MC806525 – Use sensitivity labels in Microsoft 365 apps when connected experiences are disabled (archived)

Product:

Defender, Microsoft 365 Apps, Purview, Purview Communication Compliance, Purview compliance portal, Purview Data Loss Prevention, Purview Information Protection, SharePoint, Teams

Platform:

Windows Desktop, World tenant

Status:

Launched

Change type:

Feature update, Admin impact

Links:

400716

Details:

Summary:
Organizations can disable Microsoft 365 connected experiences for privacy without affecting sensitivity labels. Microsoft Purview services are now separate from privacy control policies and will follow Purview's security admin controls. This update, associated with Roadmap ID 400716, will be rolled out from June to August 2024.

Details:
Your organization can now disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels.

Services associated with Microsoft Purview (sensitivity labels, rights management, and so on) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 apps. Instead, these services will rely on their existing security admin controls in Purview portals.
This message is associated with Microsoft 365 Roadmap ID 400716.
[When this will happen:]
Public Preview: We will begin rolling out late June 2024 and expect to complete by early August 2024.
General Availability: We will begin rolling out early August 2024 and expect to complete by mid-August 2024.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
Current Channel, Preview

Created:
2024-06-29

updated:
2024-06-29

Public Preview Start Date

XXXXXXX ... free basic plan only

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

Direct effects for Operations**

Disabling Connected Experiences
Disabling connected experiences may lead to a lack of automatic sensitivity label recommendations, resulting in potential misclassification of sensitive data.
   - roles: Compliance Officer, IT Administrator
   - references: https://learn.microsoft.com/purview/sensitivity-labels-office-apps, https://learn.microsoft.com/deployoffice/privacy/connected-experiences

Impact on Data Loss Prevention
Without connected experiences, users may not receive Data Loss Prevention policy tips, increasing the risk of data breaches due to unawareness of policy violations.
   - roles: Data Protection Officer, End User
   - references: https://learn.microsoft.com/microsoft-365/compliance/use-notifications-and-policy-tips, https://learn.microsoft.com/deployoffice/privacy/connected-experiencesconnected-experiences-that-analyze-your-content

Manual Sensitivity Label Application
Users may need to manually apply sensitivity labels, leading to increased workload and potential errors in data handling.
   - roles: End User, Compliance Officer
   - references: https://learn.microsoft.com/purview/sensitivity-labels-office-appsif-you-need-to-turn-off-built-in-labeling-in-office-apps-on-windows, https://support.microsoft.com/office/2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Data Security Management
By disabling connected experiences, organizations can strengthen their data security posture while still utilizing sensitivity labels and other Purview services. This opportunity allows IT administrators to focus on data protection without the interference of connected experiences that may pose privacy risks.
   - next-steps: Review and update current Purview and sensitivity label policies to ensure they align with the new settings. Conduct training sessions for IT staff on managing the updated security controls.
   - roles: IT Administrators, Compliance Officers, Data Protection Officers
   - references: https://learn.microsoft.com/purview/sensitivity-labels-office-apps, https://learn.microsoft.com/deployoffice/privacy/manage-privacy-controls

Improved User Experience with Focused Tools
With connected experiences disabled, users can experience a more streamlined interface in Microsoft 365 apps. This change can reduce distractions and improve productivity by allowing users to focus solely on their work without unnecessary prompts from connected features.
   - next-steps: Gather user feedback on the current experience and identify specific areas for improvement. Communicate upcoming changes to users to prepare them for the new streamlined experience.
   - roles: End Users, Team Leaders, Project Managers
   - references: https://learn.microsoft.com/deployoffice/privacy/connected-experiences, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=400716

Cost-Effective Data Governance
By maintaining the use of sensitivity labels without connected experiences, organizations can potentially reduce costs associated with data breaches and compliance violations. This opportunity emphasizes a more controlled and cost-effective approach to data governance while still adhering to necessary compliance standards.
   - next-steps: Conduct a cost-benefit analysis to evaluate the financial impact of disabling connected experiences against potential savings from reduced risks. Implement a monitoring system to track compliance and data governance metrics post-implementation.
   - roles: Finance Officers, Compliance Officers, IT Security Managers
   - references: https://learn.microsoft.com/microsoft-365/compliance/use-notifications-and-policy-tips, https://learn.microsoft.com/azure/information-protection/what-is-azure-rms

Potentional Risks**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

Hypothetical Work Council Statement**

XXXXXXX ... paid membership only

DPIA Draft**

XXXXXXX ... paid membership only