What's new in Microsoft Purview risk and compliance solutions

Whether it be adding new solutions to the Microsoft Purview compliance portal, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. Take a look below to see what's new in Microsoft Purview today.

Note

Some compliance features get rolled out at different speeds to our customers. If you aren't seeing a feature yet, try adding yourself to targeted release.

Tip

Interested in what's going on in other admin centers? Check out these articles:

• What's new in the Microsoft 365 admin center
• What's new in the SharePoint admin center
• What's new in Microsoft 365 Defender

And visit the Microsoft 365 Roadmap to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

May 2023

Compliance Manager

• General availability (GA): New multicloud support for Compliance Manager.
  • New article: Multicloud support in Compliance Manager explains the new integration with Microsoft Defender for Cloud so you can assess your compliance posture across Microsoft 365, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS) with resource-level testing and cloud-specific guidance.
  • New article: Configure cloud settings for use with Compliance Manager details the setup process to receive multicloud support in Compliance Manager.
  • New article: Compliance Manager glossary of terms explains new and existing terms and concepts.
• General availability (GA): New configuration connectors for building assessments that cover non-Microsoft services.
  • New article: Working with connectors in Compliance Manager details how to set up and use connectors for building assessments for non-Microsoft services.
  • New article: Salesforce setup for Compliance Manager connector explains the seupt process for using the Salesforce connector.
  • New article: Zoom setup for Compliance Manager explains the setup process fo using the Zoom connector.
  • Update to Build and manage assessments about incorporating connectors for non-Microsoft services.
• Assigning user roles per regulatory template: New capability allowing you to provide scoped access to any assessment built for a specific regulation. Updated pages include:
  • Learn about regulations
  • Get started
  • Build and manage assessments

Data lifecycle management and records management

• General availability (GA): Simulation mode for auto-apply retention label policies is now generally available.
• General availability (GA): Auto-labeling retention policies for cloud attachments that are shared via Exchange or Teams are now generally available. Cloud attachments shared via Yammer remain in preview.

Insider risk management

• In preview: Fine-tune policy indicator thresholds with real-time analytics to reduce alert noise.
• In preview: New Ignore email signature attachments setting reduces alert noise.
• Updates for forensic evidence billing.
• Updates for forensic evidence policy enforcement SLA: Get started with insider risk management forensic evidence.

Microsoft Priva

• Updates to Get started with Priva: insights for the data minimization policy begin surfacing within three days after starting Priva for data that hasn't been modified within the last 30 days.
• Updates to Find and visualize personal data in Priva for the privacy regulations card, which pulls in insights from Compliance Manager.

Sensitivity labels

• Rolling out: PDF support for Office on the web so that when Word, Excel, and PowerPoint converts a labeled Office document into a PDF document, the label with any content markings persists.

April 2023

Communication compliance

• New content on the Filter email blasts feature and the Email blasts senders report.
• Updates to User-reported messages policy.
• New fields for Message Details reports.
• New conditions for Regulatory compliance policy template.
• New video: Learn how to detect communication risks in Microsoft Teams with communication compliance.

Compliance Manager

• Updated regulatory templates list with templates Turkey - Information and Communication Security Guide and SA - Saudi Arabia Monetary Authority (SAMA) & National Cybersecurity Authority (NCA).

Data lifecycle management and records management

• In preview: Scan for sensitive information in images with support for optical character recognition when you use auto-apply retention label policies.
• In preview: Auto-labeling retention policies for cloud attachments that were already in preview now include attachments and links shared in Yammer.
• In preview: Support for Azure Active Directory administrative units—for both data lifecycle management and records management—is starting to roll out.
• In preview: You can now optionally configure auto-approval when you configure a retention label for disposition review.

Data loss prevention

• In preview: Scan for sensitive information in images with support for optical character recognition.
• In preview: Save a copy of items that match DLP policies to Azure storage Learn about evidence collection for file activities on devices (preview) and Get started with collecting files that match data loss prevention policies from devices (preview).
• General availability (GA): Data loss prevention policies in Power BI to automatically detect sensitive information as it is being uploaded into Power BI and take immediate remediation actions. Learn about data loss prevention policies in Power BI).

