What's new in Microsoft Purview risk and compliance solutions

Whether it be adding new solutions to the Microsoft Purview compliance portal, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft 365 helps you stay on top of the ever-changing compliance landscape. Take a look below to see what's new in Microsoft Purview today.

Note

Some compliance features get rolled out at different speeds to our customers. If you aren't seeing a feature yet, try adding yourself to targeted release.

Tip

Interested in what's going on in other admin centers? Check out these articles:

• What's new in the Microsoft 365 admin center
• What's new in the SharePoint admin center
• What's new in Microsoft 365 Defender

And visit the Microsoft 365 Roadmap to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

September 2023

Data lifecycle management and records management

• General availability (GA): Support for administrative units—for both data lifecycle management and records management.
• In preview: Now in beta, you can programmatically apply and manage retention labels for SharePoint and OneDrive by using Microsoft Graph API to lock and unlock records, set retention labels, remove retention labels, and get metadata for retention labels.

Sensitivity labels

• General availability (GA): The following new conditions are now generally available for auto-labeling policies. Just the final new condition listed requires an advanced rule, and is applicable to OneDrive and SharePoint only. All the other new conditions are available in common rules:
  • Attachment or file extension is
  • Attachment or document name contains words or phrases
  • Attachment or document property is
  • Attachment or document size equals or is greater than
  • Document created by

August 2023

Audit

• Updates for new Microsoft Purview governance activities logged in the Microsoft 365 audit log.
• Updates for audit activities accessible only by search queries performed by an unrestricted admin.
• Updates for site administration activities logged in the Microsoft 365 audit log.
• Updates for quarantine activities logged in the Microsoft 365 audit log.
• Updates for Microsoft Teams auditing activities for exporting recordings and transcripts.
• Updates for permissions and access to audit search from the compliance portal.

Communication compliance

• Export action: Export a collection of message details if your files exceed 3 MB.

Data lifecycle management and records management

• Improvements for archive mailboxes: When a mailbox is enabled for archive and assigned a retention policy to retain items, or any other type of hold, more storage space is available to support a large number of deleted items. The storage quota for the Recoverable Items folder in the primary mailbox is increased by 5 GB, raising it from 100 GB to 105 GB. Correspondingly, the Recoverable Items warning quota is increased from 90 GB to 95 GB.

Data loss prevention

• In preview: Endpoint DLP Just-in-time protection applies a candidate policy to onboarded Windows 10/11 devices. The candidate policy blocks all egress activities on monitored files until policy evaluation completes successfully.
  • Endpoint DLP Just-in-time protection
  • Use Endpoint Just-in-time protection

eDiscovery

• Updates collection limits for Export as a report.
• Updates for configuring and managing themes in eDiscovery.
• Updates for decryption limitations with email and attachments.
• Clarification for the preservation of item metadata in review set downloads.
• Clarification for searching Microsoft Teams meetings by date in eDiscovery.
• Updates for status details when closing or deleting cases in eDiscovery.
• Clarifications for date ranges and excluding partially indexed items.
• Clarification that date and time for all conversations in Microsoft Teams are shown in Coordinated Universal Time (UTC) in eDiscovery.
• Clarification when using PowerShell to include inactive mailboxes in content searches.

Information barriers

• Updates to about the visibility of non-IB groups and users in SingleSegment and MultiSegment modes.

Insider risk management

• In preview: Fine-tune exclusions by creating detection groups and variants of built-in indicators.
• In preview: Update to remove the limitation on viewing and adding a SharePoint site. Customers can now see and add a SharePoint site to exclusions and priority content, even if they don't have permissions to access the site.
• Update: Guidance on how to increase number of alerts.
• Update: Guidance on tuning Adaptive Protection risk level settings.
• Update: Intune setup instructions for browser signal detection.
• Update to clarify that admins contained with an Azure Active Directory security group aren't supported for alert assignment.

Sensitivity labels

• General availability (GA): Built-in labeling support for Double Key Encryption (DKE) is now in general availability as a parity feature for the AIP add-in.
• General availability (GA): Support for administrative units.
• In preview: Rolling out in preview, Office documents are registered to support track and revoke document access as a parity feature for the AIP add-in.
• In preview: Rolling out in preview, support for end-user tracking and revocation as a parity feature for the AIP add-in. Owners of Office files that are registered for tracking and revocation can access the Microsoft Purview compliance portal from the Sensitivity menu to view user access attempts to the file, and revoke access if needed.
• In preview: Now extended to Current Channel for Windows, limited support for labels configured for user-defined permissions when files are stored in SharePoint or OneDrive.

