What's new in Microsoft Purview risk and compliance solutions

Whether it be adding new solutions to the Microsoft Purview compliance portal, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. Take a look below to see what’s new in Microsoft Purview today.

Note

Some compliance features get rolled out at different speeds to our customers. If you aren't seeing a feature yet, try adding yourself to targeted release.

Tip

Interested in what's going on in other admin centers? Check out these articles:

And visit the Microsoft 365 Roadmap to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.

August 2022

Compliance Manager

Compliance offerings & service assurance

  • Microsoft 365 change management - new assurance topic that covers code and non-code changes to Microsoft services.
  • Japan CS Gold Mark offering topic - retired, certification not renewed.

Data lifecycle management and records management

  • Exchange (legacy) configuration is moving from the Classic Exchange admin center (EAC) to the Microsoft Purview compliance portal, under Data lifecycle management. Existing data lifecycle management features are located under a new subnode, Microsoft 365.
  • For cloud attachments (currently rolling out in preview), automatic and temporary retention of deleted files in the Preservation Hold library to safeguard against the original file being deleted by users before the copy can be created and labeled. For more information, see How retention works with cloud attachments.

Data Loss Prevention

Microsoft Priva

Sensitive Information Types

Sensitivity labels

  • Generally available (GA) and no longer need to opt in: Mobile devices (iOS and Android, with minimal versions) support co-authoring for files encrypted with sensitivity labels.
  • GA with Current Channel 2208+ for Word, Excel, PowerPoint on Windows: Support for PDF. Support for Outlook to block print to PDF when required, is rolling out to Beta Channel.
  • Rolling out to GA with Current Channel 2208+ for Windows, and 16.63+ for macOS: Default label for existing documents.
  • In preview: Trainable classifiers for auto-labeling policies.
  • Guidance how to configure Azure AD for encrypted content, which includes information about External Identities cross-tenant access settings, Conditional Access policies, and guest accounts.

July 2022

Compliance Manager

Compliance offerings & service assurance

Data lifecycle management and records management

Data Loss Prevention

  • DLP policy reference - added new section on Blocking and notifications in SharePoint Online, and OneDrive for Business in response to customer escalations. Updated to support the public preview of sensitive services domains. Updated support for Power BI. Updated support for trainable classifiers.
  • Configure endpoint DLP settings - added new content in support of the public preview release of sensitive service domains public preview. Updated URL matching behavior.
  • Using endpoint DLP - new scenario content in support of the public preview release of sensitive services domains. Updated subscription information.

eDiscovery

Sensitive information types

  • Sensitive information type entity definitions - We added 41 new SIT entity definitions in support of the 41 new credential scanning SITs. SIT entity definitions content was completely reworked from a single monolithic article into more easily referenceable and supportable individual articles. There are now 303 articles in total including the 42 new credential scanning SITs.

Sensitivity labels

June 2022

Compliance Manager

Data Loss Prevention

  • Numerous page updates for Microsoft Purview branded screenshots.

Data lifecycle management and records management

Microsoft Priva

  • Subject Rights Requests - significant updates, and restructuring of SRR content to better assist users through each progress step; details below.
    • Learn about Priva Subject Rights Requests - clearer articulation of customer value prop and general outline of the SRR process.
    • Understand the workflow and details pages - articulates the steps in completing a request, indicating manual vs. automatic progression, and linking off to detailed content; a section explains how to interpret and work with a request's details page, including the new "History" tab.
    • Create a request and define search settings - new framing with subheads explaining there are now two ways to create a request: via a custom method using a guided process, and via the new feature of using a template, whose search parameters aim to retrieve the most relevant content for the situation.
    • Data estimate and retrieval - explains why some requests pause at the data estimate stage and how to adjust the search as a result; also explains how to set a request to pause first before automatically progressing to data retrieval.
    • Review data for a subject rights request - new import file features allows users to bring files from non-Microsoft 365 locations, or files otherwise not picked up by the search, into the Data collected tab.
    • Generate reports and close requests - clarifies when final data packages are generated and what types of files they include.
    • Integrate and extend through Microsoft Graph API and Power Automate - revised the title of this previous Power Automate page and expanded page content to include Graph API content and reference links that previously lived on another page.

