Microsoft Purview compliance portal: Data Loss Prevention - restrict Microsoft 365 Copilot processing on content with sensitivity labels

🚨 The Signal: Microsoft Purview DLP now restricts Microsoft 365 Copilot from processing content with sensitivity labels. This prevents Copilot from accessing or generating responses based on sensitive enterprise data, enhancing data protection.

The Impact

Security teams and data owners are affected by reduced risk of sensitive data exposure via Copilot.

• Security Teams: Reduced risk of sensitive data exposure through AI.
• Data Owners: Enhanced control over how classified information is used by Copilot.
• Compliance Officers: Improved ability to meet data handling regulations.
• End Users: Copilot responses will respect data sensitivity, preventing accidental sharing.

The Action

1. Navigate to Microsoft Purview compliance portal > Data loss prevention > Policies.
2. Create a new DLP policy or edit an existing one targeting Microsoft 365 Copilot.
3. Configure policy rules to detect specific sensitivity labels.
4. Set the action to 'Restrict access' or 'Block' for content processed by Microsoft 365 Copilot.
5. Test the DLP policy to ensure it correctly restricts Copilot's access to sensitive data.

Domain: Purview · Impact: high · Workload: Microsoft Purview