check before: 2026-04-01
Product:
Microsoft 365 Apps, Purview, Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection, Purview Insider Risk Management
Platform:
Web, World tenant
Status:
In development
Change type:
Links:
Details:
We’re updating permissions to ensure that all roles with access to view DLP policies in Microsoft Purview can also run diagnostics on those policies. This change enhances visibility and empowers authorized users to troubleshoot and validate policy behavior more effectively. The following roles will now have diagnostic access: Organization Configuration View-Only Configuration Compliance Admin Security Admin Security Reader DLP Compliance Management View-Only DLP Compliance Management Insider Risk Management Admin Information Protection Admin Information Protection Analyst Information Protection Investigator Data Security AI Admin
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2026-02-12
updated:
2026-02-12
Public Preview Start Date
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft's update to its Purview platform allows various organizational roles to view and run diagnostics on Data Loss Prevention (DLP) policies, enhancing visibility and empowering more users to actively maintain data security.
Direct effects for Operations**
Increased Risk of Data Breaches
Without proper preparation, enabling DLP diagnostics for all roles may lead to unauthorized access to sensitive data, increasing the risk of data breaches.
- roles: Security Admin, DLP Compliance Management
- references: https://www.microsoft.com/en-us/security/blog/2021/06/15/understanding-data-loss-prevention-dlp-in-microsoft-365/, https://www.csoonline.com/article/3531230/what-is-data-loss-prevention-dlp.html
User Confusion and Misconfiguration
If users are not adequately trained on the new diagnostic capabilities, it may lead to misconfigurations of DLP policies, resulting in unintended data exposure or loss.
- roles: Information Protection Admin, Information Protection Analyst
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/understanding-data-loss-prevention-dlp-in-microsoft-365/ba-p/1941230, https://www.varonis.com/blog/data-loss-prevention
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 3 weeks ago ago