Sensitive Information Types

Sensitivity labels

  • In preview: PDF support for Office apps, which includes converting documents to PDF format, inheriting the label with any visual markings and encryption. Print to PDF isn't supported, and this option becomes unavailable for users if their label policy is configured for mandatory labeling.
  • In preview: The dialog box that users see when their label policy is configured to require justification to remove or downgrade a label is updated to warn users that their typed response should not include sensitive data. The screenshot in the What label policies can do section shows this updated dialog box that will make its way into the Office deployment channels for production use.
  • In preview: Support for Outlook to apply S/MIME protection is just starting to roll out across client platforms.
  • For auto-labeling policies, a new setting that can automatically turn on the policy if not edited within a set number of days.

Trainable Classifiers

May 2022

Communication compliance

Compliance Manager

  • Alerts and alert policies - new section explaining the default score change policy for all orgs.
  • Working with improvement actions - clarified status states for implementation status and test status, making a distinction for the latter between automatically tested actions and manually tested actions.
  • Templates list - added two new templates in the Europe, Middle East, and Africa (EMEA) region: Qatar National Information Assurance (NIA) and UAE Data Privacy Law.

Compliance offerings & service assurance

Data lifecycle management and records management

Data loss prevention

Information barriers

Insider risk management

Microsoft Priva

Sensitive Information Types

Sensitivity labels

  • New option at the end of the label creation or editing process, to automatically convert auto-labeling settings into an auto-labeling policy.
  • Auto-labeling policies for SharePoint and OneDrive can now apply labels with encryption when the account that last modified the file no longer exists in Azure AD.
  • Container labels are supported for Office 365 Content Delivery Networks (CDNs).
  • Clarifications for removing and deleting labels.
  • New common scenarios:
    • Label SQL database columns by using the same sensitivity labels as those used for files and emails so that the organization has a unified labeling solution that continues to protect structured data when it's exported
    • Apply a sensitivity label to a file after receiving an alert that content containing personal data is being shared and needs protection

April 2022

Communication compliance

Compliance Manager

Compliance offerings & service assurance

  • Compliance offerings - updates for service coverage and audit reporting for VPATS, SOC, ISO, and FedRAMP offerings.

Data lifecycle management and records management

Data Loss Prevention

Device Onboarding

Information barriers

Microsoft Priva

  • Privacy Risk Management policies - new pages, significant updates, and restructuring of policies content; details below:
    • Privacy Risk Management policies - added significant details about policy setup and management that apply to all policies; added links to new pages for each of the three policy types.
    • Data overexposure policies - articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
    • Data transfer policies - highlights new condition for the policy to detect transfers outside of the org; articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
    • Data minimization policies - articulates the need and uses for the policy; explains default settings for out-of-box creation and detailed instructions for customizing settings.
    • Investigate and remediate alerts - added clarifying details and formatting changes to improve readability.
    • User notifications - added info on the functionality for previewing and customizing email notification content.
  • Create a subject rights request - added section on getting started with your first request with default settings to explore functionality.
  • Review data for a subject rights request - added details explaining priority items to review and how to find them, and the need to set up data matching in order to get this insight.
  • Find and visualize personal data - clarified that users need to set up data matching in order to receive insights for "Items with the most data subject content" under "Key insights".
  • Data matching for subject rights requests - clarified the step progression in this process and added the second step of creating sensitive info types.

Sensitive Information Types

Sensitivity labels

Changes to product names

To meet the challenges of today's decentralized, data-rich workplace, we're introducing Microsoft Purview, a comprehensive set of solutions which helps you understand, govern, and protect your entire data estate. This new brand family combines the capabilities of the former Microsoft Purview Data Map and the Microsoft 365 compliance portfolio that customers already rely on, providing unified data governance and risk management for your organization.

Former Name New Name Description
Microsoft 365 Advanced Audit

Microsoft 365 Basic Audit
Microsoft Purview Audit (Premium)