Insider risk management

• In preview: Scan for sensitive information in images with support for optical character recognition.

Microsoft Priva

• General availability (GA): Recommended policy alert thresholds for more relevant and actionable alerts
• General availability (GA): Flexible boundary options when setting conditions for data transfer policies

Sensitivity labels

• General availability (GA): Default sensitivity label for a SharePoint document library
• General availability (GA): Outlook for Mac displays label colors
• General availability (GA): Rolling out to Current Channel as a parity feature for the AIP add-in, built-in labeling for Windows supports label inheritance from email attachments.
• General availability (GA): Apply S/MIME protection using Outlook on the web.
• In preview: Scan for sensitive information in images with support for optical character recognition when you use auto-labeling policies for Exchange.
• Change of version for AIP add-in disabled by default: For the Monthly Enterprise Channel only, the AIP add-in for Office apps is disabled by default in version 2303. For the Current Channel and Semi-Annual Enterprise Channel, the AIP add-in is still disabled by default in version 2302.
• Retirement notification for the AIP add-in for Office apps: The AIP add-in will retire April 2024. Although the add-in remains in maintenance mode until then, if you haven't already done so, we encourage you to migrate to the labels built into Office.

March 2023

Audit

• Updates for UserKey and UserType schema values to address scenarios for enumeration for audit records generated by guest users and to remove ambiguity for accepted data.
• Updates for audit search records and activities related to Microsoft Defender for Identity (MDI).
• Updates for new audit log fields added to support Microsoft Purview Information Protection.
• Updates for across all audit content for new UTC support in audit solutions.
• Updates for all events that are logged for the Updates app activities in Teams in the audit log.

Communication compliance

• New article: Added article that includes a list of best practices to help reduce alert "noise".
• New article: Added article that summarizes the privacy principles for communication compliance.
• Clarification on the Filter email blasts feature and why the report might include unexpected senders.
• Clarification that Translation view includes associated conversation view messages.

Data lifecycle management and records management

• General availability (GA): Rolling out in general availability, Microsoft Graph records management APIs to support the management of retention labels and event-based retention.
• In preview: Auto-labeling retention policies for cloud attachments that were already in preview are now gradually rolling out support for URL text links.
• Improvements for Teams retention policies: Now rolling out, support for existing call data records as well as newly created call data records, and support for the control message events that name and rename a chat.
• Improvements that support Power Automate flows: Now rolling out to support the scenario of customizing what happens at the end of the retention period, the existing Power Automate compliance actions have been renamed to more accurately describe their purpose. Apply label on the item is renamed Relabel an item at the end of retention, and Deletes the item is renamed Deletes an item at the end of retention. Additionally:
  • New compliance action to improve the resilience of your flow.
  • The trigger action When the retention period expires is renamed When an item reaches the end of its retention period.
  • New compliance action of Apply a retention label on the item to apply a retention label independently from this scenario, as if manually applying a label. The label doesn't need to be published and the retention label is applied immediately. Just like manually applying a retention label, an existing retention label will be overwritten.

Data loss prevention

• General availability (GA): Learn about the Microsoft Purview Firefox extension and Get started with the Microsoft Purview Firefox extension
• In preview:
  • Endpoint DLP Aggregated most restrictive actions applied to endpoints
  • Just in time protection for endpoints and network shares
  • Display of conditions matched when an item matches a policy
  • Endpoint DLP policies can be applied to network shares
  • Support for endpoint DLP policies in Azure virtual desktop, Citrix Virtual Apps and Desktops 7, Amazon virtual workspaces and Hyper-V environments
  • Show policy tips as an oversharing popup

Device onboarding

• In preview: Device configuration and policy sync status is now viewable in the onboarded devices list for Onboarding Windows 10 or Windows 11 devices and Onboarding devices into device management devices

eDiscovery

• Updates for hold type values in the Mailbox diagnostic logs.
• Clarifications for self-chat messages support in content search in Microsoft Teams.
• Updates for new Add Notes feature in viewing review sets and updates for the review set user experience.
• Clarification for custom sensitive information type requirement to use a GUID for search in eDiscovery.
• Clarification for excluding partially indexed items by using a date range in a search query.
• New clarification section that that only Microsoft default sensitive information types are searchable by name, including new example.
• New update for review set viewer and pagination limits.

