Microsoft Purview compliance portal: Optical character recognition (OCR) - Support for embedded images in files including Office files in SharePoint and OneDrive

🚨 The Signal: Purview's Optical Character Recognition (OCR) now scans embedded images within Office files and PDFs in SharePoint/OneDrive for sensitive data. This enhances data loss prevention by detecting sensitive information previously hidden in images.

The Impact

Security teams are affected by enhanced data visibility, reducing the risk of sensitive data exfiltration via embedded images.

• Security Teams: Reduced risk of sensitive data exfiltration.
• Compliance Officers: Improved accuracy in sensitive data identification.
• Data Owners: Better protection for information within documents.
• Auditors: Enhanced audit trails for sensitive information handling.

The Action

1. Review existing Microsoft Purview Data Loss Prevention (DLP) policies for sensitive information types.
2. Verify that relevant DLP policies are configured to scan SharePoint and OneDrive workloads.
3. Consider creating new DLP policies or refining existing ones to leverage the enhanced OCR capabilities.
4. Monitor DLP alerts and incidents for new detections related to embedded images.
5. Communicate enhanced data protection capabilities to relevant stakeholders.

Domain: Purview · Impact: medium · Workload: Microsoft Purview