OneNote: Microsoft Purview Sensitivity Labels in OneNote

🚨 The Signal: Microsoft Purview Sensitivity Labels are now available in OneNote. This enables classification, encryption, and access control for OneNote sections, extending data protection policies to previously unmanaged content and reducing data exfiltration risk.

The Impact

All users are affected, as sensitive OneNote content can now be protected, reducing the risk of unauthorised data access and exfiltration.

• End-users: Can now apply sensitivity labels, reducing accidental data exposure.
• Security Team: Gains visibility and control over OneNote content, mitigating data loss risks.
• Compliance Officers: Can enforce data protection policies across OneNote, improving audit posture.
• Admins: Need to ensure label policies are correctly configured for OneNote.

The Action

1. Review existing Microsoft Purview Sensitivity Label policies for OneNote applicability.
2. Configure or update Sensitivity Labels in Microsoft Purview compliance portal (compliance.microsoft.com) to include OneNote.
3. Define auto-labeling policies for OneNote content based on sensitive information types.
4. Communicate OneNote labeling procedures and user responsibilities to end-users.
5. Monitor label usage and compliance reports for OneNote content.

Impact: high · Workload: M365 Apps