Information barriers

• New article: Added new article to support the new multi-segment mode in information barriers. The multi-segment mode enables you to assign users in your organization to up to 10 segments in information barriers instead of being limited to just one segment. This allows support for more diverse communication rules between individuals and groups to support more complex organizational and operational scenarios.
• Clarifications for hidden/disabled/guest user accounts and the HiddenFromAddressListEnabled parameter.
• Updates for information barriers policy application and the background processor in Microsoft Teams.

Insider risk management

• Forensic Evidence GA: With the GA release of Forensic Evidence, you can now:
  • Specify websites or desktop apps to include or exclude when you create a policy.
  • View and explore a list of captured clips and filter the list to find just the information you need.
  • Purchase/analyze capacity for captured clips and/or sign up for 20 GB of trial capacity.
• New article: Added article that summarizes the privacy principles for insider risk management.
• Clarification about adding "webhook.ingestion.office.com" to the allowlist when setting up a connector to import HR data.
• Clarification about the past activity detection period for email activities (contrasted to audit activities).
• Clarification on the retention time for user activities reports.

Microsoft Priva

• Clarifications on the three frequency settings for user email notifications for policies and timing on when the emails are sent.
• Subject rights requests now display a count of Record items with retention labels as a priority item to review, which means they can't be processed by the delete workflow.
• Subject rights requests reports page clarifies that delete requests have their own unique report, the action execution log report.

Permissions

• Clarifications for role group support for security groups and blocked and unblocked groups.

Sensitivity labels

• AIP add-in disabled by default: Now rolling out, the AIP add-in for Office apps is disabled by default with version 2302. Starting with this version, you must configure an Office setting if you need to continue to use the Azure Information Protection (AIP) add-in rather than the labels that are built into Office apps.
• General availability (GA): For Windows, the sensitivity bar and label colors are now generally available for Word, Excel, PowerPoint, and Outlook.
• General availability (GA): Both Outlook for Windows and Outlook for Mac are rolling out in general availability for protected meetings.
• General availability (GA): Now in general availability for built-in labeling for Windows, support for a default sublabel for a parent label as a parity feature for the AIP add-in.
• General availability (GA): For labeling built into Windows, macOS, iOS, and Android, auditing actions for sensitivity labels include encryption details such as a change in the encryption status and settings, and the Rights Management owner.
• In preview: The ability to scope labels to files and emails, so that, for example, a sensitivity label is visible to users in Outlook but not in Word, Excel, or PowerPoint. This configuration can be used as a parity feature for the AIP add-in, which could be disabled per app.
• In preview: Prevent oversharing of labeled emails as a DLP policy tip. This DLP policy configuration is an equivalent for the AIP add-in with PowerShell advanced settings that implement pop-up messages in Outlook that warn, justify, or block emails being sent.
• In preview: As a parity feature for the AIP add-in, built-in labeling for Windows supports label inheritance from email attachments.
• In preview: Preview versions of Outlook for Mac now support label colors but don't yet support the sensitivity bar.
• In preview: For mandatory labeling, Outlook for Android in the Beta Channel supports a setting that you can configure with Microsoft Intune to prompt users to select a sensitivity label when they first compose an email instead of when they send it.
• In preview: Now rolling out in preview to SharePoint and Teams, users can select and change a sensitivity label from the details pane from these apps when sensitivity labels are enabled for Office files in SharePoint and OneDrive.
• Removal of restrictions for prevent copying chat for protected meetings: The label setting that prevents copying chat to the clipboard now supports users outside your organization and also users who join a chat but weren't invited to the meeting.
• Ability to turn off the default sensitivity label for SharePoint document libraries: If you don't want SharePoint site admins to be able to configure a default sensitivity label for SharePoint document libraries, you can now turn off this feature as a tenant-level setting.

