MC1182008 – Microsoft Purview: Inline protection for sensitive data shared over the network with non-Microsoft SASE integrations (archived)

Product:

Defender, Entra, Microsoft 365 Apps, Purview, Purview Communication Compliance, Purview compliance portal, Purview Data Loss Prevention, Purview Information Protection, Purview Insider Risk Management

Platform:

Online, Web, World tenant

Status:

Launched

Change type:

New feature, User impact, Admin impact

Links:

522095

Details:

Summary:
Microsoft Purview DLP will integrate with iboss and Netskope SASE platforms by mid-November 2025 to enable inline network traffic inspection and protection of sensitive data across 35,000+ cloud apps. Admins must configure integration and manage alerts via Purview and Microsoft Defender.

Details:
Microsoft Purview Data Loss Prevention (DLP) is being extended to the network layer through integration with iboss Zero-Trust SASE Platform or Netskope One SASE Platform. This update will be generally available starting mid-November 2025. It enables organizations to intercept and inspect traffic inline and enforce actions based on Purview DLP policy conditions. This helps prevent sensitive data from being shared with untrusted cloud applications through browsers, apps, APIs, add-ins, and more-including generative AI platforms, cloud storage, and content-sharing services-while managing alerts and incidents through Purview and Microsoft Defender. If configured, these signals also inform user risk indicators in Insider Risk Management.
This message is associated with Microsoft 365 Roadmap ID 522095.
When this will happen:
General Availability (Worldwide): Rollout will begin in mid-November 2025 and is expected to complete by mid-December 2025.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability

Created:
2025-11-01

updated:
2025-11-01

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Integration with Third-Party SASE Platforms
Failure to prepare for the integration with iboss or Netskope may lead to unmonitored sensitive data traffic, increasing the risk of data breaches.
   - roles: IT Admin, Compliance Officer
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

Data Loss Prevention Policy Changes
Without proper configuration, existing DLP policies may not function as intended, leading to potential data leaks and compliance violations.
   - roles: IT Admin, Data Protection Officer
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

User Experience with Alerts and Incidents
If alerts and incident management are not set up correctly, users may experience delays in response to data protection incidents, affecting trust in IT operations.
   - roles: Helpdesk Staff, End Users
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Data Protection Management
The integration of Microsoft Purview DLP with iboss and Netskope allows for inline traffic inspection, significantly enhancing the organization's ability to protect sensitive data across a wide range of cloud applications. This creates an opportunity to refine data protection strategies and policies, ensuring compliance with regulations while minimizing the risk of data breaches.
   - next-steps: Conduct a thorough assessment of current DLP policies and identify areas for improvement based on the new inline inspection capabilities. Engage with security teams to create a roadmap for policy adjustments and training for admins on the new features.
   - roles: IT Security Administrators, Compliance Officers, Data Protection Officers
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

Streamlined Incident Management
With alerts and incidents being managed through Microsoft Purview and Microsoft Defender, there is an opportunity to streamline incident response processes. This integration can reduce the time to detect and respond to data loss incidents, thereby improving overall security posture.
   - next-steps: Review current incident response workflows and identify integration points with Microsoft Purview and Defender. Develop training sessions for incident response teams to familiarize them with the new alerting mechanisms and incident management processes.
   - roles: Incident Response Teams, IT Administrators, Security Operations Center (SOC) Analysts
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

Improved User Risk Management
The integration will provide signals that inform user risk indicators in Insider Risk Management, allowing for better identification of potential insider threats and risky behaviors. This can lead to more proactive measures in user monitoring and risk mitigation.
   - next-steps: Analyze current user risk management strategies and incorporate the new signals from the DLP integration. Plan workshops for risk management teams to leverage these insights effectively and develop targeted training for users identified as high risk.
   - roles: Risk Management Officers, Human Resources, Compliance Officers
   - references: https://learn.microsoft.com/purview/purview-billing-models, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=522095

Potentional Risks**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

Hypothetical Work Council Statement**

XXXXXXX ... paid membership only

DPIA Draft**

XXXXXXX ... paid membership only

explanation for non-techies**

Microsoft is rolling out a new feature for its Purview Data Loss Prevention (DLP) service that will help organizations protect sensitive data when it's shared over the internet. This is being done by integrating with two platforms called iboss and Netskope, which are part of a category known as Secure Access Service Edge (SASE). Think of SASE as a security checkpoint for your data as it travels across the internet, similar to how airport security checks your luggage before you board a plane.

Imagine your company's data as valuable items in a suitcase. When you travel, you want to make sure these items are safe and don't end up in the wrong hands. The new feature in Microsoft Purview acts like a security guard who inspects your suitcase at the airport. It checks the contents against a list of items that shouldn't be shared with certain people or places. If something sensitive is found, it can take action to prevent it from being shared inappropriately.

This integration will allow organizations to monitor and control data shared through more than 35,000 cloud applications, including web browsers and other online services. It's like having a security system that not only watches over your house but also covers all the different ways someone might try to access it, like through windows, doors, or even the chimney.

To make this work, administrators need to set up the integration between Microsoft Purview and the SASE platforms. Once set up, they can create specific rules for what kind of data should be protected and how. Alerts and incidents will be managed through Microsoft Purview and Microsoft Defender, which are like the control center where you can see if any security breaches have occurred and take action if needed.

This feature will be available starting in mid-November 2025, and organizations using these SASE platforms will need to ensure their administrators are ready to configure the system. It's a bit like preparing for a new security system installation at your office; you need to make sure everything is set up correctly so it can do its job effectively.

In summary, this new feature helps keep sensitive data safe by inspecting it as it travels over the internet, much like a security guard checks your luggage at the airport. It requires some setup but provides an extra layer of protection for your organization's valuable information.