, compliance, or budget constraints may prevent them from fully migrating to the cloud. However, our study concludes that the cloud-native state provides the ideal DLP approach for a majority of companies, with migration from the other stages as an inevitable progression.

Migrate to a cloud-native DLP solution—Microsoft is here to help

To learn more about migrating your DLP solution, make sure to download the complete study, Data Loss Prevention: From on-premises to cloud, containing 44 pages of valuable insights gathered from more than 300 DLP and compliance professionals. For an in-depth example of DLP migration complete with screenshots, check out this special how-to blog written by my colleague, Shilpa Bothra, Senior Product Marketing Manager for Microsoft Purview Data Loss Prevention: Easily migrate your Symantec DLP policies to Microsoft Purview Data Loss Prevention. And don’t forget to join us for the inaugural Microsoft Secure, March 28, 2023, where you can learn the latest cloud defense insights and be among the first to see the AI-powered future of cybersecurity.

Learn more about Microsoft Purview Data Loss Prevention.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Gain flexibility and scale with a cloud-native DLP solution appeared first on Microsoft Security Blog.

At this year’s Microsoft Ignite event, I co-hosted a special presentation on how your security and compliance teams can better manage risk, govern your data (wherever it resides), and maintain compliance. We also shared new product updates and insights to help your team get the most from your Microsoft security investments, as well as announced an exciting new capability that integrates Microsoft Purview natively within Adobe Acrobat. This type of extensible, multicloud, and multiplatform protection allows you to get more from the tools you already have. In this blog post, we’ll look at some of those scenarios where Microsoft Purview and Priva can help simplify data governance across your enterprise today.

New Adobe and Microsoft Purview integration delivers seamless security

Microsoft Purview’s mission is to help customers protect their entire data estate: that includes non-Microsoft environments as well. At this year’s Ignite presentation, we demonstrated a new capability that integrates Microsoft Purview Information Protection natively within the desktop version of Adobe Acrobat—accessible directly from the Protect tool. That means users now have the ability to apply and edit information-protection labels and policies directly to PDF documents. This integration brings the same classification, labeling, and protection already available in Microsoft Office file formats to PDF.

Over the next few months, we’ll continue to add new features that enhance support for PDFs in Acrobat add-ins, as well as for Acrobat Export PDF and mobile versions.

Streamlining data protection

Data is the lifeblood of your organization. It provides crucial insights that give your business a competitive advantage and empowers your employees to do more. For that reason, it’s critical to protect your data at every stage—from creation to storage—both from external threats and internal risks. That requires creating a layered defense strategy.

The first layer of defense: Discover and understand the sensitive data within your organization. You need to know where your data is, who’s accessing it, how it’s being shared and stored, and where it’s traveling. Considering that data storage is forecast to increase at a compound annual growth rate of 19.2 percent from 2020 to 2025, gaining complete visibility over your data estate is crucial.¹ At this first line of defense, Microsoft Purview Information Protection helps you classify and label your data across your entire data estate, both on-premises and in multicloud environments. By providing a single pane of glass to track and manage your data, Microsoft Purview helps to improve your team’s efficiency while tightening data protection.

Recent updates for Microsoft Purview Information Protection:

• Improvements in built-in features for Office that enhance visibility and encourage user adoption of sensitivity labels (such as the sensitivity label bar in Microsoft Word, Excel, PowerPoint, and Outlook; also, PDFs created in Office now inherit the source file’s sensitivity, encryption, and content marks).
• General availability: Co-authoring on documents protected with Microsoft Purview Information Protection is now generally available for Word, Excel, PowerPoint, and Office Mobile applications on Android and iOS devices.
• Preview: 42 new credentials for sensitive information that enable organizations to detect a wide range of digital authentication types (also known as “secrets”), such as user credentials, default passwords, and API and token access keys for Microsoft Azure, Amazon Web Services (AWS), and Google cloud resources.
• Preview: Server-side auto-labeling support for more than 24 new pre-trained, out-of-the-box classifiers that can be used to quickly discover and auto-classify more than 100 types of sensitive content in categories such as intellectual property (IP) and trade secrets, healthcare, operations, financial information, and HR-related information.