February 2023

Audit

• Clarification for audit log activities for messages with reactions in Yammer.
• Clarification on customized retention policies and licensing requirements.
• Updates to export limits for all search job items in Audit (Premium).
• Clarification for OneDrive for Business support in Audit (Premium).

Communication compliance

• Mark a policy as a favorite: Mark a policy as a favorite and then filter and sort your policy lists.
• Filter email blasts: Avoid generating alerts when messages are sent from email blast services.
• Filter Message details report by a specific user: Filter the Message details report by a specific user or users to save time and resources.

Data lifecycle management and records management

• Rolling out in preview: Auto-labeling retention policies now support simulation mode, so you can test out your policy configuration and view results before deploying in production.
• Configuration improvements: The configuration for retention policies and retention label policies in the Microsoft Purview compliance portal has been improved for the selection and configuration of locations. Some of the location names have changed to better reflect what's included for the location, and a new Applicable Content column is added for additional information.
• Relocation for adaptive scopes: The configuration and management of adaptive policy scopes is moving to a new location in the Microsoft Purview compliance portal: Roles & Scopes > Adaptive scopes.
• New troubleshooting resources:
  • Identify errors in Microsoft 365 retention and retention label policies
  • Resolve errors in Microsoft 365 retention and retention label policies

Data Loss Prevention

• Support for administrative units in DLP (preview) - Policy Scoping
• Adaptive Protection (preview) - Learn about Adaptive Protection in Data Loss Prevention (preview)
• DLP migration assistant for Symantec GA - Learn about the Microsoft Purview Data Loss Prevention migration assistant for Symantec

eDiscovery

• Updates and clarifications for decryption support in eDiscovery solutions.
• Updates and clarification for keyword queries and search conditions in eDiscovery.
• Updates for new collection management features, including new review set as column links, including the review set name in collection overviews, saving collections as a draft to capture progress and return to complete later, and more:
  • Updated: Learn about collections in eDiscovery (Premium)
  • Updated:Create a collection estimate in eDiscovery (Premium)
  • Updated: Commit a collection estimate to a review set in eDiscovery (Premium)
• New description section for expand selection option for filtered and selected documents in export options.
• Updates for graph API endpoints in the Search and purge chat messages in Teams article.
• Updates to clarify how to verify the deletion of purged messages in Microsoft Teams without having to view as a specific user.

Information barriers

• New support for multi-segments, people discoverability options, Exchange ABP integration, and more:
  • New: Use multi-segment support in information barriers
  • Updated: Use information barriers with OneDrive
  • Updated: Use information barriers with SharePoint
  • Updated: Use information barriers in Microsoft Teams
• Clarifications for policy application processing for IB in Microsoft Teams.

Insider risk management

• In preview: New Adaptive Protection guidance. Adaptive Protection in Microsoft Purview uses machine learning to identify and mitigate the most critical risks with the most effective data loss prevention (DLP) protection controls dynamically, saving security teams valuable time while ensuring better data security.
• New sequences: Added sequence detection for third-party cloud services and unallowed domains
• New cumulative exfiltration button: The new cumulative exfiltration button on the user activity chart provides a visual chart of how activity is building over time for a user
• Filter out activity that has already been reviewed: Use the Review status filter to filter out any activity that was part of a dismissed or resolved alert.
• Clarification for why user activity data outside the selected calendar control range might be included
• Clarification that scoped admins can't select the quick setup option for Adaptive Protection

On-premises scanner

• You can no longer configure the scanner in the Azure portal. To help you locate the equivalent configuration in the Microsoft Purview compliance portal, see Configuration that you used to do in the Azure portal for Azure Information Protection.

Permissions

• In preview: Support for Azure Active Directory administrative units. Administrative units let you subdivide your organization into smaller units, and then assign specific administrators that can manage only the members of those units.

