What's new in Microsoft Purview

Whether it be adding new solutions to the Microsoft Purview governance or compliance portals, updating existing features based on your feedback, or rolling out fresh and updated documentation, Microsoft Purview helps you stay on top of the ever-changing data governance and risk and compliance areas. Take a look at the following information to see what's new in Microsoft Purview.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.

February 2024

Communication compliance

Compliance Manager

  • Updated the Compliance Manager regulations list with the following recent additions:
    • India Digital Personal Data Protection Act
    • ISO/IEC 27001:2022
    • Microsoft Cloud Security Benchmark v1
    • NATO Directive AC/322-D(2021)0032
    • NIS2 Directive (EU) 2022/2555 of the European Parliament and of the Council

Data lifecycle management and records management

  • General availability (GA): Rolling out, you can now change the retention period of an existing retention label when the retention period is based on when items were labeled.

Insider risk management

Sensitivity labels

Service Trust Portal

January 2024

Communication compliance

Compliance Manager

Data loss prevention

  • The name of the DLP settings control has been changed from "Settings" to "Data loss prevention settings" Configure endpoint data loss prevention settings

  • Updated content to cover the significant enhancements that have been made to the Advanced customization and Preview for DLP end-user email notification features for SharePoint, OneDrive and Exchange. You can now:

    • Decide whether the matching email messages should be included or excluded in the end-user notification emails.
    • Leverage tokens from the expanded token library.
    • Customize the sender's display name, email subject and email body.
    • Preview notifications before sending them to end users.
  • Preview: Support has been added for two new endpoint conditions:

    • Document propery is
    • Document name contains words or phrases

Insider risk management

  • In preview: Use real-time analytics recommendations to efficiently adjust the selection of indicators and thresholds of activity occurrence so that you don't have too few or too many policy alerts. If you adjust threshold settings manually, select View impact to display a graph that provides sensitivity analysis for each policy indicator.

Sensitivity labels

December 2023

Audit

Communication compliance

Data lifecycle management and records management

  • In preview: Support for sites using Microsoft 365 Archive. For more information, see How retention works with Microsoft 365 Archive.
  • Improvements to auto-apply retention label policies for sensitive information: Rolling out, you can now include or exclude specific Exchange mailboxes when you configure an auto-apply retention label policy for sensitive information. This policy update for both static and adaptive scopes provides parity with the other retention conditions for Exchange mailboxes.

Data loss prevention (DLP)

eDiscovery

  • NEAR keyword search operator example correction and clarification on how the distance between terms is defined.
  • Content search preview item viewed activity removed from Microsoft 365 audit log for eDiscovery.
  • Permission clarification for SAS tokens when exporting documents from a review set.
  • Clarification on how to use the eDiscovery RBAC Check test tool.
  • Clarification on how to use spaces and the OR operator in eDiscovery searches.
  • Example update for the New-ComplianceSecurityFilter cmdlet when filtering content search results.
  • Clarification that previews of Teams Video Clips aren't currently supported in eDiscovery.
  • Added new information about managing custodian UPNs. If the UPN of a custodian changes after the custodian is added to a case, the custodian information (Title, Manager, Location, etc.) isn't retained and is displayed in the custodian summary pane as No data to show.
  • Content retired: The User Data Search case tool has been retired and its functionality has merged with eDiscovery (Standard). You can now use content to search for content to support DSRs all locations supported by eDiscovery (Standard) searches.
  • Content retired: The Migrate legacy eDiscovery searches and holds to the Microsoft Purview compliance portal topic was retired. The Get-MalboxSearch cmdlet isn't supported in eDiscovery, doesn't return all details older searches.

Exact data match (EDM) sensitive information types (SITs)

  • Added support for multi-token matching, which allows you to detect exact data matches in fields that contain more than one string, for instance, when you have an Address field containing values such as One Microsoft Way or 1234 Main Street.

Insider risk management

Microsoft Copilot for Microsoft 365

Sensitivity labels

  • General availability (GA): Outlook Mobile now supports calendar items for protected meetings.
  • Improvements for Office on the web for labeled and encrypted documents: When screen captures are prevented for labeled and encrypted documents by not granting the user the Copy usage right, the previous exceptions for relabeling scenarios no longer apply for Office on the web. Now, the behavior matches the desktop apps.