Lowering insider risk

Data breaches arising from insider actions are estimated to cost businesses an average of USD7.5 million annually. For that reason, it’s important to understand all data access and usage patterns within your organization. What does normal activity look like? Which types of activity should be flagged as risky? Understanding internal data usage can help protect against compliance violations and worse, including IP theft, insider trading, confidentiality violations, and other damaging outcomes.

The second layer of defense: Manage data security risks within your organization. Working in tandem with a holistic approach to managing internal risk, Microsoft Purview Insider Risk Management identifies potential risks and enables security teams to quickly take action. By bringing together the right people, processes, training, and tools, organizations that approach insider risk holistically are more likely to emphasize user privacy, foster collaboration, and use positive deterrents such as training and feedback loops as part of their data-protection strategy. The one-click analytics report allows you to generate aggregated, de-identified insights on risky activity over the past 48 hours—before you’ve even set up your first policy. Insights include the percentage of users who have performed exfiltration activities, such as downloading sensitive data, with an additional breakdown by activity type. To learn more about potential risks within your own organization, view the new Microsoft insider risk report.

All names in insider risk alerts are pseudonymized by default. This helps your data security team take a privacy-first approach. By clicking on a specific alert, you’ll be able to see a summary of all of the risk factors. Sequencing allows you to correlate across activities that involve the same files. This correlation can help your security team understand the possible intent behind the activities so you can reduce time to action. For example, you might see that just before a user submitted their resignation, they downloaded and exfiltrated confidential files, then deleted the files from their device to cover their tracks. Understanding this sequence of activities helps your security team decide when and how to take action.

Using sequences as triggers for your policies improves the signal quality of your alerts and focuses policy detection on users who have performed multiple-stage sequences. Priority Content Only Scoring, configurable in the policy wizard, empowers your team to focus policy detection on the most sensitive content. All of these insights help you better understand potential risks, so you can set up policies that meet the unique needs of your organization. With this information, analysts in your organization can take appropriate actions to help make sure users remain in compliance.

Recent updates for Microsoft Purview Insider Risk Management:

• Preview: Enhancements to triage and detection capabilities, including new abilities to customize a security trigger in the “data leaks” policy to surface when a user performs a sequence, to create policies with sequences without any other required underlying policy indicator selections, and fine-tune security policies directly from the alert review experience.
• Preview: Information type and trainable classifier exclusions, which means that actions related to file activities on the endpoint, SharePoint, Microsoft Teams, OneDrive, or Exchange will not generate alerts if the excluded sensitive information type or trainable classifier is matched with the content of the activity performed by the user.
• Preview: Ability to prioritize alerts for potential high-impact users with new risk booster score capabilities. Alerts for users found to have a potentially higher impact will have a higher priority alert in the dashboard, based on the frequency of accessing higher sensitivity content, like sensitive information types, labels, or priority content, compared with others in the organization, and if they are a leader in the organization based on Microsoft Azure Active Directory (Azure AD) configurations.

Protecting against data loss

The third layer of defense: Incorporate an integrated, in-depth approach to prevent data loss or unauthorized use. Among business leaders who responded to a 2021 survey, 62 percent felt that their companies should do more to protect customer data.² Microsoft Purview Data Loss Prevention (DLP) provides a balance between protection and productivity, ensuring the proper access controls are in place and policies are set to prevent actions such as improperly saving, storing, or printing sensitive data.  

Recent updates for Microsoft Purview Data Loss Prevention:

• Preview: Ability to create groups of printers, removable storage, network share path, and sensitive sites, as well as assign different restrictive actions to each group. As an example, you will be able to block the printing of sensitive information on all printer groups and allow printing on your corporate printers.  
• Preview: Ability to configure complex policy rules using “AND/OR/NOT” associations and create nested groups. 
• Preview: Visibility into contextual evidence, including sensitive content, surrounding characters, and other metadata on a DLP policy match on endpoint devices.
• Preview: Improvements in the speed of detecting and classifying sensitive content shared on Teams chat and channel messages to enforce DLP policies. 
• General availability: Ability to detect the presence of password-protected files on endpoint devices and configure specific restrictions for these files. 

