Microsoft Purview: Securing Your Data in the Era of AI

Microsoft Ignite 2024 set the IT world ablaze with a host of galvanizing announcements, features, and predictions on all things Copilot and AI. However, as the AI conversation continues to catch fire, organizations are discovering that without proper data governance in place, they may be risking sensitive information exposure or unsatisfactory AI deployments. Just in time, Purview has added several new capabilities to help businesses identify and protect sensitive information, all while making sure they can get the most from their AI tools. In this blog post, we’ll examine the tools within existing Purview functionality to better govern your data estate, as well as what you can look forward to in the future of data governance as Microsoft continues to improve upon Purview with newly released and preview features.   

In one of the many Ignite sessions dedicated to Purview, Herain Oberoi of Microsoft discussed the current concerns risk leaders are identifying when it comes to the use of generative AI in business. These concerns center around data leakage, overall preparedness, and regulatory concerns as organizations try to navigate evolving global compliance frameworks.

To help organizations prepare for the era of AI, and to help address industry concerns over data governance, Microsoft Purview offers several features across three pillars that cover all your needs. These pillars are data security, data governance, and data compliance. Organizations should first focus on leveraging Microsoft Information Protection with sensitivity labels to help label their sensitive data. Fundamental to any successful AI implementation, sensitivity labels not only allow you to apply a label to documents identifying it as containing sensitive information, but also apply controls, such as forcing encryption on the document. Taking this further, organizations can build out sensitive information types to define custom patterns of data that is sensitive to the business, auto-labeling rules to help users identify the correct label for documents containing sensitive information and offload the administrative burden of manual labeling, and then create data loss prevention policies to help prevent this data from leaving the organization. Sensitivity labels are the core foundation on which many of the other Purview features are based.  

Under the data governance pillar, tools like Data Catalog (soon to be known as Microsoft Purview Unified Catalog) and Data Quality allow organizations to locate their data more easily, establish metadata to help describe their data, and develop a better understanding of the quality of their data being used for AI tools. This helps ensure that generative AI results are based on good information, leading to more reliable and higher quality output.  

Lastly, the data compliance pillar provides tools like eDiscovery, data lifecycle management, and compliance manager. Together, these help provide better auditing for actions taken on the data in the organization, provide rules for data retention and deletion to reduce liability and exposure, and help organizations align to specific regulatory frameworks their industry may require. 

Newly announced for general availability, Microsoft Purview Data Security Posture Management for AI (DSPM) provides a centralized portal for organizations to manage and secure data for AI applications. This includes first party applications like M365 Copilot as well as third-party large language models (LLMs) like ChatGPT. DSPM will allow organizations insight into their data estate by providing reports on data oversharing risks, identifying risky interactions within AI applications, and aligning corporate policies with global AI regulations. Further, DSPM will help guide organizations towards stronger data governance controls by assessing the data estate and generating recommendations specific to the tenant. If your organization has not started using Purview yet, DSPM is a powerful tool to get you on the right path quickly. 

In addition to the features added with DSPM, data loss prevention is being extended into M365 Copilot (currently in preview) to provide stronger protections against sensitive data leaving the boundaries of the organization. This feature is built on top of sensitivity labels and will allow organizations to create rules preventing Copilot from accessing or generating content from sensitive documents.

As AI adoption continues to accelerate, data security and governance is going to remain the key distinction between organizations that are successful and those that suffer the consequences of poor AI implementations. While AI is a powerful tool, it can often exacerbate existing data security concerns within a business by aggregating information that may be sensitive for users that should not have access to it. By taking advantage of the features available in Microsoft Purview, organizations can help build the guardrails and insight into their data estate to ensure a safe and successful deployment.

Cloudforce is a Maryland based consultancy specializing in all things Microsoft cloud. From Microsoft 365, Azure, Copilot, and OpenAI, Cloudforce has the expertise to bring your organization to the future. If your business is interested in learning how they can improve their data governance with Microsoft Purview, reach out to us on LinkedIn or through our website to schedule time with one of our many talented engineers.

Jonathon started his career in technology in 2013 after a friend convinced him to build his own computer. At his first IT job, he worked for a retail chain providing basic computer troubleshooting, setup, and home networking. Jonathon then transitioned to a role at a small business managed service provider — a job he enjoyed for seven years as he also pursued his bachelor’s degree in IT from Kennesaw State University. Upon graduation in early 2022, Jonathon joined Cloudforce as a Cloud Solutions Engineer.

Recommended for you.