Microsoft Purview Compliance Portal: Data Loss Prevention to restrict Microsoft 365 Copilot processing on emails with sensitivity labels

🚨 The Signal: Microsoft Purview DLP can now prevent Microsoft 365 Copilot from processing emails with sensitivity labels. This enhances data protection by restricting AI access to sensitive information in emails, reducing data exposure risk.

The Impact

Security teams and data owners are affected, reducing the risk of sensitive email content being exposed via AI.

• Security teams: Reduced risk of sensitive data exposure via Copilot.
• Data owners: Enhanced control over how sensitive email content is used by AI.
• Compliance officers: Improved adherence to data protection regulations.
• End-users: Copilot will not process sensitive emails, impacting AI assistance.

The Action

1. Review existing Microsoft Purview DLP policies for email content.
2. Identify sensitivity labels applied to emails containing sensitive data.
3. Create or update DLP policies to include sensitivity labels for Copilot restriction.
4. Test DLP policy enforcement with Copilot on labeled emails.
5. Communicate Copilot processing limitations to end-users regarding sensitive emails.

Domain: Purview · Impact: high · Workload: Microsoft Purview