These three components—Information Protection, Insider Risk Management, and Data Loss Prevention—form an integrated, holistic data-protection strategy that helps keep your organization’s data safe, wherever it lives.

Automating privacy

As more countries enact modern General Data Protection Regulation (GDPR) type regulations, consumers are demanding better controls over their data. This has spurred more organizations to move from a compliance-driven approach to privacy toward a more human-centric one. Toward that goal, Microsoft Priva currently offers two products to help manage privacy:

Privacy Risk Management helps organizations identify personal data and critical privacy risks and empowers employees to make smart data-handling decisions. With Priva, admins can configure a data minimization policy—automatically triggering an email to the data owner—so the person can review and delete unused files right from their Outlook inbox.

Subject Rights Requests help organizations manage requests at scale and respond with confidence. With the new pre-configured templates, admins can quickly create a data export request for a former employee. Once the data is collected, Priva can automatically detect files containing co-mingled personal data or confidential information; then admins can review and redact the data to avoid leakage. With the latest update, admins can now import files outside of Microsoft 365 to leverage this powerful review experience. Learn more about these new updates in this Priva Tech Community post.

Additional product updates

We’re also adding new features and capabilities within other product areas in our Microsoft Purview portfolio. These new features and enhancements will benefit your organization through granular eDiscovery, comprehensive audit controls, more effective data lifecycle management, and easier compliance.

Enhanced eDiscovery for the cloud

• Helping organizations meet their regulatory obligations for discovery, Microsoft Purview eDiscovery (Premium) now supports the ability to discover the exact version of a needed document, even when originally shared as a cloud attachment. This feature is currently available in preview.
• Drive efficiency across eDiscovery processes with improved usability and workflows. To learn more, read the eDiscovery blog post.

New search experience and security controls for Microsoft Purview Audit

• Improved search experience for Microsoft Purview Audit is now generally available and provides the following key improvements:
  • Search jobs continue to run, even if you close the browser.
  • Completed search jobs are now stored for 30 days, giving organizations the ability to reference and re-use historical audit searches.
  • Export up to half a million records in each search.
  • Each Purview Audit user can perform up to 10 concurrent search jobs at the same time.
• Given the sensitivity of Audit log data, many organizations want to add additional layers of protection to their data. Customer Key, coming soon to preview, allows organizations to use their own data encryption keys, giving them complete control over access to their data. To learn more, read the Advanced Audit blog post.

Microsoft Graph APIs and Power Automate workflows for Data Lifecycle Management

Microsoft Purview Data Lifecycle Management helps organizations manage the lifecycle of data. You can automatically retain, delete, and store data and records in a compliant manner. This solution delivers on our vision to protect and govern data wherever it lives. We have four exciting releases to tell you about:

• Power Automate integration helps you to customize lifecycle management workflows to meet your organization’s unique requirements. Now in preview. To learn more, read the Data Lifecycle Management blog.
• The ability to apply retention labels to files in Microsoft Teams enables users to apply retention and deletion settings where they do their work—in the Files tab of a Teams channel. Now generally available.
• Our new feature to find and retain cloud attachments helps admins undertaking investigations, as well as helping to meet financial services industry regulations. This feature keeps and associates the version of a file shared in a Teams message or email for later retrieval through eDiscovery (Premium). Now in preview.
• Microsoft Graph APIs for Records Management help organizations create new retention labels and manage event-based retention (now in beta). This release is our first round of APIs, with more coming in 2023.

Enhanced compliance and data residency

Microsoft Purview Compliance Manager helps organizations simplify compliance and reduce risk. It translates complex regulatory requirements into specific controls, allowing organizations to constantly assess, monitor, and improve their compliance posture—all while saving time and money. So, what’s new in Compliance Manager?

• New templates: Easily translate more than 350 regulations into tangible actions for your organization to improve its compliance posture.
• Continuous assessments: Last year we announced the ability to eliminate blind spots by adding continuous testing for technical controls. Today, we’re excited to share that we’ve added Microsoft Priva and App Governance as our newest first-party solutions.

