Microsoft Purview compliance portal: Information Protection - SharePoint Online extends library permissions to downloaded files.

🚨 The Signal: SharePoint Online library permissions now extend to Purview sensitivity labels, automatically protecting downloaded files. This enhances data exfiltration prevention and simplifies access revocation for sensitive documents, improving data governance.

The Impact

Security teams and data owners are affected by enhanced data protection capabilities, reducing the risk of unauthorised data access and exfiltration.

• Security Teams: Reduced risk of data exfiltration from SharePoint.
• Data Owners: Simplified bulk labeling and access revocation for sensitive files.
• End Users: Consistent protection on downloaded files, even offline.
• Compliance Officers: Improved auditability of data access and protection.

The Action

1. Navigate to Microsoft Purview compliance portal > Information Protection > Labels.
2. Create or modify sensitivity labels with desired encryption and access settings.
3. Navigate to SharePoint Online document library settings > Apply Sensitivity Label.
4. Select the appropriate sensitivity label to apply to the library.
5. Monitor Purview audit logs for label application and file access events.

Domain: Purview · Impact: high · Workload: Microsoft Purview