July 2023

Communication compliance

• Support for advanced sensitive info types: Communication compliance now supports four advanced sensitive information types: All credentials, All full names, All medical terms and conditions, and All physical addresses.
• New conditions: Use the following new conditions to monitor communications that cross the firewall:
  • Message is received from any of these external email addresses
  • Message isn't received from any of these external email addresses
  • Message is sent to any of these external email addresses
  • Message isn't sent to any of these external email addresses
• New Policy settings button: View policy settings without opening a policy.
• New Filter bar: Key filters (Body/Subject, Date, Sender, and Tags) are always displayed to make it easier to filter.

Insider risk management

• In preview: Bring your own detections (BYOD). Use the new BYOD detections feature to import third-party insider risk detections and create custom indicators.
• Save a view of a filter in the Activity explorer: If you create a filter and customize columns for the filter, save a view of your changes to quickly apply again later.
• Support for virtualized environments: Insider risk management now supports virtualized environments through endpoint DLP.
• General availability (GA):
  • Import physical badging data connector
  • Identify priority physical assets setting
• Additional templates for browser signal detection: Browser signal detection is now used for the Data theft by departing users, Data leaks, and Risky browser usage (preview) templates.
• Update for the maximum size of a priority user group.

Sensitivity labels

• General availability (GA): A Contextual Summary tab is added to auto-labeling policies that are in simulation. Similar to other solutions that support contextual summary, when you select an item to review for matched files on SharePoint or OneDrive, this new tab highlights the matched content and its surrounding context. Use this tab to confirm that the match is positive and therefore suitable to turn on the policy. Or, the match is negative, in which case you can fine-tune the policy and rerun simulation. Contextual summary isn't supported for emails.
• In preview: Now rolling out in preview, PDF support for auto-labeling policies, default sensitivity labels for SharePoint document libraries, and labeling activities in Office on the web that include manual labeling and displaying labeled documents, and encrypted PDFs that are now supported for DLP, eDiscovery, and search. You must opt-in for this PDF support.

June 2023

Communication compliance

• Update to note that for the Export option in detailed reports, the items and actions displayed are only for the items and actions matched during the date range included in the date range filter.

Compliance Manager

• Updated the regulations list page for the addition of a new template for Corporate Sustainability Reporting Directive (CSRD).
• Update to clarify that some automatically tested actions might show a status of "Out of scope" within the first 24 hours of setup with Microsoft Defender for Cloud monitoring.
• Update to reflect that the link to export an assessment report is now called "Export actions."

Data lifecycle management and records management

• General availability (GA): Auto-labeling retention policies for cloud attachments that are shared via Viva Engage are now in general availability.
• Rolling out: A default retention label for Outlook is always retained when an item is moved to the Deleted Items folder.

Data loss prevention

• General availability (GA): Oversharing Popup for Outlook Win32. Get started with oversharing pop ups and Business justification X-Header.

Insider risk management

• New Alert ID field and Case ID field: New static ID fields make it easier to search for alerts, and track and share alerts between admins.
• Assign an alert feature: Ability to assign an alert to a specific admin makes it easier for admins to prioritize and triage alerts.
• Update to clarify that there's no limit on the number of users for forensic evidence policies.

Microsoft Priva

• Updates to clarify that adding a collaborator automatically gives them a Privacy Management Contributors role, on Review data for a subject rights request and Set user permissions and assign roles.

