Microsoft Purview: Integration with Entra GSA Internet Access to enable sensitive file filtering at the network layer

🚨 The Signal: Microsoft Purview DLP now integrates with Entra Global Secure Access Internet Access, enabling network-layer sensitive file filtering. This prevents data exfiltration to untrusted cloud apps, including generative AI platforms, enhancing data protection in transit.

The Impact

Security teams and Purview/Entra admins are affected, gaining a critical new control to prevent sensitive data exfiltration over the network.

  • Security Teams: New capability to enforce DLP at the network layer, reducing data exfiltration risk.
  • Purview Admins: New policy configuration required for 'Inline Web Traffic' scenario.
  • Entra GSA Admins: Integration with GSA Internet Access requires coordination for policy enforcement.
  • Organisations: Enhanced protection against sensitive data sharing with untrusted cloud services, including AI.

The Action

  1. Review Microsoft Purview DLP documentation for 'Inline Web Traffic' scenario.
  2. Plan for integration with Entra Global Secure Access Internet Access.
  3. Develop and test new DLP policies targeting network traffic to untrusted cloud applications.
  4. Configure alerts and incident management within Purview and Microsoft Defender for network DLP events.

Domain: Purview · Impact: high · Workload: Microsoft Purview