Microsoft Purview compliance portal: Endpoint Data Loss Prevention: Expand protection to Copilot + PC devices for Recall snapshots through custom policies

🚨 The Signal: Purview Endpoint DLP now extends to Copilot+ PCs, specifically for Recall snapshots. This allows security teams to prevent sensitive data from being captured by Recall, enhancing data protection on new AI-powered devices.

The Impact

Security and compliance teams are affected, gaining new capabilities to mitigate data loss risks from Copilot+ PC Recall features.

• Security Teams: New controls to prevent sensitive data capture by Recall.
• Compliance Teams: Enhanced ability to meet data protection obligations.
• Intune Admins: Collaboration required for Copilot+ PC Recall setup.
• End Users: Recall behavior may be restricted based on DLP policies.

The Action

1. Review existing Endpoint DLP policies for applicability to Copilot+ PC data types.
2. Create new custom Endpoint DLP policies in Microsoft Purview compliance portal to target Recall snapshots.
3. Define sensitivity labels and sensitive information types (SITs) to be protected from Recall capture.
4. Coordinate with Intune administrators for the proper setup of Copilot+ PC Recall features.
5. Test policies on a pilot group of Copilot+ PC devices to ensure intended protection.

Domain: Purview · Impact: high · Workload: Microsoft Purview