Sensitivity labels

• General availability (GA): Protected meetings by labeling calendar invites and responses, Teams meetings, and chat. Although Outlook for Mac is now rolling out in general availability, Outlook for Windows remains in preview for this scenario.
• General availability (GA): For Windows, built-in labeling supports organization-wide custom permissions as a parity feature for the AIP add-in.
• In preview: Support for Azure Active Directory administrative units.
• In preview: Previously available in preview for Word, Excel, and PowerPoint, the sensitivity bar with support for label colors is now also in preview for Outlook on Windows.
• In preview: Now supported for labeling built into Windows, macOS, iOS, and Android, auditing actions for sensitivity labels include encryption details such as a change in the encryption status and settings, and the Rights Management owner.
• New Office setting: Available with Group Policy and the Cloud Policy service for Microsoft 365, a new setting if you need to disable the PDF support in Office apps for Word, Excel, and PowerPoint.
• Rolling out: In the Microsoft Purview compliance portal, the horizontal tabs for Overview, Labels, Label policies, and Auto-labeling now display as vertical options in the left navigation pane when you expand Information protection.

January 2023

Audit

• Updates for Teams audit log events for sensitivity labels.
• Updates for exporting permissions in auditing solutions.

Communication compliance

• Updates to conditional settings and the required formatting for multi-value conditions.
• New section that outlines limitations for supported channels.

Compliance Manager

• Compliance Manager now has improvement actions related to Microsoft Priva (in preview).

eDiscovery

• Updated with a clarification for searches for inactive mailboxes.
• Updated the supported decryption types in eDiscovery (Standard) and (Premium).
• Updated the example PowerShell script to report holds on associated eDiscovery cases.
• Clarified the query and search filter requirements for a review set.

Insider risk management

• Updated with clarifications for forensic evidence about timelines in the user activity reports and the all activities capturing option.
• Updated obfuscation examples for insider risk management policies.
• Restructured documentation and moved policy template guidance into a new article.

Microsoft Priva

• Two additional roles are now permitted to start a Priva trial: Compliance Admin and Info Protection Admin.
• There are new recommended alert settings (in preview) in Privacy Risk Management policies that allow users to choose more actionable and relevant alerts to reduce noise and alert fatigue.
• There are new Compliance Manager improvement actions related to Priva (in preview); see these instructions for how to access Compliance Manager and how to see the actions.
• Updates for creating a subject rights request:
  • During the custom setup process, it's now optional to enter the data subject's name. A new flyout pane lets you add more identifiers.
  • When refining your search, a new Conditions flyout pane appears during search refinement lets users set multiple search conditions at once.
• Update to clarify that a subject rights request will automatically pause at the data estimate stage if over 10K items or 100 GB of data are likely to be retrieved.
• Updates for reviewing data and collaborating on subject rights requests:
  • There are new filtering options when reviewing data, including keywords supporting multiple words and wildcard.
  • The "Plain text" view in the content review area now highlights all the data subject identifiers provided.
  • Clarifications that the search function in the annotate view can jump to search results within the view.
  • Individual collaborators can now be removed from dedicated Teams channel

Sensitivity labels

• Rolling out in preview: As a parity feature for the AIP add-in, built-in labeling for Windows supports the configuration of a default sublabel for a parent label.
• Rolling out in preview: Word, Excel, and PowerPoint in Office for Mac also supports the sensitivity bar and label colors.
• The earliest version for the AIP add-in to be disabled by default in Office apps for the Current Channel and Monthly Enterprise Channel is now version 2302. The minimum version for the Semi-Annual Channel hasn't changed.

December 2022

Communication compliance

• New transparency note to convey the purpose and intended uses of machine learning in policy templates that use classifiers for business conduct and regulatory compliance.
• Changed the time zone from local time zone to Coordinated Universal Time (UTC) for policy activity detection, user-reported messages, and filters for reports.
• Updated table for built-in trainable and global classifiers to increase visibility for details specific to pre-trained classifiers. Includes updated word count requirements for messages in English and non-English languages.