Microsoft Purview Audit (Standard)
Auditing solutions provide an integrated solution to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. To learn more, see Microsoft Purview Advanced Audit (Premium) and Microsoft Purview Advanced Audit (Standard).
Microsoft 365 Communication Compliance Microsoft Purview Communication Compliance Communication Compliance helps minimize risks by helping you quickly detect, capture, and take remediation actions for company communication channels and policy violations. To learn more, see Microsoft Purview Communication Compliance.
Microsoft Compliance Manager Microsoft Purview Compliance Manager Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors. To learn more, see Microsoft Purview Compliance Manager.
Microsoft 365 Customer Key Microsoft Purview Customer Key Customer Key provides extra protection against viewing of data by unauthorized systems or personnel, and complements BitLocker disk encryption in Microsoft data centers. To learn more, see Microsoft Purview Customer Key.
Office 365 Customer Lockbox Microsoft Purview Customer Lockbox Customer Lockbox ensures that Microsoft can't access your content to do service operations without your explicit approval. Customer Lockbox brings you into the approval workflow process that Microsoft uses to ensure only authorized requests allow access to your content. To learn more, see Microsoft Purview Customer Lockbox.
Data Loss Prevention Microsoft Purview Data Loss Prevention DLP helps protect sensitive data and reduce risk by preventing users from inappropriately sharing that data with people who shouldn't have it. To learn more, see Microsoft Purview Data Loss Prevention.
Double Key Encryption for Microsoft 365 Microsoft Purview Double Key Encryption Double Key Encryption (DKE) uses two keys together to access protected content. Microsoft stores one key in Microsoft Azure, and you hold the other key. To learn more, see Microsoft Purview Double Key Encryption
Microsoft 365 Information Barriers Microsoft Purview Information Barriers Information Barriers is a solution which restricts communication and collaboration between certain people inside your organization to safeguard internal information. To learn more, see Microsoft Purview Information Barriers.
Microsoft Information Protection Microsoft Purview Information Protection Information protection helps you discover, classify, and protect sensitive information wherever it lives or travels. To learn more, see Microsoft Purview Information Protection.
Microsoft Information Governance Microsoft Purview Data Lifecycle Management Data lifecycle management provides you with tools and capabilities to retain the content that you need to keep and delete the content that you don't. To learn more, see Microsoft Purview Data Lifecycle Management.
Microsoft 365 Insider Risk Management Microsoft Purview Insider Risk Management Insider risk management uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. To learn more, see Microsoft Purview Insider Risk Management.
Office 365 Message Encryption Microsoft Purview Message Encryption With Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. To learn more, see Microsoft Purview Message Encryption.
Privileged Access Management in Microsoft 365 Microsoft Purview Privileged Access Management Privileged Access Management helps protect your organization from breaches and helps to meet compliance best practices by limiting standing access to sensitive data or access to critical configuration settings. To learn more, see Microsoft Purview Privileged Access Management.
Microsoft data connectors Microsoft Purview data connectors Microsoft 365 lets administrators use data connectors to import and archive non-Microsoft, third-party data from social media platforms, instant messaging platforms, and document collaboration platforms, to mailboxes in your Microsoft 365 organization. To learn more, see Microsoft Purview data connectors.
Microsoft 365 Advanced eDiscovery

Microsoft 365 Core eDiscovery
Microsoft Purview eDiscovery (Premium)

Microsoft Purview eDiscovery (Standard)
Electronic discovery, or eDiscovery, is the process of identifying and delivering electronic information that can be used as evidence in legal cases. To learn more, see Microsoft Purview eDiscovery (Premium) and Microsoft Purview eDiscovery (Standard).
Microsoft 365 compliance center Microsoft Purview compliance portal Admin portal to access solutions and solution catalog within the Microsoft 365 E5 Compliance suite. To learn more, see Microsoft Purview compliance portal.

March 2022

Communication compliance

Compliance Manager

Data classification

Data lifecycle management and records management

Data Loss Prevention

Information protection

Insider risk management

Microsoft Priva

  • Configure Priva settings - updated clarifying information about data retention periods for subject rights requests; added details about managing and applying data review tags for subject rights requests.
  • Create a subject rights request - added details about refining searches and choosing conditions and attributes; added info about new functionality that lets users select all versions of SharePoint items in their search (vs. the default setting, which only returns current version of SharePoint items).
  • Review data for a subject rights request - added details in step 3 for reviewing items during the data review stage, including marking files as include/exclude, annotating files to apply redactions, applying tags, and entering notes.
  • Generate reports and fulfill a subject rights request - added details about how to understand reports; clarified when an export package is generated and how to work with its contents; added information about audit logs, tagged files reports, and retention periods for SRR data and reports.

Sensitivity labels

  • Sensitivity labels for Teams:
    • Support for shared channels, currently in preview. If a team has any shared channels, they automatically inherit sensitivity label settings from their parent team, and that label can't be removed or replaced with a different label.
    • Support for templates, previously listed as not supported with Teams Graph APIs and PowerShell cmdlets.
  • For auditing Word, Excel, and PowerPoint on the web, justification text is now fully rolled out.
  • Applying a default label to existing documents for Word, Excel, and PowerPoint on the web is now fully rolled out.