Microsoft Purview: Data Lifecycle Management - Azure PST Import

🚨 The Signal: Microsoft Purview now supports direct import of PST files from Azure Blob Storage into Exchange Online mailboxes. This streamlines data migration but introduces new vectors for data ingress and potential compliance risks.

The Impact

Security teams and compliance officers are affected by new data ingress points, increasing the risk of unmanaged or non-compliant data entering the M365 environment.

• Security teams face new risks from unmanaged data entering mailboxes.
• Compliance officers must update policies for data ingestion and classification.
• Admins need to secure Azure Blob Storage used for PST imports.
• Data owners may see unclassified data appear in their mailboxes.

The Action

1. Review and update data governance policies for PST import scenarios.
2. Implement strict access controls and encryption for Azure Blob Storage accounts used for PST files.
3. Configure Purview Data Lifecycle Management policies to classify and retain/delete imported PST data.
4. Monitor Exchange Online mailbox content for newly imported PST data using Purview Content Search.
5. Educate administrators on secure PST import practices and data handling.

Domain: Purview · Impact: high · Workload: Microsoft Purview