Tag Archives: DSPM

Microsoft Purview DSPM now includes a new data security agent to strengthen your data protection posture

Posted on by

Microsoft has officially moved Data Security Posture Management (DSPM) in Microsoft Purview from preview to general availability (GA) and that’s a big step forward for organizations looking to strengthen how they protect sensitive data.

At its core, DSPM helps you understand where your data risks really are, giving you better visibility across your Microsoft 365 environment. Instead of piecing things together manually, you get clear insights, risk signals, and practical recommendations to help improve your overall data security posture.

This release is part of Microsoft’s ongoing investment in enterprise-grade security and compliance tools, making it easier to protect data at scale without added complexity.

What’s New

One of the key additions in this GA release is the Data Security Posture Agent, now fully available.

With it, you can:

  • Get a centralized view of data risks across your environment
  • Identify potential gaps in your security posture
  • Access actionable recommendations to improve protection
  • Take direct steps to remediate risks

The transition from preview to GA is seamless—your existing configurations stay as they are, and there’s no need to reconfigure policies or settings.

Rollout Timeline
  • General Availability (Worldwide): Late May 2026 – Late June 2026

The feature will become available based on your organization’s Microsoft Purview deployment timing.

Who Should Pay Attention

This update is especially relevant for:

  • IT admins
  • Security teams
  • Compliance professionals

Basically anyone responsible for managing or protecting data within Microsoft 365 using Microsoft Purview.

What This Means for You

Good news, no action is required to enable this feature.

That said, it’s a great opportunity to take advantage of what DSPM offers. You might want to:

  • Explore the new DSPM capabilities and see how they fit into your security strategy
  • Learn how to set up and use the Data Security Posture Agent
  • Start using DSPM insights to prioritize and reduce data risks
  • Inform your security and compliance teams about the update
  • Update any internal documentation that references Purview DSPM

Updated Announcement: Microsoft Purview – New Purview Agent Deployment Role

Posted on by

Microsoft Purview introduces a new Purview Agent Deployment role added to several built-in role groups, allowing analysts to deploy and manage Purview agents without admin help. Rollout starts late February 2026, improving onboarding and agent use while maintaining existing data access and compliance controls.

Microsoft introducing a new Microsoft Purview Role-Based Access Control (RBAC) role—Purview Agent Deployment—and adding it to several existing built‑in Purview role groups. This enhancement empowers analysts who work with Purview agents to deploy and manage them directly, without requiring administrator involvement. The change streamlines onboarding and supports broader adoption of Purview’s AI‑powered agent capabilities.

This update corresponds to Roadmap ID 551147.

Rollout Timeline

  • General Availability (Worldwide): Begins late February 2026
  • Expected Completion: Mid‑March 2026

Who is affected

  • Administrators managing Purview role groups
  • Analysts deploying or working with Microsoft Purview agents

What’s changing

The new Purview Agent Deployment role will be added to the following built‑in role groups:

  • Compliance Administrator
  • Data Security Management
  • Information Protection
  • Information Protection Analysts
  • Information Protection Investigators
  • Insider Risk Management
  • Insider Risk Management Analyst
  • Insider Risk Management Investigator
  • Purview Agent Management

The Purview Agent Management role group will continue to include the Purview Content Analyst role and retain access to Posture agent capabilities.

Capabilities enabled

Users assigned to these role groups will be able to deploy, use, and manage Purview agents end‑to‑end, including:

  • Data Loss Prevention (DLP) — Data Security Triage Agent
  • Insider Risk Management (IRM) — Data Security Triage Agent
  • Data Security Posture Management (DSPM) — Posture Agent
  • Future Purview agents as they are released

Important:

  • No default data access permissions are modified.
  • No new visibility into customer content is introduced.
  • Organizations can optionally enforce separation of responsibilities by using custom role groups.