Compliance Manager

• Assessment templates that belong to the same regulation family now count as one template. The definition of included templates has been updated to align with template licensing changes starting December 2022.
• Improvement actions now provide greater visibility into related controls and assessments. Improvement action details pages have a new Related controls tab, and the Summary section has a clickable Assessments number that, when selected, lists all the assessments related to that action.

Data lifecycle management and records management

• Disposition review no longer has a maximum of 1,000,000 items per label pending or reviewed. This limitation is removed from Limits for retention policies and retention label policies.

Insider risk management

• Examples of file paths to denote specific and wildcard folders and sub-folders to be excluded.

Microsoft Priva

• Tags for reviewing data in a subject rights request provide greater flexibility. There are now two default tags and 21 custom tags that can be named and defined by an organization. Tags can now be applied to, or removed from, multiple content items at once.
• The maximum file size for file import during data review for a subject rights request has increased to 500 MB.
• Instructions for working with the action execution log report for a delete request have been updated; including a clarification that its retention period is the same as all other subject rights request reports.

Sensitivity labels

• General availability (GA): S/MIME support for Windows is now available in the Office Current Channel, providing parity with the AIP add-in. For more information, see Apply S/MIME protection.
• Rolling out in preview: Protected meetings by labeling calendar invites and responses, Teams meetings, and chat.

November 2022

Audit

• Audit New Search - the new export limit is now up to a maximum of 500K (500,000 rows) for a single export.
• Search the audit sign in the compliance portal - clarified table for retention policies and labels.

Communication compliance

• Messages in alerts now include a sentiment evaluation to help investigators quickly prioritize potentially riskier messages to address first.
• Automatically detects if text is in a different language than the user's current system setting and displays alert message text accordingly.
• Threat, Harassment, and Profanity classifiers in the English language now inspects and evaluates messages with a word count of three or greater.

Compliance Manager

• New role-based access to assessments allows you to assign users roles for viewing and managing individual assessments.
• Working with improvement actions - clarified that users need a Compliance Manager Assessor role in order to edit improvement action testing notes, and that roles can now be assigned for individual assessments.

eDiscovery

• Limits in eDiscovery (Premium) - new section for review set viewer limits, the maximum number of items displayed per page in a review set is now 10,000.
• Decryption in Microsoft Purview eDiscovery tools - clarified how items labeled within SharePoint Online are decrypted with eDiscovery tools.
• Conduct an eDiscovery investigation of content in Microsoft Teams - expanded reactions in Microsoft Teams chats are now supported in eDiscovery (Premium).
• Create an eDiscovery hold - clarified how eDiscovery holds are handled when a user's OneDrive URL changes.
• Export documents from a review set in eDiscovery (Premium) - clarified how eDiscovery includes the parent email in the PST files if defined by the "Group" option in the review set.

Insider risk management

• Sensitive info types now has a limit of 500 types that you can exclude. The previous limit was 100 sensitive info types.
• Admins can now enable potential high-impact user and cumulative exfiltration activities score boosters in policy settings.
• New risky browser indicators available for detecting user browsing activity related to websites that are considered malicious or risky and pose potential insider risk that may lead to a security or compliance incident.

Microsoft Priva

• In preview: Delete requests are now supported by Subject Rights Requests.
  • Create and manage a delete request (preview) - details the process for setting up a delete type of request, collaborating on a review process to approve the deletion, and initiating a workflow to carry out the deletion.
  • Set user permissions and assign roles - lists the new role of Subject Rights Requests Approver for delete request approvers.
  • Review data for a subject rights request - clarifies that adding the delete data review tag doesn't mark the item for deletion in the new delete request type.
  • Create a request and define search settings - adds Delete (preview) as a request type.

On-premises scanner

• General availability (GA): Configuration for the Microsoft Purview Information Protection scanner (formerly named Azure Information Protection unified labeling scanner) in the Microsoft Purview compliance portal. For more information, see Configure & install the information protection scanner.

Sensitivity labels

• General availability (GA): Trainable classifiers for auto-labeling policies. Trainable classifiers are now available for both auto-labeling for Office apps that use label settings (known as client-side auto-labeling) and auto-labeling policies (known as service-side auto-labeling). As a result, trainable classifiers are removed from the comparison table that lists only the differences between the two auto-labeling methods.