November 2023

Announced at Microsoft Ignite

The following new Microsoft Purview capabilities are announced at Microsoft Ignite:

Communication compliance

Data lifecycle management and records management

Data Loss Prevention

  • In preview: Microsoft managed storage for DLP evidence. When saving evidence of the matches detected by your DLP policies, you can now use Azure blob storage managed by Microsoft as an alternative to creating an Azure blob that you manage yourself.

  • General availability (GA): Optical character recognition (OCR) scanning enables Microsoft Purview to scan content in images for sensitive information.

Information protection

  • New graphic added to Consider a phased deployment to conceptually illustrate a phased deployment of sensitivity labels and DLP policies that become more integrated, and with more restrictive controls.

Insider risk management

Microsoft Priva

  • In preview: Identify duplicates, apply actions once to all duplicate items, and filter duplicates from view when reviewing data for a subject rights request.

Sensitivity labels

  • General availability (GA): Sensitivity labels are recognized and used by Copilot for Microsoft 365 to provide an extra layer of protection for your organization's data.

October 2023

Adaptive scopes

New guidance: How adaptive scopes work with Microsoft Entra administrative units

Communication compliance

Data lifecycle management and records management

Data loss prevention

Insider risk management

Microsoft Priva

Sensitivity labels

  • General availability (GA): Outlook on the web supports the sensitivity bar and label colors.
  • General availability (GA): PDF support for auto-labeling policies, default sensitivity labels for SharePoint document libraries, and labeling activities in Office on the web that include manual labeling and displaying labeled documents, and encrypted PDFs that are now supported for DLP, eDiscovery, and search. You must opt-in for this PDF support.
  • General availability (GA): Now in Current Channel, in Word, Excel, and PowerPoint for Windows and Mac, users can no longer select Information Rights Management (IRM) options that can override your sensitivity label encryption settings. Instead, users are prompted to apply a sensitivity label. For more information, see the updated section, Information Rights Management (IRM) options and sensitivity labels.
  • Updated guidance:
    • For auto-labeling policies, added a callout note that simulation results might not include expected files because they were updated after simulation ran.
    • New requirement for a default sensitivity label for a SharePoint document library that files must contain content to be labeled. Empty files are labeled when they are updated with content.
    • Clarification that sensitivity labels to protect meetings don't extend to related meeting items, such as recordings, transcripts, whiteboard, and tasks.
    • The Label priority (order matters) section is updated to reflect the updated UI that displays Priority instead of Order for the Labels page of the Microsoft Purview compliance portal.

d06cf19419544fdbfff8ce8f7e6788f66182ab26

September 2023

Audit

Communication compliance

Compliance Manager

  • Improvement actions have a new design to make it easier to digest status information and record implementation and testing work.
  • Improvement actions no longer support the "parent" testing type, which linked the test status to that of another action.
  • The page formerly titled "Compliance score calculation" has been renamed Compliance Manager scoring, and has updates to clarify action types and scoring.

Data lifecycle management and records management

Data loss prevention

  • Named entities are now supported on government clouds. The full list of supported clouds now includes:

    • Microsoft Commercial Cloud
    • Microsoft Government Community Cloud
    • Microsoft 365 Government Community Cloud High
    • Microsoft 365 Department of Defense
  • General availability (GA): Just-in-time protection for Endpoints is now generally available.

eDiscovery

Information barriers

  • Updated subscription and licensing references in all articles.

Information protection

Insider risk management

Microsoft Priva

Sensitive information types

Sensitivity labels

  • General availability (GA): In SharePoint and Teams, you can see and apply sensitivity labels to documents by using the details pane.
  • General availability (GA): The following new conditions are now generally available for auto-labeling policies. Just the final new condition listed requires an advanced rule, and is applicable to OneDrive and SharePoint only. All the other new conditions are available in common rules:
    • Attachment or file extension is
    • Attachment or document name contains words or phrases
    • Attachment or document property is
    • Attachment or document size equals or is greater than
    • Document created by

August 2023

Audit

Communication compliance

Data lifecycle management and records management

  • Improvements for archive mailboxes: When a mailbox is enabled for archive and assigned a retention policy to retain items, or any other type of hold, more storage space is available to support a large number of deleted items. The storage quota for the Recoverable Items folder in the primary mailbox is increased by 5 GB, raising it from 100 GB to 105 GB. Correspondingly, the Recoverable Items warning quota is increased from 90 GB to 95 GB.
  • New guidance: Will an existing label be overridden or removed?

Data loss prevention

eDiscovery

Information barriers

Insider risk management

Microsoft Priva

Sensitivity labels

Zero Trust