More to come

I’d be remiss to not talk to you about some of the exciting capabilities we have coming up. For Microsoft Purview, you will start to see integrations across Microsoft 365 and Microsoft Azure to help increase the visibility of your data and easily automate data classification. For Microsoft Priva, you’ll soon see more multicloud privacy management capabilities that help you automate privacy controls and strengthen your privacy program. To learn more about potential risks within your own organization, read the new Microsoft insider risk report. Also, be sure to read Microsoft Security Corporate Vice President of Compliance, Identity, and Management Vasu Jakkal’s blog with highlights from her keynote address and insights into her vision for the Microsoft Security family of products and beyond.

Learn more

Learn more about Microsoft Purview and Microsoft Priva.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹Volume of data/information created, captured, copied, and consumed worldwide from 2010 to 2020, with forecasts from 2021 to 2025, Statista. September 8, 2022.

²Data privacy is a growing concern for more consumers, Lance Whitney. August 17, 2021.

The post How Microsoft Purview and Priva help simplify data protection appeared first on Microsoft Security Blog.

The Secure Collaboration Market Compass report covers solutions that protect sensitive data, which includes intellectual property or information restricted to certain audiences (such as trade secrets, some legal contracts, agreements, and financial statements), along with personally identifiable information (PII) and health information for regulatory standards such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Health Insurance Portability and Accountability Act (HIPAA). As companies shift towards remote hybrid work, protecting sensitive data that is continuously created and shared among employees, contractors, partners, and suppliers—while not impeding worker productivity—is becoming increasingly important. Enterprises today face the challenge of classifying large volumes of data, especially personal data, which is required by privacy regulations and laws worldwide.

At Microsoft, our goal is to provide a built-in, intelligent, unified, and extensible solution to protect sensitive data across your digital estate—in Microsoft 365 cloud services, on-premises, third-party software as a service (SaaS) applications, and more. With Microsoft Purview Information Protection, we are building a unified set of capabilities for classification, labeling, and protection, not only in Microsoft Office apps but also in other popular productivity services where the information resides (such as SharePoint Online, Exchange Online, and Microsoft Teams), as well as endpoint devices.

“Microsoft Purview Information Protection provides a sophisticated classification system that can apply labeling to a document based on the creator, the context in which it was created, and/or the content within the document. The functionality is natively embedded into Office services and apps, and third-party applications via the information protection SDK. Sensitive information is discovered and labeled with out-of-the-box, custom, and machine learning (trainable) functionality,” Annie Bailey, KuppingerCole analyst, writes in the report. “Information such as credit card, social security number (SSN), person names, licenses, and business categories like healthcare or financial can be classified out-of-the-box. Custom fields include RegEx, Dictionary, Fingerprint, Named entities detection (e.g., person name, address, medical terms), Exact Data Match, and credentials.”

We are also pleased that KuppingerCole recognizes the breadth and depth of our Microsoft Purview Information Protection platform and called out these strengths:

•  Double Key Encryption provides additional security and governance control.
•  Built into frequently used enterprise applications.
•  Simulations to test policy effectiveness.
•  Interoperates with Microsoft and third-party event logs.
•  Automated and manual classification options.
•  Coverage of structured and unstructured data in the Microsoft environment.
•  Data loss prevention functionality in Teams chat.
•  Option for no configuration, default classification.

We have made significant investments in our Microsoft Purview solutions (such as Data Loss Prevention, Compliance Manager, Data Lifecycle Management, Insider Risk Management, and eDiscovery) and Microsoft Priva privacy solution that leverage our advanced classifiers, unified labeling and protection, sensitive information types, and policy authoring templates provided by our Microsoft Purview Information Protection platform.

More than 200 partners are part of our Microsoft Intelligent Security Association (MISA). Partners can leverage our labeling features through our Information Protection SDK, data connectors, and Graph APIs to provide integrations with Microsoft applications and services, security and compliance solutions, and their own products.

We are honored to have been designated as “Outstanding in Functionality” by KuppingerCole and rated the highest possible score of “Strong Positive” in five different categories.

Learn more

We invite you to read the full KuppingerCole Secure Collaboration report. For more information on our Microsoft Purview solutions, please visit our website. Visit the Microsoft Purview Information Protection platform page to learn more about how to protect your data wherever it lives.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration appeared first on Microsoft Security Blog.