• The automated email that has the subject Incompatible sensitivity label detected for when there's a labeling mismatch for a site now contains a link to an internal troubleshooting guide that you must specify as a URL with the LabelMismatchEmailHelpLink parameter from Set-SPOTenant.

• If you need to, you can now disable co-authoring for your tenant by using PowerShell.

October 2022

Audit

• Audit New Search - users can now run 10 concurrent audit search jobs with a max of one unfiltered search job, and review the progress %, result number, and job status in the UI. Historical search jobs results are now stored for 30 days and can be accessed after completion.)

Communication compliance

• In preview: New communication compliance integration with insider risk management. Communication compliance can now provide risk signals detected in messages to insider risk management policies. Risky users detected in messages by the communication compliance policy act as a triggering event to bring users into scope for the insider risk management policies.

Data loss prevention

• In preview: Multiple updates for authorization groups in Configure endpoint DLP settings and Using Endpoint data loss prevention.
  • Printer groups
  • Removable USB storage device groups
  • Network share paths
  • Website groups
  • VPN network location groups
  • Sensitive service domains
• In preview: Policies can use grouping of conditions, nesting of groups and the use of boolean operators (AND/OR/NOT) between them.
  • Complex rule design
  • Use trainable classifiers as conditions in DLP policies
• In preview: For endpoints, support for detecting sensitive items that are password protected or encrypted.
  • Conditions that devices support
• Generally available: 100 new files types that can be scanned

eDiscovery

• Limits for Content search and eDiscovery (Standard) - clarified how eDiscovery jobs are counted towards limits.
• Export documents from a review set in eDiscovery (Premium) - removed conversation PDF support per feature and UI updates.
• Assign eDiscovery permissions in the compliance portal - added content to support new Manage review set tags role.
• New-ComplianceSecurityFilter - now support only 'all' parameters, removed non-supported example scenarios.
• Keyword queries and search conditions for eDiscovery - clarified the supported FolderId 48-character format indexed for search.

Insider risk management

• In preview: Insider risk management introduces forensic evidence, which enables customizable visual activity capturing across devices to help your organization better mitigate, understand, and respond to potential data risks like unauthorized data exfiltration of sensitive data.
• In preview: Insider risk management integration with communication compliance when using the Data leaks by risky users or Security policy violations by risky users policy templates. Communication compliance can now provide risk signals detected in messages to insider risk management policies.
• In preview: New inline alert customization allows analysts and investigators to quickly edit policies when reviewing alerts.
• New priority content scoring updates that allow you to choose whether to assign risk scores to all activities detected by a policy or only activities that include priority content.
• Security teams are now able to customize a security trigger in the 'data leaks' policy to surface when a user performs a sequence, enabling them to respond to user actions that might be considered riskier.
• New updates now allow security teams to create policies with sequences without any other required underlying policy indicator selections.

Data lifecycle management and records management

• General availability (GA): Relabeling at the end of the retention period.
• General availability (GA): Starting a record unlocked.
• General availability (GA): Users can now apply published retention labels to files directly in Teams.
• New retention support statements: Retention policies for Teams support the chat with myself feature, video clips, and call data records, which are system-generated messages that contain metadata for meetings and calls. Retention policies for Yammer support storyline posts.
• Improved in-product experience if retention policies have errors: You'll now see a detailed description of the error in the details pane, with in-product actions to take that can resolve the problem. For example, remove invalid locations and resynchronize the policy.

Microsoft Priva

• In preview: Data transfer policies in Privacy Risk Management now offers additional flexible boundary conditions: detecting transfers based on users' Azure Active Directory attributes, transfers between users in different Microsoft 365 groups, and transfers between SharePoint sites.

On-premises scanner

• In preview: The Azure Information Protection (AIP) on-premises scanner is being renamed Microsoft Purview Information Protection scanner and configuration is moving to the Microsoft Purview compliance portal.

