check before: 2025-11-15
Product:
Defender, Entra, Microsoft 365 Apps, Purview, Purview Communication Compliance, Purview compliance portal, Purview Data Loss Prevention, Purview Information Protection
Platform:
Online, Web, World tenant
Status:
Rolling out
Change type:
New feature, Admin impact
Links:
Details:
Summary:
Microsoft Purview DLP policies will integrate with Entra Global Secure Access Internet Access to inspect and control sensitive file traffic at the network layer. Public preview starts mid-November 2025, enabling granular policy enforcement across unmanaged cloud apps, with centralized alert management in Purview and Defender.
Details:
[Introduction]
To help organizations better protect sensitive files in transit, we're introducing a public preview for extending Microsoft Purview Data Loss Prevention (DLP) policies to the network through integration with Entra Global Secure Access Internet Access. Through this integration, organizations can intercept and inspect file traffic at the network layer and enforce actions based on DLP policy conditions. It helps prevent sensitive files from being shared with untrusted cloud applications through browsers, apps, APIs, add-ins, and more-including generative AI platforms, cloud storage, and content-sharing services-while managing alerts and incidents through Purview and Microsoft Defender.
This message is associated with Roadmap ID 522096.
[When this will happen:]
Public preview: Rollout begins mid-November 2025 and completes by mid-December 2025.
General availability: Rollout begins mid-June 2026 and completes by mid-July 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-10-31
updated:
2025-10-31
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Sensitive Data Exposure
Without proper configuration, sensitive files may be inadvertently shared with untrusted cloud applications, leading to potential data breaches.
- roles: Admins, Security Teams
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
Increased Incident Response Load
The integration may generate a higher volume of alerts and incidents that require immediate attention, overwhelming existing helpdesk and security resources.
- roles: Helpdesk Teams, Security Teams
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
User Experience Disruption
If not properly communicated and configured, users may experience disruptions in accessing cloud applications, leading to frustration and decreased productivity.
- roles: End Users, Admins
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced Data Security through Network Layer Inspection
Integrating Microsoft Purview DLP with Entra GSA enables organizations to inspect and control sensitive file traffic at the network layer, providing an additional layer of security against data leaks to untrusted applications. This will particularly benefit compliance officers and IT security teams who are responsible for safeguarding sensitive data.
- next-steps: Conduct a risk assessment to identify sensitive data flows and configure DLP policies accordingly. Train security teams on new inspection capabilities and update incident response protocols.
- roles: Compliance Officers, IT Security Teams, Data Protection Officers
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
Centralized Alert Management
The integration allows for centralized management of alerts and incidents through Microsoft Purview and Defender, streamlining incident response processes. This will benefit IT administrators and security operations teams by reducing the time spent on managing alerts from multiple sources.
- next-steps: Set up a centralized dashboard for monitoring alerts and incidents. Ensure that all relevant teams are trained on using the new alert management features and establish a communication protocol for incident response.
- roles: IT Administrators, Security Operations Teams, Incident Response Teams
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
Granular Policy Enforcement for Unmanaged Applications
The new capability to enforce granular DLP policies across over 35,000 unmanaged cloud applications allows organizations to tailor their data protection strategies effectively. This is especially useful for compliance and data governance roles that need to ensure sensitive data is handled appropriately across various platforms.
- next-steps: Review existing DLP policies and identify areas for enhancement. Collaborate with business units to understand their use of unmanaged applications and adjust policies accordingly.
- roles: Compliance Officers, Data Governance Teams, IT Security Teams
- references: https://learn.microsoft.com/microsoft-365/compliance/data-loss-prevention-policies, https://www.microsoft.com/microsoft-365/roadmap?searchterms=522096
Potentional Risks**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
Hypothetical Work Council Statement**
XXXXXXX ... paid membership only
DPIA Draft**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 3 weeks ago ago
