Microsoft Purview compliance portal: Data Loss Prevention - Optical character recognition (OCR) support for endpoint

🚨 The Signal: Purview DLP now uses Optical Character Recognition (OCR) on Windows endpoints to detect sensitive data within images (JPG, PNG, PDF, etc.). This prevents exfiltration of sensitive information embedded in visual content, significantly enhancing data protection.

The Impact

Security teams and data owners are affected by enhanced data loss prevention, reducing the risk of sensitive information exposure via images.

• Security Teams: Reduced risk of data exfiltration through image-based content.
• Data Owners: Improved protection for sensitive information in visual formats.
• Compliance Officers: Stronger attestation for data protection policies.
• End Users: Potential blocking of actions involving sensitive data in images.

The Action

1. Review existing Purview DLP policies to ensure they cover relevant sensitive information types.
2. Validate that endpoint DLP is deployed and configured on Windows devices.
3. Communicate new DLP capabilities to data owners and relevant business units.
4. Monitor DLP alerts for OCR-detected incidents and refine policies as needed.

Domain: Purview · Impact: high · Workload: Microsoft Purview