Sensitivity labels

• Call to action: Migration guidance to help you move from the AIP add-in for Office apps, with a migration playbook from our Customer Experience Engineering (CxE) team
• General availability (GA): Authentication contexts for label groups and site settings that work with Azure AD Conditional Access policies to enforce more stringent access conditions to a site.
• General availability (GA): Site sharing permissions by using PowerShell.
• General availability (GA): Preventing copy to clipboard is honored for labeled and encrypted files in SharePoint and OneDrive, with some exceptions for relabeling scenarios.
• In preview: The AIP add-in for Office apps is disabled by default and requires a new setting to override this default.
• Support statement: Files types supported for SharePoint and OneDrive, after enabling sensitivity labels for these services.
• New prerequisite for co-authoring and the Azure Information Protection unified labeling client and scanner: It's not supported to use Double Key Encryption in the same tenant as the co-authoring feature.

Trainable classifiers

• In preview 20 + new trainable classifiers and a standalone trainable classifier definitions article.
  • Trainable classifiers definitions

September 2022

Communication compliance

• Get started with communication compliance: New updates for recommended actions and accelerated onboarding. Recommended actions can help your organization quickly get started with communication compliance.
• Investigate and remediate communication compliance alerts: New update for keyword highlighting support for plain text view. Keyword highlighting, which is currently available for English language only, can help direct you to the area of interest in long messages and attachments.
• Use communication compliance reports and audits: Clarifications on permissions needed to view and manage communication compliance reports. To view and manage reports, users must be assigned to the Communication Compliance Viewers role group.

Compliance Manager

• Compliance Manager templates list: New template added for Australian Information Security Registered Assessor Program (IRAP) with ISM Version 3.5 - Official).

Data Classification

• Increase classifier accuracy (preview) - This article shows you how to confirm whether items matched by a classifier are true positive (a Match) or a false positive (Not a match) and provide Match, or Not a match feedback. You can use that feedback to tune your classifiers to increase accuracy. You can also send redacted versions of the document and the Match, Not a Match feedback to Microsoft if you want to help increase the accuracy of the classifiers that Microsoft provides.

Data lifecycle management and records management

• In preview: Retention labels now support running a Power Automate flow at the end of the retention period to support custom actions and integration with other solutions. For more information, see Customize what happens at the end of the retention period.
• For records management items undergoing disposition review, when you select that item in the Disposition area of the compliance portal, a new Progress column displays the item's status. That status can be "Approved for deletion, 'Awaiting deletion from SharePoint/OneDrive' or 'Awaiting deletion from Exchange', or "Permanently Deleted". When an item is approved for permanent deletion as part of the disposition review process, that deletion can take up to 15 days to complete and this new column helps you to track its progress.
• The configuration to enable a mailbox for archiving is moving to the new Exchange admin center (EAC) and instructions have been updated accordingly.
• Currently, trainable classifiers for auto-apply retention labels aren't supported with adaptive scopes. As a workaround, use static scopes for this configuration combination.
• Instructions to Customize an archive and deletion policy for mailboxes are updated to include only retention tags that have an outcome that can't be achieved with Microsoft 365 retention.

Data loss prevention

• Design a data loss prevention policy complex rule design - The DLP rule builder supports boolean logic (AND, OR, NOT) and nested groups. New video and content added that walks you through this new functionality.

Sensitivity labels

• PDF support in Word, Excel, and PowerPoint is now available to Windows Current Channel and Monthly Enterprise Channel.
• Default label for existing documents is now fully rolled out to Mac and Windows in Current Channel and Monthly Enterprise Channel, providing parity with the AIP add-in.
• In preview: The new sensitivity bar and support for label colors in Office apps, providing parity with the AIP add-in with additional functionality.
• In preview: S/MIME support for Windows, providing parity with the AIP add-in. Support for Mac and mobile is now fully rolled out.
• In preview: Trainable classifiers for auto-labeling policies (all workloads).

Trainable classifiers

• Trainable classifiers definitions - more than 20 new classifiers have been added, so the definitions for all trainable classifiers have been broken out into this new article.