How is my data stored in Microsoft Purview Data Security Investigations (preview)?
When you use Data Security Investigations (preview), Microsoft copies user queried organization data from the Microsoft 365 application storage to tenant-isolated regional investigation storage. This data is stored until Data Security Investigations (preview) administrators or investigators delete the investigation. Only Data Security Investigations (preview) Administrators, Investigators, and Reviewers have access to this data in your organization.
How is my data processed for Data Security Investigations (preview) AI features?
Data Security Investigations (preview) partners closely with Microsoft Security Copilot platform to power Data Security Investigations (preview) AI features. This means that data leaves Data Security Investigations (Microsoft 365 compliance area) and travels to Microsoft Security Copilot (Microsoft Azure compliance area) for up to 48 hours and return with AI generated content and insights. This generates the vector embeddings for vector search, category and subject generation, and examination results.
To ensure user privacy, all data sharing, logging, and scanning is turned off by default for Microsoft Security Copilot processing of Data Security Investigations (preview) data. For more information on Microsoft Security Copilot, see Privacy and data security in Microsoft Security Copilot
What feedback information does Data Security Investigations (preview) collect?
Data Security Investigations (preview) collects customer feedback to enhance its AI features and improve user experience. This feedback is gathered during the public preview stage and includes specific metrics related to the AI features' inputs and outputs.
- What we collect: We collect metrics such as the number of files returned to a vector search query, the total number of vectorized files in the user's data set, category impact scores, AI generated risk and relevance scores of files, and the number of files selected for AI examination. These metrics help us understand the effectiveness and relevance of our AI features.
- What we don't collect: We don't collect customer content or any personal data from the files themselves. Our focus is solely on collecting metrics and qualitative data about the inputs and outputs of our AI services to improve their performance and accuracy.
By collecting these metrics, Data Security Investigations (preview) aims to continuously improve its AI features and provide users with more accurate and relevant results. Your feedback is invaluable in helping us achieve this goal.