Microsoft Purview compliance portal: Information Protection - Sensitivity labels protection policy support for Azure Storage

🚨 The Signal: Microsoft Purview Sensitivity Labels can now protect Azure Data Lake Gen 2 and Azure Blob storage. This extends data classification and protection policies from M365 to selected Azure storage, enabling consistent sensitive data governance across hybrid environments.

The Impact

Security teams and data owners are affected, with a reduced risk of sensitive data exposure in Azure storage.

• Security Teams: Reduced risk of data exfiltration from Azure storage.
• Data Owners: Improved compliance with data handling policies.
• Compliance Officers: Enhanced auditability of data protection controls.
• Azure Admins: New tools to enforce data security policies on storage.

The Action

1. Review existing Microsoft Purview sensitivity labels and policies for applicability to Azure storage.
2. Identify Azure Data Lake Gen 2 and Azure Blob storage accounts containing sensitive data.
3. Configure sensitivity label auto-labeling or manual application for identified Azure storage.
4. Monitor Purview activity logs for label application and data access on Azure storage.
5. Update data protection documentation to include Azure storage under sensitivity label governance.

Domain: Purview · Impact: high · Workload: Microsoft Purview