Sensitivity labels

• General availability (GA): Now rolling out, Outlook for Android and Outlook for iOS support a setting for mandatory labeling that you can configure with Microsoft Intune to prompt users to select a sensitivity label when they first compose an email instead of when they send it.
• General availability (GA): Outlook for Android and Outlook for iOS, the sensitivity bar and label colors are now in general availability. For iOS, the release is still rolling out.
• In preview: Now rolling out in preview, OneDrive locations for auto-labeling policies are changing from sites specified by URLs to users and groups. This change of configuration means that administrative units are now supported for OneDrive auto-labeling policies. Any existing OneDrive sites specified in auto-labeling policies as site URLs will continue to work but before you can add more OneDrive locations, or for restricted admins, you must first delete any existing OneDrive sites specified as URLs. Groups supported: distribution groups, Microsoft 365 groups, mail-enabled security groups, and security groups.
• In preview: Now rolling out in preview, limited support for labels configured for user-defined permissions for Office on the web, SharePoint and OneDrive.
• In preview: The following new conditions are rolling out in preview for auto-labeling policies. Just the final new condition listed requires an advanced rule, and is applicable to OneDrive and SharePoint only. All the other new conditions are available in common rules:
  • Attachment or file extension is
  • Attachment or document name contains words or phrases
  • Attachment or document property is
  • Attachment or document size equals or is greater than
  • Document created by
• In preview: A Contextual Summary tab is added to auto-labeling policies that are in simulation. Similar to other solutions that support contextual summary, when you select an item to review for matched files on SharePoint or OneDrive, this new tab highlights the matched content and its surrounding context. Use this tab to confirm that the match is positive and therefore suitable to turn on the policy. Or, the match is negative, in which case you can fine-tune the policy and rerun simulation. Contextual summary isn't supported for emails.
• Removal of limitations for Teams when using sensitivity labels: Several previous limitations are removed for Teams protected meetings, which include Safari and Firefox support to prevent copy chat, support for virtual desktop infrastructure (VDI), policy settings for justification for changing a label, mandatory labeling, and a help link to a custom help page, and more methods are now supported to prevent copying chat.

May 2023

Audit

• Updates for audit log support for Microsoft Project for the web, Microsoft To Do,and Microsoft Defender Experts activities.
• Updates to clarify audit log retention policies and duration options.

Compliance Manager

• General availability (GA): New multicloud support for Compliance Manager.
  • New article: Multicloud support in Compliance Manager explains the new integration with Microsoft Defender for Cloud so you can assess your compliance posture across Microsoft 365, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS) with resource-level testing and cloud-specific guidance.
  • New article: Configure cloud settings for use with Compliance Manager details the setup process to receive multicloud support in Compliance Manager.
  • New article: Compliance Manager glossary of terms explains new and existing terms and concepts.
• General availability (GA): New configuration connectors for building assessments that cover non-Microsoft services.
  • New article: Working with connectors in Compliance Manager details how to set up and use connectors for building assessments for non-Microsoft services.
  • New article: Salesforce setup for Compliance Manager connector explains the seupt process for using the Salesforce connector.
  • New article: Zoom setup for Compliance Manager explains the setup process fo using the Zoom connector.
  • Update to Build and manage assessments about incorporating connectors for non-Microsoft services.
• Assigning user roles per regulatory template: New capability allowing you to provide scoped access to any assessment built for a specific regulation. Updated pages include:
  • Learn about regulations
  • Get started
  • Build and manage assessments

Data lifecycle management and records management

• General availability (GA): Simulation mode for auto-apply retention label policies is now generally available.
• General availability (GA): Auto-labeling retention policies for cloud attachments that are shared via Exchange or Teams are now generally available. Cloud attachments shared via Viva Engage remain in preview.

eDiscovery

• In preview: New article for guest access in eDiscovery (Premium). With guest access, you can provide access to an eDiscovery Premium case to people outside your organization. You can invite guests users to eDiscovery (Premium) cases just like you can invite guests into your Teams environment.
• In preview: New support for Export collected items and Export as report options for review sets in eDiscovery (Premium).
• In preview: New support for viewing job reports for eDiscovery (Premium). eDiscovery (Premium) now includes a jobs report tool that lists all jobs that count towards the jobs concurrency and daily limits in eDiscovery for a defined time period.
• Updates to clarify the indexing of non-custodial data sources in eDiscovery (Premium) cases.

Insider risk management

• In preview: Fine-tune policy indicator thresholds with real-time analytics to reduce alert noise.
• In preview: New Ignore email signature attachments setting reduces alert noise.
• Updates for forensic evidence billing.
• Updates for forensic evidence policy enforcement SLA: Get started with insider risk management forensic evidence.

Microsoft Priva

• Updates to Get started with Priva: insights for the data minimization policy begin surfacing within three days after starting Priva for data that hasn't been modified within the last 30 days.
• Updates to Find and visualize personal data in Priva for the privacy regulations card, which pulls in insights from Compliance Manager.

