Tag Archives: Enterprise Security

Data Security Investigations introduces new soft purge mitigation action

Posted on by

Microsoft is introducing a new soft purge action in Data Security Investigations (DSI), giving admins a quick and safe way to remove sensitive or overshared files during an investigation. With soft purge, items can be deleted immediately but still recovered later as long as they’re within their deleted‑item retention period, so admins get speed without risking permanent data loss.

This builds on DSI’s growing set of AI‑powered tools like intelligent categorization, AI search, and automated risk insights making it easier than ever for organizations to spot issues and take action fast.

New update coming to Microsoft 365 Roadmap ID 558109. A soft purge action will soon be available in Data Security Investigations (DSI), giving admins a safer and more flexible way to remove sensitive or overshared content during an investigation.

When it’s rolling out
  • General Availability (Worldwide): Begins early April 2026
  • Expected completion: late May 2026

What this means for your organization

Who is affected?

Admins who use Data Security Investigations (DSI) in the Microsoft Purview compliance portal.

What’s changing

A new soft purge option will appear in DSI. With this action, admins can:

  • Remove items that match an investigation query
  • Keep those items recoverable until the retention period expires
  • Act quickly without risking accidental permanent deletion

And the best part:

  • The feature is on by default
  • No configuration needed
  • No changes to existing DLP, labeling, or retention policies
  • End users will not see any changes in their workflows

Once the rollout finishes, the feature simply appears for eligible tenants.

How to prepare

There is nothing you need to do in advance.
If you want to get ahead, you may consider:

  • Reviewing how soft purge works in DSI
  • Updating any internal guidance on investigation processes
  • Informing your security or compliance teams about the new action

Overall, this update gives organizations a safer and more controlled way to remove sensitive content during investigations—without adding extra steps or complexity.

Enhancing AI Analysis in Data Security Investigations: What’s Coming Next

Posted on by

Microsoft Purview is rolling out a series of improvements designed to make AI analysis in Data Security Investigations (DSI) faster, smoother, and easier for analysts to use.

With these updates, items added to an investigation will now be automatically prepared for AI analysis—removing a repetitive manual step and helping analysts get to insights sooner. Purview is also introducing a new standard categorization option, giving organizations a quicker and more cost‑efficient way to group and review investigation items. For deeper insights, advanced categorization, including AI‑generated topics, will continue to be available.

These changes are part of Microsoft 365 Roadmap ID 557556.

Rollout Timeline

  • Public Preview: Mid‑March 2026 → Mid‑April 2026
  • General Availability (Worldwide): Mid‑April 2026 → Mid‑May 2026

What This Means for Your Organization

Who will notice the changes?

  • Microsoft Purview administrators
  • Analysts and security teams using Data Security Investigations
  • Any Microsoft 365 tenant with access to DSI capabilities

What’s changing?

  • Automatic AI preparation:
    Items added to an investigation will automatically get ready for AI analysis. No extra clicks or steps required.
  • New standard categorization option:
    A streamlined way to categorize items, ideal for scenarios where speed and simplicity matter.
  • Advanced categorization remains:
    Organizations can still use richer AI‑powered topic grouping when deeper analysis is needed.
  • No configuration changes needed:
    Everything is enabled by default—no admin setup required.

What users may see

  • Faster time from “item added” to “item ready for analysis”
  • A refreshed UI for choosing between standard and advanced categorization

How to Prepare

There’s nothing you need to configure ahead of time. However, it’s helpful to:

  1. Inform analysts and SOC teams about the new categorization options and automatic AI preparation.
  2. Update internal documentation if you maintain guides or SOPs that describe DSI workflows.
  3. Review training materials so teams know when to choose standard vs. advanced categorization.

Microsoft Office for the web: Apply sensitivity labels with user-defined permissions

Posted on by

Updated February 13, 2026: The roll-out timeline has been updated!!

Microsoft 365 Office for the web will support applying sensitivity labels with user-defined permissions in Word, Excel, and PowerPoint starting mid-March 2026. This aligns with desktop app permissions dialogs, requires no admin changes, and enhances document access control without compliance impacts.

Office for the web now supports sensitivity labels with user‑defined permissions

Microsoft 365 Office for the web (Word, Excel, and PowerPoint) now includes the ability to apply sensitivity labels with user‑defined permissions, giving organizations greater flexibility and control over document access directly in the browser. This update aligns the web experience with the modern permissions dialog available in the desktop apps.

Roadmap ID: 468888

Rollout timeline

General Availability

  • Worldwide & GCC:
    Rollout begins mid‑March 2026 (previously mid‑February) and is expected to complete by early April 2026 (previously early March).
  • GCCH & DoD:
    Rollout begins mid‑March 2026 (previously mid‑February) and is expected to complete by early May 2026 (previously early April).

Who is affected

Compliance considerations

No new compliance impacts have been identified. Organisations may review the change as needed.

🚀 Strengthening Security in Microsoft Purview & Microsoft 365: Important Update Coming Soon

Posted on by

To further enhance the security and integrity of how Microsoft Purview interacts with Microsoft 365 services—such as Exchange, SharePoint, OneDrive, and Teams—Microsoft is modernizing how role management works within Purview.

Beginning mid‑February through late March 2026, Microsoft Purview will automatically map certain high‑privileged Purview admin roles to three newly created Microsoft Entra roles. This alignment strengthens identity and permission boundaries and ensures that all high‑impact actions (like search or export) are performed only by users with validated permissions in Entra.

đź“… Rollout Timeline

General Availability (Worldwide)
⏳ Begins: Mid‑February 2026
⏳ Complete: Late March 2026

The best part? No customer action is required.

Role assignments will synchronize automatically from Purview to Entra within minutes, ensuring that permissions flow securely and consistently across Microsoft 365.

đź“ť How to Prepare

  • No action is required—synchronization is fully automated.
  • Be aware that new Purview‑specific Entra roles may appear in audit logs.
  • Avoid assigning these roles directly in Entra.
  • Review your internal documentation and update governance workflows if needed.
  • For deeper technical detail, refer to Microsoft Purview documentation.

🏢 Impact on Your Environment

âś” Who Is Affected

Organizations with admins assigned to high‑privileged Purview roles.

✔ What You’ll See

  • New Purview‑specific Entra roles appearing in audit logs
  • Auto‑generated Entra role assignments, managed solely by Purview
  • No disruption to existing workflows or permissions

âś” What You Need To Do

  • No action required
  • DO NOT manually assign these roles in Entra
  • Update documentation or internal governance policies if referencing these roles
  • Inform your security/compliance teams about the new audit log entries

Compliance & Security Notes

  • No new compliance concerns identified
  • Mapping ensures consistent identity + permission enforcement across M365
  • Supports least‑privileged access by validating roles in both Purview and Entra