Tag Archives: Information Security

Microsoft Purview DSPM now includes a new data security agent to strengthen your data protection posture

Posted on by

Microsoft has officially moved Data Security Posture Management (DSPM) in Microsoft Purview from preview to general availability (GA) and that’s a big step forward for organizations looking to strengthen how they protect sensitive data.

At its core, DSPM helps you understand where your data risks really are, giving you better visibility across your Microsoft 365 environment. Instead of piecing things together manually, you get clear insights, risk signals, and practical recommendations to help improve your overall data security posture.

This release is part of Microsoft’s ongoing investment in enterprise-grade security and compliance tools, making it easier to protect data at scale without added complexity.

What’s New

One of the key additions in this GA release is the Data Security Posture Agent, now fully available.

With it, you can:

  • Get a centralized view of data risks across your environment
  • Identify potential gaps in your security posture
  • Access actionable recommendations to improve protection
  • Take direct steps to remediate risks

The transition from preview to GA is seamless—your existing configurations stay as they are, and there’s no need to reconfigure policies or settings.

Rollout Timeline
  • General Availability (Worldwide): Late May 2026 – Late June 2026

The feature will become available based on your organization’s Microsoft Purview deployment timing.

Who Should Pay Attention

This update is especially relevant for:

  • IT admins
  • Security teams
  • Compliance professionals

Basically anyone responsible for managing or protecting data within Microsoft 365 using Microsoft Purview.

What This Means for You

Good news, no action is required to enable this feature.

That said, it’s a great opportunity to take advantage of what DSPM offers. You might want to:

  • Explore the new DSPM capabilities and see how they fit into your security strategy
  • Learn how to set up and use the Data Security Posture Agent
  • Start using DSPM insights to prioritize and reduce data risks
  • Inform your security and compliance teams about the update
  • Update any internal documentation that references Purview DSPM

Microsoft Purview Information Protection: Override Manually Applied Labels and Remove Labels Using Auto‑Labeling

Posted on by

Microsoft Purview is rolling out a great new capability for SharePoint and OneDrive: automatic actions for sensitivity labels.

Until now, if someone manually applied the wrong label to a file, admins had limited options—especially when large volumes of content were involved. With this update, Purview can now automatically override or remove manually applied sensitivity labels when they don’t match your organization’s policies.

In simple terms:
Your data stays correctly classified, even when humans make mistakes.

Rollout begins mid‑April 2026, and the feature will be off by default, giving administrators full control over when and how they want to enable it. It’s another step toward stronger, more accurate data governance across Microsoft 365.

Microsoft Purview is getting a meaningful upgrade as part of its ongoing integration with Microsoft Defender for Cloud Apps. The latest improvement brings new auto‑labeling actions to SharePoint and OneDrive, giving organizations more control over how sensitive information is classified across their environment.

What’s new?
Admins can now automatically override sensitivity labels that were applied manually or remove labels entirely when a file no longer meets the criteria for that classification. This means large volumes of content can stay properly labeled—even as information changes—without relying on users to update labels themselves.

This update appears under Microsoft 365 Roadmap ID 558342.

📅 Rollout Timeline

  • General Availability (Worldwide): Starting mid‑April 2026
  • Completion expected by mid‑April 2026

A fast rollout for a very impactful capability.

Who will be impacted

This update mainly affects:

  • Microsoft 365 admins managing Purview Information Protection
  • Organizations using auto‑labeling policies for SharePoint or OneDrive

What’s changing

Admins will now see new actions inside the auto‑labeling configuration panel in the Purview portal.

Auto‑labeling policies can now:

Override existing sensitivity labels

Even if a user applied the label manually, Purview can replace it if the file meets a different policy condition.

Remove a specific sensitivity label

If a file no longer qualifies for a certain label, Purview can automatically strip it from the document.

Applies to files at rest

These changes affect existing content already stored in:

  • SharePoint Online
  • OneDrive for Business

Admin-controlled

Nothing changes until an admin enables these new actions.
By default, the feature is off.

Compliance Considerations

AreaWhat It Means
Does this change how customer data is processed?Yes—files in SharePoint and OneDrive may now have labels automatically overridden or removed based on rules you configure.
Does this modify Information Protection capabilities?Yes—it expands auto‑labeling to include overriding manual labels and removing specific labels.
Does this affect monitoring or compliance evidence?Yes—it improves consistency and auditability because label changes follow formal Purview policies.
Is there an admin control?Absolutely. Admins must explicitly configure these new actions in Purview. Nothing changes automatically.