Sensitivity labels

• Rolling out: PDF support for Office on the web so that when Word, Excel, and PowerPoint convert a labeled Office document into a PDF document, the label with any content markings persists.
• In preview: Built-in labeling support for Double Key Encryption (DKE) is in preview as a parity feature for the AIP add-in.

April 2023

Audit

• Updates for audit log support for Microsoft Planner activities.

Communication compliance

• New content on the Filter email blasts feature and the Email blasts senders report.
• Updates to User-reported messages policy.
• New fields for Message Details reports.
• New conditions for Regulatory compliance policy template.
• New video: Learn how to detect communication risks in Microsoft Teams with communication compliance.

Compliance Manager

• Updated regulatory templates list with templates Turkey - Information and Communication Security Guide and SA - Saudi Arabia Monetary Authority (SAMA) & National Cybersecurity Authority (NCA).

Data lifecycle management and records management

• In preview: Scan for sensitive information in images with support for optical character recognition when you use auto-apply retention label policies.
• In preview: Auto-labeling retention policies for cloud attachments that were already in preview now include attachments and links shared in Viva Engage.
• In preview: Support for Azure Active Directory administrative units—for both data lifecycle management and records management—is starting to roll out.
• In preview: You can now optionally configure auto-approval when you configure a retention label for disposition review.

Data loss prevention

• In preview: Scan for sensitive information in images with support for optical character recognition.
• In preview: Save a copy of items that match DLP policies to Azure storage Learn about evidence collection for file activities on devices (preview) and Get started with collecting files that match data loss prevention policies from devices (preview).
• General availability (GA): Data loss prevention policies in Power BI to automatically detect sensitive information as it is being uploaded into Power BI and take immediate remediation actions. Learn about data loss prevention policies in Power BI).

eDiscovery

• New article: Configure review set grouping settings for eDiscovery (Premium) cases details how you can configure grouping settings for each Microsoft Purview eDiscovery (Premium) case to control how the data in a review set is grouped and displayed.
• In preview: New support for upgrading a eDiscovery (Standard) case to eDiscovery (Premium).
• In preview: New support for Microsoft Teams meeting recordings and transcripts.
• In preview: New support for the Export item report action for collections in eDiscovery (Premium).
• In preview: New support for using the new query builder to create search queries. The query builder option in collection search tool provides a visual filtering experience when you build search queries in Microsoft Purview eDiscovery (Premium).
• Updates to clarify the syntax for issuance and release hold notifications for multiple users and email fields.
• Updates for a new script to pull the FolderID from multiple mailboxes in a content search for targeted collections.
• Update for retry hold actions when custodians are placed on hold.
• Update for character and URL limits when searching SharePoint and OneDrive for Business locations.
• Clarification for the data retention for job information.
• Updates for requirements for decryption in eDiscovery.
• Article retired: the Change the size of PST files when exporting eDiscovery search results article has been retired.

Insider risk management

• In preview: Scan for sensitive information in images with support for optical character recognition.
• Updates to clarify the required enterprise apps needed to access eDiscovery (Premium) view, filter, and search features.
• Updates to include an example of remediating errors by uploading the extracted text.

Microsoft Priva

• General availability (GA): Recommended policy alert thresholds for more relevant and actionable alerts
• General availability (GA): Flexible boundary options when setting conditions for data transfer policies

Sensitivity labels

• General availability (GA): Default sensitivity label for a SharePoint document library
• General availability (GA): Outlook for Mac displays label colors
• General availability (GA): Rolling out to Current Channel as a parity feature for the AIP add-in, built-in labeling for Windows supports label inheritance from email attachments.
• General availability (GA): Apply S/MIME protection using Outlook on the web.
• In preview: Scan for sensitive information in images with support for optical character recognition when you use auto-labeling policies for Exchange.
• Change of version for AIP add-in disabled by default: For the Monthly Enterprise Channel only, the AIP add-in for Office apps is disabled by default in version 2303. For the Current Channel and Semi-Annual Enterprise Channel, the AIP add-in is still disabled by default in version 2302.
• Retirement notification for the AIP add-in for Office apps: The AIP add-in will retire April 2024. Although the add-in remains in maintenance mode until then, if you haven't already done so, we encourage you to migrate to the labels built into Office.