374290 – Microsoft 365 app: Use sensitivity labels in Microsoft 365 apps when connected experiences are disabled

Product:

Microsoft 365 Apps, Outlook, Purview Communication Compliance, Purview Information Protection

Platform:

Windows Desktop, World tenant

Status:

Launched

Change type:

Links:

Details:

Your organization can now disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (e.g. sensitivity labels and rights management) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 Apps. Instead, these services will rely on their existing security admin controls in Purview portals.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
Current Channel

Created:
2024-07-26

updated:
2025-05-02

Docu to Check

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

Direct effects for Operations**

- Impact on IT Operations
- Potential increase in support tickets related to sensitivity label usage and connected experiences.
- Roles impacted: IT Support Team, Helpdesk Staff
- Need for updated documentation and training materials to reflect changes in sensitivity label management.
- Roles impacted: IT Documentation Specialists, Training Coordinators
- Monitoring and auditing of sensitivity label application may require additional resources and tools.
- Roles impacted: IT Security Analysts, Compliance Officers

- Impact on IT Services
- Changes in the way sensitivity labels are applied could lead to inconsistencies in data protection across Microsoft 365 apps.
- Roles impacted: IT Service Managers, Application Administrators
- Integration issues may arise with other services relying on connected experiences, potentially affecting workflows.
- Roles impacted: Business Analysts, Project Managers
- Increased reliance on Microsoft Purview for managing sensitivity labels may require additional configuration and oversight.
- Roles impacted: IT Administrators, Security Administrators

- Impact on IT Users
- Users may experience confusion or frustration if they are accustomed to connected experiences that are now disabled.
- Roles impacted: End Users, Department Managers
- Training may be required for users to understand how to effectively use sensitivity labels without connected experiences.
- Roles impacted: Training Coordinators, Team Leaders
- Potential delays in document sharing and collaboration if users are unaware of the changes to sensitivity label application.
- Roles impacted: All Employees, Project Teams

References:
- Microsoft Documentation on Sensitivity Labels: [Microsoft Purview Information Protection](https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels?view=o365-worldwide)
- Microsoft 365 Apps Overview: [Microsoft 365 Apps](https://www.microsoft.com/en-us/microsoft-365/microsoft-365-apps)

Opportunities**

- Enhance Data Security with Sensitivity Labels
- Implement sensitivity labels across Microsoft 365 apps to ensure that sensitive information is appropriately classified and protected, even when connected experiences are disabled.
- Roles that might profit:
- Compliance Officers: Improved ability to enforce data protection regulations.
- IT Security Teams: Enhanced security posture with better data classification.

- Streamline IT Administration with Purview Portals
- Utilize the existing security admin controls in Purview portals to manage sensitivity labels and rights management more efficiently, reducing the administrative burden on IT staff.
- Roles that might profit:
- IT Administrators: Simplified management processes and reduced complexity in handling data security policies.
- Help Desk Support: Fewer user issues related to data security, leading to a decrease in support tickets.

- Improve User Experience with Clear Guidelines on Sensitivity Labels
- Develop and distribute clear guidelines and training for end-users on how to effectively use sensitivity labels within Microsoft 365 apps, ensuring they understand the importance of data protection.
- Roles that might profit:
- End Users: Increased awareness and understanding of data security, leading to better compliance with organizational policies.
- Training and Development Teams: Opportunity to create targeted training programs that enhance user skills in data handling.

References:
- Microsoft Purview Information Protection: https://www.microsoft.com/en-us/security/business/compliance/microsoft-purview
- Microsoft 365 Compliance Center: https://compliance.microsoft.com/

Potentional Risks**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

Hypothetical Work Council Statement**

XXXXXXX ... paid membership only

DPIA Draft**

XXXXXXX ... paid membership only